Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.11.2015, 18:11   #1
Theesener
 
Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr - Standard

Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr



Guten Abend liebe Experten,

Norton Antivirus hat auf meinem Rechner (WIN10) die DNSAPI.DLL geht, da diese mit einem Virus infiziert gewesen sei. Ich habe eine neue DLL heruntergeladen und in den system32-Ordner kopiert. Internetkonektivität ist seit dem wieder gegeben. Jetzt meldet Norton extremen Datenverkehr. Ich fürchte, da steckt noch etwas anderes im System.



Vielen Dank, dass Ihr Euch des Problems annehmt.

Gruß

Carsten

Alt 02.11.2015, 18:46   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr - Standard

Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 02.11.2015, 20:00   #3
Theesener
 
Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr - Standard

Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr



Hallo Schrauber,
danke für Deine Unterstützung.

Hier Teil 1:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
durchgeführt von Hermann Eisenberg (Administrator) auf LAPTOPNAMASTEE (02-11-2015 19:22:53)
Gestartet von C:\Users\Hermann Eisenberg\Downloads
Geladene Profile: Hermann Eisenberg (Verfügbare Profile: Hermann Eisenberg)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Windows\System32\FspService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Rexx Language Association) C:\Program Files (x86)\ooRexx\rxapi.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\ns.exe
() C:\Program Files\shopperz021120151346\Jeotla.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(X10) C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(SmartPurple) C:\ProgramData\SmartPurple\SmartPurple.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files\shopperz021120151346\Dicve.exe
() C:\Program Files\shopperz021120151346\csrcc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\ns.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(SmartPurple) C:\ProgramData\SmartPurple\SmartPurple.exe
() C:\Program Files\shopperz021120151346\Jihpiiys.exe
() C:\Program Files\shopperz021120151346\Jihpiiys64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_226.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_226.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [6319440 2015-05-29] (Sentelic Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-09] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [207400 2010-12-15] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2009-12-11] (Wistron Corp.)
HKLM-x32\...\Run: [LMgrOSD] => "C:\Program Files (x86)\Launch Manager\OSDCtrl.exe"
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [436264 2010-06-21] (Wistron Corp.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [PremierDownloadManager EPM Support] => "C:\PROGRA~2\PREMIE~2\bar\1.bin\agmedint.exe" T8EPMSUP.DLL,S
HKLM-x32\...\Run: [PremierDownloadManager AppIntegrator 32-bit] => C:\PROGRA~2\PREMIE~2\bar\1.bin\AppIntegrator.exe
HKLM-x32\...\Run: [PremierDownloadManager AppIntegrator 64-bit] => C:\Program Files (x86)\PremierDownloadManager_ag\bar\1.bin\AppIntegrator64.exe [264264 2014-11-04] ()
HKLM-x32\...\Run: [PremierDownloadManager Search Scope Monitor] => "C:\PROGRA~2\PREMIE~2\bar\1.bin\agsrchmn.exe" /m=2 /w /h
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-05-20] (Google Inc.)
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\...\RunOnce: [Uninstall C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\...\RunOnce: [Uninstall C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5892.0626] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\...\RunOnce: [Uninstall C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\...\RunOnce: [Uninstall C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5951.0827] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5951.0827"
AppInit_DLLs: C:\ProgramData\SmartPurple\SmartPurple64.dll => C:\ProgramData\SmartPurple\SmartPurple64.dll [989696 2015-09-27] (SmartPurple)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{68f059c0-89a8-4ed1-98a0-38871ef4445b}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
URLSearchHook: HKU\S-1-5-21-3083776869-754314292-1123622445-1000 - (Kein Name) - {4d687bc7-7f1a-472c-bf8e-9af6d7b17ac8} - C:\Program Files (x86)\PremierDownloadManager_ag\bar\1.bin\agSrcAs.dll Keine Datei
SearchScopes: HKU\S-1-5-21-3083776869-754314292-1123622445-1000 -> {A73FA815-DBAB-4666-A26F-8130ECD203CC} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-27] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: shopperz021120151346 -> {D51D4235-9CAC-405A-9D6E-F0A3EDCC574C} -> C:\Program Files\shopperz021120151346\Xofqak64.dll [2015-11-02] ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Keine Datei
BHO: Kein Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> Keine Datei
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22] (Oracle Corporation)
BHO-x32: Toolbar BHO -> {970c55b4-c79e-4c62-9bfa-76439b68969f} -> C:\PROGRA~2\PREMIE~2\bar\1.bin\agbar.dll => Keine Datei
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-27] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: shopperz021120151346 -> {D51D4235-9CAC-405A-9D6E-F0A3EDCC574C} -> C:\Program Files\shopperz021120151346\Xofqak.dll [2015-11-02] ()
BHO-x32: Search Assistant BHO -> {da104fa1-3714-4056-8f42-d7fb74fd43dc} -> C:\Program Files (x86)\PremierDownloadManager_ag\bar\1.bin\agSrcAs.dll => Keine Datei
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22] (Oracle Corporation)
BHO-x32: Kein Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> Keine Datei
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-27] (Google Inc.)
Toolbar: HKLM-x32 - PremierDownloadManager - {c42118c7-59e5-404c-b161-2314a645b84f} - C:\Program Files (x86)\PremierDownloadManager_ag\bar\1.bin\agbar.dll Keine Datei
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-3083776869-754314292-1123622445-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-3083776869-754314292-1123622445-1000 -> Kein Name - {C42118C7-59E5-404C-B161-2314A645B84F} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default
FF DefaultSearchEngine: Yahoo Web
FF Homepage: hxxps://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @PremierDownloadManager_ag.com/Plugin -> C:\Program Files (x86)\PremierDownloadManager_ag\bar\1.bin\NPagStub.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default\user.js [2015-11-02]
FF SearchPlugin: C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default\searchplugins\yahoo-ysp.xml [2015-10-22]
FF Extension: New Tab by Yahoo - C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default\Extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2015-10-08] [ist nicht signiert]
FF Extension: google-maps - C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default\Extensions\jid1-nEyk3fuea9WauQ@jetpack.xpi [2015-10-15]
FF Extension: Quick Maps - C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default\Extensions\map@quickmaps.me.xpi [2015-10-15]
FF Extension: Quick Translator - C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2015-05-29]
FF Extension: Adblock Plus - C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-08]
FF HKLM\...\Firefox\Extensions: [{D51D4235-9CAC-405A-9D6E-F0A3EDCC574C}] - C:\Program Files\shopperz021120151346\Firefox\{D51D4235-9CAC-405A-9D6E-F0A3EDCC574C}.xpi
FF Extension: Kein Name - C:\Program Files\shopperz021120151346\Firefox\{D51D4235-9CAC-405A-9D6E-F0A3EDCC574C}.xpi [2015-11-02] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{EBA722F5-038F-4CAF-9EE2-545A221628BC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.1.0.9\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.1.0.9\coFFPlgn [2015-11-02]
FF HKLM-x32\...\Firefox\Extensions: [{D51D4235-9CAC-405A-9D6E-F0A3EDCC574C}] - C:\Program Files\shopperz021120151346\Firefox\{D51D4235-9CAC-405A-9D6E-F0A3EDCC574C}.xpi

