Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Man in the Middle Angriff logs (https://www.trojaner-board.de/175489-man-the-middle-angriff-logs.html)

Harilp 27.01.2016 13:51
Man in the Middle Angriff logs
 
Hier die ERgebnisse :

FRST.doc:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-01-2016
durchgeführt von Harald (Administrator) auf Hari (27-01-2016 13:40:59)
Gestartet von C:\Users\Harald\Downloads
Geladene Profile: Harald (Verfügbare Profile: Harald)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\mcmigrator.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\UPDMGR\3.0.6048.2\mcupdatemgr.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\mcmigrator.exe
() C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [53504 2014-06-27] (Acer Incorporated)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-01-28] (McAfee, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-05-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [40696 2015-06-10] (Panda Security, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-08-16]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{FE6E80D5-3258-457F-AAC6-13DE593BE1EF}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-4227363564-4010607935-2243415042-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-4227363564-4010607935-2243415042-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4227363564-4010607935-2243415042-1001 -> DefaultScope {C061F2B2-DA60-4788-ABBC-A18E52685450} URL =
SearchScopes: HKU\S-1-5-21-4227363564-4010607935-2243415042-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2013-08-09] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2013-08-09] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\x64\McIEPlg.dll [2013-08-09] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\siteadvisor\McIEPlg.dll [2013-08-09] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\mcsniepl64.dll [2014-01-28] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2014-01-28] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Harald\AppData\Roaming\Mozilla\Firefox\Profiles\8o550tqu.default
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\npmcsnffpl64.dll [2014-01-28] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\npmcsnffpl.dll [2014-01-28] ()
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Extension: Adblock Plus - C:\Users\Harald\AppData\Roaming\Mozilla\Firefox\Profiles\8o550tqu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-26]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-01-26] [ist nicht signiert]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2013-08-09]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2013-08-09]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 0057201453810029mcinstcleanup; C:\WINDOWS\TEMP\005720~1.EXE [883024 2015-05-04] (McAfee, Inc.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2013-11-14] (Broadcom Corporation.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3053312 2014-06-27] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [121616 2013-09-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-01-28] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-29] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-15] (McAfee, Inc.)
R2 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-03-18] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189912 2014-04-04] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-06-09] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-06-10] (Panda Security, S.L.)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [51712 2014-04-16] (Advanced Micro Devices, Inc.)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [85704 2014-04-16] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [230088 2014-04-16] (Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-12-19] (Advanced Micro Devices)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-11-14] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7549616 2014-02-25] (Broadcom Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70592 2014-04-04] (McAfee, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [177544 2014-04-04] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311856 2014-04-04] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69352 2014-04-04] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [522360 2014-04-04] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [784760 2014-04-04] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [346760 2014-04-04] (McAfee, Inc.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [94480 2015-05-27] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202000 2015-05-27] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110864 2015-05-27] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [117008 2015-05-27] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [49936 2015-04-27] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [101648 2015-05-27] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [78096 2015-05-27] ()
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124176 2015-05-27] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [300304 2015-05-27] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [170256 2015-05-27] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113424 2015-05-27] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257808 2015-05-27] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106256 2015-05-27] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [164624 2015-05-08] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2015-05-08] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197904 2015-05-08] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124176 2015-05-08] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [133904 2015-06-04] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2015-05-08] (Panda Security, S.L.)
U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [476888 2014-03-21] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-03-24] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-03-24] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-27 13:40 - 2016-01-27 13:41 - 00017872 _____ C:\Users\Harald\Downloads\FRST.txt
2016-01-27 13:40 - 2016-01-27 13:40 - 02370560 _____ (Farbar) C:\Users\Harald\Downloads\FRST64.exe
2016-01-27 13:40 - 2016-01-27 13:40 - 00000000 ____D C:\FRST
2016-01-27 13:38 - 2016-01-27 13:38 - 00000000 ____D C:\Program Files\Common Files\AV
2016-01-27 13:26 - 2016-01-27 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-01-26 20:14 - 2016-01-26 20:14 - 00004562 _____ C:\WINDOWS\System32\Tasks\ACCAgent
2016-01-26 20:14 - 2016-01-26 20:14 - 00003804 _____ C:\WINDOWS\System32\Tasks\ACC
2016-01-26 20:14 - 2016-01-26 20:14 - 00002976 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2016-01-26 20:14 - 2016-01-26 20:14 - 00001810 _____ C:\Users\Public\Desktop\Acer Care Center.lnk
2016-01-26 20:14 - 2016-01-26 20:14 - 00000000 ____D C:\Users\Harald\AppData\Local\CareCenter
2016-01-26 19:57 - 2016-01-26 19:57 - 00000000 ____D C:\Users\Harald\Desktop\decaffeinatid0.09
2016-01-26 19:56 - 2016-01-26 19:57 - 00507396 _____ C:\Users\Harald\Downloads\decaffeinatid0.09.zip
2016-01-26 19:35 - 2016-01-26 19:41 - 00000000 ____D C:\Users\Harald\AppData\Local\Mozilla
2016-01-26 19:35 - 2016-01-26 19:35 - 00001179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-26 19:35 - 2016-01-26 19:35 - 00001167 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-26 19:35 - 2016-01-26 19:35 - 00000000 ____D C:\Users\Harald\AppData\Roaming\Mozilla
2016-01-26 19:35 - 2016-01-26 19:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-26 19:34 - 2016-01-26 19:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-26 19:32 - 2016-01-26 19:32 - 00000000 ____D C:\Users\Harald\AppData\Roaming\Macromedia
2016-01-26 19:31 - 2016-01-26 19:31 - 00000000 __SHD C:\Users\Harald\AppData\LocalLow\EmieUserList
2016-01-26 19:31 - 2016-01-26 19:31 - 00000000 __SHD C:\Users\Harald\AppData\LocalLow\EmieSiteList
2016-01-26 19:31 - 2016-01-26 19:31 - 00000000 __SHD C:\Users\Harald\AppData\Local\EmieUserList
2016-01-26 19:31 - 2016-01-26 19:31 - 00000000 __SHD C:\Users\Harald\AppData\Local\EmieSiteList
2016-01-26 19:29 - 2016-01-26 19:29 - 00000000 ____D C:\Users\Harald\AppData\Roaming\ATI
2016-01-26 19:29 - 2016-01-26 19:29 - 00000000 ____D C:\Users\Harald\AppData\Local\ATI
2016-01-26 19:29 - 2016-01-26 19:29 - 00000000 ____D C:\ProgramData\ATI
2016-01-26 19:26 - 2016-01-27 13:25 - 00000000 ____D C:\Users\Harald\AppData\Local\CrashDumps
2016-01-26 19:26 - 2016-01-26 19:26 - 00000000 ____D C:\Users\Harald\AppData\Local\Acer Aspire R7 Tutorial
2016-01-26 18:24 - 2015-05-22 09:45 - 00061712 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2016-01-26 18:23 - 2016-01-26 18:25 - 00002216 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Antivirus Pro 2016.lnk
2016-01-26 18:23 - 2016-01-26 18:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Antivirus Pro 2016
2016-01-26 18:23 - 2016-01-26 18:23 - 00000000 ____D C:\Program Files (x86)\Panda Security
2016-01-26 18:21 - 2016-01-26 18:23 - 00000000 ____D C:\ProgramData\Panda Security
2016-01-26 14:03 - 2016-01-26 13:37 - 00001008 _____ C:\Users\Harald\Desktop\Delphi 6.lnk
2016-01-26 13:37 - 2016-01-26 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InterBase
2016-01-26 13:37 - 2016-01-26 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Borland Delphi 6
2016-01-26 13:37 - 2013-08-22 14:25 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services.isc
2016-01-26 13:37 - 2001-03-06 07:01 - 00361984 _____ (Inprise Corporation) C:\WINDOWS\SysWOW64\gds32.dll
2016-01-26 13:31 - 2016-01-26 13:37 - 00000000 ____D C:\Program Files (x86)\Borland
2016-01-26 13:27 - 2016-01-26 13:27 - 00000136 _____ C:\Users\Harald\Desktop\Star Wars Empire at War Forces of Corruption - Verknüpfung.lnk
2016-01-26 13:27 - 2016-01-26 13:27 - 00000136 _____ C:\Users\Harald\Desktop\Star Wars Empire at War - Verknüpfung.lnk
2016-01-26 13:19 - 2016-01-26 13:24 - 00000000 ____D C:\Program Files (x86)\LucasArts
2016-01-26 13:11 - 2016-01-27 13:29 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4227363564-4010607935-2243415042-1001
2016-01-26 13:09 - 2016-01-26 13:09 - 00000000 ____D C:\Users\Public\Pokki
2016-01-26 13:08 - 2016-01-27 13:27 - 00002539 _____ C:\Users\Harald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2016-01-26 13:08 - 2016-01-27 13:27 - 00002385 _____ C:\Users\Harald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
2016-01-26 13:06 - 2016-01-26 13:06 - 00002625 _____ C:\Users\Public\Desktop\eBay.lnk
2016-01-26 13:06 - 2016-01-26 13:06 - 00001280 _____ C:\Users\Harald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk
2016-01-26 13:06 - 2016-01-26 13:06 - 00000000 ____D C:\WINDOWS\oem
2016-01-26 13:06 - 2016-01-26 13:06 - 00000000 ____D C:\Users\Harald\PicStream
2016-01-26 13:06 - 2016-01-26 13:06 - 00000000 ____D C:\Users\Harald\AppData\Local\clear.fi
2016-01-26 13:06 - 2016-01-26 13:06 - 00000000 ____D C:\Users\Harald\AppData\Local\AOP SDK
2016-01-26 13:06 - 2016-01-26 13:06 - 00000000 ____D C:\Program Files (x86)\OEM
2016-01-26 13:05 - 2016-01-26 20:18 - 00000000 ____D C:\Users\Harald\AppData\Local\VirtualStore
2016-01-26 13:05 - 2016-01-26 13:08 - 00000000 ____D C:\Users\Harald\AppData\Local\Packages
2016-01-26 13:05 - 2016-01-26 13:05 - 00001788 _____ C:\Users\Public\Desktop\Online kaufen.lnk
2016-01-26 13:05 - 2016-01-26 13:05 - 00001458 _____ C:\Users\Harald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-01-26 13:05 - 2016-01-26 13:05 - 00000020 ___SH C:\Users\Harald\ntuser.ini
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 _SHDL C:\Users\Harald\Vorlagen
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 _SHDL C:\Users\Harald\Startmenü
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 _SHDL C:\Users\Harald\Netzwerkumgebung
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 _SHDL C:\Users\Harald\Lokale Einstellungen
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 _SHDL C:\Users\Harald\Eigene Dateien
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 _SHDL C:\Users\Harald\Druckumgebung
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 _SHDL C:\Users\Harald\Documents\Eigene Videos
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 _SHDL C:\Users\Harald\Documents\Eigene Musik
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 _SHDL C:\Users\Harald\Documents\Eigene Bilder
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 _SHDL C:\Users\Harald\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 _SHDL C:\Users\Harald\AppData\Local\Verlauf
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 _SHDL C:\Users\Harald\AppData\Local\Anwendungsdaten
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 _SHDL C:\Users\Harald\Anwendungsdaten
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 ____D C:\Users\Harald\AppData\Roaming\Adobe
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 ____D C:\Users\Harald\AppData\Local\OEM
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 ____D C:\ProgramData\OEM_YAHOO
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 ____D C:\Program Files\Accessory Store
2016-01-26 13:04 - 2016-01-27 13:28 - 00000000 ____D C:\Users\Harald\AppData\Local\SweetLabs App Platform
2016-01-26 13:04 - 2016-01-26 13:06 - 00000000 ____D C:\Users\Harald
2016-01-26 13:04 - 2014-03-18 11:13 - 00000369 _____ C:\Users\Harald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-01-26 13:04 - 2014-03-18 11:13 - 00000369 _____ C:\Users\Harald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-01-26 13:03 - 2016-01-26 13:03 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Programme
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\ProgramData\Vorlagen
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\ProgramData\Startmenü
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\ProgramData\Dokumente
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Dokumente und Einstellungen