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=MDNC&bmod=MDNC
CHR StartupUrls: Default -> "hxxp://www.t-online.de/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll => Keine Datei
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\pdf.dll => Keine Datei
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll => Keine Datei
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Profile: C:\Users\Hermann Eisenberg\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Hermann Eisenberg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-25]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-04]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-04]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 6D2E0A7B-E573-45D1-931D-F169309E3670; C:\Program Files\shopperz021120151346\Dicve.exe [248672 2015-11-02] ()
R3 csrcc; C:\Program Files\shopperz021120151346\csrcc.exe [1512288 2015-11-02] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 FspSvc; C:\Windows\System32\FspService.exe [2178896 2015-05-29] ()
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-10-22] (Microsoft Corporation)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\NS.exe [282016 2015-09-24] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-12-14] () [Datei ist nicht signiert]
R2 RXAPI; C:\Program Files (x86)\ooRexx\rxapi.exe [96256 2012-08-29] (Rexx Language Association) [Datei ist nicht signiert]
R2 shopperz021120151346 Updater; C:\Program Files\shopperz021120151346\Jeotla.exe [150880 2015-11-02] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2013-02-10] (Chris Pietschmann (hxxp://pietschsoft.com)) [Datei ist nicht signiert]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-10-22] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-10-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2009-10-23] (Wistron Corp.)
R2 x10nets; C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe [20480 2009-11-07] (X10) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\BASHDefs\20151022.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R1 bsdriver; C:\WINDOWS\system32\drivers\bsdriver.sys [34720 2015-11-02] ()
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605040.018\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [56736 2015-11-02] (Windows (R) Win 7 DDK provider)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-08-01] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-09-06] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-30] (Symantec Corporation)
R3 fspad_win764; C:\Windows\system32\DRIVERS\fspad_win764.sys [209232 2015-05-29] (Sentelic Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\IPSDefs\20151030.001\IDSvia64.sys [767224 2015-10-20] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-11-02] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-10-22] (Microsoft Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20151102.001\ENG64.SYS [138488 2015-10-27] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20151102.001\EX64.SYS [2148080 2015-10-27] (Symantec Corporation)
R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [162360 2015-11-02] (Duplex Secure Ltd)
R1 SRTSP; C:\Windows\System32\Drivers\NSx64\1605040.018\SRTSP64.SYS [930024 2015-09-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605040.018\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605040.018\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NSx64\1605040.018\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-30] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSx64\1605040.018\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NSx64\1605040.018\SYMNETS.SYS [577768 2015-09-23] (Symantec Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [15896 2009-05-13] (X10 Wireless Technology, Inc.)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-02 19:22 - 2015-11-02 19:23 - 00027488 _____ C:\Users\Hermann Eisenberg\Downloads\FRST.txt
2015-11-02 19:22 - 2015-11-02 19:23 - 00000000 ____D C:\FRST
2015-11-02 19:21 - 2015-11-02 19:21 - 02198016 _____ (Farbar) C:\Users\Hermann Eisenberg\Downloads\FRST64.exe
2015-11-02 19:12 - 2015-11-02 19:12 - 00016148 _____ C:\WINDOWS\system32\LAPTOPNAMASTEE_Hermann Eisenberg_HistoryPrediction.bin
2015-11-02 17:35 - 2015-11-02 17:36 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\NPE
2015-11-02 16:19 - 2015-11-02 16:20 - 00000000 ___HD C:\$SysReset
2015-11-02 13:45 - 2015-11-02 13:45 - 00034720 _____ () C:\WINDOWS\system32\Drivers\bsdriver.sys
2015-11-02 13:45 - 2015-11-02 13:45 - 00003440 _____ C:\WINDOWS\System32\Tasks\Nemdib
2015-11-02 13:45 - 2015-11-02 13:45 - 00000000 ____D C:\WINDOWS\system32\dehb
2015-11-02 13:45 - 2015-11-02 13:45 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\ortmp
2015-11-02 13:45 - 2015-11-02 13:45 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\LocalLow\Company
2015-11-02 13:45 - 2015-11-02 13:45 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
2015-11-02 13:45 - 2015-11-02 13:45 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\Tempfolder
2015-11-02 13:44 - 2015-11-02 18:33 - 00000000 ____D C:\Program Files\shopperz021120151346
2015-11-02 13:44 - 2015-11-02 18:17 - 00000000 ____D C:\ProgramData\Service3232
2015-11-02 13:44 - 2015-11-02 18:14 - 00000396 _____ C:\WINDOWS\Tasks\PQEVTK1.job
2015-11-02 13:44 - 2015-11-02 13:44 - 00002960 _____ C:\WINDOWS\System32\Tasks\PQEVTK1
2015-11-02 13:44 - 2015-11-02 13:44 - 00000000 ____D C:\uninst
2015-11-02 13:44 - 2015-11-02 13:44 - 00000000 ____D C:\ProgramData\SmartPurple
2015-11-02 13:44 - 2015-11-02 13:44 - 00000000 ____D C:\ProgramData\19a87fa1ec024bbcbb41931263354405
2015-11-02 13:43 - 2015-11-02 13:43 - 00028672 _____ C:\Users\Hermann Eisenberg\Documents\Mappe1.xls
2015-11-02 13:29 - 2015-11-02 13:29 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\as_eskek3
2015-11-02 13:28 - 2015-11-02 13:32 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\AquaSoft
2015-11-02 13:28 - 2015-11-02 13:28 - 00162360 _____ (Duplex Secure Ltd) C:\WINDOWS\system32\Drivers\sptd2.sys
2015-11-02 13:28 - 2015-11-02 13:28 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\AquaSoft
2015-11-02 13:27 - 2015-11-02 13:28 - 00000000 ___HD C:\ProgramData\{6B6AF059-CAB8-4F36-97C5-C7AE0A2CE143}
2015-11-02 13:27 - 2015-11-02 13:27 - 00001232 _____ C:\Users\Public\Desktop\DiaShow 9 Ultimate.lnk
2015-11-02 13:27 - 2015-11-02 13:27 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\IIIQF
2015-11-02 13:27 - 2015-11-02 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AquaSoft
2015-11-02 13:27 - 2015-11-02 13:27 - 00000000 ____D C:\Program Files (x86)\AquaSoft
2015-11-02 13:26 - 2015-11-02 13:27 - 00000000 ____D C:\ProgramData\mia77A9.tmp
2015-11-02 13:22 - 2015-11-02 13:23 - 183703760 _____ (AquaSoft ) C:\Users\Hermann Eisenberg\Downloads\DiaShowUltimateSetup9606.exe
2015-11-02 12:49 - 2015-11-02 13:45 - 00056736 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\cherimoya.sys
2015-10-30 16:45 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 16:45 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 16:45 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 16:45 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 16:45 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 16:45 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 16:45 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 16:45 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 16:45 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 16:45 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 16:45 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 16:45 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 16:45 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 16:45 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 16:45 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 16:45 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 16:45 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 16:45 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 16:45 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 16:45 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 16:45 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 16:45 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 16:45 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 16:45 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 16:45 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 16:45 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 16:45 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 16:45 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 16:45 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 16:45 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 16:45 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 16:45 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 16:45 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 16:45 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-27 21:25 - 2015-10-27 21:25 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\{3114D149-425C-4FCC-B398-3D294C66EAF4}
2015-10-27 21:13 - 2015-10-27 21:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-10-27 19:13 - 2015-10-27 19:18 - 00048128 _____ C:\Users\Hermann Eisenberg\Documents\Klassenliste.xls
2015-10-23 14:03 - 2015-10-23 14:03 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-10-23 00:28 - 2015-10-23 00:39 - 00000600 _____ C:\Users\Hermann Eisenberg\AppData\Local\PUTTY.RND
2015-10-23 00:25 - 2015-10-23 00:41 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\FileZilla
2015-10-23 00:25 - 2015-10-23 00:25 - 00001838 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2015-10-23 00:25 - 2015-10-23 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-10-23 00:25 - 2015-10-23 00:25 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2015-10-23 00:24 - 2015-10-23 00:23 - 06539752 _____ (Tim Kosse) C:\Users\Hermann Eisenberg\Downloads\FileZilla_3.14.1_win64-setup.exe
2015-10-23 00:23 - 2015-10-23 00:23 - 01023120 _____ (Soft Web ) C:\Users\Hermann Eisenberg\Downloads\FileZilla_3.exe
2015-10-23 00:00 - 2015-10-23 00:00 - 27554464 _____ (Bitnami) C:\Users\Hermann Eisenberg\Downloads\bitnami-wordpress-4.3.1-0-module-windows-installer(1).exe
2015-10-22 23:56 - 2015-10-22 23:57 - 00000000 ____D C:\wordpress
2015-10-22 23:39 - 2015-10-22 23:39 - 27554464 _____ (Bitnami) C:\Users\Hermann Eisenberg\Downloads\bitnami-wordpress-4.3.1-0-module-windows-installer.exe
2015-10-22 22:39 - 2015-10-22 22:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-22 22:39 - 2015-10-22 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-10-22 22:38 - 2015-10-22 22:38 - 01503872 _____ (Skype Technologies S.A.) C:\Users\Hermann Eisenberg\Downloads\SkypeSetup.exe
2015-10-22 21:47 - 2015-10-22 21:47 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\MicrosoftEdge
2015-10-22 21:30 - 2015-10-22 21:16 - 00000000 ___DC C:\WINDOWS\Panther
2015-10-22 21:29 - 2015-10-22 20:37 - 00000000 __SHD C:\Recovery
2015-10-22 21:28 - 2015-10-22 21:32 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\Comms
2015-10-22 21:24 - 2015-10-28 14:59 - 00002438 _____ C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-22 21:24 - 2015-10-28 14:59 - 00000000 ___RD C:\Users\Hermann Eisenberg\OneDrive
2015-10-22 21:21 - 2015-10-22 21:21 - 00000000 ____D C:\Windows.old
2015-10-22 21:20 - 2015-10-22 21:20 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-22 21:20 - 2015-10-22 21:20 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-22 21:20 - 2015-10-22 21:20 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-22 21:20 - 2015-10-22 21:20 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-22 21:20 - 2015-10-22 21:20 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-22 21:20 - 2015-10-22 21:20 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-22 21:19 - 2015-10-22 21:19 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\Publishers
2015-10-22 21:17 - 2015-10-24 21:30 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\Packages
2015-10-22 21:17 - 2015-10-22 21:17 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\TileDataLayer
2015-10-22 21:16 - 2015-10-22 21:16 - 00000020 ___SH C:\Users\Hermann Eisenberg\ntuser.ini
2015-10-22 21:15 - 2015-10-22 21:15 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\Program Files\MSBuild
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\inetpub
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\ProgramData\Favoriten
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Dokumente und Einstellungen
2015-10-22 21:10 - 2015-06-17 18:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-10-22 21:10 - 2015-06-17 18:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-22 21:10 - 2015-06-17 18:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-10-22 21:10 - 2015-05-29 21:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-10-22 21:10 - 2015-05-29 21:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-10-22 21:10 - 2015-05-29 21:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-10-22 21:09 - 2015-10-22 21:09 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-10-22 20:51 - 2015-10-22 20:51 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-10-22 20:51 - 2015-10-22 20:51 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-10-22 20:51 - 2015-10-22 20:51 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-10-22 20:51 - 2015-10-22 20:51 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-10-22 20:51 - 2015-10-22 20:51 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-10-22 20:42 - 2015-10-22 20:42 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-10-22 20:39 - 2015-10-23 22:29 - 00000000 ____D C:\Users\Hermann Eisenberg
2015-10-22 20:39 - 2015-10-22 21:17 - 00000000 ___RD C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Vorlagen
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Startmenü
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Netzwerkumgebung
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Lokale Einstellungen
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Eigene Dateien
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Druckumgebung
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Documents\Eigene Musik
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Documents\Eigene Bilder
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\AppData\Local\Verlauf
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\AppData\Local\Anwendungsdaten
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Anwendungsdaten
2015-10-22 20:39 - 2015-07-30 23:42 - 00000000 __RSD C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-22 20:39 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-22 20:39 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-22 20:39 - 2015-07-30 23:42 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-22 20:38 - 2015-11-02 18:18 - 02077062 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-22 20:38 - 2015-10-22 20:38 - 01980268 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-10-22 20:37 - 2015-10-22 20:38 - 00021209 _____ C:\WINDOWS\iis.log
2015-10-22 20:35 - 2015-10-22 20:35 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2015-10-22 20:35 - 2015-10-22 20:35 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-10-22 20:35 - 2015-10-22 20:35 - 00000000 ____D C:\Program Files\Realtek
2015-10-22 20:35 - 2015-10-22 20:35 - 00000000 ____D C:\iBTWU
2015-10-22 20:34 - 2015-11-02 18:15 - 00001655 _____ C:\WINDOWS\sentelic.log
2015-10-22 20:34 - 2015-10-22 20:34 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_fspad_win764_01009.Wdf
2015-10-22 20:34 - 2015-10-22 20:34 - 00000000 ____D C:\Program Files\FSP
2015-10-22 20:32 - 2015-10-22 20:33 - 00034578 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-10-22 19:45 - 2015-10-22 21:09 - 00006602 _____ C:\WINDOWS\comsetup.log
2015-10-22 19:38 - 2015-10-22 21:10 - 00010449 _____ C:\WINDOWS\diagerr.xml
2015-10-22 19:38 - 2015-10-22 21:10 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2015-10-22 14:32 - 2015-10-22 14:32 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\YSearchUtil
2015-10-22 14:32 - 2015-10-22 14:32 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-10-22 14:29 - 2015-10-22 14:29 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Sun
2015-10-22 14:29 - 2015-10-22 14:29 - 00000000 ____D C:\Users\Hermann Eisenberg\.oracle_jre_usage
2015-10-22 10:06 - 2015-10-22 10:06 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\LocalLow\Oracle
2015-10-15 18:23 - 2015-10-16 20:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-15 18:19 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
2015-10-15 18:19 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2015-10-15 18:19 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
2015-10-15 18:18 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-13 20:09 - 2015-10-13 20:09 - 00000000 ____D C:\Users\Hermann Eisenberg\Desktop\Kindergeld
2015-10-13 16:40 - 2015-10-22 20:55 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MatheTiger 1 & 2 Demoversion
2015-10-13 16:40 - 2015-10-13 16:40 - 00000875 _____ C:\Users\Hermann Eisenberg\Desktop\MatheTiger 1 & 2 Demoversion.lnk
2015-10-13 16:36 - 2015-10-13 16:36 - 00000000 ____D C:\Mildenberger
2015-10-11 14:40 - 2015-10-11 15:29 - 550977825 _____ C:\Users\Hermann Eisenberg\Downloads\TOSMD.zip
2015-10-11 14:39 - 2015-10-11 14:54 - 135499978 _____ C:\Users\Hermann Eisenberg\Downloads\EUBM.zip
2015-10-11 13:35 - 2015-10-11 15:35 - 1272975872 _____ C:\Users\Hermann Eisenberg\Downloads\eXplorist_2_15_Install.exe
2015-10-11 13:18 - 2015-10-11 13:25 - 51780823 _____ C:\Users\Hermann Eisenberg\Downloads\TOSMDEN.zip
2015-10-09 18:17 - 2015-10-09 18:17 - 00000975 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-10-09 18:17 - 2015-10-09 18:17 - 00000963 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-10-06 21:41 - 2015-10-06 21:41 - 02790415 _____ C:\Users\Hermann Eisenberg\Downloads\nochmehrfotos.zip
2015-10-06 21:41 - 2015-10-06 21:41 - 02688313 _____ C:\Users\Hermann Eisenberg\Downloads\fotosauskiel.zip
2015-10-05 22:21 - 2015-10-05 22:21 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_androidusb_01009.Wdf
2015-10-05 17:20 - 2015-10-05 17:25 - 00000000 ____D C:\Backup Handy
2015-10-05 16:59 - 2015-10-19 16:43 - 00000000 ____D C:\Users\Hermann Eisenberg\Documents\Behördenkram
2015-10-05 16:58 - 2015-10-18 22:16 - 00000000 ____D C:\Users\Hermann Eisenberg\Documents\Reiseberichte Namastee
2015-10-05 15:40 - 2015-11-02 18:34 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2015-10-04 21:35 - 2015-10-04 21:35 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-02 19:15 - 2011-05-20 22:12 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-02 18:35 - 2012-04-01 17:07 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-02 18:30 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-02 18:22 - 2015-09-10 06:33 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-02 18:18 - 2015-09-10 06:10 - 00884928 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-02 18:18 - 2015-09-10 06:10 - 00196026 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-02 18:15 - 2011-05-20 22:12 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-02 17:29 - 2014-12-11 03:29 - 00000442 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-11-02 17:28 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-02 17:27 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-02 17:19 - 2015-07-30 22:50 - 00022197 _____ C:\WINDOWS\setupact.log
2015-11-02 16:51 - 2015-06-09 17:43 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\CrashDumps
2015-11-02 16:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-02 14:38 - 2015-02-27 11:38 - 00000000 ____D C:\ProgramData\Airmail
2015-11-02 14:29 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-11-02 14:26 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-02 13:45 - 2015-05-27 20:47 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-01 14:04 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-30 17:59 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-10-30 16:50 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-30 16:27 - 2015-01-04 12:57 - 00000306 __RSH C:\ProgramData\ntuser.pol
2015-10-30 16:26 - 2015-07-30 22:49 - 00484624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-30 16:25 - 2015-09-09 21:31 - 00003794 _____ C:\WINDOWS\PFRO.log
2015-10-30 11:19 - 2011-03-14 03:59 - 00000000 ____D C:\Program Files (x86)\Launch Manager
2015-10-27 19:09 - 2011-05-24 10:50 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\Microsoft Help
2015-10-27 18:19 - 2011-05-20 22:12 - 00002256 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-24 21:28 - 2011-05-24 10:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-23 11:55 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\appcompat
2015-10-22 22:59 - 2014-12-04 21:49 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Skype
2015-10-22 22:41 - 2014-12-14 19:40 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\DVDVideoSoft
2015-10-22 22:40 - 2014-12-04 21:49 - 00000000 ____D C:\ProgramData\Skype
2015-10-22 22:39 - 2014-12-04 21:49 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2015-10-22 22:26 - 2014-12-04 02:07 - 00000000 ____D C:\ProgramData\opencpn
2015-10-22 21:30 - 2015-07-30 23:42 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-22 21:15 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\rescache
2015-10-22 21:12 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-10-22 21:12 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-10-22 21:12 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-10-22 21:12 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-10-22 21:11 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Windows NT
2015-10-22 21:11 - 2015-07-10 10:47 - 00000000 __RHD C:\Users\Default
2015-10-22 21:11 - 2015-07-10 06:13 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-10-22 21:11 - 2015-07-10 06:02 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-10-22 21:11 - 2015-07-10 04:36 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-10-22 21:11 - 2015-07-10 04:36 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-10-22 21:11 - 2015-07-10 04:36 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-10-22 21:11 - 2015-07-10 04:36 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-10-22 21:11 - 2015-07-10 04:36 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-10-22 21:11 - 2015-07-10 04:36 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-10-22 21:11 - 2015-07-10 04:26 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-10-22 21:11 - 2015-07-10 04:25 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-10-22 21:11 - 2015-07-10 04:25 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-10-22 21:11 - 2015-07-10 04:25 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-10-22 21:11 - 2015-07-10 04:25 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-10-22 21:11 - 2015-07-10 04:25 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-10-22 21:11 - 2015-07-10 04:25 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-10-22 21:11 - 2015-07-10 04:20 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-10-22 21:10 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\Registration
2015-10-22 21:10 - 2015-07-10 04:36 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-10-22 21:10 - 2015-07-10 04:25 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-10-22 21:10 - 2015-07-10 04:25 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-10-22 21:09 - 2015-07-30 23:42 - 00000000 __RSD C:\WINDOWS\Media
2015-10-22 21:09 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\ias
2015-10-22 21:09 - 2015-05-25 22:54 - 00003416 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2015-10-22 21:09 - 2015-05-22 21:17 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-22 21:09 - 2014-05-12 10:04 - 00003270 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2015-10-22 21:09 - 2014-05-12 10:04 - 00003242 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2015-10-22 21:09 - 2014-05-12 10:04 - 00003214 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2015-10-22 21:09 - 2014-05-12 10:03 - 00003212 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2015-10-22 21:09 - 2012-04-01 17:07 - 00003932 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-10-22 21:09 - 2011-05-31 11:19 - 00003244 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2015-10-22 21:09 - 2011-05-20 22:12 - 00004216 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-10-22 21:09 - 2011-05-20 22:12 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-10-22 21:08 - 2015-07-30 23:42 - 00000000 __RHD C:\Users\Public\Libraries
2015-10-22 21:02 - 2015-07-30 23:42 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-10-22 21:02 - 2015-05-25 22:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2015-10-22 20:55 - 2015-09-10 06:21 - 00000000 ____D C:\WINDOWS\ShellNew
2015-10-22 20:55 - 2015-08-01 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-10-22 20:55 - 2015-07-30 23:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-22 20:55 - 2015-07-07 16:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sailcut CAD 1.3.5
2015-10-22 20:55 - 2015-05-29 00:05 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2015-10-22 20:55 - 2015-05-27 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-10-22 20:55 - 2015-04-18 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenCPN
2015-10-22 20:55 - 2015-03-30 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-10-22 20:55 - 2015-02-26 21:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ITS HF Propagation
2015-10-22 20:55 - 2015-02-26 21:17 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOAProp
2015-10-22 20:55 - 2015-02-16 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-10-22 20:55 - 2015-02-06 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015
2015-10-22 20:55 - 2015-02-01 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open Object Rexx
2015-10-22 20:55 - 2015-02-01 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GE2KAP
2015-10-22 20:55 - 2015-01-04 16:29 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-22 20:55 - 2015-01-04 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-22 20:55 - 2014-12-29 18:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JVComm32
2015-10-22 20:55 - 2014-12-12 01:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-10-22 20:55 - 2014-12-11 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Router
2015-10-22 20:55 - 2014-12-10 10:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\streamWriter
2015-10-22 20:55 - 2014-12-09 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-10-22 20:55 - 2014-12-04 02:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-10-22 20:55 - 2014-12-02 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2015-10-22 20:55 - 2014-11-04 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierDownloadManager
2015-10-22 20:55 - 2014-05-12 10:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2015-10-22 20:55 - 2014-05-06 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-22 20:55 - 2012-10-20 10:45 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2015-10-22 20:55 - 2012-10-20 10:23 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-10-22 20:55 - 2012-06-30 09:53 - 00000000 ____D C:\WINDOWS\de
2015-10-22 20:55 - 2012-06-30 09:51 - 00000000 ____D C:\WINDOWS\sv
2015-10-22 20:55 - 2012-06-30 09:51 - 00000000 ____D C:\WINDOWS\nl
2015-10-22 20:55 - 2012-06-30 09:51 - 00000000 ____D C:\WINDOWS\fr
2015-10-22 20:55 - 2012-06-30 09:51 - 00000000 ____D C:\WINDOWS\fi
2015-10-22 20:55 - 2012-06-30 09:51 - 00000000 ____D C:\WINDOWS\en
2015-10-22 20:55 - 2012-06-30 09:51 - 00000000 ____D C:\WINDOWS\da
2015-10-22 20:55 - 2012-05-22 10:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-10-22 20:55 - 2012-01-31 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-10-22 20:55 - 2011-08-23 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-10-22 20:55 - 2011-05-31 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-10-22 20:55 - 2011-05-20 22:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Essentials X5
2015-10-22 20:55 - 2011-03-14 04:29 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeCinema
2015-10-22 20:55 - 2011-03-14 04:02 - 00000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e
2015-10-22 20:55 - 2011-03-12 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
2015-10-22 20:55 - 2011-03-12 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medion MediaPack
2015-10-22 20:55 - 2011-03-12 20:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-10-22 20:55 - 2011-03-12 20:41 - 00000000 ____D C:\WINDOWS\no
2015-10-22 20:51 - 2015-07-30 23:43 - 00005306 _____ C:\WINDOWS\DtcInstall.log
2015-10-22 20:51 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-22 20:51 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-22 20:51 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated
2015-10-22 20:45 - 2015-09-10 06:10 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\IME
2015-10-22 20:44 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\schemas
2015-10-22 20:44 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-10-22 20:43 - 2015-07-30 23:47 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-10-22 20:43 - 2015-07-30 23:42 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-10-22 20:43 - 2015-07-30 23:42 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-10-22 20:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\IME
2015-10-22 20:43 - 2015-02-27 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radio
2015-10-22 20:43 - 2014-12-22 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRIB.US
2015-10-22 20:43 - 2011-03-14 04:20 - 00000000 ____D C:\Program Files\Synaptics
2015-10-22 20:43 - 2011-03-14 04:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2015-10-22 20:43 - 2011-03-14 04:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2015-10-22 20:43 - 2010-11-21 08:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-10-22 20:42 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-22 20:42 - 2011-03-14 04:03 - 00000000 ____D C:\Program Files\Intel
2015-10-22 20:42 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-10-22 20:42 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-10-22 20:41 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-10-22 20:41 - 2009-07-14 04:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-10-22 20:40 - 2015-06-16 11:29 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nauticast
2015-10-22 20:37 - 2015-07-10 10:47 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-10-22 19:58 - 2011-05-21 07:00 - 01420767 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-10-22 19:58 - 2009-07-14 05:45 - 00016976 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-22 19:58 - 2009-07-14 05:45 - 00016976 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-22 19:39 - 2015-09-10 07:42 - 00000000 ___HD C:\$Windows.~BT
2015-10-22 15:03 - 2014-03-03 17:15 - 00000000 ____D C:\ProgramData\Oracle
2015-10-22 14:30 - 2011-03-12 21:16 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-22 14:28 - 2014-05-06 17:03 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-10-19 23:26 - 2012-10-20 10:23 - 00110080 ___SH C:\Users\Hermann Eisenberg\Desktop\Thumbs.db
2015-10-17 09:12 - 2015-05-22 21:20 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-10-17 09:12 - 2011-03-12 21:06 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-10-16 20:28 - 2014-12-01 23:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-16 04:10 - 2015-07-30 23:43 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-07-30 23:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 22:07 - 2013-08-23 20:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-15 21:58 - 2011-03-12 20:24 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-09 18:22 - 2011-05-20 22:20 - 00148608 _____ C:\Users\Hermann Eisenberg\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-09 18:17 - 2012-01-31 16:25 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-10-06 22:54 - 2014-12-28 18:46 - 00000000 ____D C:\Users\Hermann Eisenberg\Desktop\NT-Elektrogrundkurs-2012
2015-10-06 21:50 - 2014-12-13 23:52 - 00273408 ___SH C:\Users\Hermann Eisenberg\Downloads\Thumbs.db
2015-10-06 20:11 - 2014-12-30 01:36 - 00120832 ___SH C:\Users\Hermann Eisenberg\Documents\Thumbs.db
2015-10-05 15:34 - 2015-05-25 22:54 - 00002296 _____ C:\Users\Public\Desktop\Norton Security.LNK
2015-10-05 15:34 - 2015-05-25 22:52 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2015-10-04 22:21 - 2014-12-20 14:07 - 00000000 ____D C:\Users\Hermann Eisenberg\Documents\Meine empfangenen Dateien

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-01-23 10:34 - 2013-01-23 10:34 - 0000419 _____ () C:\Users\Hermann Eisenberg\AppData\Roaming\dpdhl.versandhelfer.medionlap_state.xml
2011-05-23 22:12 - 2011-05-23 22:12 - 0033134 _____ () C:\Users\Hermann Eisenberg\AppData\Roaming\UserTile.png
2012-02-06 16:40 - 2015-06-20 20:44 - 0005632 _____ () C:\Users\Hermann Eisenberg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-12 19:42 - 2014-12-12 19:42 - 0001542 _____ () C:\Users\Hermann Eisenberg\AppData\Local\PDLSetup.20141212.184207.txt
2014-12-12 19:44 - 2014-12-12 19:44 - 0001281 _____ () C:\Users\Hermann Eisenberg\AppData\Local\PDLSetup.20141212.184446.txt
2015-10-23 00:28 - 2015-10-23 00:39 - 0000600 _____ () C:\Users\Hermann Eisenberg\AppData\Local\PUTTY.RND
2014-12-01 23:33 - 2014-12-01 23:33 - 0000017 _____ () C:\Users\Hermann Eisenberg\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-01 21:24

==================== Ende von FRST.txt ============================
         
__________________

Alt 02.11.2015, 20:01   #4
Theesener
 
Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr - Standard

Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr



und der Additional-Teil:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-10-2015
durchgeführt von Hermann Eisenberg (2015-11-02 19:25:10)
Gestartet von C:\Users\Hermann Eisenberg\Downloads
Windows 10 Home (X64) (2015-10-22 20:16:14)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3083776869-754314292-1123622445-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3083776869-754314292-1123622445-503 - Limited - Disabled)
Gast (S-1-5-21-3083776869-754314292-1123622445-501 - Limited - Disabled)
Hermann Eisenberg (S-1-5-21-3083776869-754314292-1123622445-1000 - Administrator - Enabled) => C:\Users\Hermann Eisenberg
HomeGroupUser$ (S-1-5-21-3083776869-754314292-1123622445-1002 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Norton Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.35 beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
AquaSoft DiaShow 9 Ultimate (HKLM-x32\...\AquaSoft DiaShow 9 Ultimate) (Version: 9.6.06 - AquaSoft)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 9.23.0 - ashampoo GmbH & Co. KG)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.39 - Atheros Communications Inc.)
BingoMaster (HKU\S-1-5-21-3083776869-754314292-1123622445-1000\...\{9563BC59-9556-4805-8CD4-886781779D8D}) (Version: 1 - BingoMaster) <==== ACHTUNG
calibre (HKLM-x32\...\{D47B7229-AC24-4D79-96AB-880649FFC892}) (Version: 2.19.0 - Kovid Goyal)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{72DB27D3-FE05-4227-AF5A-11CD101ECF09}) (Version: 15.1.0.588 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.1.588 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.0 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.1.0.588 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit (Version: 15.1.588 - Corel Corporation) Hidden
Crystal Reports Basic Runtime for Visual Studio 2008 (HKLM-x32\...\{CE26F10F-C80F-4377-908B-1B7882AE2CE3}) (Version: 10.5.0.0 - Business Objects)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.0.6904 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4813 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3224a - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2225.02 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.3503 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3428 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Finger Sensing Pad Driver (HKLM\...\{E86906FF-C63D-4EAF-ACE7-5F8D55FBEA9A}) (Version: 9.4.9.5 - Sentelic)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GE2KAP V16.0.0.3 (HKLM-x32\...\{619C55A8-EB15-480A-BF7A-9E396D605B09}) (Version: 16.0.0.3 - Paul Higgins)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{C7B40C35-85AE-4303-9EEA-1A1EA779664D}) (Version: 1.0.2.0518 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
ITS HF Propagation 2014.12.31 (HKLM\...\{1B328085-F1A5-4AB8-8986-0103C5800216}) (Version: 2014.12.31 - US Department of Commerce NTIA/ITS)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
JVComm32 (HKLM-x32\...\{5090D628-C12F-4EB0-830D-819EFD52D950}) (Version: 2.0.1 - JVSoft Products - Eberhard Backeshoff)
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.3 - Wistron Corp.)
Link2AIS (HKLM-x32\...\Link2AIS) (Version:  - )
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2608 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.2608 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Research Mesh Virtual WIFI (HKLM-x32\...\{3F586E56-913B-4C6D-889B-F591485E069D}) (Version: 1.0.0 - Microsoft Corp)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2.5765 - Mozilla)
Norton Security (HKLM-x32\...\NS) (Version: 22.5.4.24 - Symantec Corporation)
Open Object Rexx (HKLM-x32\...\ooRexx) (Version: 4.1.2.8305 - Rexx Language Association)
OpenCPN (HKLM-x32\...\OpenCPN) (Version: 1.2 - opencpn.org)
OpenCPN 4.0.0 (HKLM-x32\...\OpenCPN 4.0.0) (Version: 4.0.0 - opencpn.org)
Opera 11.64 (HKLM-x32\...\Opera 11.64.1403) (Version: 11.64.1403 - Opera Software ASA)
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PremierDownloadManager Internet Explorer Toolbar (HKLM-x32\...\PremierDownloadManager_agbar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ACHTUNG
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6321 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10003 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
RMS Express (HKLM-x32\...\{93EDD4EF-B076-4625-A497-06803F9F5CD1}) (Version: 1.1.0 - Winlink 2000)
Sailcut CAD 1.3.5 (HKLM-x32\...\sailcut) (Version: 1.3.5 - Humanity)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
shopperz (HKLM-x32\...\{0D4685C5-210D-4908-bC63-7F05B0F0895E}) (Version: 2.0.0.476 - shopperz) <==== ACHTUNG
SketchUp 2015 (HKLM\...\{A83795B9-570F-40FF-ACB4-710B568EBA22}) (Version: 15.3.331 - Trimble Navigation Limited)
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
SmartPurple (HKLM-x32\...\SmartPurple) (Version:  - )
streamWriter (HKLM-x32\...\streamWriter_is1) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.12.0 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
UC232A_Win 7_64bit (HKLM-x32\...\{437BDACD-9584-4A01-A814-27EA01B452A6}) (Version: 1.0.081 - Aten International Co., Ltd.)
Ugrib RC1 (HKLM-x32\...\Ugrib_is1) (Version: Release Candidate 0.2.4 - GRIB.US)
Virtual Router v1.0 (HKLM-x32\...\{BE905C46-2B34-4D73-AEE1-769ED138E0FF}) (Version: 1.0 - Chris Pietschmann)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VOAProp (HKLM-x32\...\VOAProp) (Version: 1.1 - G4ILO Software)
VR-pulse Installer (HKLM\...\{CB3A3CAD-1083-4952-B3A6-E231359DE244}) (Version: 1.2.0 - American Megatrends Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
WinRAR 5.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
X10 Hardware(TM) (HKLM-x32\...\X10Hardware) (Version:  - )
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3083776869-754314292-1123622445-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01924948-6C15-49C2-9224-CB816509D6B5} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {059A44F6-43D1-49F4-920D-902CF5B2374A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {07C30873-876F-4F83-B704-CE3A4C012369} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {137593D4-9D50-49DC-95EC-34B55E4E5E06} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {16962EA3-5C4A-45A0-886E-E32903275E58} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {20930FBD-A1B8-445A-9526-36D0FC7CF816} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {2A26961F-451A-48A3-A797-B6ECE416312F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {2CCC73E5-D728-42DE-9E59-384701364878} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {30EAC3B5-EDE2-4F93-971B-C2ED25B768AC} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {3977DE65-24EA-48D4-9762-77674575ADB8} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {3C59DB16-A1C4-4087-9730-2946974964DA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {446BF1D5-6973-4364-B797-714151A2B2BB} - System32\Tasks\PQEVTK1 => C:\ProgramData\SmartPurple\SmartPurple.exe [2015-09-27] (SmartPurple) <==== ACHTUNG
Task: {462659AB-6E73-4013-A2CB-ECF6B23AA84B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {4CF239CE-E492-4D0A-AA83-46BA75C52B84} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {5924C13F-54D4-451B-8AFB-6E448DBD3533} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {5ACFDC27-507E-47C9-B803-182EEB328055} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {622D31C9-195C-41D7-A058-F27081AAE99F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {676EA69E-9C5E-4B92-AFCA-B55F10A693B4} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {6A94B01A-6275-452D-B784-1607EDF6ED0E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {6FC50C5E-D29E-4269-9C4F-B201E842D8F0} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {720EA5BD-C419-4D57-BA75-691BD979EB44} - System32\Tasks\Nemdib => C:\Program Files\shopperz021120151346\Codwif.bat [2015-11-02] () <==== ACHTUNG
Task: {731DD503-81E6-43D4-9C93-D7286477DC98} - System32\Tasks\Norton Security\Norton Autofix => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\SymErr.exe [2015-09-08] (Symantec Corporation)
Task: {744FC9D9-DA85-4E02-8BC7-A845F23B152F} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {7C729AFC-9A63-4714-94E8-1D252E61073C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-17] (Adobe Systems Incorporated)
Task: {8A43414C-75B7-4137-BE5C-4616408C0735} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {8B012E22-A3A3-4DED-B483-672129D0ECFD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {9BE090FC-CC34-4D6F-90CA-308DFA37B580} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {9EFF16E0-D531-4300-A60F-6584BF4BA836} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A11D4C68-B92A-4B1F-8EF8-F197D5A66549} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {A1CDFF91-7D0A-4EB7-BFAF-7ABC34A98EFC} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {B08D971A-C302-445A-9A07-6B661EA68DC4} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {B32E83BE-9A70-4563-9F5C-35A8B7ABF7F8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {B39594B0-1467-45A3-8221-5D50FB3A6E95} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {B62AAA0C-7DD1-4CAF-9148-A6EACE883B21} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {BBFF574A-132D-43C9-BE47-20BAB11A4C85} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {CC7FFEF6-2324-4B97-9CFC-38A7ED48457C} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\WSCStub.exe [2015-09-24] (Symantec Corporation)
Task: {D08A2177-71DC-46F1-B5CE-B36923C8D3EA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {D1AD17E9-9D30-4C09-BCF8-D4901C7C6EC9} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {D3B6FCA6-AA34-47A8-8C83-4FE498A18B3A} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {D6956277-5F9E-4BA0-8CA5-253C3112CBE2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {D6AE8F30-7390-4EC5-91CA-F05536B148D7} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {DF5BEF19-BE06-48F1-B0B7-C6AB78898440} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-06] (Google Inc.)
Task: {E22FF09B-DE37-4190-A3E3-5056086BE8FA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {E6C21C18-106E-4964-8555-C3C99A8F4D95} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {E7EB88E0-D623-4F2D-AF7D-E5D2B271C3C5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {EA8A6311-C87F-4143-A05E-002CDC2523B9} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {EC97DCEE-D391-4259-A691-BE863BD41456} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {F69EC370-2960-4B02-9FBA-B76B3D3F6B73} - System32\Tasks\{DE9B2AA1-4F63-4439-AC82-357023CBEE2A} => pcalua.exe -a E:\SETUP.EXE -d E:\
Task: {F9F55063-1D9E-4F34-81AA-D70B97C7FBC1} - System32\Tasks\{A4001846-CF9B-4FA7-B0D4-741FB22902FC} => pcalua.exe -a "C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7Y3X3SMH\irfanview_plugins_433_setup.exe" -d "C:\Users\Hermann Eisenberg\Desktop"
Task: {FD54D1B7-454E-4FE3-9F20-4533DC8A05E5} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {FE80B526-06B3-4931-81FC-99AD50810E20} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\PQEVTK1.job => C:\ProgramData\SmartPurple\SmartPurple.exe <==== ACHTUNG

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-09-10 06:12 - 2015-09-10 06:12 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-05-29 06:29 - 2015-05-29 06:29 - 02178896 _____ () C:\Windows\System32\FspService.exe
2015-09-10 06:12 - 2015-09-10 06:12 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2011-03-14 04:32 - 2010-12-14 11:39 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-11-02 12:49 - 2015-11-02 13:44 - 00150880 _____ () C:\Program Files\shopperz021120151346\Jeotla.exe
2015-11-02 12:49 - 2015-11-02 13:45 - 00248672 _____ () C:\Program Files\shopperz021120151346\Dicve.exe
2015-11-02 12:49 - 2015-11-02 13:45 - 01512288 _____ () C:\Program Files\shopperz021120151346\csrcc.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-11-02 12:49 - 2015-11-02 13:45 - 00294752 _____ () C:\Program Files\shopperz021120151346\Phegu64.DLL
2015-10-22 21:20 - 2015-10-22 21:20 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-11-02 12:49 - 2015-11-02 13:45 - 00353120 _____ () C:\Program Files\shopperz021120151346\Jihpiiys.exe
2015-11-02 12:49 - 2015-11-02 13:45 - 00407392 _____ () C:\Program Files\shopperz021120151346\Jihpiiys64.exe
2015-11-02 12:49 - 2015-11-02 13:45 - 00614240 _____ () C:\Program Files\shopperz021120151346\Lincuwi64.DLL
2015-11-02 12:49 - 2015-11-02 13:45 - 00271200 _____ () C:\Program Files\shopperz021120151346\Yaebabye64.DLL
2015-11-02 12:49 - 2015-11-02 13:45 - 00332128 _____ () C:\Program Files\shopperz021120151346\Xoschh64.DLL
2015-10-22 21:20 - 2015-10-22 21:20 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 04:13 - 2015-09-10 06:12 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-06-01 20:00 - 2015-06-01 20:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-03-13 01:02 - 2010-11-06 08:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-11-02 12:49 - 2015-11-02 13:45 - 00267616 _____ () C:\Program Files\shopperz021120151346\Phegu.DLL
2015-11-02 12:49 - 2015-11-02 13:45 - 00580960 _____ () C:\Program Files\shopperz021120151346\Lincuwi.DLL
2015-11-02 12:49 - 2015-11-02 13:45 - 00224096 _____ () C:\Program Files\shopperz021120151346\Yaebabye.DLL
2015-11-02 12:49 - 2015-11-02 13:44 - 00286048 _____ () C:\Program Files\shopperz021120151346\Xoschh.DLL
2009-11-02 22:20 - 2009-11-02 22:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 22:23 - 2009-11-02 22:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3083776869-754314292-1123622445-1000\Control Panel\Desktop\\Wallpaper -> c:\users\hermann eisenberg\appdata\local\microsoft\windows\themes\transcodedwallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{6102FB4D-14E8-4A4B-9063-8CED12921F70}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F745D979-9B6B-4EAA-86E2-F98544D2A0F1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FA681770-542E-490B-9029-C0008907B2D9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7FC12E21-D514-4774-922F-E1FDB907D602}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{DE94BA3F-8DDE-4D28-8004-46031BD10B4E}C:\program files (x86)\airmail\airmail3.exe] => (Allow) C:\program files (x86)\airmail\airmail3.exe
FirewallRules: [TCP Query User{2334485A-321A-4C19-964A-AD7F9E4ABE44}C:\program files (x86)\airmail\airmail3.exe] => (Allow) C:\program files (x86)\airmail\airmail3.exe
FirewallRules: [{11A5A610-3550-4FFA-8B0E-9839280BAFA9}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\Rtldhcp.exe
FirewallRules: [{25E4F909-0907-4B1F-9A42-EB447B2FBFB5}] => (Allow) LPort=53
FirewallRules: [{2043DD4C-562C-4644-BA80-17EC071E9CFD}] => (Allow) LPort=53
FirewallRules: [{CD796387-CCE4-4B4E-B53E-5F760FAC9173}] => (Allow) LPort=68
FirewallRules: [{4CA6C3C6-CD6B-4159-9461-4862206480FC}] => (Allow) LPort=67
FirewallRules: [{48EA0A47-7D78-40A5-ABFC-8E44CC83F029}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DD7C4306-7047-4683-9C30-8F2B2A36D19A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3469E911-F113-41EF-B298-E3724C51549D}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel Wireless Display\WiDiApp.exe
FirewallRules: [{940E84EA-CBCC-4E2D-B9F6-EAAFB4185624}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{1C8B875B-E39A-4946-84DA-BF27C241401E}] => (Allow) LPort=53
FirewallRules: [{B236B6D8-29A7-47B5-88E4-558CE33C84F8}] => (Allow) LPort=1542
FirewallRules: [{95A798A4-D322-43EC-81E7-2C5FE754C684}] => (Allow) LPort=1542
FirewallRules: [{2642B002-3B55-42A7-886D-3E6F054285CC}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtWLan.exe
FirewallRules: [{A00A47BF-D474-46C5-9B95-84CE6BE2D765}] => (Allow) C:\Program Files (x86)\Sitecom\WiFi USB adapter N300 Driver and Utility\RtWLan.exe
FirewallRules: [{0EA3F827-AB36-4268-B539-9C32C2D773EE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D8FABF00-9A95-4DA0-96F0-031B65BF5C17}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{F7817B4A-F07A-4DAD-A5EC-ECF1998C3517}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{9DB5BA5C-488E-4056-966C-6F3487CB1D09}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{5D16212B-3079-4B8B-973A-AD71867A3BDA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{39B8B3D4-0016-4C44-B85E-67D364CE8F3F}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{02980369-4AFA-4246-8668-91F250F4C87A}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{65032EC9-CBA0-448D-935F-E10D6C9AA6A2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD9.EXE
FirewallRules: [{2239F3CF-6F3F-4DA7-813D-3ADA51E0B78B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{8CAA68F6-E4A6-450A-B7F8-47A2CC8B71AC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{2CB32764-5D3B-4601-8B95-BBCE183ABBDE}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{30509FC5-C65E-446D-883F-6AEBC9CF4C41}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{65A9FA01-0ADA-4EFA-A989-A5FEC185CE25}] => (Allow) LPort=1900
FirewallRules: [{64EF526F-D106-4C36-87B5-F0A1D5BAC0EE}] => (Allow) LPort=2869
FirewallRules: [{03B5AA5F-8DD6-4DA3-904A-A12F51E22583}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{BCE7B3DC-9A4C-4AE8-91AC-CC89D1CC3094}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/02/2015 07:19:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: devmonsrv.exe, Version: 1.0.0.49, Zeitstempel: 0x4d38243e
Name des fehlerhaften Moduls: devmonsrv.exe, Version: 1.0.0.49, Zeitstempel: 0x4d38243e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00040ebc
ID des fehlerhaften Prozesses: 0x14e8
Startzeit der fehlerhaften Anwendung: 0xdevmonsrv.exe0
Pfad der fehlerhaften Anwendung: devmonsrv.exe1
Pfad des fehlerhaften Moduls: devmonsrv.exe2
Berichtskennung: devmonsrv.exe3
Vollständiger Name des fehlerhaften Pakets: devmonsrv.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: devmonsrv.exe5

Error: (11/02/2015 06:16:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: obexsrv.exe, Version: 1.0.0.49, Zeitstempel: 0x4d3823ba
Name des fehlerhaften Moduls: obexsrv.exe, Version: 1.0.0.49, Zeitstempel: 0x4d3823ba
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00055bee
ID des fehlerhaften Prozesses: 0x1870
Startzeit der fehlerhaften Anwendung: 0xobexsrv.exe0
Pfad der fehlerhaften Anwendung: obexsrv.exe1
Pfad des fehlerhaften Moduls: obexsrv.exe2
Berichtskennung: obexsrv.exe3
Vollständiger Name des fehlerhaften Pakets: obexsrv.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: obexsrv.exe5

Error: (11/02/2015 06:16:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mediasrv.exe, Version: 1.0.0.49, Zeitstempel: 0x4d382309
Name des fehlerhaften Moduls: mediasrv.exe, Version: 1.0.0.49, Zeitstempel: 0x4d382309
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0009aef9
ID des fehlerhaften Prozesses: 0x1628
Startzeit der fehlerhaften Anwendung: 0xmediasrv.exe0
Pfad der fehlerhaften Anwendung: mediasrv.exe1
Pfad des fehlerhaften Moduls: mediasrv.exe2
Berichtskennung: mediasrv.exe3
Vollständiger Name des fehlerhaften Pakets: mediasrv.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mediasrv.exe5

Error: (11/02/2015 06:15:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: devmonsrv.exe, Version: 1.0.0.49, Zeitstempel: 0x4d38243e
Name des fehlerhaften Moduls: devmonsrv.exe, Version: 1.0.0.49, Zeitstempel: 0x4d38243e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00040ebc
ID des fehlerhaften Prozesses: 0x1960
Startzeit der fehlerhaften Anwendung: 0xdevmonsrv.exe0
Pfad der fehlerhaften Anwendung: devmonsrv.exe1
Pfad des fehlerhaften Moduls: devmonsrv.exe2
Berichtskennung: devmonsrv.exe3
Vollständiger Name des fehlerhaften Pakets: devmonsrv.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: devmonsrv.exe5