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-27 13:40 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-27 13:39 - 2014-07-25 22:28 - 00000000 ____D C:\ProgramData\McAfee
2016-01-27 13:38 - 2014-07-25 22:28 - 00000000 ____D C:\Program Files\Common Files\mcafee
2016-01-26 20:14 - 2014-07-25 22:57 - 00000000 ___HD C:\OEM
2016-01-26 20:14 - 2014-07-25 22:21 - 00005314 _____ C:\WINDOWS\System32\Tasks\Software Update Application
2016-01-26 20:14 - 2014-07-25 22:21 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-01-26 20:14 - 2014-07-25 22:20 - 00000000 ____D C:\ProgramData\acer
2016-01-26 20:14 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-26 20:12 - 2014-07-25 22:20 - 00000000 ____D C:\Program Files (x86)\Acer
2016-01-26 14:11 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-26 13:37 - 2013-08-22 14:25 - 00017508 _____ C:\WINDOWS\system32\Drivers\etc\services
2016-01-26 13:24 - 2014-07-25 22:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-26 13:13 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-26 13:09 - 2014-08-16 18:47 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-26 13:09 - 2014-08-16 18:47 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-26 13:09 - 2014-03-18 11:03 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-26 13:07 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-26 13:05 - 2014-07-25 22:58 - 00000000 ____D C:\WINDOWS\Panther
2016-01-26 13:04 - 2014-08-16 09:49 - 00167997 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2016-01-26 13:03 - 2014-07-25 22:00 - 00000000 ____D C:\Users\Administrator
2016-01-25 22:52 - 2013-08-22 16:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2016-01-25 21:54 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2016-01-25 21:54 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Windows NT
2016-01-25 21:54 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-08-16 09:44 - 2014-08-16 09:44 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Harald\AppData\Local\Temp\borlndlm.dll
C:\Users\Harald\AppData\Local\Temp\CmdLineExtInstallerExe.exe
C:\Users\Harald\AppData\Local\Temp\createudl.exe
C:\Users\Harald\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Harald\AppData\Local\Temp\oct4A9B.tmp.exe
C:\Users\Harald\AppData\Local\Temp\_is2C06.exe
C:\Users\Harald\AppData\Local\Temp\_is4E2C.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2014-07-25 21:59

==================== Ende von FRST.txt ============================
Addition.txt:
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-01-2016
durchgeführt von Harald (2016-01-27 13:42:21)
Gestartet von C:\Users\Harald\Downloads
Windows 8.1 (X64) (2016-01-26 12:04:43)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4227363564-4010607935-2243415042-500 - Administrator - Disabled)
Gast (S-1-5-21-4227363564-4010607935-2243415042-501 - Limited - Disabled)
Harald (S-1-5-21-4227363564-4010607935-2243415042-1001 - Administrator - Enabled) => C:\Users\Harald