Error: (11/02/2015 06:15:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mediasrv.exe, Version: 1.0.0.49, Zeitstempel: 0x4d382309
Name des fehlerhaften Moduls: mediasrv.exe, Version: 1.0.0.49, Zeitstempel: 0x4d382309
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0009aef9
ID des fehlerhaften Prozesses: 0x145c
Startzeit der fehlerhaften Anwendung: 0xmediasrv.exe0
Pfad der fehlerhaften Anwendung: mediasrv.exe1
Pfad des fehlerhaften Moduls: mediasrv.exe2
Berichtskennung: mediasrv.exe3
Vollständiger Name des fehlerhaften Pakets: mediasrv.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mediasrv.exe5

Error: (11/02/2015 06:14:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOPNAMASTEE)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/02/2015 06:14:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mediasrv.exe, Version: 1.0.0.49, Zeitstempel: 0x4d382309
Name des fehlerhaften Moduls: mediasrv.exe, Version: 1.0.0.49, Zeitstempel: 0x4d382309
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0009aef9
ID des fehlerhaften Prozesses: 0x1ae8
Startzeit der fehlerhaften Anwendung: 0xmediasrv.exe0
Pfad der fehlerhaften Anwendung: mediasrv.exe1
Pfad des fehlerhaften Moduls: mediasrv.exe2
Berichtskennung: mediasrv.exe3
Vollständiger Name des fehlerhaften Pakets: mediasrv.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mediasrv.exe5

Error: (11/02/2015 06:11:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: devmonsrv.exe, Version: 1.0.0.49, Zeitstempel: 0x4d38243e
Name des fehlerhaften Moduls: devmonsrv.exe, Version: 1.0.0.49, Zeitstempel: 0x4d38243e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00040ebc
ID des fehlerhaften Prozesses: 0x1d18
Startzeit der fehlerhaften Anwendung: 0xdevmonsrv.exe0
Pfad der fehlerhaften Anwendung: devmonsrv.exe1
Pfad des fehlerhaften Moduls: devmonsrv.exe2
Berichtskennung: devmonsrv.exe3
Vollständiger Name des fehlerhaften Pakets: devmonsrv.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: devmonsrv.exe5

Error: (11/02/2015 06:05:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: devmonsrv.exe, Version: 1.0.0.49, Zeitstempel: 0x4d38243e
Name des fehlerhaften Moduls: devmonsrv.exe, Version: 1.0.0.49, Zeitstempel: 0x4d38243e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00040ebc
ID des fehlerhaften Prozesses: 0x3a0
Startzeit der fehlerhaften Anwendung: 0xdevmonsrv.exe0
Pfad der fehlerhaften Anwendung: devmonsrv.exe1
Pfad des fehlerhaften Moduls: devmonsrv.exe2
Berichtskennung: devmonsrv.exe3
Vollständiger Name des fehlerhaften Pakets: devmonsrv.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: devmonsrv.exe5

Error: (11/02/2015 05:51:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: devmonsrv.exe, Version: 1.0.0.49, Zeitstempel: 0x4d38243e
Name des fehlerhaften Moduls: devmonsrv.exe, Version: 1.0.0.49, Zeitstempel: 0x4d38243e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00040ebc
ID des fehlerhaften Prozesses: 0xa8c
Startzeit der fehlerhaften Anwendung: 0xdevmonsrv.exe0
Pfad der fehlerhaften Anwendung: devmonsrv.exe1
Pfad des fehlerhaften Moduls: devmonsrv.exe2
Berichtskennung: devmonsrv.exe3
Vollständiger Name des fehlerhaften Pakets: devmonsrv.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: devmonsrv.exe5


Systemfehler:
=============
Error: (11/02/2015 07:19:53 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOPNAMASTEE)
Description: 1053Bluetooth Device MonitorNicht verfügbar{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}

Error: (11/02/2015 07:19:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bluetooth Device Monitor" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (11/02/2015 07:19:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bluetooth Device Monitor erreicht.

Error: (11/02/2015 06:16:37 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOPNAMASTEE)
Description: 1053Bluetooth OBEX ServiceNicht verfügbar{E9E0D51D-F407-4D91-B294-C111F721A3AF}

Error: (11/02/2015 06:16:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bluetooth OBEX Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (11/02/2015 06:16:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bluetooth OBEX Service erreicht.

Error: (11/02/2015 06:16:08 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOPNAMASTEE)
Description: 1053Bluetooth Media ServiceNicht verfügbar{9AC233E9-AC75-4DB5-85C4-DAB13A484FEA}

Error: (11/02/2015 06:16:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bluetooth Media Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (11/02/2015 06:16:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Bluetooth Media Service erreicht.

Error: (11/02/2015 06:16:07 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOPNAMASTEE)
Description: 1053Bluetooth Device MonitorNicht verfügbar{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}


CodeIntegrity:
===================================
  Date: 2015-10-26 23:57:20.160
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-26 23:57:20.107
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-26 23:57:19.969
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-26 23:57:19.848
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-26 23:57:19.793
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-26 23:57:19.735
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-26 23:57:14.304
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-26 23:57:09.244
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-26 23:44:02.515
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-10-26 23:44:02.473
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Prozentuale Nutzung des RAM: 56%
Installierter physikalischer RAM: 4003.07 MB
Verfügbarer physikalischer RAM: 1725.94 MB
Summe virtueller Speicher: 10147.07 MB
Verfügbarer virtueller Speicher: 7742.73 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:657.54 GB) (Free:352.86 GB) NTFS
Drive d: (Recover) (Fixed) (Total:38 GB) (Free:14.4 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: D3AF660C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=657.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== Ende von Addition.txt ============================
         

Alt 03.11.2015, 20:53   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr - Standard

Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    BingoMaster

    PremierDownloadManager Internet Explorer Toolbar (HKLM-x32\...\PremierDownloadManager_agbar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ACHTUNG

    shopperz



  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.11.2015, 00:16   #6
Theesener
 
Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr - Standard

Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr



Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 03.11.2015
Suchlaufzeit: 22:35
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.11.03.08
Rootkit-Datenbank: v2015.10.28.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Hermann Eisenberg

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 365942
Abgelaufene Zeit: 37 Min., 52 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v5.017 - Bericht erstellt am 03/11/2015 um 23:41:21
# Aktualisiert am 03/11/2015 von Xplode
# Datenbank : 2015-11-03.2 [Server]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : Hermann Eisenberg - LAPTOPNAMASTEE
# Gestartet von : C:\Users\Hermann Eisenberg\Desktop\AdwCleaner_5.017.exe
# Option : Löschen
# Unterstützung : Forum - ToolsLib

***** [ Dienste ] *****

[-] Dienst Gelöscht : bsdriver

***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files (x86)\PremierDownloadManager
[-] Ordner Gelöscht : C:\ProgramData\Tarma Installer
[-] Ordner Gelöscht : C:\ProgramData\19a87fa1ec024bbcbb41931263354405
[-] Ordner Gelöscht : C:\ProgramData\Service3232
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierDownloadManager
[-] Ordner Gelöscht : C:\Users\Hermann Eisenberg\AppData\Local\PackageAware
[-] Ordner Gelöscht : C:\Users\Hermann Eisenberg\AppData\Local\YSearchUtil
[-] Ordner Gelöscht : C:\Users\Hermann Eisenberg\AppData\LocalLow\iac
[-] Ordner Gelöscht : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default\Extensions\map@quickmaps.me.xpi
[-] Datei Gelöscht : C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default\user.js

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PremierDownloadManager_ag.SettingsPlugin
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PremierDownloadManager_ag.SettingsPlugin.1
[-] Schlüssel Gelöscht : HKCU\Software\Classes\CLSID\{4d687bc7-7f1a-472c-bf8e-9af6d7b17ac8}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6773eedc-4504-4743-b2eb-4300279250f9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{79b92d37-5edb-428a-ad11-f801ed3ae0c0}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{da104fa1-3714-4056-8f42-d7fb74fd43dc}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{0E01F743-5F86-437C-AFF8-F8B81E8D1455}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{917DD37D-6F5F-4AFB-BC8F-F21EA71D8CB4}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{BA0CC1B0-494E-4B94-A2C2-F9D9C6D2B569}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{da104fa1-3714-4056-8f42-d7fb74fd43dc}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6773eedc-4504-4743-b2eb-4300279250f9}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{da104fa1-3714-4056-8f42-d7fb74fd43dc}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{da104fa1-3714-4056-8f42-d7fb74fd43dc}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6773eedc-4504-4743-b2eb-4300279250f9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{4d687bc7-7f1a-472c-bf8e-9af6d7b17ac8}]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\PremierDownloadManager
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer

***** [ Internetbrowser ] *****


*************************

:: "Tracing" schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [4728 Bytes] ##########
         