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Panda Antivirus Pro 2016 (Enabled - Up to date) {5FD6C936-849B-5CE2-14BA-709E1D6FD1DA}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Antivirus Pro 2016 (Enabled - Up to date) {E4B728D2-A2A1-536C-2E0A-4BEC66E89B67}
FW: Panda Firewall (Enabled) {67ED4813-CEF4-5DBA-3FE5-D9ABE3BC96A1}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.04.3001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.05.2004.3 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.00.2005.6 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3006 - Acer Incorporated)
Acer Docs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2001 - Acer)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.01.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{E043161E-A691-B3C2-E60C-2FBBD8CFF720}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.01.2008.3 - Acer Incorporated)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Borland Delphi 6 (HKLM-x32\...\{B7886D87-ADA4-46A0-8A8D-02AB16B9F95A}) (Version: 6.0 - Borland Software Corporation)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.30.223.234 - Broadcom Corporation)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.4218 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
Host App Service (HKU\S-1-5-21-4227363564-4010607935-2243415042-1001\...\SweetLabs_AP) (Version: 0.269.7.840 - Pokki)
InterBase (HKLM-x32\...\InterBase) (Version:  - )
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 12.8.955 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.285 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 44.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0 (x86 de)) (Version: 44.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0 - Mozilla)
OEM Application Profile (HKLM-x32\...\{C01EB132-6707-740E-6ED9-EAC3943918DB}) (Version: 1.00.0000 - Ihr Firmenname)
Panda Antivirus Pro 2016 (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.00.00.0000 - Panda Security)
Panda Antivirus Pro 2016 (Version: 8.02.00.0000 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
Pokki Start Menu (HKU\S-1-5-21-4227363564-4010607935-2243415042-1001\...\SweetLabs_Start_Menu) (Version: 0.269.7.840 - Pokki)
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
PSP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21250 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7209 - Realtek Semiconductor Corp.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Star Wars Empire at War (HKLM-x32\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts)
Star Wars Empire at War Forces of Corruption (HKLM-x32\...\{6592FDEC-2C1A-413A-9985-25FEC2F0848D}) (Version: 1.0 - LucasArts)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9350 - Broadcom Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {06852F31-18B2-43F5-93E4-81FD3152E06B} - \SweetLabs App Platform -> Keine Datei <==== ACHTUNG
Task: {34083DDB-E9E6-41D9-AC53-F95EBCDE5D60} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {37553BAA-EC90-4CF4-849F-F73C3C5B06F0} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {74CAABF4-F6EF-4D25-9AEF-7CB54F09F6D0} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {7CC3A020-2B4B-420B-B12D-B45BF4A1101B} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {AA9F1F0F-147D-4013-A93A-B1C5D81C0680} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-17] (Acer Incorporated)
Task: {B4A987A1-75D6-4167-8597-40066104C613} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-17] ()
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {CEAB5C34-2129-44BD-84E7-ADE605CDC057} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2015-07-17] ()
Task: {E0B48F32-ECC3-4FF2-85FF-313E8B1FF4D8} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-17] ()
Task: {F69239AC-BF10-463C-8CAE-7FD508923AE7} - \UbtFrameworkService -> Keine Datei <==== ACHTUNG
Task: {F6B6DD82-5EA1-44AE-A74D-26010CA53A98} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {F755230F-C227-4F17-8539-8168B8570140} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-07-01] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Public\Desktop\Booking.com.lnk -> C:\Program Files\Booking.COM\StartURL.exe () -> hxxp://www.booking.com/index.html?aid=379334
ShortcutWithArgument: C:\Users\Public\Desktop\Dropbox.lnk -> C:\Program Files\Dropbox\StartURL.exe () -> hxxps://www.dropbox.com/partners/acer2014/download

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-02-18 19:02 - 2014-02-18 19:02 - 00049368 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-07-25 22:23 - 2012-04-24 11:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-07-25 22:27 - 2014-07-01 22:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-07-17 14:39 - 2015-07-17 14:39 - 04612448 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2015-07-17 14:40 - 2015-07-17 14:40 - 00013664 _____ () C:\Program Files (x86)\Acer\Care Center\LogDebug.dll
2015-07-17 14:40 - 2015-07-17 14:40 - 00177504 _____ () C:\Program Files (x86)\Acer\Care Center\ACCUtilities.dll
2015-07-17 14:40 - 2015-07-17 14:40 - 00025440 _____ () C:\Program Files (x86)\Acer\Care Center\MonitorDataHelper.dll
2015-07-17 14:40 - 2015-07-17 14:40 - 00018784 _____ () C:\Program Files (x86)\Acer\Care Center\ACCPlugin.dll
2015-07-17 14:40 - 2015-07-17 14:40 - 00026464 _____ () C:\Program Files (x86)\Acer\Care Center\MonitorControlLib.dll
2015-07-17 14:40 - 2015-07-17 14:40 - 00065888 _____ () C:\Program Files (x86)\Acer\Care Center\ACCMonitorPlugin\ACCSupportMonitor.dll
2015-07-17 14:40 - 2015-07-17 14:40 - 00042336 _____ () C:\Program Files (x86)\Acer\Care Center\ACCMonitorPlugin\ACtCTuneUpMonitorDisk.dll
2015-07-17 14:40 - 2015-07-17 14:40 - 00016224 _____ () C:\Program Files (x86)\Acer\Care Center\ACCADSManager.dll
2015-07-17 14:40 - 2015-07-17 14:40 - 01744224 _____ () C:\Program Files (x86)\Acer\Care Center\ACCPlugin\ACCTuneUpPlg.dll
2015-07-17 14:40 - 2015-07-17 14:40 - 00019296 _____ () C:\Program Files (x86)\Acer\Care Center\ACCNotifyShow.dll
2015-07-17 14:40 - 2015-07-17 14:40 - 00013152 _____ () C:\Program Files (x86)\Acer\Care Center\FullScreenDetector.dll
2015-07-17 14:40 - 2015-07-17 14:40 - 02890592 _____ () C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe
2015-07-17 14:40 - 2015-07-17 14:40 - 00232288 _____ () C:\Program Files (x86)\Acer\Care Center\ManagedNativeUtilities.dll
2015-07-17 14:40 - 2015-07-17 14:40 - 00115552 _____ () C:\Program Files (x86)\Acer\Care Center\LiveUpdate.dll
2013-04-12 18:23 - 2013-04-12 18:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2014-07-25 22:21 - 2014-07-25 22:21 - 00015616 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2014-06-27 05:49 - 2014-06-27 05:49 - 00013568 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2014-06-30 20:26 - 2014-06-30 20:26 - 00279296 _____ () C:\Program Files (x86)\Acer\abMedia\libcurl.dll
2014-07-01 22:13 - 2014-07-01 22:13 - 00203008 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2014-07-01 22:14 - 2014-07-01 22:14 - 00630528 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2014-07-01 22:14 - 2014-07-01 22:14 - 00654552 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2014-07-01 22:13 - 2014-07-01 22:13 - 00119552 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4227363564-4010607935-2243415042-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Harald\Pictures\EAW_wallpaper4_1280.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0A20BDB2-3A22-4C8B-A174-0307ED73048D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{6B04AB04-A2A8-4C44-AD62-DFBE5F7C8CCA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{2EA69E2E-4249-4721-9591-66DB1CB31741}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{05FB242C-6370-4FB6-8BA6-BD7354BF5106}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{3F14814A-6654-4502-BAE3-2DB1FEF910BF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{2589C329-AB2F-46F6-8E8D-9248B56CE344}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{D6EF0449-6107-48A0-95A8-EF40668E33BC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F464C4BB-0BDC-43B9-BFC5-5E6583599744}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{A887D22E-D816-4E22-9ED0-B28FE8F6AE12}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{80386162-F41D-4031-83F2-073C9E49FD26}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{1624C36E-444C-42D3-832D-31A4D3F3FB78}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{04970D8C-E0D8-4D59-94F1-3096F41B2E34}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{5777BF73-DCE8-4F78-BD2F-AF05CE1FC22E}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{9C795D0A-7DC4-48C3-9BDF-A5716E2F7430}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{77442E05-CC1E-418F-A48F-B6F71878C09D}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{BA85FFCE-46AE-40C9-B766-774D58758907}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Play.exe
FirewallRules: [{8361CCE6-AF76-49DE-88BB-5D97A01221AD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{63C8E03C-5684-49F2-8B76-44290ECE747C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{0D4F1A87-7096-41AF-A20F-71365450DD48}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{EA77B71B-5C29-466D-B9AC-9810AFE06EE2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{801905EE-24A5-4228-8D1D-1B214B1BD3CD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{FD9F6848-C35F-4BB8-9B6D-45DB1FC5C277}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B6843B7F-FBC6-48C3-929E-C19AEB310116}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{08E70F19-2872-45D7-860C-8D8B0785678E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E5ACE2D9-0975-472B-BD6B-5D29AAC14103}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CEA10537-277D-4992-9408-ACB378288129}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{DE3FD5A3-946F-45EF-BD24-6D858E7EFC07}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C8EFD921-E3C4-42B7-84DE-3B3636EC0339}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{56B9E47A-5102-4E5B-ABAA-6361AD10CE44}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AE3082ED-5AC5-4B7A-B240-3F1C64DBA777}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Empire at War\GameData\sweaw.exe
FirewallRules: [{BE8CE4BC-91C9-4B9B-A3E8-0F87E5E286E5}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Empire at War\GameData\sweaw.exe
FirewallRules: [{8F0966F7-999E-4BCC-86C5-328EB430161B}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe
FirewallRules: [{34F61963-FAFE-4E55-89FE-CB4656C40FE8}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars Empire at War Forces of Corruption\swfoc.exe
FirewallRules: [{E95699AC-6FA8-4B0C-B312-20AC446525EF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F3929492-69CE-4DCE-AEDC-06A2D7D70265}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

26-01-2016 13:18:57 Installiert Star Wars Empire at War

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/27/2016 01:25:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BackgroundAgent.exe, Version: 1.0.1.2, Zeitstempel: 0x53ac24cc
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.8387, Zeitstempel: 0x51ea24a5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00056b1d
ID des fehlerhaften Prozesses: 0x1574
Startzeit der fehlerhaften Anwendung: 0xBackgroundAgent.exe0
Pfad der fehlerhaften Anwendung: BackgroundAgent.exe1
Pfad des fehlerhaften Moduls: BackgroundAgent.exe2
Berichtskennung: BackgroundAgent.exe3
Vollständiger Name des fehlerhaften Pakets: BackgroundAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: BackgroundAgent.exe5

Error: (01/26/2016 06:26:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BackgroundAgent.exe, Version: 1.0.1.2, Zeitstempel: 0x53ac24cc
Name des fehlerhaften Moduls: MSVCR90.dll, Version: 9.0.30729.8387, Zeitstempel: 0x51ea24a5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00056b1d
ID des fehlerhaften Prozesses: 0x9dc
Startzeit der fehlerhaften Anwendung: 0xBackgroundAgent.exe0
Pfad der fehlerhaften Anwendung: BackgroundAgent.exe1
Pfad des fehlerhaften Moduls: BackgroundAgent.exe2
Berichtskennung: BackgroundAgent.exe3
Vollständiger Name des fehlerhaften Pakets: BackgroundAgent.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: BackgroundAgent.exe5

Error: (01/26/2016 06:20:54 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0x80072EE7
Befehlszeilenargumente:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c7c00280-b24d-4e82-89ca-4f1288eb1d9e;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (01/26/2016 06:20:53 PM) (Source: Software Protection Platform Service) (EventID: 1014) (User: )
Description: Fehler beim Erwerb der Endbenutzerlizenz. hr=0x80072EE7
SKU-ID=c7c00280-b24d-4e82-89ca-4f1288eb1d9e

Error: (01/26/2016 06:20:53 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: Lizenzerwerb-Fehlerdetails.
hr=0x80072EE7

Error: (01/26/2016 01:26:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LaunchEAWG.exe, Version 1.7.7.270 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: a40

Startzeit: 01d1583387c7586a

Endzeit: 0

Anwendungspfad: D:\LaunchEAWG.exe

Berichts-ID: 013a79ce-c428-11e5-825e-3010b30ef7cb

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/26/2016 01:07:16 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0x80072EE7
Befehlszeilenargumente:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c7c00280-b24d-4e82-89ca-4f1288eb1d9e;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (01/26/2016 01:07:16 PM) (Source: Software Protection Platform Service) (EventID: 1014) (User: )
Description: Fehler beim Erwerb der Endbenutzerlizenz. hr=0x80072EE7
SKU-ID=c7c00280-b24d-4e82-89ca-4f1288eb1d9e

Error: (01/26/2016 01:07:16 PM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: Lizenzerwerb-Fehlerdetails.
hr=0x80072EE7

Error: (01/26/2016 01:03:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: NT-AUTORITÄT)
Description: Das Profilverzeichnis kann nicht gelöscht werden C:\Users\Administrator. Dies liegt u. U. daran, dass Dateien in diesem Verzeichnis von einem anderen Programm verwendet werden.

 DETAIL - Das Verzeichnis ist nicht leer.


Systemfehler:
=============
Error: (01/27/2016 01:43:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "McAfee VirusScan Announcer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/26/2016 07:35:31 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (01/26/2016 07:35:02 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (01/26/2016 06:24:59 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (01/26/2016 01:08:04 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (01/25/2016 09:53:33 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.

Error: (08/16/2014 10:35:39 AM) (Source: DCOM) (EventID: 10010) (User: Hari)
Description: {20966775-18A4-4299-B8E3-772C336B52A7}

Error: (08/16/2014 10:35:32 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


==================== Speicherinformationen ===========================

Prozessor: AMD A8-6410 APU with AMD Radeon R5 Graphics
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 3288.23 MB
Verfügbarer physikalischer RAM: 1487.3 MB
Summe virtueller Speicher: 4632.23 MB
Verfügbarer virtueller Speicher: 2540.6 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:915.09 GB) (Free:885.42 GB) NTFS
Drive d: (EAWG_1D) (CDROM) (Total:2.34 GB) (Free:0 GB) UDF

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6B146082)

Partition: GPT.

==================== Ende von Addition.txt ============================

Hoffe die Logs sind aufschlussreich!

lg Hari

cosinus 27.01.2016 13:55
Zitat:
AV: Panda Antivirus Pro 2016 (Enabled - Up to date) {5FD6C936-849B-5CE2-14BA-709E1D6FD1DA}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
Also sowas geht garnicht! Man verwenden einen einzigen Virenscanner mit Echtzeitschutz (Wächter) - mehr nicht!!

Hast du Panda gekauft? Wann? Ich würds echt nicht nutzen wollen!

Hau es im Zweifel runter, und diesen McAfee Mist auch. Bei W10 reicht der Windows Defender dicke allein aus.

Melde dich bitte die McAfee und evtl Panda deinstalliert ist.

Harilp 27.01.2016 14:03
Panda ist gekauft.

McAfee nur weil ich den PC letzte Woche auf werkseinstellungen gesetzt hab

cosinus 27.01.2016 14:06
Tja, ich hätts nicht gekauft. Wenn kaufne, dann lieber sowie wie Emsisoft oder ESET. Deine Problem :D

Ist MCAfee jetzt deinstalliert?

Harilp 27.01.2016 14:12
Habs ja nich selber gekauft,hat mein vater weil er findet es sei gut und da hab ichs auch bekomm.

Bin grad dabei es zu deinstallieren

cosinus 27.01.2016 14:16
Sehr gut :daumenhoc

Harilp 27.01.2016 14:17
Was doll ich jetz machn?

cosinus 27.01.2016 14:19
Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Harilp 27.01.2016 16:25
Ok wird gemacht,muss aber erst noch kurz weg.

Ich werd die logd dann wieder hier posten

Btw wie lang dauert so ein scan?

Hier der .log
Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.01.27.03
  rootkit: v2016.01.20.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17107
Harald :: HARI [administrator]

27.01.2016 15:22:17
mbar-log-2016-01-27 (15-22-17).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 347762
Time elapsed: 55 minute(s), 53 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus 27.01.2016 21:33
Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Harilp 27.01.2016 21:47
Und für was ist das jetz?

cosinus 28.01.2016 08:09
Steht doch in meinem Beitrag!