--- --- ---


JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 10 Home x64
Ran by Hermann Eisenberg on 03.11.2015 at 23:59:55,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{970c55b4-c79e-4c62-9bfa-76439b68969f}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{970c55b4-c79e-4c62-9bfa-76439b68969f}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{970c55b4-c79e-4c62-9bfa-76439b68969f}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{07985146-5FEB-4531-B25C-90F434292D94}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{092ABD6B-409F-44FF-8B7D-D56B30494492}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{0B628311-AADE-43D0-AD84-C2AC7B598770}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{0B8969E5-92C0-4ED5-87EF-B97CCFC41DE1}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{0BCE0F4B-56FC-4E24-B228-5C7DC521165F}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{0DFEB511-739A-4C03-A152-47C8F921CD80}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{0EC6B077-09C9-4E03-A3C6-B17D4F6C5FEE}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{0FE336A7-2E30-481E-9F8F-ADBE03F7FB8C}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{10AF5CBC-0861-4EE8-B6BD-EE7871A24F7D}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{10C8BA0A-4A4E-416A-8347-5B75EC0F1393}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{11EB9495-AF9C-413B-9918-826407F0EF93}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{127DA02F-D967-4209-9E38-B1DA9166D77F}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{13D5AE0D-E8BF-4ADC-9A77-260FEE2A31C7}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{1950BC5A-A2E2-4158-A111-BE1A4FA07BE5}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{19EE0453-F247-4513-84B5-91A4F9236136}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{1D66323E-EA6E-4C94-B091-E26A5779C682}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{1F0BC54E-0796-4860-90EE-F292A0FD293F}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{21F166D4-18E5-4E1A-BDCB-4A0DEDF00486}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{247582D4-EE6F-4877-A6B6-D5447CDEDC8C}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{25757A4A-7FA2-4378-93BB-94A8BBF86B48}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{284245BD-696D-4EF0-BB71-8189680EBFCE}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{28D3BD24-6E37-4D13-A8DB-59515B77DA3D}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{2A569A02-6F74-4627-9811-12143D8B9964}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{2A5C2528-B724-4598-8755-1D2CE5A3C4B9}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{2E3DDE5A-601E-4718-853E-84C761E36374}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{2E75761C-F650-4670-BDC1-BFE80EB5E7A4}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{2FBB47C9-BA89-4DE4-8B57-9D0622E96A47}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{30CAD82F-9264-4C88-A618-2CD06F666D65}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{30D576EE-889F-4AE0-9253-88AEFC768E4B}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{3114D149-425C-4FCC-B398-3D294C66EAF4}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{31875897-86D4-4864-859B-9D6DB15A8158}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{3199D1B0-81BE-4BC9-8611-AD58B6F7BFA1}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{31CD3079-B7EB-4D16-945B-CCFAA2949CAC}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{33E85ED2-0042-4FE5-A800-697092D356F0}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{340BEDE7-B9DD-439E-8622-0DEF34DF49DB}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{3581ED49-2F35-4E53-897B-8953FC289E3E}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{36DB643A-052D-4D5E-BD84-C1FE310830B7}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{383C615C-5FCB-4057-842A-65FD6C07CB51}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{38FF830A-1C88-47EF-A039-851FA69FEDB7}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{3A3F1C78-CE25-4DA1-BD49-53817F7D9567}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{3DEFEA63-42D5-41E0-B5F1-700F54DB6702}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{3E807528-5F2A-442C-901B-1867F3B309B7}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{3EEAC5C9-FB8D-4A80-A500-6427FDD1FD39}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{3F0644D6-C7FD-4132-908D-B6721902604B}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{421B85A3-BAAE-43E5-B233-162AC4BEE8F8}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{437409DF-2D0A-4AD1-84CE-52CAC920B7A3}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{464958DE-9CCA-48CE-A641-3564A07BC03D}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{48330E9E-7810-4122-B95D-14A1E204F89C}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{4A628A2C-17ED-4F18-B8D2-EBC379F46FE4}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{4F67932F-788A-4771-BF81-0CAE005FE536}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{5576FAD8-DA25-478D-B404-D62FC9824AE1}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{57049E06-0CE2-422F-A548-C0DA1604E9C8}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{5A4742F6-CEFC-4D26-B6CA-49720F78CA70}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{5C0B6262-B7FD-4B6D-AC0E-B699B2A7F035}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{5C888691-CCEE-40CD-AE30-2F4E9F5F6572}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{5F016A2B-F48C-4A6F-B36C-52E4C7DE7C78}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{5FBDA8D3-8AC5-49AF-9D56-D258B32CE23F}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{61BCC23E-503E-4792-B838-CE9566E6FDB1}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{62156A23-EBAB-44C8-BE17-7146ECA66390}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{656A966D-D229-4D5F-AFA2-05967B13E742}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{65F60DAC-4CBE-4294-A04B-86AA5FED3F33}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{663122BE-5821-4DA9-A51E-09409542AEB3}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{663D27E2-F790-42CD-A258-0FF118604933}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{66C3E18C-4A74-4A42-BBB8-2AD9A09E464B}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{69213149-43A0-45BA-B8B6-2EE9803C3F65}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{696D1F53-7661-4797-A192-9FDF6EC1ED5E}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{6AA9A3EF-9CAE-4BFB-8E53-368E91CEA923}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{6C24896C-3A9B-492D-9514-50603ECD72BF}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{6C62B483-C1BF-4CE9-AAB4-8E15B7DA5E9E}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{6F3E0B91-5B50-4E16-BDB0-5432BE159344}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{6F6F3524-7A23-493D-BF44-F38C96424671}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{711B992D-F972-4093-9B9C-FB198E5BF818}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{719A660D-CA47-4671-A281-CCD38641BE64}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{73F0B909-D025-4078-9B0F-50FA61D753B8}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{770FD810-5E99-4E8D-9583-FAA4AB23454F}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{78325FAF-8C6B-4D8E-A47A-0A8A085598EA}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{7973252E-DFE5-4795-9E62-A08C6ADAA21B}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{7CB09401-6BA9-46D4-B50D-5CD43BBD51E4}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{7D7AB387-FBCC-4074-BE8D-BC0C9ED02224}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{7E197FDC-CA1A-45B7-ABB7-F1B10168FA71}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{861BA9B9-7749-45AA-9B64-33FD6E2618DC}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{886CC720-5343-4C67-9E69-DBF03BF85791}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{8892D30E-BA9F-4078-B9E1-C4346B5D2E95}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{8A0A1BB1-5ACC-451B-9245-002D4F6FD71E}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{8AA83638-6D63-4117-BBA1-C80A48E74DF4}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{8BB4B5B7-DB2D-4216-9608-FF6C7B31DD05}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{8D09D6FC-7DBB-4B68-8E92-5602B20AD5BD}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{8FFF1AE0-F93A-4BB2-8470-004F74E23B3E}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{91077AB8-CADD-41BF-8675-2DB644240B1A}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{919ED195-0C87-4126-96B7-F3D7E45D76D0}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{91AB1143-4FEF-4BF6-86B3-D97C844D4143}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{93424B6B-349A-4F23-A40F-0228DAF596AF}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{93F36285-9350-4B6D-B47C-BA5AFADF91FA}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{95EC3A69-87E7-4FA1-885B-F1EA6EB991EC}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{965811A7-1E19-4CA1-B494-131F85441DAE}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{96FA4053-CD28-495F-ACAA-B0418F3E251E}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{991DD164-C847-4C2D-98E9-054CE41E407B}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{99488089-F930-40ED-9110-384A1BFFBFBA}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{9B9E2501-4F0C-488A-B5CA-891DB7738FA3}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{9CC00920-D594-4BEE-8874-C443D60892C8}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{9EF57050-F37B-481A-B216-1FAAE4322580}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{A1C246DA-B0F8-4ED2-899A-99F0E32404D9}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{A2AAD261-57D7-40E1-BEC0-C1720B5EBD0D}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{A4BC3F4A-F2B3-44D0-A101-3A65CFAD74C8}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{A4BDABCC-A8A5-43D5-B30D-FB50F535E9FE}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{A5B02AC3-0A61-4E73-A8F9-625875C34993}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{A7836836-5BB4-47DA-BF03-0548A0DDEC5E}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{A8886040-D049-482A-9BF2-5FB405FC143B}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{A91A0E82-0FE9-4B6C-817A-56DE48530495}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{AAD69EC1-83BD-4827-980D-D049495E6E02}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{AADBB1C4-172B-41A7-8BFE-376259C4959D}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{AC329C57-8AF6-4148-B448-13ADF95DF1ED}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{AD002590-650E-4AE6-9C8A-581CABF0BA95}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{AF6B5A40-5C7C-41DD-8634-FE5236E79D9C}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{B235E3DC-E854-482C-809F-BF2E60A21434}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{B422D610-FF66-40A7-8275-60B6C5E8EAA7}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{B5C7F0DF-ACB2-4C45-A22F-B495139DE8F4}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{B8450F15-F791-40AB-A4D9-F395B3BCBE86}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{BB0EE126-2D8D-4F42-BBCF-8D63A06FA05F}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{BB3DF77F-0419-4C6D-A462-FEFB40B0335B}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{BCAE1B88-3140-4F43-8AF5-BDE27FAA8348}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{C3026D4D-7076-4F77-BA97-86E13E2373BE}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{C6C89BD6-E654-4AC2-A7E0-611564DC1B1A}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{C8B91F99-70C2-4C0E-9300-F102D9F44138}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{CB7AFF9C-2799-459C-86D6-AE4C7FFA7E78}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{CD251134-BBE8-4D4B-873C-B89C198AAF24}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{CE9278E0-F190-4FD7-B2F5-7B03CD21450C}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{CEE9DF15-1B1A-4633-89F4-A56AD089C7AE}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{D233AF66-81A7-4B4F-B23D-A8D0BC6A05C6}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{D3B6DD37-0BE7-45F6-A7B0-C9F29E6F96EE}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{D3C6DCA6-055B-4A38-86F7-E77758BF3ED5}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{D65D1BFB-4752-4904-9998-C0BCC5157000}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{D7E07E46-1855-4D9C-886F-8B303865CF12}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{D80447AF-75E3-4AF6-8153-D2CDEDA91F3B}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{D84693C3-CF3F-4649-B4F7-1C7948C15FA8}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{DD4EE204-D70D-48B8-B89F-02686EDBB6B9}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{DD6E8788-06D0-4C70-AB33-4C6EF1C8CEC5}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{DDFD74E9-4876-44BC-A192-14600B971443}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{E1E98BBC-69BF-4EC8-9EE0-85CD90E3ECB7}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{E30EB69A-CFD7-465E-909F-356D9DC906AE}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{E3C2D9A1-14E3-45C2-AEA3-24743CB293FC}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{E4D4F550-E313-48C3-A7AF-0E4438DB3DA7}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{E6C272FA-268F-4743-AD59-851E18CAD33F}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{E8C1DBB2-213A-4A75-970D-8F804D460AC7}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{EA3240D3-B0A0-467A-8A6F-065F972D97C9}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{F2A3D6A2-0014-4A3E-B220-21111E8A9938}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{F2FE5213-C966-4A6A-A750-BC2AB2C22528}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{F71B4EA2-3D10-4602-A950-53F319900B56}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{F971064E-BF7A-403C-BC36-0E012264B14A}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{FAD55875-40B2-4649-BFCC-CB63BE6DF867}
Successfully deleted: [Empty Folder] C:\Users\Hermann Eisenberg\Appdata\Local\{FE00228E-4A1C-4F02-8AD6-7C0CE1B9A16E}
Successfully deleted: [Folder] C:\Users\Hermann Eisenberg\Appdata\LocalLow\company



~~~ FireFox

Emptied folder: C:\Users\Hermann Eisenberg\AppData\Roaming\mozilla\firefox\profiles\5246m85a.default\minidumps [5 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo

[C:\Users\Hermann Eisenberg\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Hermann Eisenberg\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Hermann Eisenberg\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Hermann Eisenberg\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.11.2015 at  0:04:14,54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
--- --- ---

Geändert von Theesener (04.11.2015 um 00:25 Uhr) Grund: Ein Logfile war doppelt

Alt 04.11.2015, 00:23   #7
Theesener
 
Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr - Standard

Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr



und ein frisches FRST, bitte schön:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
durchgeführt von Hermann Eisenberg (Administrator) auf LAPTOPNAMASTEE (04-11-2015 00:17:40)
Gestartet von C:\Users\Hermann Eisenberg\Downloads
Geladene Profile: Hermann Eisenberg (Verfügbare Profile: Hermann Eisenberg)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\ns.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\ns.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6310.42251.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6310.42251.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [6319440 2015-05-29] (Sentelic Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-09] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [207400 2010-12-15] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2009-12-11] (Wistron Corp.)
HKLM-x32\...\Run: [LMgrOSD] => "C:\Program Files (x86)\Launch Manager\OSDCtrl.exe"
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [436264 2010-06-21] (Wistron Corp.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-05-20] (Google Inc.)
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\...\RunOnce: [Uninstall C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\...\RunOnce: [Uninstall C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5892.0626] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\...\RunOnce: [Uninstall C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\...\RunOnce: [Uninstall C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5951.0827] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5951.0827"
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{68f059c0-89a8-4ed1-98a0-38871ef4445b}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-3083776869-754314292-1123622445-1000 -> {A73FA815-DBAB-4666-A26F-8130ECD203CC} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-27] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Keine Datei
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-27] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-27] (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-3083776869-754314292-1123622445-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-27] (Google Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default
FF Homepage: hxxps://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default\searchplugins\yahoo-ysp.xml [2015-10-22]
FF Extension: google-maps - C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default\Extensions\jid1-nEyk3fuea9WauQ@jetpack.xpi [2015-10-15]
FF Extension: Quick Translator - C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2015-05-29]
FF Extension: Adblock Plus - C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{EBA722F5-038F-4CAF-9EE2-545A221628BC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.1.0.9\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.1.0.9\coFFPlgn [2015-11-03]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=MDNC&bmod=MDNC
CHR StartupUrls: Default -> "hxxp://www.t-online.de/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll => Keine Datei
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\pdf.dll => Keine Datei
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll => Keine Datei
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Profile: C:\Users\Hermann Eisenberg\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Hermann Eisenberg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-25]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-04]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-04]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S2 FspSvc; C:\Windows\System32\FspService.exe [2178896 2015-05-29] ()
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-10-22] (Microsoft Corporation)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\NS.exe [282016 2015-09-24] (Symantec Corporation)
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-12-14] () [Datei ist nicht signiert]
S2 RXAPI; C:\Program Files (x86)\ooRexx\rxapi.exe [96256 2012-08-29] (Rexx Language Association) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2013-02-10] (Chris Pietschmann (hxxp://pietschsoft.com)) [Datei ist nicht signiert]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-10-22] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-10-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2009-10-23] (Wistron Corp.)
S2 x10nets; C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe [20480 2009-11-07] (X10) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\BASHDefs\20151102.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605040.018\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-08-01] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-09-06] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-30] (Symantec Corporation)
R3 fspad_win764; C:\Windows\system32\DRIVERS\fspad_win764.sys [209232 2015-05-29] (Sentelic Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\IPSDefs\20151030.001\IDSvia64.sys [767224 2015-10-20] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-10-22] (Microsoft Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20151103.001\ENG64.SYS [138488 2015-10-27] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20151103.001\EX64.SYS [2148080 2015-10-27] (Symantec Corporation)
R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [162360 2015-11-02] (Duplex Secure Ltd)
R3 SRTSP; C:\Windows\System32\Drivers\NSx64\1605040.018\SRTSP64.SYS [930024 2015-09-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605040.018\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605040.018\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NSx64\1605040.018\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-30] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSx64\1605040.018\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NSx64\1605040.018\SYMNETS.SYS [577768 2015-09-23] (Symantec Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [15896 2009-05-13] (X10 Wireless Technology, Inc.)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-04 00:10 - 2015-11-04 00:10 - 00016148 _____ C:\WINDOWS\system32\LAPTOPNAMASTEE_Hermann Eisenberg_HistoryPrediction.bin
2015-11-04 00:04 - 2015-11-04 00:04 - 00019864 _____ C:\Users\Hermann Eisenberg\Desktop\JRT.txt
2015-11-03 23:59 - 2015-10-05 23:23 - 01801288 _____ (Malwarebytes) C:\Users\Hermann Eisenberg\Desktop\JRT.exe
2015-11-03 23:50 - 2015-11-03 23:50 - 01798976 _____ (Malwarebytes) C:\Users\Hermann Eisenberg\Downloads\JRT.exe
2015-11-03 23:36 - 2015-11-03 23:36 - 01708032 _____ C:\Users\Hermann Eisenberg\Desktop\AdwCleaner_5.017.exe
2015-11-03 23:33 - 2015-11-03 23:33 - 00001208 _____ C:\Users\Hermann Eisenberg\Desktop\mbam.txt
2015-11-03 22:34 - 2015-11-03 22:34 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-03 22:18 - 2015-11-03 22:18 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Hermann Eisenberg\Downloads\revosetup95.exe
2015-11-03 22:18 - 2015-11-03 22:18 - 00001341 _____ C:\Users\Hermann Eisenberg\Desktop\Revo Uninstaller.lnk
2015-11-03 22:18 - 2015-11-03 22:18 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-11-03 22:16 - 2015-11-03 22:16 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-03 22:16 - 2015-11-03 22:16 - 00001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-03 22:15 - 2015-11-03 22:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-03 22:14 - 2015-11-03 22:15 - 00243976 _____ C:\Users\Hermann Eisenberg\Downloads\Firefox Setup Stub 42.0.exe
2015-11-02 22:34 - 2015-11-02 23:49 - 00000000 ____D C:\Users\Hermann Eisenberg\Documents\Dokumentenvorlagen
2015-11-02 21:46 - 2015-11-02 21:46 - 00002293 _____ C:\Users\Public\Desktop\HP Deskjet 2540 series.lnk
2015-11-02 21:46 - 2015-11-02 21:46 - 00001240 _____ C:\Users\Public\Desktop\Shop für Zubehör - HP Deskjet 2540 series.lnk
2015-11-02 21:46 - 2015-11-02 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-11-02 21:46 - 2015-11-02 21:46 - 00000000 ____D C:\ProgramData\HP
2015-11-02 21:46 - 2015-11-02 21:46 - 00000000 ____D C:\Program Files\HP
2015-11-02 21:46 - 2015-11-02 21:46 - 00000000 ____D C:\Program Files (x86)\HP
2015-11-02 21:46 - 2014-03-06 12:51 - 00763912 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPMC211.dll
2015-11-02 21:45 - 2015-11-02 21:45 - 00000057 _____ C:\ProgramData\Ament.ini
2015-11-02 21:43 - 2015-11-02 21:46 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\HP
2015-11-02 19:25 - 2015-11-02 19:26 - 00050265 _____ C:\Users\Hermann Eisenberg\Downloads\Addition.txt
2015-11-02 19:22 - 2015-11-04 00:17 - 00021833 _____ C:\Users\Hermann Eisenberg\Downloads\FRST.txt
2015-11-02 19:22 - 2015-11-04 00:17 - 00000000 ____D C:\FRST
2015-11-02 19:21 - 2015-11-02 19:21 - 02198016 _____ (Farbar) C:\Users\Hermann Eisenberg\Downloads\FRST64.exe
2015-11-02 17:35 - 2015-11-02 17:36 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\NPE
2015-11-02 16:19 - 2015-11-02 16:20 - 00000000 ___HD C:\$SysReset
2015-11-02 13:45 - 2015-11-02 13:45 - 00003440 _____ C:\WINDOWS\System32\Tasks\Nemdib
2015-11-02 13:45 - 2015-11-02 13:45 - 00000000 ____D C:\WINDOWS\system32\dehb
2015-11-02 13:45 - 2015-11-02 13:45 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\Tempfolder
2015-11-02 13:44 - 2015-11-02 13:44 - 00000000 ____D C:\uninst
2015-11-02 13:43 - 2015-11-02 13:43 - 00028672 _____ C:\Users\Hermann Eisenberg\Documents\Mappe1.xls
2015-11-02 13:29 - 2015-11-02 13:29 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\as_eskek3
2015-11-02 13:28 - 2015-11-02 13:32 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\AquaSoft
2015-11-02 13:28 - 2015-11-02 13:28 - 00162360 _____ (Duplex Secure Ltd) C:\WINDOWS\system32\Drivers\sptd2.sys
2015-11-02 13:28 - 2015-11-02 13:28 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\AquaSoft