Harilp 28.01.2016 19:50
Bitte den thread nicht schliesen,hab grad keinen zugang zum pc weil sich in meinem sozialen umfeld viel tut.

cosinus 28.01.2016 22:20
Melde dich einfach wieder wenn du Zeit hast. Poste dann einfach die Logs, ich schließ nichts. Viel Glück und Erfolg! :daumenhoc

Harilp 29.01.2016 16:37
Bis auf 2 IPs sind wieder alle verschwunden wunder mich wieso sie nicht auch verschwinden :/

Hier ist die datei von ADWCleaner:
Code:
# AdwCleaner v5.031 - Logfile created 29/01/2016 at 16:27:24
# Updated 25/01/2016 by Xplode
# Database : 2016-01-25.3 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : Harald - HARI
# Running from : C:\Users\Harald\Desktop\Neuer Ordner\AdwCleaner_5.031.exe
# Option : Cleaning
# Support : hxxp://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\OCS
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Key Deleted : HKCU\Software\Classes\pokki

***** [ Web browsers ] *****


*************************

:: "Tracing" keys removed
:: Proxy settings cleared
:: Winsock settings cleared
:: Chrome policies deleted

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [924 bytes] ##########
Der log von JTS:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 10 Home x64
Ran by Harald (Administrator) on 29.01.2016 at 15:40:04,01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1

Successfully deleted: C:\ProgramData\pokki (Folder)



Registry: 2

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.01.2016 at 15:45:17,13
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
und hier noch der frst log
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-01-2016
durchgeführt von Harald (Administrator) auf HARI (29-01-2016 16:31:41)
Gestartet von C:\Users\Harald\Downloads
Geladene Profile: Harald (Verfügbare Profile: Harald)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [40696 2015-06-10] (Panda Security, S.L.)
HKU\S-1-5-21-4227363564-4010607935-2243415042-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-11-19] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-29] (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{fe6e80d5-3258-457f-aac6-13de593be1ef}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-4227363564-4010607935-2243415042-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/?pc=ACJB
HKU\S-1-5-21-4227363564-4010607935-2243415042-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-4227363564-4010607935-2243415042-1001 -> DefaultScope {C061F2B2-DA60-4788-ABBC-A18E52685450} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-01-29] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-01-29] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-29] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-01-29] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-01-29] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-01-29] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-01-29] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Harald\AppData\Roaming\Mozilla\Firefox\Profiles\8o550tqu.default
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-01-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-01-29] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Extension: Adblock Plus - C:\Users\Harald\AppData\Roaming\Mozilla\Firefox\Profiles\8o550tqu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-26]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => nicht gefunden

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2015-11-17] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-01-02] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-06-09] (Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [66808 2014-10-09] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-06-10] (Panda Security, S.L.)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [60432 2015-06-23] (Advanced Micro Devices, Inc.)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101104 2015-06-23] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [277240 2015-06-23] (Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7549616 2014-02-25] (Broadcom Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [94480 2015-05-27] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [202000 2015-05-27] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110864 2015-05-27] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [117008 2015-05-27] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [49936 2015-04-27] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [101648 2015-05-27] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [78096 2015-05-27] ()
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124176 2015-05-27] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [300304 2015-05-27] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [170256 2015-05-27] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113424 2015-05-27] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257808 2015-05-27] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106256 2015-05-27] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [164624 2015-05-08] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121616 2015-05-08] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197904 2015-05-08] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124176 2015-05-08] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [133904 2015-06-04] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107792 2015-05-08] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek                                            )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [761600 2015-06-24] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-19] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-29 16:24 - 2016-01-29 16:27 - 00000000 ____D C:\AdwCleaner
2016-01-29 16:23 - 2016-01-29 16:31 - 00000000 ____D C:\Users\Harald\Desktop\Neuer Ordner
2016-01-29 15:45 - 2016-01-29 15:45 - 00000866 _____ C:\Users\Harald\Desktop\JRT.txt
2016-01-29 15:38 - 2016-01-29 15:39 - 01609032 _____ (Malwarebytes) C:\Users\Harald\Downloads\JRT.exe
2016-01-29 15:14 - 2016-01-29 15:14 - 00000553 _____ C:\Users\Harald\Downloads\Backup-codes-h.brandacher.txt
2016-01-29 14:21 - 2016-01-29 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-01-29 14:19 - 2016-01-29 14:19 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-01-29 14:18 - 2016-01-29 14:19 - 01107648 _____ (Microsoft Corporation) C:\Users\Harald\Downloads\Setup.X86.de-DE_O365ProPlusRetail_913cf123-2a4a-41a7-9961-bd3aa7ae4be1_TX_PR_.exe
2016-01-29 14:12 - 2016-01-29 14:12 - 00000000 ____D C:\ProgramData\USOShared
2016-01-28 21:25 - 2016-01-28 21:26 - 00002394 _____ C:\Users\Harald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-01-28 21:25 - 2016-01-28 21:26 - 00000000 ___RD C:\Users\Harald\OneDrive
2016-01-28 21:23 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2016-01-28 21:23 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2016-01-28 21:23 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2016-01-28 21:23 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2016-01-28 21:23 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2016-01-28 21:23 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2016-01-28 21:23 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2016-01-28 21:23 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2016-01-28 21:23 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2016-01-28 21:23 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2016-01-28 21:23 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2016-01-28 21:23 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2016-01-28 21:23 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2016-01-28 21:23 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2016-01-28 21:23 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2016-01-28 21:23 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2016-01-28 21:23 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2016-01-28 21:20 - 2016-01-28 21:20 - 00000000 ____D C:\Users\Harald\AppData\Local\AMD
2016-01-28 21:20 - 2016-01-28 21:20 - 00000000 ____D C:\ProgramData\ATI
2016-01-28 21:19 - 2016-01-28 21:19 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-01-28 21:18 - 2016-01-28 21:18 - 00000000 ____D C:\Users\Harald\AppData\Local\Publishers
2016-01-28 21:18 - 2016-01-28 21:18 - 00000000 ____D C:\Users\Harald\AppData\Local\ActiveSync
2016-01-28 21:16 - 2016-01-28 21:16 - 00000020 ___SH C:\Users\Harald\ntuser.ini
2016-01-28 21:16 - 2016-01-28 21:16 - 00000000 ____D C:\Users\Harald\AppData\Local\TileDataLayer
2016-01-28 21:16 - 2016-01-28 21:16 - 00000000 ____D C:\Users\Harald\AppData\Local\Comms
2016-01-28 21:14 - 2016-01-28 21:14 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-01-28 21:14 - 2016-01-28 21:14 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-01-28 21:14 - 2016-01-28 21:14 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-01-28 21:14 - 2016-01-28 21:14 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-01-28 21:14 - 2016-01-28 21:14 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-01-28 21:14 - 2016-01-28 21:14 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-01-28 21:14 - 2016-01-28 21:14 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-01-28 21:14 - 2016-01-28 21:14 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-01-28 21:14 - 2016-01-28 21:14 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-01-28 21:14 - 2016-01-28 21:14 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-01-28 21:14 - 2016-01-28 21:14 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-01-28 21:14 - 2016-01-28 21:14 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-01-28 21:14 - 2016-01-28 21:14 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-01-28 21:14 - 2016-01-28 21:14 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-01-28 21:14 - 2016-01-28 21:14 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-01-28 21:14 - 2016-01-28 21:14 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-01-28 21:14 - 2016-01-28 21:14 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-01-28 21:14 - 2016-01-28 21:14 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-01-28 21:14 - 2016-01-28 21:14 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-01-28 21:11 - 2016-01-29 14:16 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-28 21:07 - 2016-01-29 16:29 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-28 21:07 - 2016-01-28 21:07 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-01-28 21:01 - 2016-01-28 21:01 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-28 21:01 - 2016-01-28 21:01 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki
2016-01-28 21:01 - 2016-01-28 21:01 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki
2016-01-28 20:56 - 2016-01-28 20:56 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-01-28 20:55 - 2016-01-29 15:47 - 00000000 ____D C:\Users\Harald
2016-01-28 20:55 - 2016-01-28 20:55 - 00000000 _SHDL C:\Users\Harald\Vorlagen
2016-01-28 20:55 - 2016-01-28 20:55 - 00000000 _SHDL C:\Users\Harald\Startmenü
2016-01-28 20:55 - 2016-01-28 20:55 - 00000000 _SHDL C:\Users\Harald\Netzwerkumgebung
2016-01-28 20:55 - 2016-01-28 20:55 - 00000000 _SHDL C:\Users\Harald\Lokale Einstellungen
2016-01-28 20:55 - 2016-01-28 20:55 - 00000000 _SHDL C:\Users\Harald\Eigene Dateien
2016-01-28 20:55 - 2016-01-28 20:55 - 00000000 _SHDL C:\Users\Harald\Druckumgebung
2016-01-28 20:55 - 2016-01-28 20:55 - 00000000 _SHDL C:\Users\Harald\Documents\Eigene Videos
2016-01-28 20:55 - 2016-01-28 20:55 - 00000000 _SHDL C:\Users\Harald\Documents\Eigene Musik
2016-01-28 20:55 - 2016-01-28 20:55 - 00000000 _SHDL C:\Users\Harald\Documents\Eigene Bilder
2016-01-28 20:55 - 2016-01-28 20:55 - 00000000 _SHDL C:\Users\Harald\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-01-28 20:55 - 2016-01-28 20:55 - 00000000 _SHDL C:\Users\Harald\AppData\Local\Verlauf
2016-01-28 20:55 - 2016-01-28 20:55 - 00000000 _SHDL C:\Users\Harald\AppData\Local\Anwendungsdaten
2016-01-28 20:55 - 2016-01-28 20:55 - 00000000 _SHDL C:\Users\Harald\Anwendungsdaten
2016-01-28 20:53 - 2016-01-28 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-01-28 20:52 - 2016-01-29 16:28 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-01-28 20:52 - 2016-01-28 20:57 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-28 20:52 - 2016-01-28 20:57 - 00000000 ____D C:\ProgramData\AMD
2016-01-28 20:52 - 2016-01-28 20:57 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-01-28 20:52 - 2016-01-28 20:52 - 00000000 ____D C:\Program Files\ATI Technologies
2016-01-28 20:52 - 2016-01-28 20:52 - 00000000 ____D C:\AMD
2016-01-28 20:52 - 2016-01-28 20:52 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2016-01-28 20:51 - 2016-01-28 20:51 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_amdpsp_01011.Wdf
2016-01-28 20:51 - 2016-01-28 20:51 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-01-28 20:51 - 2016-01-28 20:51 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-01-28 20:51 - 2016-01-28 20:51 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-01-28 20:51 - 2016-01-28 20:51 - 00000000 ____D C:\Program Files\Realtek
2016-01-28 20:51 - 2016-01-28 20:51 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-01-28 20:51 - 2016-01-28 20:51 - 00000000 ____D C:\Program Files\AMD
2016-01-28 20:51 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-01-28 20:48 - 2016-01-29 16:28 - 00405400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-28 20:47 - 2016-01-28 21:16 - 00000000 ___DC C:\WINDOWS\Panther
2016-01-28 20:43 - 2016-01-28 20:44 - 00000000 ____D C:\Windows.old
2016-01-28 20:42 - 2016-01-28 20:42 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-28 20:42 - 2016-01-28 20:42 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-28 20:42 - 2016-01-28 20:42 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-01-28 20:42 - 2016-01-28 20:42 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-28 20:42 - 2016-01-28 20:42 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-28 20:42 - 2016-01-28 20:42 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-01-28 20:42 - 2016-01-28 20:42 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-28 20:42 - 2016-01-28 20:42 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-01-28 20:42 - 2016-01-28 20:42 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-28 20:42 - 2016-01-28 20:42 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-28 20:42 - 2016-01-28 20:42 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-28 20:42 - 2016-01-28 20:42 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-28 20:42 - 2016-01-28 20:42 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-01-28 20:42 - 2016-01-28 20:42 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 24602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 22572624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 21125400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 19338752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 12126208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 06600904 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 05238360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-01-28 20:41 - 2016-01-28 20:41 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-01-28 20:41 - 2016-01-28 20:41 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-01-28 20:41 - 2016-01-28 20:41 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-01-28 20:41 - 2016-01-28 20:41 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-28 20:41 - 2016-01-28 20:41 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-28 20:41 - 2016-01-28 20:41 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-01-28 20:41 - 2016-01-28 20:41 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-01-28 20:41 - 2016-01-28 20:41 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-01-28 20:41 - 2016-01-28 20:41 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-28 20:41 - 2016-01-28 20:41 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-28 20:41 - 2016-01-28 20:41 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-28 20:41 - 2016-01-28 20:41 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-01-28 20:41 - 2016-01-28 20:41 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-01-28 20:41 - 2016-01-28 20:41 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-01-28 20:41 - 2016-01-28 20:41 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-01-28 20:41 - 2016-01-28 20:41 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-01-28 20:41 - 2016-01-28 20:41 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-01-28 20:41 - 2016-01-28 20:41 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-01-28 20:41 - 2016-01-28 20:41 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-01-28 20:41 - 2016-01-28 20:41 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-01-28 20:41 - 2016-01-28 20:41 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-01-28 20:41 - 2016-01-28 20:41 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-01-28 20:41 - 2016-01-28 20:41 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-01-28 20:41 - 2016-01-28 20:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-01-28 20:41 - 2016-01-28 20:41 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-01-28 20:41 - 2016-01-28 20:41 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-01-28 20:41 - 2016-01-28 20:41 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-28 20:41 - 2016-01-28 20:41 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2016-01-28 20:41 - 2016-01-28 20:41 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2016-01-28 20:41 - 2016-01-28 20:41 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-01-28 20:41 - 2016-01-28 20:41 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2016-01-28 20:35 - 2016-01-28 20:35 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-01-28 20:33 - 2016-01-28 20:33 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-01-28 20:33 - 2016-01-28 20:33 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-01-28 20:33 - 2016-01-28 20:33 - 00000000 ____D C:\Program Files\MSBuild