2015-11-02 13:27 - 2015-11-02 13:28 - 00000000 ___HD C:\ProgramData\{6B6AF059-CAB8-4F36-97C5-C7AE0A2CE143}
2015-11-02 13:27 - 2015-11-02 13:27 - 00001232 _____ C:\Users\Public\Desktop\DiaShow 9 Ultimate.lnk
2015-11-02 13:27 - 2015-11-02 13:27 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\IIIQF
2015-11-02 13:27 - 2015-11-02 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AquaSoft
2015-11-02 13:27 - 2015-11-02 13:27 - 00000000 ____D C:\Program Files (x86)\AquaSoft
2015-11-02 13:26 - 2015-11-02 13:27 - 00000000 ____D C:\ProgramData\mia77A9.tmp
2015-11-02 13:22 - 2015-11-02 13:23 - 183703760 _____ (AquaSoft ) C:\Users\Hermann Eisenberg\Downloads\DiaShowUltimateSetup9606.exe
2015-10-30 16:45 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 16:45 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 16:45 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 16:45 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 16:45 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 16:45 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 16:45 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 16:45 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 16:45 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 16:45 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 16:45 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 16:45 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 16:45 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 16:45 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 16:45 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 16:45 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 16:45 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 16:45 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 16:45 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 16:45 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 16:45 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 16:45 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 16:45 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 16:45 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 16:45 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 16:45 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 16:45 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 16:45 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 16:45 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 16:45 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 16:45 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 16:45 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 16:45 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 16:45 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-27 21:13 - 2015-10-27 21:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-10-27 19:13 - 2015-10-27 19:18 - 00048128 _____ C:\Users\Hermann Eisenberg\Documents\Klassenliste.xls
2015-10-23 14:03 - 2015-10-23 14:03 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-10-23 00:28 - 2015-10-23 00:39 - 00000600 _____ C:\Users\Hermann Eisenberg\AppData\Local\PUTTY.RND
2015-10-23 00:25 - 2015-10-23 00:41 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\FileZilla
2015-10-23 00:25 - 2015-10-23 00:25 - 00001838 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2015-10-23 00:25 - 2015-10-23 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-10-23 00:25 - 2015-10-23 00:25 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2015-10-23 00:24 - 2015-10-23 00:23 - 06539752 _____ (Tim Kosse) C:\Users\Hermann Eisenberg\Downloads\FileZilla_3.14.1_win64-setup.exe
2015-10-23 00:00 - 2015-10-23 00:00 - 27554464 _____ (Bitnami) C:\Users\Hermann Eisenberg\Downloads\bitnami-wordpress-4.3.1-0-module-windows-installer(1).exe
2015-10-22 23:56 - 2015-10-22 23:57 - 00000000 ____D C:\wordpress
2015-10-22 23:39 - 2015-10-22 23:39 - 27554464 _____ (Bitnami) C:\Users\Hermann Eisenberg\Downloads\bitnami-wordpress-4.3.1-0-module-windows-installer.exe
2015-10-22 22:39 - 2015-10-22 22:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-22 22:39 - 2015-10-22 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-10-22 22:38 - 2015-10-22 22:38 - 01503872 _____ (Skype Technologies S.A.) C:\Users\Hermann Eisenberg\Downloads\SkypeSetup.exe
2015-10-22 21:47 - 2015-10-22 21:47 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\MicrosoftEdge
2015-10-22 21:30 - 2015-10-22 21:16 - 00000000 ___DC C:\WINDOWS\Panther
2015-10-22 21:29 - 2015-10-22 20:37 - 00000000 __SHD C:\Recovery
2015-10-22 21:28 - 2015-10-22 21:32 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\Comms
2015-10-22 21:24 - 2015-10-28 14:59 - 00002438 _____ C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-22 21:24 - 2015-10-28 14:59 - 00000000 ___RD C:\Users\Hermann Eisenberg\OneDrive
2015-10-22 21:21 - 2015-10-22 21:21 - 00000000 ____D C:\Windows.old
2015-10-22 21:20 - 2015-10-22 21:20 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-22 21:20 - 2015-10-22 21:20 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-22 21:20 - 2015-10-22 21:20 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-22 21:20 - 2015-10-22 21:20 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-22 21:20 - 2015-10-22 21:20 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-22 21:20 - 2015-10-22 21:20 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-22 21:19 - 2015-10-22 21:19 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\Publishers
2015-10-22 21:17 - 2015-10-24 21:30 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\Packages
2015-10-22 21:17 - 2015-10-22 21:17 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\TileDataLayer
2015-10-22 21:16 - 2015-10-22 21:16 - 00000020 ___SH C:\Users\Hermann Eisenberg\ntuser.ini
2015-10-22 21:15 - 2015-10-22 21:15 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\Program Files\MSBuild
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\inetpub
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\ProgramData\Favoriten
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Dokumente und Einstellungen
2015-10-22 21:10 - 2015-06-17 18:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-10-22 21:10 - 2015-06-17 18:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-22 21:10 - 2015-06-17 18:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-10-22 21:10 - 2015-05-29 21:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-10-22 21:10 - 2015-05-29 21:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-10-22 21:10 - 2015-05-29 21:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-10-22 21:09 - 2015-10-22 21:09 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-10-22 20:51 - 2015-10-22 20:51 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-10-22 20:51 - 2015-10-22 20:51 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-10-22 20:51 - 2015-10-22 20:51 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-10-22 20:51 - 2015-10-22 20:51 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-10-22 20:51 - 2015-10-22 20:51 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-10-22 20:42 - 2015-10-22 20:42 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-10-22 20:39 - 2015-10-23 22:29 - 00000000 ____D C:\Users\Hermann Eisenberg
2015-10-22 20:39 - 2015-10-22 21:17 - 00000000 ___RD C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Vorlagen
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Startmenü
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Netzwerkumgebung
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Lokale Einstellungen
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Eigene Dateien
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Druckumgebung
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Documents\Eigene Musik
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Documents\Eigene Bilder
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\AppData\Local\Verlauf
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\AppData\Local\Anwendungsdaten
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Anwendungsdaten
2015-10-22 20:39 - 2015-07-30 23:42 - 00000000 __RSD C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-22 20:39 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-22 20:39 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-22 20:39 - 2015-07-30 23:42 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-22 20:38 - 2015-11-03 23:51 - 02077062 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-22 20:38 - 2015-10-22 20:38 - 01980268 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-10-22 20:37 - 2015-10-22 20:38 - 00021209 _____ C:\WINDOWS\iis.log
2015-10-22 20:35 - 2015-10-22 20:35 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2015-10-22 20:35 - 2015-10-22 20:35 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-10-22 20:35 - 2015-10-22 20:35 - 00000000 ____D C:\Program Files\Realtek
2015-10-22 20:35 - 2015-10-22 20:35 - 00000000 ____D C:\iBTWU
2015-10-22 20:34 - 2015-11-03 23:46 - 00001990 _____ C:\WINDOWS\sentelic.log
2015-10-22 20:34 - 2015-10-22 20:34 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_fspad_win764_01009.Wdf
2015-10-22 20:34 - 2015-10-22 20:34 - 00000000 ____D C:\Program Files\FSP
2015-10-22 20:32 - 2015-10-22 20:33 - 00034578 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-10-22 19:45 - 2015-10-22 21:09 - 00006602 _____ C:\WINDOWS\comsetup.log
2015-10-22 19:38 - 2015-10-22 21:10 - 00010449 _____ C:\WINDOWS\diagerr.xml
2015-10-22 19:38 - 2015-10-22 21:10 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2015-10-22 14:32 - 2015-10-22 14:32 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-10-22 14:29 - 2015-10-22 14:29 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Sun
2015-10-22 14:29 - 2015-10-22 14:29 - 00000000 ____D C:\Users\Hermann Eisenberg\.oracle_jre_usage
2015-10-22 10:06 - 2015-10-22 10:06 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\LocalLow\Oracle
2015-10-15 18:19 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
2015-10-15 18:19 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2015-10-15 18:19 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
2015-10-15 18:18 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-13 20:09 - 2015-10-13 20:09 - 00000000 ____D C:\Users\Hermann Eisenberg\Desktop\Kindergeld
2015-10-13 16:40 - 2015-10-22 20:55 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MatheTiger 1 & 2 Demoversion
2015-10-13 16:40 - 2015-10-13 16:40 - 00000875 _____ C:\Users\Hermann Eisenberg\Desktop\MatheTiger 1 & 2 Demoversion.lnk
2015-10-13 16:36 - 2015-10-13 16:36 - 00000000 ____D C:\Mildenberger
2015-10-11 14:40 - 2015-10-11 15:29 - 550977825 _____ C:\Users\Hermann Eisenberg\Downloads\TOSMD.zip
2015-10-11 14:39 - 2015-10-11 14:54 - 135499978 _____ C:\Users\Hermann Eisenberg\Downloads\EUBM.zip
2015-10-11 13:35 - 2015-10-11 15:35 - 1272975872 _____ C:\Users\Hermann Eisenberg\Downloads\eXplorist_2_15_Install.exe
2015-10-11 13:18 - 2015-10-11 13:25 - 51780823 _____ C:\Users\Hermann Eisenberg\Downloads\TOSMDEN.zip
2015-10-09 18:17 - 2015-10-09 18:17 - 00000975 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-10-09 18:17 - 2015-10-09 18:17 - 00000963 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-10-06 21:41 - 2015-10-06 21:41 - 02790415 _____ C:\Users\Hermann Eisenberg\Downloads\nochmehrfotos.zip
2015-10-06 21:41 - 2015-10-06 21:41 - 02688313 _____ C:\Users\Hermann Eisenberg\Downloads\fotosauskiel.zip
2015-10-05 22:21 - 2015-10-05 22:21 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_androidusb_01009.Wdf
2015-10-05 17:20 - 2015-10-05 17:25 - 00000000 ____D C:\Backup Handy
2015-10-05 16:59 - 2015-11-02 22:35 - 00000000 ____D C:\Users\Hermann Eisenberg\Documents\Behördenkram
2015-10-05 16:58 - 2015-10-18 22:16 - 00000000 ____D C:\Users\Hermann Eisenberg\Documents\Reiseberichte Namastee
2015-10-05 15:40 - 2015-11-03 23:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-04 00:15 - 2011-05-20 22:12 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-04 00:12 - 2015-06-09 17:43 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\CrashDumps
2015-11-03 23:51 - 2015-09-10 06:10 - 00884928 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-03 23:51 - 2015-09-10 06:10 - 00196026 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-03 23:45 - 2015-09-10 06:33 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-03 23:45 - 2011-05-20 22:12 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-03 23:44 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-03 23:44 - 2014-12-11 03:29 - 00000442 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-11-03 23:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-03 23:43 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-03 23:41 - 2014-11-19 18:09 - 00000000 ____D C:\AdwCleaner
2015-11-03 23:38 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-03 23:35 - 2012-04-01 17:07 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-03 23:27 - 2015-05-27 20:47 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-03 23:24 - 2015-09-09 21:31 - 00199628 _____ C:\WINDOWS\PFRO.log
2015-11-03 23:15 - 2015-07-30 23:42 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-11-03 22:34 - 2015-05-27 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-03 22:34 - 2015-05-27 20:46 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-03 22:20 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\restore
2015-11-03 22:16 - 2014-12-01 23:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-03 20:52 - 2015-07-30 22:50 - 00024582 _____ C:\WINDOWS\setupact.log
2015-11-02 21:28 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-02 14:38 - 2015-02-27 11:38 - 00000000 ____D C:\ProgramData\Airmail
2015-11-02 14:29 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-11-02 14:26 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-30 17:59 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-10-30 16:50 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-30 16:26 - 2015-07-30 22:49 - 00484624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-30 11:19 - 2011-03-14 03:59 - 00000000 ____D C:\Program Files (x86)\Launch Manager
2015-10-27 19:09 - 2011-05-24 10:50 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\Microsoft Help
2015-10-27 18:19 - 2011-05-20 22:12 - 00002256 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-24 21:28 - 2011-05-24 10:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-23 11:55 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\appcompat
2015-10-22 22:59 - 2014-12-04 21:49 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Skype
2015-10-22 22:41 - 2014-12-14 19:40 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\DVDVideoSoft
2015-10-22 22:40 - 2014-12-04 21:49 - 00000000 ____D C:\ProgramData\Skype
2015-10-22 22:39 - 2014-12-04 21:49 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2015-10-22 22:26 - 2014-12-04 02:07 - 00000000 ____D C:\ProgramData\opencpn
2015-10-22 21:30 - 2015-07-30 23:42 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-22 21:15 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\rescache
2015-10-22 21:12 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-10-22 21:12 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-10-22 21:12 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-10-22 21:12 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-10-22 21:11 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Windows NT
2015-10-22 21:11 - 2015-07-10 10:47 - 00000000 __RHD C:\Users\Default
2015-10-22 21:11 - 2015-07-10 06:13 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-10-22 21:11 - 2015-07-10 06:02 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-10-22 21:11 - 2015-07-10 04:36 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-10-22 21:11 - 2015-07-10 04:36 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-10-22 21:11 - 2015-07-10 04:36 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-10-22 21:11 - 2015-07-10 04:36 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-10-22 21:11 - 2015-07-10 04:36 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-10-22 21:11 - 2015-07-10 04:36 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-10-22 21:11 - 2015-07-10 04:26 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-10-22 21:11 - 2015-07-10 04:25 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-10-22 21:11 - 2015-07-10 04:25 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-10-22 21:11 - 2015-07-10 04:25 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-10-22 21:11 - 2015-07-10 04:25 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-10-22 21:11 - 2015-07-10 04:25 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-10-22 21:11 - 2015-07-10 04:25 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-10-22 21:11 - 2015-07-10 04:20 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-10-22 21:10 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\Registration
2015-10-22 21:10 - 2015-07-10 04:36 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-10-22 21:10 - 2015-07-10 04:25 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-10-22 21:10 - 2015-07-10 04:25 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-10-22 21:09 - 2015-07-30 23:42 - 00000000 __RSD C:\WINDOWS\Media
2015-10-22 21:09 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\ias
2015-10-22 21:09 - 2015-05-25 22:54 - 00003416 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2015-10-22 21:09 - 2015-05-22 21:17 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-22 21:09 - 2014-05-12 10:04 - 00003270 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2015-10-22 21:09 - 2014-05-12 10:04 - 00003242 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2015-10-22 21:09 - 2014-05-12 10:04 - 00003214 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2015-10-22 21:09 - 2014-05-12 10:03 - 00003212 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2015-10-22 21:09 - 2012-04-01 17:07 - 00003932 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-10-22 21:09 - 2011-05-31 11:19 - 00003244 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2015-10-22 21:09 - 2011-05-20 22:12 - 00004216 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-10-22 21:09 - 2011-05-20 22:12 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-10-22 21:08 - 2015-07-30 23:42 - 00000000 __RHD C:\Users\Public\Libraries
2015-10-22 21:02 - 2015-05-25 22:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2015-10-22 20:55 - 2015-09-10 06:21 - 00000000 ____D C:\WINDOWS\ShellNew
2015-10-22 20:55 - 2015-08-01 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-10-22 20:55 - 2015-07-30 23:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-22 20:55 - 2015-07-07 16:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sailcut CAD 1.3.5
2015-10-22 20:55 - 2015-05-29 00:05 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2015-10-22 20:55 - 2015-04-18 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenCPN
2015-10-22 20:55 - 2015-03-30 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-10-22 20:55 - 2015-02-26 21:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ITS HF Propagation
2015-10-22 20:55 - 2015-02-26 21:17 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOAProp
2015-10-22 20:55 - 2015-02-16 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-10-22 20:55 - 2015-02-06 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015
2015-10-22 20:55 - 2015-02-01 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open Object Rexx
2015-10-22 20:55 - 2015-02-01 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GE2KAP
2015-10-22 20:55 - 2015-01-04 16:29 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-22 20:55 - 2015-01-04 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-22 20:55 - 2014-12-29 18:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JVComm32
2015-10-22 20:55 - 2014-12-12 01:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-10-22 20:55 - 2014-12-11 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Router
2015-10-22 20:55 - 2014-12-10 10:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\streamWriter
2015-10-22 20:55 - 2014-12-09 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-10-22 20:55 - 2014-12-04 02:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-10-22 20:55 - 2014-12-02 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2015-10-22 20:55 - 2014-05-12 10:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2015-10-22 20:55 - 2014-05-06 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-22 20:55 - 2012-10-20 10:45 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2015-10-22 20:55 - 2012-10-20 10:23 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-10-22 20:55 - 2012-06-30 09:53 - 00000000 ____D C:\WINDOWS\de
2015-10-22 20:55 - 2012-06-30 09:51 - 00000000 ____D C:\WINDOWS\sv
2015-10-22 20:55 - 2012-06-30 09:51 - 00000000 ____D C:\WINDOWS\nl
2015-10-22 20:55 - 2012-06-30 09:51 - 00000000 ____D C:\WINDOWS\fr
2015-10-22 20:55 - 2012-06-30 09:51 - 00000000 ____D C:\WINDOWS\fi
2015-10-22 20:55 - 2012-06-30 09:51 - 00000000 ____D C:\WINDOWS\en
2015-10-22 20:55 - 2012-06-30 09:51 - 00000000 ____D C:\WINDOWS\da
2015-10-22 20:55 - 2012-05-22 10:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-10-22 20:55 - 2012-01-31 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-10-22 20:55 - 2011-08-23 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-10-22 20:55 - 2011-05-31 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-10-22 20:55 - 2011-05-20 22:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Essentials X5
2015-10-22 20:55 - 2011-03-14 04:29 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeCinema
2015-10-22 20:55 - 2011-03-14 04:02 - 00000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e
2015-10-22 20:55 - 2011-03-12 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
2015-10-22 20:55 - 2011-03-12 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medion MediaPack
2015-10-22 20:55 - 2011-03-12 20:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-10-22 20:55 - 2011-03-12 20:41 - 00000000 ____D C:\WINDOWS\no
2015-10-22 20:51 - 2015-07-30 23:43 - 00005306 _____ C:\WINDOWS\DtcInstall.log
2015-10-22 20:51 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-22 20:51 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-22 20:51 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated
2015-10-22 20:45 - 2015-09-10 06:10 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\IME
2015-10-22 20:44 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\schemas
2015-10-22 20:44 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-10-22 20:43 - 2015-07-30 23:47 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-10-22 20:43 - 2015-07-30 23:42 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-10-22 20:43 - 2015-07-30 23:42 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-10-22 20:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\IME
2015-10-22 20:43 - 2015-02-27 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radio
2015-10-22 20:43 - 2014-12-22 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRIB.US
2015-10-22 20:43 - 2011-03-14 04:20 - 00000000 ____D C:\Program Files\Synaptics
2015-10-22 20:43 - 2011-03-14 04:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2015-10-22 20:43 - 2011-03-14 04:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2015-10-22 20:43 - 2010-11-21 08:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-10-22 20:42 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-22 20:42 - 2011-03-14 04:03 - 00000000 ____D C:\Program Files\Intel
2015-10-22 20:42 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-10-22 20:42 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-10-22 20:41 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-10-22 20:40 - 2015-06-16 11:29 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nauticast
2015-10-22 20:37 - 2015-07-10 10:47 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-10-22 19:58 - 2011-05-21 07:00 - 01420767 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-10-22 19:58 - 2009-07-14 05:45 - 00016976 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-22 19:58 - 2009-07-14 05:45 - 00016976 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-22 19:39 - 2015-09-10 07:42 - 00000000 ___HD C:\$Windows.~BT
2015-10-22 15:03 - 2014-03-03 17:15 - 00000000 ____D C:\ProgramData\Oracle
2015-10-22 14:30 - 2011-03-12 21:16 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-22 14:28 - 2014-05-06 17:03 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-10-19 23:26 - 2012-10-20 10:23 - 00110080 ___SH C:\Users\Hermann Eisenberg\Desktop\Thumbs.db
2015-10-17 09:12 - 2015-05-22 21:20 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-10-17 09:12 - 2011-03-12 21:06 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-10-16 04:10 - 2015-07-30 23:43 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-07-30 23:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 22:07 - 2013-08-23 20:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-15 21:58 - 2011-03-12 20:24 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-09 18:22 - 2011-05-20 22:20 - 00148608 _____ C:\Users\Hermann Eisenberg\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-09 18:17 - 2012-01-31 16:25 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-10-06 22:54 - 2014-12-28 18:46 - 00000000 ____D C:\Users\Hermann Eisenberg\Desktop\NT-Elektrogrundkurs-2012
2015-10-06 21:50 - 2014-12-13 23:52 - 00273408 ___SH C:\Users\Hermann Eisenberg\Downloads\Thumbs.db
2015-10-06 20:11 - 2014-12-30 01:36 - 00120832 ___SH C:\Users\Hermann Eisenberg\Documents\Thumbs.db
2015-10-05 15:34 - 2015-05-25 22:54 - 00002296 _____ C:\Users\Public\Desktop\Norton Security.LNK
2015-10-05 15:34 - 2015-05-25 22:52 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2015-10-05 09:50 - 2015-05-27 20:46 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-05 09:50 - 2015-05-27 20:46 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-05 09:50 - 2015-05-27 20:46 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-01-23 10:34 - 2013-01-23 10:34 - 0000419 _____ () C:\Users\Hermann Eisenberg\AppData\Roaming\dpdhl.versandhelfer.medionlap_state.xml
2011-05-23 22:12 - 2011-05-23 22:12 - 0033134 _____ () C:\Users\Hermann Eisenberg\AppData\Roaming\UserTile.png
2012-02-06 16:40 - 2015-06-20 20:44 - 0005632 _____ () C:\Users\Hermann Eisenberg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-12 19:42 - 2014-12-12 19:42 - 0001542 _____ () C:\Users\Hermann Eisenberg\AppData\Local\PDLSetup.20141212.184207.txt
2014-12-12 19:44 - 2014-12-12 19:44 - 0001281 _____ () C:\Users\Hermann Eisenberg\AppData\Local\PDLSetup.20141212.184446.txt
2015-10-23 00:28 - 2015-10-23 00:39 - 0000600 _____ () C:\Users\Hermann Eisenberg\AppData\Local\PUTTY.RND
2014-12-01 23:33 - 2014-12-01 23:33 - 0000017 _____ () C:\Users\Hermann Eisenberg\AppData\Local\resmon.resmoncfg
2015-11-02 21:45 - 2015-11-02 21:45 - 0000057 _____ () C:\ProgramData\Ament.ini

Einige Dateien in TEMP:
====================
C:\Users\Hermann Eisenberg\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-01 21:24

==================== Ende von FRST.txt ============================
         

Alt 04.11.2015, 20:25   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr - Standard

Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.11.2015, 07:17   #9
Theesener
 
Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr - Standard

Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr



Guten Abend Schrauber,
bis hierher erst mal vielen Dank. Der Browser läuft schon wieder ohne jegliche Zicken und auch das Internet rennt ohne merkliche Einschränkungen. Die Scans laufen grad, Ergebnisse gibt es in Kürze.

Wieder mal ein total guter Job von Dir (Euch). Vielen Dank.

Zitat:
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Diese Auswahl hat er mir nicht angeboten, hab den Scan aber trotzdem gestartet. Ist das o.k.?

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ee01957c3440cb4db749c57eacd17941
# end=init
# utc_time=2015-11-04 07:44:00
# local_time=2015-11-04 08:44:00 (+0100, Mitteleuropäische Zeit    )
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 26567
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ee01957c3440cb4db749c57eacd17941
# end=updated
# utc_time=2015-11-04 07:46:56
# local_time=2015-11-04 08:46:56 (+0100, Mitteleuropäische Zeit    )
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=ee01957c3440cb4db749c57eacd17941
# end=restart
# utc_time=2015-11-04 11:16:07
# local_time=2015-11-05 12:16:07 (+0100, Mitteleuropäische Zeit    )
# country="Germany"
# osver=6.2.9200 NT 
# compatibility_mode_1='Norton Security'
# compatibility_mode=3604 16777213 100 97 28928 39381493 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4817146 11254339 0 0
# scanned=717798
# found=1
# cleaned=0
# scan_time=12550
sh=EE6DF73440181C9B51706171D6F8C80B6C6249EE ft=1 fh=fb228d89a1db361e vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
         
ICh habe dann den Scan nochmals laufen lassen. Habe dann auch die korrekten Einstellungen auswählen können. Als Ergebnis nach 1 Stunde wurden zwei gefundene Dateien gemeldet. Allerdings viel das Log irgendwie kurz aus:

Code:
ATTFilter
Update Init
Update Download
Update Finalize
Updated modules version: 26572
         
Results of screen317's Security Check version 1.009
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Norton Security
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 65
Java version 32-bit out of Date!
Adobe Flash Player 19.0.0.226
Adobe Reader 10.1.16 Adobe Reader out of Date!
Mozilla Firefox (42.0)
Google Chrome (46.0.2490.71)
Google Chrome (46.0.2490.80)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````


FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-10-2015
durchgeführt von Hermann Eisenberg (Administrator) auf LAPTOPNAMASTEE (05-11-2015 07:12:08)
Gestartet von C:\Users\Hermann Eisenberg\Downloads
Geladene Profile: Hermann Eisenberg (Verfügbare Profile: Hermann Eisenberg)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

() C:\Windows\System32\FspService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\ns.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Rexx Language Association) C:\Program Files (x86)\ooRexx\rxapi.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(X10) C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe
(Chris Pietschmann (hxxp://pietschsoft.com)) C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\ns.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6310.42251.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6310.42251.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\coNatHst.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [fspuip] => C:\Program Files\FSP\fspuip.exe [6319440 2015-05-29] (Sentelic Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-03-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2189416 2011-03-09] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [207400 2010-12-15] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2009-12-11] (Wistron Corp.)
HKLM-x32\...\Run: [LMgrOSD] => "C:\Program Files (x86)\Launch Manager\OSDCtrl.exe"
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [436264 2010-06-21] (Wistron Corp.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-02] (CyberLink)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-05-20] (Google Inc.)
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\...\RunOnce: [Uninstall C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\...\RunOnce: [Uninstall C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5892.0626] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5892.0626"
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\...\RunOnce: [Uninstall C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\...\RunOnce: [Uninstall C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5951.0827] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Hermann Eisenberg\AppData\Local\Microsoft\OneDrive\17.3.5951.0827"
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\buShell.dll [2015-08-27] (Symantec Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{68f059c0-89a8-4ed1-98a0-38871ef4445b}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-3083776869-754314292-1123622445-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\S-1-5-21-3083776869-754314292-1123622445-1000 -> {A73FA815-DBAB-4666-A26F-8130ECD203CC} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-27] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Keine Datei
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-22] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-27] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-22] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-27] (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\coIEPlg.dll [2015-09-23] (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-27] (Google Inc.)
Toolbar: HKU\S-1-5-21-3083776869-754314292-1123622445-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-27] (Google Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default
FF Homepage: hxxps://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-22] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default\searchplugins\norton-safe-search.xml [2015-11-04]
FF SearchPlugin: C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default\searchplugins\yahoo-ysp.xml [2015-10-22]
FF Extension: google-maps - C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default\Extensions\jid1-nEyk3fuea9WauQ@jetpack.xpi [2015-10-15]
FF Extension: Quick Translator - C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2015-05-29]
FF Extension: Adblock Plus - C:\Users\Hermann Eisenberg\AppData\Roaming\Mozilla\Firefox\Profiles\5246m85a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-08]
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.1.0.9\coFFAddon
FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.1.0.9\coFFAddon [2015-11-04] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\virtualKeyboard@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\KavAntiBanner@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\FFExt\linkfilter@kaspersky.ru => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.1.0.9\coFFAddon

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=MDNC&bmod=MDNC
CHR StartupUrls: Default -> "hxxp://www.t-online.de/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\gcswf32.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll => Keine Datei
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => Keine Datei
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll => Keine Datei
CHR Plugin: (Chrome NaCl) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\pdf.dll => Keine Datei
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll => Keine Datei
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Profile: C:\Users\Hermann Eisenberg\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\Hermann Eisenberg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-25]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-04]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\Exts\Chrome.crx [2015-10-04]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 FspSvc; C:\Windows\System32\FspService.exe [2178896 2015-05-29] ()
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-10-22] (Microsoft Corporation)
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.4.24\NS.exe [282016 2015-09-24] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-12-14] () [Datei ist nicht signiert]
R2 RXAPI; C:\Program Files (x86)\ooRexx\rxapi.exe [96256 2012-08-29] (Rexx Language Association) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2013-02-10] (Chris Pietschmann (hxxp://pietschsoft.com)) [Datei ist nicht signiert]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-10-22] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-10-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2009-10-23] (Wistron Corp.)
R2 x10nets; C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe [20480 2009-11-07] (X10) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\BASHDefs\20151102.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-10] (Microsoft Corporation)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605040.018\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-08-01] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-09-06] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-30] (Symantec Corporation)
R3 fspad_win764; C:\Windows\system32\DRIVERS\fspad_win764.sys [209232 2015-05-29] (Sentelic Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\IPSDefs\20151104.001\IDSvia64.sys [767224 2015-10-20] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-10-22] (Microsoft Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20151104.008\ENG64.SYS [138488 2015-10-27] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.1.0.9\Definitions\VirusDefs\20151104.008\EX64.SYS [2148080 2015-10-27] (Symantec Corporation)
R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [162360 2015-11-02] (Duplex Secure Ltd)
R1 SRTSP; C:\Windows\System32\Drivers\NSx64\1605040.018\SRTSP64.SYS [930024 2015-09-23] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605040.018\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605040.018\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NSx64\1605040.018\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-30] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NSx64\1605040.018\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NSx64\1605040.018\SYMNETS.SYS [577768 2015-09-23] (Symantec Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [15896 2009-05-13] (X10 Wireless Technology, Inc.)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-05 07:09 - 2015-11-05 07:09 - 00016148 _____ C:\WINDOWS\system32\LAPTOPNAMASTEE_Hermann Eisenberg_HistoryPrediction.bin
2015-11-05 06:58 - 2015-11-05 06:58 - 00000909 _____ C:\Users\Hermann Eisenberg\Desktop\checkup.txt
2015-11-05 06:45 - 2015-11-05 06:45 - 00852720 _____ C:\Users\Hermann Eisenberg\Downloads\SecurityCheck.exe
2015-11-04 20:43 - 2015-11-04 20:43 - 00000000 ____D C:\Program Files (x86)\ESET
2015-11-04 20:42 - 2015-11-04 20:42 - 02870984 _____ (ESET) C:\Users\Hermann Eisenberg\Downloads\esetsmartinstaller_deu.exe
2015-11-04 00:04 - 2015-11-04 00:04 - 00019864 _____ C:\Users\Hermann Eisenberg\Desktop\JRT.txt
2015-11-03 23:59 - 2015-10-05 23:23 - 01801288 _____ (Malwarebytes) C:\Users\Hermann Eisenberg\Desktop\JRT.exe
2015-11-03 23:50 - 2015-11-03 23:50 - 01798976 _____ (Malwarebytes) C:\Users\Hermann Eisenberg\Downloads\JRT.exe
2015-11-03 23:36 - 2015-11-03 23:36 - 01708032 _____ C:\Users\Hermann Eisenberg\Desktop\AdwCleaner_5.017.exe
2015-11-03 23:33 - 2015-11-03 23:33 - 00001208 _____ C:\Users\Hermann Eisenberg\Desktop\mbam.txt
2015-11-03 22:34 - 2015-11-03 22:34 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-03 22:18 - 2015-11-03 22:18 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Hermann Eisenberg\Downloads\revosetup95.exe
2015-11-03 22:18 - 2015-11-03 22:18 - 00001341 _____ C:\Users\Hermann Eisenberg\Desktop\Revo Uninstaller.lnk
2015-11-03 22:18 - 2015-11-03 22:18 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-11-03 22:16 - 2015-11-03 22:16 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-03 22:16 - 2015-11-03 22:16 - 00001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-03 22:15 - 2015-11-03 22:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-03 22:14 - 2015-11-03 22:15 - 00243976 _____ C:\Users\Hermann Eisenberg\Downloads\Firefox Setup Stub 42.0.exe
2015-11-02 22:34 - 2015-11-02 23:49 - 00000000 ____D C:\Users\Hermann Eisenberg\Documents\Dokumentenvorlagen
2015-11-02 21:46 - 2015-11-02 21:46 - 00002293 _____ C:\Users\Public\Desktop\HP Deskjet 2540 series.lnk
2015-11-02 21:46 - 2015-11-02 21:46 - 00001240 _____ C:\Users\Public\Desktop\Shop für Zubehör - HP Deskjet 2540 series.lnk
2015-11-02 21:46 - 2015-11-02 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-11-02 21:46 - 2015-11-02 21:46 - 00000000 ____D C:\ProgramData\HP
2015-11-02 21:46 - 2015-11-02 21:46 - 00000000 ____D C:\Program Files\HP
2015-11-02 21:46 - 2015-11-02 21:46 - 00000000 ____D C:\Program Files (x86)\HP
2015-11-02 21:46 - 2014-03-06 12:51 - 00763912 ____N (Hewlett-Packard Co.) C:\WINDOWS\system32\HPDiscoPMC211.dll
2015-11-02 21:45 - 2015-11-02 21:45 - 00000057 _____ C:\ProgramData\Ament.ini
2015-11-02 21:43 - 2015-11-02 21:46 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\HP
2015-11-02 19:25 - 2015-11-02 19:26 - 00050265 _____ C:\Users\Hermann Eisenberg\Downloads\Addition.txt
2015-11-02 19:22 - 2015-11-05 07:12 - 00023971 _____ C:\Users\Hermann Eisenberg\Downloads\FRST.txt
2015-11-02 19:22 - 2015-11-05 07:12 - 00000000 ____D C:\FRST
2015-11-02 19:21 - 2015-11-02 19:21 - 02198016 _____ (Farbar) C:\Users\Hermann Eisenberg\Downloads\FRST64.exe
2015-11-02 17:35 - 2015-11-02 17:36 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\NPE
2015-11-02 16:19 - 2015-11-02 16:20 - 00000000 ___HD C:\$SysReset
2015-11-02 13:45 - 2015-11-02 13:45 - 00003440 _____ C:\WINDOWS\System32\Tasks\Nemdib
2015-11-02 13:45 - 2015-11-02 13:45 - 00000000 ____D C:\WINDOWS\system32\dehb
2015-11-02 13:45 - 2015-11-02 13:45 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\Tempfolder
2015-11-02 13:44 - 2015-11-02 13:44 - 00000000 ____D C:\uninst
2015-11-02 13:43 - 2015-11-02 13:43 - 00028672 _____ C:\Users\Hermann Eisenberg\Documents\Mappe1.xls
2015-11-02 13:29 - 2015-11-02 13:29 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\as_eskek3
2015-11-02 13:28 - 2015-11-02 13:32 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\AquaSoft
2015-11-02 13:28 - 2015-11-02 13:28 - 00162360 _____ (Duplex Secure Ltd) C:\WINDOWS\system32\Drivers\sptd2.sys
2015-11-02 13:28 - 2015-11-02 13:28 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\AquaSoft
2015-11-02 13:27 - 2015-11-02 13:28 - 00000000 ___HD C:\ProgramData\{6B6AF059-CAB8-4F36-97C5-C7AE0A2CE143}
2015-11-02 13:27 - 2015-11-02 13:27 - 00001232 _____ C:\Users\Public\Desktop\DiaShow 9 Ultimate.lnk
2015-11-02 13:27 - 2015-11-02 13:27 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\IIIQF
2015-11-02 13:27 - 2015-11-02 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AquaSoft
2015-11-02 13:27 - 2015-11-02 13:27 - 00000000 ____D C:\Program Files (x86)\AquaSoft
2015-11-02 13:26 - 2015-11-02 13:27 - 00000000 ____D C:\ProgramData\mia77A9.tmp
2015-11-02 13:22 - 2015-11-02 13:23 - 183703760 _____ (AquaSoft ) C:\Users\Hermann Eisenberg\Downloads\DiaShowUltimateSetup9606.exe
2015-10-30 16:45 - 2015-10-28 00:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-30 16:45 - 2015-10-28 00:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-30 16:45 - 2015-10-21 13:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-10-30 16:45 - 2015-10-21 13:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-10-30 16:45 - 2015-10-21 13:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-30 16:45 - 2015-10-21 13:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-10-30 16:45 - 2015-10-21 13:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-30 16:45 - 2015-10-21 13:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-30 16:45 - 2015-10-21 12:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-10-30 16:45 - 2015-10-21 12:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-30 16:45 - 2015-10-21 12:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-30 16:45 - 2015-10-21 12:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-10-30 16:45 - 2015-10-21 12:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-30 16:45 - 2015-10-21 12:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-10-30 16:45 - 2015-10-21 12:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-30 16:45 - 2015-10-21 12:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-10-30 16:45 - 2015-10-21 12:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-10-30 16:45 - 2015-10-21 12:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-30 16:45 - 2015-10-21 12:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-10-30 16:45 - 2015-10-21 12:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-30 16:45 - 2015-10-21 12:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-30 16:45 - 2015-10-21 12:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-10-30 16:45 - 2015-10-21 12:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-10-30 16:45 - 2015-10-21 06:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-30 16:45 - 2015-10-21 06:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-10-30 16:45 - 2015-10-21 06:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-30 16:45 - 2015-10-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-30 16:45 - 2015-10-21 06:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-30 16:45 - 2015-10-21 06:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-30 16:45 - 2015-10-21 06:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-10-30 16:45 - 2015-10-21 06:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-10-30 16:45 - 2015-10-21 05:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-10-30 16:45 - 2015-10-21 05:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-30 16:45 - 2015-10-21 05:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-10-27 21:13 - 2015-10-27 21:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-10-27 19:13 - 2015-10-27 19:18 - 00048128 _____ C:\Users\Hermann Eisenberg\Documents\Klassenliste.xls
2015-10-23 14:03 - 2015-10-23 14:03 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-10-23 00:28 - 2015-10-23 00:39 - 00000600 _____ C:\Users\Hermann Eisenberg\AppData\Local\PUTTY.RND
2015-10-23 00:25 - 2015-10-23 00:41 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\FileZilla
2015-10-23 00:25 - 2015-10-23 00:25 - 00001838 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2015-10-23 00:25 - 2015-10-23 00:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-10-23 00:25 - 2015-10-23 00:25 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2015-10-23 00:24 - 2015-10-23 00:23 - 06539752 _____ (Tim Kosse) C:\Users\Hermann Eisenberg\Downloads\FileZilla_3.14.1_win64-setup.exe
2015-10-23 00:00 - 2015-10-23 00:00 - 27554464 _____ (Bitnami) C:\Users\Hermann Eisenberg\Downloads\bitnami-wordpress-4.3.1-0-module-windows-installer(1).exe
2015-10-22 23:56 - 2015-10-22 23:57 - 00000000 ____D C:\wordpress
2015-10-22 23:39 - 2015-10-22 23:39 - 27554464 _____ (Bitnami) C:\Users\Hermann Eisenberg\Downloads\bitnami-wordpress-4.3.1-0-module-windows-installer.exe
2015-10-22 22:39 - 2015-10-22 22:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-10-22 22:39 - 2015-10-22 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-10-22 22:38 - 2015-10-22 22:38 - 01503872 _____ (Skype Technologies S.A.) C:\Users\Hermann Eisenberg\Downloads\SkypeSetup.exe
2015-10-22 21:47 - 2015-10-22 21:47 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\MicrosoftEdge
2015-10-22 21:30 - 2015-10-22 21:16 - 00000000 ___DC C:\WINDOWS\Panther
2015-10-22 21:29 - 2015-10-22 20:37 - 00000000 __SHD C:\Recovery
2015-10-22 21:28 - 2015-10-22 21:32 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\Comms
2015-10-22 21:24 - 2015-10-28 14:59 - 00002438 _____ C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-10-22 21:24 - 2015-10-28 14:59 - 00000000 ___RD C:\Users\Hermann Eisenberg\OneDrive
2015-10-22 21:21 - 2015-10-22 21:21 - 00000000 ____D C:\Windows.old
2015-10-22 21:20 - 2015-10-22 21:20 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-22 21:20 - 2015-10-22 21:20 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-22 21:20 - 2015-10-22 21:20 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-22 21:20 - 2015-10-22 21:20 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-22 21:20 - 2015-10-22 21:20 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-22 21:20 - 2015-10-22 21:20 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-22 21:20 - 2015-10-22 21:20 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-22 21:20 - 2015-10-22 21:20 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-22 21:20 - 2015-10-22 21:20 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-22 21:19 - 2015-10-22 21:19 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\Publishers
2015-10-22 21:17 - 2015-10-24 21:30 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\Packages
2015-10-22 21:17 - 2015-10-22 21:17 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\TileDataLayer
2015-10-22 21:16 - 2015-10-22 21:16 - 00000020 ___SH C:\Users\Hermann Eisenberg\ntuser.ini
2015-10-22 21:15 - 2015-10-22 21:15 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\Program Files\MSBuild
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-10-22 21:12 - 2015-10-22 21:12 - 00000000 ____D C:\inetpub
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\ProgramData\Favoriten
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-10-22 21:11 - 2015-10-22 21:11 - 00000000 _SHDL C:\Dokumente und Einstellungen