2016-01-28 20:33 - 2016-01-28 20:33 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-01-28 20:33 - 2016-01-28 20:33 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-01-28 20:32 - 2016-01-28 20:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-01-28 20:32 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-01-28 20:32 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-01-28 20:32 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-01-28 20:32 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-01-28 20:32 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-01-28 20:32 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-01-28 20:20 - 2016-01-28 21:13 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2016-01-28 20:20 - 2016-01-28 21:13 - 00009528 _____ C:\WINDOWS\diagerr.xml
2016-01-28 17:51 - 2016-01-28 17:51 - 00000000 ____D C:\Users\Harald\AppData\Local\Microsoft_Corporation
2016-01-28 17:46 - 2016-01-28 17:46 - 00045730 _____ C:\Users\Harald\Downloads\PSWindowsUpdate.zip
2016-01-28 17:45 - 2016-01-28 17:45 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-01-28 17:31 - 2016-01-28 17:34 - 07635472 _____ (Microsoft Corporation) C:\Users\Harald\Downloads\GetWindows10-sds_____________.exe
2016-01-28 17:27 - 2016-01-28 17:27 - 00000000 ____D C:\Users\Harald\AppData\Local\GWX
2016-01-27 21:13 - 2016-01-27 21:16 - 00000000 ____D C:\Users\Harald\Downloads\metro
2016-01-27 21:13 - 2016-01-27 21:13 - 01272188 _____ C:\Users\Harald\Downloads\metro_for_steam___4_0_3_by_boneyardbrew-d4u3kjv.zip
2016-01-27 20:21 - 2016-01-28 21:02 - 00000000 ____D C:\Users\Harald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-27 20:21 - 2016-01-27 20:21 - 00000219 _____ C:\Users\Harald\Desktop\Counter-Strike Global Offensive.url
2016-01-27 20:09 - 2015-05-22 09:45 - 00061712 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2016-01-27 19:56 - 2016-01-27 20:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-27 19:56 - 2016-01-27 19:56 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-27 19:52 - 2016-01-27 19:52 - 00000000 ____D C:\Users\Harald\AppData\Local\Steam
2016-01-27 19:52 - 2016-01-27 19:52 - 00000000 ____D C:\Users\Harald\AppData\Local\CEF
2016-01-27 19:48 - 2016-01-29 16:30 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-27 19:48 - 2016-01-28 21:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-27 19:48 - 2016-01-27 19:48 - 00000983 _____ C:\Users\Public\Desktop\Steam.lnk
2016-01-27 19:47 - 2016-01-27 19:47 - 01380712 _____ C:\Users\Harald\Downloads\SteamSetup.exe
2016-01-27 19:07 - 2016-01-27 19:08 - 00000000 ____D C:\e0cec2fd920914fc7d
2016-01-27 19:04 - 2016-01-27 19:04 - 01466656 _____ C:\Users\Harald\Downloads\Microsoft NET Framework - CHIP-Installer.exe
2016-01-27 18:58 - 2016-01-27 18:58 - 00000000 ____D C:\Users\Harald\Downloads\wsusoffline1032
2016-01-27 18:58 - 2016-01-27 18:58 - 00000000 ____D C:\Users\Harald\Downloads\wsusoffline
2016-01-27 18:56 - 2016-01-27 18:56 - 02026382 _____ C:\Users\Harald\Downloads\wsusoffline1032.zip
2016-01-27 18:49 - 2016-01-27 18:49 - 07749976 _____ (Microsoft Corporation) C:\Users\Harald\Downloads\WindowsUpdateAgent30-x64.exe
2016-01-27 18:49 - 2016-01-27 18:49 - 00000000 ____D C:\8d79a9065bd5b08d08c30831922d
2016-01-27 16:13 - 2016-01-27 16:24 - 754813084 _____ (WinFuture) C:\Users\Harald\Downloads\WinFuture_8.1_x64_UpdatePack_1.24_Januar_2016-Vollversion.exe
2016-01-27 16:12 - 2015-07-22 15:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2016-01-27 16:11 - 2016-01-27 16:11 - 00000000 ____D C:\Users\Public\OEM
2016-01-27 15:21 - 2016-01-27 16:17 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-01-27 15:19 - 2016-01-27 16:17 - 00000000 ____D C:\Users\Harald\Desktop\mbar
2016-01-27 15:19 - 2016-01-27 15:19 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Harald\Downloads\mbar-1.09.3.1001.exe
2016-01-27 15:15 - 2016-01-27 15:15 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-27 15:14 - 2016-01-27 15:14 - 22908888 _____ (Malwarebytes ) C:\Users\Harald\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-27 15:13 - 2016-01-27 15:13 - 01466656 _____ C:\Users\Harald\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2016-01-27 15:09 - 2016-01-27 15:09 - 00302011 _____ C:\Users\Harald\Downloads\WindowsUpdateDiagnostic.diagcab
2016-01-27 15:05 - 2016-01-28 17:27 - 00000000 ____D C:\Users\Harald\AppData\Local\ElevatedDiagnostics
2016-01-27 14:34 - 2016-01-27 14:34 - 00848048 _____ (IDG Magazine Media GmbH ) C:\Users\Harald\Downloads\pcwFixWindowsUpdate.exe
2016-01-27 14:34 - 2016-01-27 14:34 - 00002001 _____ C:\Users\Public\Desktop\abMedia.lnk
2016-01-27 14:34 - 2015-03-14 02:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2016-01-27 14:30 - 2016-01-27 14:30 - 00002005 _____ C:\Users\Public\Desktop\abPhoto.lnk
2016-01-27 14:29 - 2015-08-22 14:42 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:42 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:42 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:42 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:42 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:42 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:42 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:35 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:35 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:35 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:35 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:35 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:35 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:35 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-01-27 14:29 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-01-27 14:27 - 2016-01-27 14:27 - 00001969 _____ C:\Users\Public\Desktop\abDocs.lnk
2016-01-27 14:26 - 2016-01-28 21:07 - 00002376 _____ C:\WINDOWS\System32\Tasks\abDocsDllLoader
2016-01-27 14:23 - 2016-01-28 21:07 - 00002390 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2016-01-27 14:23 - 2016-01-28 21:07 - 00002372 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2016-01-27 14:23 - 2016-01-27 14:47 - 00000000 ____D C:\Users\Harald\AppData\Local\Acer
2016-01-27 14:23 - 2016-01-27 14:23 - 00002106 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2016-01-27 14:22 - 2016-01-27 14:22 - 00000000 ____D C:\Users\Harald\AppData\Roaming\acer
2016-01-27 13:50 - 2016-01-27 14:09 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2016-01-27 13:42 - 2016-01-27 13:43 - 00030374 _____ C:\Users\Harald\Downloads\Addition.txt
2016-01-27 13:40 - 2016-01-29 16:31 - 00015270 _____ C:\Users\Harald\Downloads\FRST.txt
2016-01-27 13:40 - 2016-01-29 16:31 - 00000000 ____D C:\FRST
2016-01-27 13:40 - 2016-01-27 13:40 - 02370560 _____ (Farbar) C:\Users\Harald\Downloads\FRST64.exe
2016-01-26 20:14 - 2016-01-28 21:07 - 00003744 _____ C:\WINDOWS\System32\Tasks\ACCAgent
2016-01-26 20:14 - 2016-01-28 21:07 - 00002788 _____ C:\WINDOWS\System32\Tasks\ACC
2016-01-26 20:14 - 2016-01-28 21:07 - 00002186 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2016-01-26 20:14 - 2016-01-26 20:14 - 00001810 _____ C:\Users\Public\Desktop\Acer Care Center.lnk
2016-01-26 20:14 - 2016-01-26 20:14 - 00000000 ____D C:\Users\Harald\AppData\Local\CareCenter
2016-01-26 19:57 - 2016-01-26 19:57 - 00000000 ____D C:\Users\Harald\Desktop\decaffeinatid0.09
2016-01-26 19:56 - 2016-01-26 19:57 - 00507396 _____ C:\Users\Harald\Downloads\decaffeinatid0.09.zip
2016-01-26 19:35 - 2016-01-26 19:41 - 00000000 ____D C:\Users\Harald\AppData\Local\Mozilla
2016-01-26 19:35 - 2016-01-26 19:35 - 00001179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-26 19:35 - 2016-01-26 19:35 - 00001167 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-01-26 19:35 - 2016-01-26 19:35 - 00000000 ____D C:\Users\Harald\AppData\Roaming\Mozilla
2016-01-26 19:35 - 2016-01-26 19:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-26 19:34 - 2016-01-26 19:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-26 19:32 - 2016-01-26 19:32 - 00000000 ____D C:\Users\Harald\AppData\Roaming\Macromedia
2016-01-26 19:31 - 2016-01-26 19:31 - 00000000 __SHD C:\Users\Harald\AppData\LocalLow\EmieUserList
2016-01-26 19:31 - 2016-01-26 19:31 - 00000000 __SHD C:\Users\Harald\AppData\LocalLow\EmieSiteList
2016-01-26 19:31 - 2016-01-26 19:31 - 00000000 __SHD C:\Users\Harald\AppData\Local\EmieUserList
2016-01-26 19:31 - 2016-01-26 19:31 - 00000000 __SHD C:\Users\Harald\AppData\Local\EmieSiteList
2016-01-26 19:29 - 2016-01-26 19:29 - 00000000 ____D C:\Users\Harald\AppData\Roaming\ATI
2016-01-26 19:29 - 2016-01-26 19:29 - 00000000 ____D C:\Users\Harald\AppData\Local\ATI
2016-01-26 19:26 - 2016-01-27 13:25 - 00000000 ____D C:\Users\Harald\AppData\Local\CrashDumps
2016-01-26 19:26 - 2016-01-26 19:26 - 00000000 ____D C:\Users\Harald\AppData\Local\Acer Aspire R7 Tutorial
2016-01-26 18:23 - 2016-01-28 21:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Antivirus Pro 2016
2016-01-26 18:23 - 2016-01-26 18:25 - 00002216 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Antivirus Pro 2016.lnk
2016-01-26 18:23 - 2016-01-26 18:23 - 00000000 ____D C:\Program Files (x86)\Panda Security
2016-01-26 18:21 - 2016-01-26 18:23 - 00000000 ____D C:\ProgramData\Panda Security
2016-01-26 14:03 - 2016-01-26 13:37 - 00001008 _____ C:\Users\Harald\Desktop\Delphi 6.lnk
2016-01-26 13:37 - 2016-01-28 21:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InterBase
2016-01-26 13:37 - 2016-01-28 21:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Borland Delphi 6
2016-01-26 13:37 - 2013-08-22 14:25 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services.isc
2016-01-26 13:37 - 2001-03-06 07:01 - 00361984 _____ (Inprise Corporation) C:\WINDOWS\SysWOW64\gds32.dll
2016-01-26 13:31 - 2016-01-26 13:37 - 00000000 ____D C:\Program Files (x86)\Borland
2016-01-26 13:27 - 2016-01-26 13:27 - 00000136 _____ C:\Users\Harald\Desktop\Star Wars Empire at War Forces of Corruption - Verknüpfung.lnk
2016-01-26 13:27 - 2016-01-26 13:27 - 00000136 _____ C:\Users\Harald\Desktop\Star Wars Empire at War - Verknüpfung.lnk
2016-01-26 13:19 - 2016-01-26 13:24 - 00000000 ____D C:\Program Files (x86)\LucasArts
2016-01-26 13:11 - 2016-01-28 21:07 - 00002812 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4227363564-4010607935-2243415042-1001
2016-01-26 13:09 - 2016-01-26 13:09 - 00000000 ____D C:\Users\Public\Pokki
2016-01-26 13:06 - 2016-01-27 16:11 - 00000000 ____D C:\Users\Harald\AppData\Local\clear.fi
2016-01-26 13:06 - 2016-01-26 13:06 - 00001280 _____ C:\Users\Harald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk
2016-01-26 13:06 - 2016-01-26 13:06 - 00000000 ____D C:\WINDOWS\oem
2016-01-26 13:06 - 2016-01-26 13:06 - 00000000 ____D C:\Users\Harald\PicStream
2016-01-26 13:06 - 2016-01-26 13:06 - 00000000 ____D C:\Users\Harald\AppData\Local\AOP SDK
2016-01-26 13:05 - 2016-01-29 14:54 - 00000000 ____D C:\Users\Harald\AppData\Local\Packages
2016-01-26 13:05 - 2016-01-29 14:20 - 00000000 ____D C:\Users\Harald\AppData\Local\VirtualStore
2016-01-26 13:05 - 2016-01-26 13:05 - 00001788 _____ C:\Users\Public\Desktop\Online kaufen.lnk
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 ____D C:\Users\Harald\AppData\Roaming\Adobe
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 ____D C:\Users\Harald\AppData\Local\OEM
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 ____D C:\ProgramData\OEM_YAHOO
2016-01-26 13:05 - 2016-01-26 13:05 - 00000000 ____D C:\Program Files\Accessory Store
2016-01-26 13:03 - 2016-01-28 21:16 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Vorlagen
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Startmenü
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Netzwerkumgebung
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Lokale Einstellungen
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Eigene Dateien
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Druckumgebung
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Videos
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Musik
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Bilder
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Verlauf
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Anwendungsdaten
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Programme
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\ProgramData\Vorlagen
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\ProgramData\Startmenü
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\ProgramData\Dokumente
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2016-01-25 21:54 - 2016-01-25 21:54 - 00000000 _SHDL C:\Dokumente und Einstellungen