2015-10-22 21:10 - 2015-06-17 18:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-10-22 21:10 - 2015-06-17 18:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-22 21:10 - 2015-06-17 18:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-10-22 21:10 - 2015-05-29 21:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-10-22 21:10 - 2015-05-29 21:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-10-22 21:10 - 2015-05-29 21:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-10-22 21:09 - 2015-10-22 21:09 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-10-22 20:51 - 2015-10-22 20:51 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-10-22 20:51 - 2015-10-22 20:51 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-10-22 20:51 - 2015-10-22 20:51 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-10-22 20:51 - 2015-10-22 20:51 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-10-22 20:51 - 2015-10-22 20:51 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-10-22 20:42 - 2015-10-22 20:42 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-10-22 20:39 - 2015-10-23 22:29 - 00000000 ____D C:\Users\Hermann Eisenberg
2015-10-22 20:39 - 2015-10-22 21:17 - 00000000 ___RD C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Vorlagen
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Startmenü
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Netzwerkumgebung
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Lokale Einstellungen
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Eigene Dateien
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Druckumgebung
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Documents\Eigene Musik
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Documents\Eigene Bilder
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\AppData\Local\Verlauf
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\AppData\Local\Anwendungsdaten
2015-10-22 20:39 - 2015-10-22 20:39 - 00000000 _SHDL C:\Users\Hermann Eisenberg\Anwendungsdaten
2015-10-22 20:39 - 2015-07-30 23:42 - 00000000 __RSD C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-10-22 20:39 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-10-22 20:39 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-22 20:39 - 2015-07-30 23:42 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-10-22 20:38 - 2015-11-05 07:06 - 02077062 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-22 20:38 - 2015-10-22 20:38 - 01980268 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-10-22 20:37 - 2015-10-22 20:38 - 00021209 _____ C:\WINDOWS\iis.log
2015-10-22 20:35 - 2015-10-22 20:35 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
2015-10-22 20:35 - 2015-10-22 20:35 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-10-22 20:35 - 2015-10-22 20:35 - 00000000 ____D C:\Program Files\Realtek
2015-10-22 20:35 - 2015-10-22 20:35 - 00000000 ____D C:\iBTWU
2015-10-22 20:34 - 2015-11-05 07:03 - 00002191 _____ C:\WINDOWS\sentelic.log
2015-10-22 20:34 - 2015-10-22 20:34 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_fspad_win764_01009.Wdf
2015-10-22 20:34 - 2015-10-22 20:34 - 00000000 ____D C:\Program Files\FSP
2015-10-22 20:32 - 2015-10-22 20:33 - 00034578 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-10-22 19:45 - 2015-10-22 21:09 - 00006602 _____ C:\WINDOWS\comsetup.log
2015-10-22 19:38 - 2015-10-22 21:10 - 00010449 _____ C:\WINDOWS\diagerr.xml
2015-10-22 19:38 - 2015-10-22 21:10 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2015-10-22 14:32 - 2015-10-22 14:32 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-10-22 14:29 - 2015-10-22 14:29 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Sun
2015-10-22 14:29 - 2015-10-22 14:29 - 00000000 ____D C:\Users\Hermann Eisenberg\.oracle_jre_usage
2015-10-22 10:06 - 2015-10-22 10:06 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\LocalLow\Oracle
2015-10-15 18:19 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
2015-10-15 18:19 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2015-10-15 18:19 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
2015-10-15 18:18 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-15 18:13 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-13 20:09 - 2015-10-13 20:09 - 00000000 ____D C:\Users\Hermann Eisenberg\Desktop\Kindergeld
2015-10-13 16:40 - 2015-10-22 20:55 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MatheTiger 1 & 2 Demoversion
2015-10-13 16:40 - 2015-10-13 16:40 - 00000875 _____ C:\Users\Hermann Eisenberg\Desktop\MatheTiger 1 & 2 Demoversion.lnk
2015-10-13 16:36 - 2015-10-13 16:36 - 00000000 ____D C:\Mildenberger
2015-10-11 14:40 - 2015-10-11 15:29 - 550977825 _____ C:\Users\Hermann Eisenberg\Downloads\TOSMD.zip
2015-10-11 14:39 - 2015-10-11 14:54 - 135499978 _____ C:\Users\Hermann Eisenberg\Downloads\EUBM.zip
2015-10-11 13:35 - 2015-10-11 15:35 - 1272975872 _____ C:\Users\Hermann Eisenberg\Downloads\eXplorist_2_15_Install.exe
2015-10-11 13:18 - 2015-10-11 13:25 - 51780823 _____ C:\Users\Hermann Eisenberg\Downloads\TOSMDEN.zip
2015-10-09 18:17 - 2015-10-09 18:17 - 00000975 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-10-09 18:17 - 2015-10-09 18:17 - 00000963 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-10-06 21:41 - 2015-10-06 21:41 - 02790415 _____ C:\Users\Hermann Eisenberg\Downloads\nochmehrfotos.zip
2015-10-06 21:41 - 2015-10-06 21:41 - 02688313 _____ C:\Users\Hermann Eisenberg\Downloads\fotosauskiel.zip

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-05 07:09 - 2015-06-09 17:43 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\CrashDumps
2015-11-05 07:06 - 2015-10-05 15:40 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2015-11-05 07:06 - 2015-09-10 06:10 - 00884928 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-05 07:06 - 2015-09-10 06:10 - 00196026 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-05 07:03 - 2015-09-10 06:33 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-05 07:02 - 2011-05-20 22:12 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-05 07:01 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\sru
2015-11-05 07:01 - 2015-07-30 22:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-05 07:01 - 2014-12-11 03:29 - 00000442 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2015-11-05 07:00 - 2015-09-09 21:31 - 00200908 _____ C:\WINDOWS\PFRO.log
2015-11-05 07:00 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-11-05 06:35 - 2012-04-01 17:07 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-05 06:15 - 2011-05-20 22:12 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-05 00:09 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-04 10:48 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\rescache
2015-11-04 10:34 - 2015-07-07 16:51 - 00000000 ____D C:\Program Files (x86)\Sailcut CAD 1.3.5
2015-11-03 23:41 - 2014-11-19 18:09 - 00000000 ____D C:\AdwCleaner
2015-11-03 23:27 - 2015-05-27 20:47 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-03 23:18 - 2015-07-30 23:42 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-11-03 22:34 - 2015-05-27 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-11-03 22:34 - 2015-05-27 20:46 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-11-03 22:20 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\restore
2015-11-03 22:16 - 2014-12-01 23:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-03 20:52 - 2015-07-30 22:50 - 00024582 _____ C:\WINDOWS\setupact.log
2015-11-02 22:35 - 2015-10-05 16:59 - 00000000 ____D C:\Users\Hermann Eisenberg\Documents\Behördenkram
2015-11-02 21:28 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-02 14:38 - 2015-02-27 11:38 - 00000000 ____D C:\ProgramData\Airmail
2015-11-02 14:29 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-11-02 14:26 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-30 17:59 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-10-30 16:50 - 2015-07-30 23:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-30 16:26 - 2015-07-30 22:49 - 00484624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-30 11:19 - 2011-03-14 03:59 - 00000000 ____D C:\Program Files (x86)\Launch Manager
2015-10-27 19:09 - 2011-05-24 10:50 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Local\Microsoft Help
2015-10-27 18:19 - 2011-05-20 22:12 - 00002256 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-24 21:28 - 2011-05-24 10:50 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-23 11:55 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\appcompat
2015-10-22 22:59 - 2014-12-04 21:49 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Skype
2015-10-22 22:41 - 2014-12-14 19:40 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\DVDVideoSoft
2015-10-22 22:40 - 2014-12-04 21:49 - 00000000 ____D C:\ProgramData\Skype
2015-10-22 22:39 - 2014-12-04 21:49 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2015-10-22 22:26 - 2014-12-04 02:07 - 00000000 ____D C:\ProgramData\opencpn
2015-10-22 21:30 - 2015-07-30 23:42 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-22 21:21 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-22 21:12 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-10-22 21:12 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-10-22 21:12 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-10-22 21:12 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-10-22 21:11 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Windows NT
2015-10-22 21:11 - 2015-07-10 10:47 - 00000000 __RHD C:\Users\Default
2015-10-22 21:11 - 2015-07-10 06:13 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-10-22 21:11 - 2015-07-10 06:02 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-10-22 21:11 - 2015-07-10 04:36 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-10-22 21:11 - 2015-07-10 04:36 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-10-22 21:11 - 2015-07-10 04:36 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-10-22 21:11 - 2015-07-10 04:36 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-10-22 21:11 - 2015-07-10 04:36 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-10-22 21:11 - 2015-07-10 04:36 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-10-22 21:11 - 2015-07-10 04:36 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-10-22 21:11 - 2015-07-10 04:26 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-10-22 21:11 - 2015-07-10 04:25 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-10-22 21:11 - 2015-07-10 04:25 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-10-22 21:11 - 2015-07-10 04:25 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-10-22 21:11 - 2015-07-10 04:25 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-10-22 21:11 - 2015-07-10 04:25 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-10-22 21:11 - 2015-07-10 04:25 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-10-22 21:11 - 2015-07-10 04:25 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-10-22 21:11 - 2015-07-10 04:20 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-10-22 21:10 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\Registration
2015-10-22 21:10 - 2015-07-10 04:36 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-10-22 21:10 - 2015-07-10 04:25 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-10-22 21:10 - 2015-07-10 04:25 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-10-22 21:09 - 2015-07-30 23:42 - 00000000 __RSD C:\WINDOWS\Media
2015-10-22 21:09 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\ias
2015-10-22 21:09 - 2015-05-25 22:54 - 00003416 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2015-10-22 21:09 - 2015-05-22 21:17 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-22 21:09 - 2014-05-12 10:04 - 00003270 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2015-10-22 21:09 - 2014-05-12 10:04 - 00003242 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2015-10-22 21:09 - 2014-05-12 10:04 - 00003214 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2015-10-22 21:09 - 2014-05-12 10:03 - 00003212 _____ C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2015-10-22 21:09 - 2012-04-01 17:07 - 00003932 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-10-22 21:09 - 2011-05-31 11:19 - 00003244 _____ C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2015-10-22 21:09 - 2011-05-20 22:12 - 00004216 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-10-22 21:09 - 2011-05-20 22:12 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-10-22 21:08 - 2015-07-30 23:42 - 00000000 __RHD C:\Users\Public\Libraries
2015-10-22 21:02 - 2015-05-25 22:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2015-10-22 20:55 - 2015-09-10 06:21 - 00000000 ____D C:\WINDOWS\ShellNew
2015-10-22 20:55 - 2015-08-01 12:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2015-10-22 20:55 - 2015-07-30 23:42 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-22 20:55 - 2015-07-07 16:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sailcut CAD 1.3.5
2015-10-22 20:55 - 2015-05-29 00:05 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2015-10-22 20:55 - 2015-04-18 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenCPN
2015-10-22 20:55 - 2015-03-30 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-10-22 20:55 - 2015-02-26 21:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ITS HF Propagation
2015-10-22 20:55 - 2015-02-26 21:17 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOAProp
2015-10-22 20:55 - 2015-02-16 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-10-22 20:55 - 2015-02-06 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015
2015-10-22 20:55 - 2015-02-01 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open Object Rexx
2015-10-22 20:55 - 2015-02-01 22:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GE2KAP
2015-10-22 20:55 - 2015-01-04 16:29 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-22 20:55 - 2015-01-04 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-10-22 20:55 - 2014-12-29 18:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JVComm32
2015-10-22 20:55 - 2014-12-12 01:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-10-22 20:55 - 2014-12-11 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Router
2015-10-22 20:55 - 2014-12-10 10:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\streamWriter
2015-10-22 20:55 - 2014-12-09 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-10-22 20:55 - 2014-12-04 02:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2015-10-22 20:55 - 2014-12-02 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2015-10-22 20:55 - 2014-05-12 10:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
2015-10-22 20:55 - 2014-05-06 17:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-22 20:55 - 2012-10-20 10:45 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2015-10-22 20:55 - 2012-10-20 10:23 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-10-22 20:55 - 2012-06-30 09:53 - 00000000 ____D C:\WINDOWS\de
2015-10-22 20:55 - 2012-06-30 09:51 - 00000000 ____D C:\WINDOWS\sv
2015-10-22 20:55 - 2012-06-30 09:51 - 00000000 ____D C:\WINDOWS\nl
2015-10-22 20:55 - 2012-06-30 09:51 - 00000000 ____D C:\WINDOWS\fr
2015-10-22 20:55 - 2012-06-30 09:51 - 00000000 ____D C:\WINDOWS\fi
2015-10-22 20:55 - 2012-06-30 09:51 - 00000000 ____D C:\WINDOWS\en
2015-10-22 20:55 - 2012-06-30 09:51 - 00000000 ____D C:\WINDOWS\da
2015-10-22 20:55 - 2012-05-22 10:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-10-22 20:55 - 2012-01-31 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-10-22 20:55 - 2011-08-23 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-10-22 20:55 - 2011-05-31 11:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-10-22 20:55 - 2011-05-20 22:14 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Essentials X5
2015-10-22 20:55 - 2011-03-14 04:29 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeCinema
2015-10-22 20:55 - 2011-03-14 04:02 - 00000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e
2015-10-22 20:55 - 2011-03-12 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
2015-10-22 20:55 - 2011-03-12 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medion MediaPack
2015-10-22 20:55 - 2011-03-12 20:41 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-10-22 20:55 - 2011-03-12 20:41 - 00000000 ____D C:\WINDOWS\no
2015-10-22 20:51 - 2015-07-30 23:43 - 00005306 _____ C:\WINDOWS\DtcInstall.log
2015-10-22 20:51 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-22 20:51 - 2015-07-30 23:42 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-10-22 20:51 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated
2015-10-22 20:45 - 2015-09-10 06:10 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-10-22 20:45 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\IME
2015-10-22 20:44 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\schemas
2015-10-22 20:44 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-10-22 20:43 - 2015-07-30 23:47 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-10-22 20:43 - 2015-07-30 23:42 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-10-22 20:43 - 2015-07-30 23:42 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-10-22 20:43 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\IME
2015-10-22 20:43 - 2015-02-27 11:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Radio
2015-10-22 20:43 - 2014-12-22 20:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GRIB.US
2015-10-22 20:43 - 2011-03-14 04:20 - 00000000 ____D C:\Program Files\Synaptics
2015-10-22 20:43 - 2011-03-14 04:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2015-10-22 20:43 - 2011-03-14 04:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation
2015-10-22 20:43 - 2010-11-21 08:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-10-22 20:42 - 2015-07-30 23:42 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-10-22 20:42 - 2011-03-14 04:03 - 00000000 ____D C:\Program Files\Intel
2015-10-22 20:42 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-10-22 20:42 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-10-22 20:41 - 2015-07-30 23:42 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-10-22 20:40 - 2015-06-16 11:29 - 00000000 ____D C:\Users\Hermann Eisenberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nauticast
2015-10-22 20:37 - 2015-07-10 10:47 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-10-22 19:58 - 2011-05-21 07:00 - 01420767 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-10-22 19:58 - 2009-07-14 05:45 - 00016976 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-22 19:58 - 2009-07-14 05:45 - 00016976 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-22 19:39 - 2015-09-10 07:42 - 00000000 ___HD C:\$Windows.~BT
2015-10-22 15:03 - 2014-03-03 17:15 - 00000000 ____D C:\ProgramData\Oracle
2015-10-22 14:30 - 2011-03-12 21:16 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-22 14:28 - 2014-05-06 17:03 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-10-19 23:26 - 2012-10-20 10:23 - 00110080 ___SH C:\Users\Hermann Eisenberg\Desktop\Thumbs.db
2015-10-18 22:16 - 2015-10-05 16:58 - 00000000 ____D C:\Users\Hermann Eisenberg\Documents\Reiseberichte Namastee
2015-10-17 09:12 - 2015-05-22 21:20 - 00002023 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-10-17 09:12 - 2011-03-12 21:06 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-10-16 04:10 - 2015-07-30 23:43 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-16 04:10 - 2015-07-30 23:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-15 22:07 - 2013-08-23 20:26 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-10-15 21:58 - 2011-03-12 20:24 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-10-09 18:22 - 2011-05-20 22:20 - 00148608 _____ C:\Users\Hermann Eisenberg\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-09 18:17 - 2012-01-31 16:25 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-10-06 22:54 - 2014-12-28 18:46 - 00000000 ____D C:\Users\Hermann Eisenberg\Desktop\NT-Elektrogrundkurs-2012
2015-10-06 21:50 - 2014-12-13 23:52 - 00273408 ___SH C:\Users\Hermann Eisenberg\Downloads\Thumbs.db
2015-10-06 20:11 - 2014-12-30 01:36 - 00120832 ___SH C:\Users\Hermann Eisenberg\Documents\Thumbs.db

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-01-23 10:34 - 2013-01-23 10:34 - 0000419 _____ () C:\Users\Hermann Eisenberg\AppData\Roaming\dpdhl.versandhelfer.medionlap_state.xml
2011-05-23 22:12 - 2011-05-23 22:12 - 0033134 _____ () C:\Users\Hermann Eisenberg\AppData\Roaming\UserTile.png
2012-02-06 16:40 - 2015-06-20 20:44 - 0005632 _____ () C:\Users\Hermann Eisenberg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-12 19:42 - 2014-12-12 19:42 - 0001542 _____ () C:\Users\Hermann Eisenberg\AppData\Local\PDLSetup.20141212.184207.txt
2014-12-12 19:44 - 2014-12-12 19:44 - 0001281 _____ () C:\Users\Hermann Eisenberg\AppData\Local\PDLSetup.20141212.184446.txt
2015-10-23 00:28 - 2015-10-23 00:39 - 0000600 _____ () C:\Users\Hermann Eisenberg\AppData\Local\PUTTY.RND
2014-12-01 23:33 - 2014-12-01 23:33 - 0000017 _____ () C:\Users\Hermann Eisenberg\AppData\Local\resmon.resmoncfg
2015-11-02 21:45 - 2015-11-02 21:45 - 0000057 _____ () C:\ProgramData\Ament.ini

Einige Dateien in TEMP:
====================
C:\Users\Hermann Eisenberg\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-01 21:24

==================== Ende von FRST.txt ============================
         
--- --- ---

Hallo Schrauber,
so, alle Scans sind bis hierher erledigt. Probleme? Keine mehr, jedenfalls keine, die ich erkennen könnte oder die mich beeinflussen. Alles scheint wieder gut zu funktionieren.
Sind weitere Maßnahmen anzuraten?

Wie auch immer, Dir einen herzlichen Dank für Deine Bemühungen. Großartig, dass es Euch gibt.
Einen entsprechenden Obulus ans Board habe ich schon auf den Weg gebracht.

Beste Grüße aus dem (sehr) hohen Norden.

Carsten

Alt 05.11.2015, 21:24   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr - Standard

Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr



Passt alles


Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren .
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.11.2015, 22:49   #11
Theesener
 
Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr - Standard

Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr



sag ich ja: Ihr seid die Besten! Danke!

Alt 06.11.2015, 19:38   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr - Standard

Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr
abend, anderes, antivirus, datenverkehr, dnsapi.dll, ersetzt, experte, experten, extreme, extremen, extremer, guten, infiziert, inter, interne, liebe, meinem, melde, meldet, neue, problems, rechner, steckt, system, verkehr, win




Ähnliche Themen: Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr


  1. 'DestroyWindows10Spying' dnsapi.dll Fix
    Diskussionsforum - 15.10.2015 (4)
  2. Eset Virenscan meldet befallene Website
    Plagegeister aller Art und deren Bekämpfung - 07.11.2014 (3)
  3. Programme starten mit extremer Verzögerung
    Plagegeister aller Art und deren Bekämpfung - 03.02.2014 (19)
  4. Viren befallene Festplatte Daten retten
    Alles rund um Windows - 11.03.2013 (10)
  5. BKA Trojaner mit explorer.exe in der console ersetzt! Jetzt auch der 2 Laptop infiziert nachdem ein USB Stick eingesteckt wurde!
    Log-Analyse und Auswertung - 27.09.2012 (3)
  6. Extremer Upload ! Windows 7
    Plagegeister aller Art und deren Bekämpfung - 12.08.2011 (2)
  7. extremer Leistungseinbruch, Werbe Soundfiles + Popups
    Log-Analyse und Auswertung - 02.05.2011 (26)
  8. Befallene Internetseite besucht, was macht das Script mit meinem PC?
    Plagegeister aller Art und deren Bekämpfung - 10.10.2010 (2)
  9. Gibt es Antivirenprogramme die befallene Dateien reparieren und nicht nur verschieben?
    Diskussionsforum - 20.09.2010 (3)
  10. befallene dateien löschen?
    Log-Analyse und Auswertung - 02.02.2010 (4)
  11. Befallene WMPLAYER.EXE auf USB-Stick: W32/Virut.Gen
    Plagegeister aller Art und deren Bekämpfung - 06.11.2009 (6)
  12. Extremer Viren/Spywarebefall
    Plagegeister aller Art und deren Bekämpfung - 02.09.2009 (18)
  13. extremer Befall,Trojaner & Co, etwas länger
    Log-Analyse und Auswertung - 08.01.2009 (0)
  14. Befallene dateien vom trojanischen Pferd befreien
    Plagegeister aller Art und deren Bekämpfung - 13.09.2008 (7)
  15. extremer Spamerhalt und Ladezeit
    Plagegeister aller Art und deren Bekämpfung - 02.06.2006 (14)
  16. KB 828741 ersetzt KB 824146?
    Alles rund um Windows - 15.05.2005 (2)
  17. Extremer Plagegeist
    Plagegeister aller Art und deren Bekämpfung - 29.01.2005 (1)

Zum Thema Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr - Guten Abend liebe Experten, Norton Antivirus hat auf meinem Rechner (WIN10) die DNSAPI.DLL geht, da diese mit einem Virus infiziert gewesen sei. Ich habe eine neue DLL heruntergeladen und in - Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr...
Archiv
Du betrachtest: Befallene DNSAPi.dll ersetzt, jetzt extremer Datenverkehr auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.