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-29 16:30 - 2014-08-16 09:49 - 00529629 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2016-01-29 16:28 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-29 16:28 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2016-01-29 15:26 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-29 15:26 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-29 14:32 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-29 14:27 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-29 14:25 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-29 14:16 - 2015-10-30 19:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-29 14:16 - 2015-10-30 19:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-29 14:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-01-29 14:14 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-01-29 14:12 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate
2016-01-28 21:21 - 2014-07-25 22:21 - 00000000 ____D C:\ProgramData\OEM
2016-01-28 21:17 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-28 21:17 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-01-28 21:17 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-01-28 21:17 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-28 21:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-01-28 21:14 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-01-28 21:14 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT
2016-01-28 21:12 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration
2016-01-28 21:07 - 2014-08-16 10:20 - 00002750 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4227363564-4010607935-2243415042-500
2016-01-28 21:07 - 2014-08-16 09:59 - 00002182 _____ C:\WINDOWS\System32\Tasks\Quick Access Quick Launcher
2016-01-28 21:07 - 2014-08-16 09:59 - 00002062 _____ C:\WINDOWS\System32\Tasks\Quick Access
2016-01-28 21:07 - 2014-08-16 09:58 - 00002096 _____ C:\WINDOWS\System32\Tasks\Power Management
2016-01-28 21:07 - 2014-08-16 09:57 - 00002070 _____ C:\WINDOWS\System32\Tasks\Launch Manager
2016-01-28 21:07 - 2014-07-25 22:21 - 00004154 _____ C:\WINDOWS\System32\Tasks\Software Update Application
2016-01-28 21:06 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-01-28 21:02 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help
2016-01-28 21:02 - 2015-10-30 07:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-28 21:02 - 2014-08-16 10:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power Media Player 12
2016-01-28 21:02 - 2014-07-25 22:21 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-01-28 21:01 - 2013-08-22 14:36 - 00000000 ____D C:\Users\Default.migrated
2016-01-28 20:59 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2016-01-28 20:59 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2016-01-28 20:59 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2016-01-28 20:59 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-01-28 20:59 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool
2016-01-28 20:59 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-28 20:59 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-28 20:59 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-01-28 20:59 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-01-28 20:59 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-01-28 20:59 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-01-28 20:59 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-01-28 20:59 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-01-28 20:59 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-01-28 20:57 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\InputMethod
2016-01-28 20:57 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-01-28 20:57 - 2014-08-16 09:45 - 00000000 ____D C:\Program Files\WIDCOMM
2016-01-28 20:57 - 2014-08-16 09:39 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2016-01-28 20:57 - 2014-07-25 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2016-01-28 20:57 - 2014-07-25 22:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-01-28 20:57 - 2014-07-25 22:23 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
2016-01-28 20:57 - 2014-07-25 22:22 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3
2016-01-28 20:57 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2016-01-28 20:57 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\ADFS
2016-01-28 20:54 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-01-28 20:48 - 2015-10-30 19:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-01-28 20:47 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-01-28 20:43 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-28 20:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-28 20:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-01-28 20:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-28 20:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-01-28 20:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-01-28 20:43 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-01-28 20:43 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-01-28 20:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-01-28 20:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-01-28 20:20 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2016-01-27 21:50 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-01-27 14:27 - 2014-07-25 22:20 - 00000000 ____D C:\Program Files (x86)\Acer
2016-01-27 14:20 - 2014-07-25 22:57 - 00000000 ___HD C:\OEM
2016-01-27 14:18 - 2014-07-25 22:28 - 00000000 ____D C:\ProgramData\McAfee
2016-01-27 14:07 - 2014-07-25 22:00 - 00000000 ____D C:\Users\Administrator
2016-01-27 13:43 - 2014-07-25 22:20 - 00000000 ____D C:\ProgramData\acer
2016-01-26 13:37 - 2013-08-22 14:25 - 00017508 _____ C:\WINDOWS\system32\Drivers\etc\services
2016-01-26 13:24 - 2014-07-25 22:21 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-01-27 16:32 - 2014-09-09 18:44 - 0017542 _____ () C:\Users\Harald\AppData\Local\amazon.ico
2016-01-28 20:51 - 2016-01-28 20:51 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Harald\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-28 20:48

==================== Ende von FRST.txt ============================


Alle Zeitangaben in WEZ +1. Es ist jetzt 13:34 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19