Win10 - Zlob.ZipCodec - Watch4

Amarantine · 08.12.2015, 11:54

Hallo liebes Trojaner-Board-Team,

ich hatte heute definitiv ein watch4 Fenster auf - vorher hin und wieder abgespielte Werbung/Videos (?) die ich aber nicht finden konnte und die auch wieder aufgehört haben. Ich nutze Skype und habe kürzlich auf Win10 umgestellt. Eigentlich sollte Herr Kaspersky mich beschützen. Spybot meldet jetzt ganz am Ende des Scans Zlob.ZipCodec und erhängt sich daran. Meistens nutze ich Chrome. GMER wollte nicht - Fehlermeldung.

Ich vermute mal irgendwas stimmt nicht. Ich habe versucht die gewünschten Daten so gut wie möglich zusammen zu stellen. Addition und FRST folgt - war zu lang.

Für eure Hilfe wäre ich sehr dankbar.
Herzlichen Dank,
Birgit

Malwarebytes Anti-Malware

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 07.12.2015
Suchlaufzeit: 13:21
Protokolldatei: LogfileMaleware.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.07.01
Rootkit-Datenbank: v2015.11.26.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Birgit

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 511678
Abgelaufene Zeit: 16 Min., 10 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Junkware Removal Tool

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 10 Pro x64 
Ran by Birgit (Administrator) on 08.12.2015 at  9:07:07,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 1 

Successfully deleted: C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\Invalidprefs.js (File) 

Registry: 0 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.12.2015 at  9:09:11,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-12-2015
durchgeführt von Birgit (2015-12-08 10:27:41)
Gestartet von D:\Downloads
Windows 10 Pro (X64) (2015-11-15 07:28:20)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3964295598-1680719950-2001356993-500 - Administrator - Disabled) => C:\Users\Administrator
Birgit (S-1-5-21-3964295598-1680719950-2001356993-1000 - Administrator - Enabled) => C:\Users\Birgit
DefaultAccount (S-1-5-21-3964295598-1680719950-2001356993-503 - Limited - Disabled)
Gast (S-1-5-21-3964295598-1680719950-2001356993-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3964295598-1680719950-2001356993-1011 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Spybot - Search and Destroy (Disabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acronis True Image 2015 (HKLM-x32\...\{2F70A6E6-2F71-4907-8441-BDC5D300310B}Visible) (Version: 18.0.6613 - Acronis)
Acronis True Image 2015 (x32 Version: 18.0.6613 - Acronis) Hidden
ActivePerl 5.20.2 Build 2002 (HKLM-x32\...\{47A7857F-059D-4F23-8A91-96568EC3CD0C}) (Version: 5.20.2002 - ActiveState)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.1.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.1.181 - Adobe Systems Incorporated)
Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)
Adobe DNG Codec (HKLM-x32\...\Adobe DNG Codec) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Adobe Exchange Panel (HKLM-x32\...\{C592A34D-1E4A-49A3-BD42-4C8A5C9E4B80}) (Version: 1.2 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit CC (HKLM-x32\...\{6297487E-3778-4F72-B458-55690418DB98}) (Version: 4.0.0.0 - Adobe Systems Incorporated)
Adobe Extension Manager CC (HKLM-x32\...\{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}) (Version: 7.3.2 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.3 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
Adobe Touch App Plugins (HKLM-x32\...\{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}) (Version: 1.0 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\Amazon Kindle) (Version:  - Amazon)
Amazon Kindle (HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Kindle) (Version:  - Amazon)
Amazon Music (HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\Amazon Amazon Music) (Version: 3.10.0.928 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon Amazon Music) (Version: 3.10.0.928 - Amazon Services LLC)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.11.12 - Atheros Communications Inc.)
Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.3.0.23930 - Ask.com) <==== ACHTUNG
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
calibre (HKLM-x32\...\{E25A469A-2E07-40F5-8B9E-C13B1358A431}) (Version: 1.16.0 - Kovid Goyal)
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Canon CanoScan 9000F II On-screen Manual (HKLM-x32\...\Canon CanoScan 9000F II On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version:  - )
Canon MX920 series Benutzerregistrierung (HKLM-x32\...\Canon MX920 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Canon RAW Codec (HKLM-x32\...\Canon RAW Codec) (Version: 1.11.0.75 - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.41.0 - Canon Inc.)
Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.2.32.0 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.0.0.7 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.1.0 - Canon Inc.)
Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.0.0.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.0.0.7 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.14.10.0 - Canon Inc.)
CanoScan 9000F Mark II Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9604) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Citrix Online Launcher (HKLM-x32\...\{E5F6D26D-E180-4547-A865-565EAB61000C}) (Version: 1.0.362 - Citrix)
Color Efex Pro 3.0 Complete (HKLM-x32\...\Color Efex Pro 3.0 Complete Stand-Alone) (Version: 3.1.1.0 - Nik Software, Inc.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World)
DDBAC (HKLM-x32\...\{3CCF9C9E-1D71-41AB-BFF2-A118DA748CDC}) (Version: 5.3.41.0 - DataDesign)
Dropbox (HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
DxO FilmPack 3 (HKLM\...\{6E98BFB0-55E3-4D3C-8C10-B44F6063535E}) (Version: 3.4.94.0 - DxO Labs)
DxO Optics Pro 8 (HKLM\...\{5AA431D2-12E9-4443-9DB2-A40F39168E39}) (Version: 8.5.0 - DxO Labs)
DxO ViewPoint (HKLM\...\{A0A7372A-C28E-48BE-B88C-3C3C3EEFC2EA}) (Version: 1.2.14.0 - DxO Labs)
EaseUS Partition Master 10.8 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
EaseUS Todo Backup Free 8.9  (HKLM-x32\...\EaseUS Todo Backup_is1) (Version: 8.9 - CHENGDU YIWO Tech Development Co., Ltd)
Elevated Installer (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.16835 - Landesfinanzdirektion Thüringen)
EOSInfo (HKLM-x32\...\{CC23FF9A-989C-4DEB-8970-50E6E4862315}) (Version: 0.2.0 - astrojargon.net)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
EXIF Date Changer v3.01 (HKLM-x32\...\{26CA1B07-BC53-4196-B9C2-A11C6F6F3E08}_is1) (Version:  - Rellik Software)
Exifer (HKLM-x32\...\Exifer_is1) (Version:  - Friedemann Schmidt)
fc prints Fotobuch (HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\d6db122d3297ec15) (Version: 1.25.0.0 - fc prints Fotobuch)
fc prints Fotobuch (HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\d6db122d3297ec15) (Version: 1.25.0.0 - fc prints Fotobuch)
fc prints order (HKLM-x32\...\fc prints order) (Version:  - )
fc prints order (HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\1658451134.client.my-silverx.com) (Version:  - client.my-silverx.com)
fc prints order (HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1658451134.client.my-silverx.com) (Version:  - client.my-silverx.com)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Finanzmanager 2016 (x32 Version: 23.36.00.0179 - Haufe-Lexware GmbH & Co.KG) Hidden
Finanzmanager Import Export Server 2016 (x32 Version: 23.33.00.0106 - Haufe-Lexware GmbH & Co.KG) Hidden
Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{b292f4e5-60ca-4bb8-8810-e5f908c3c1ff}) (Version: 4.1.10.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
GeoSetter 3.4.16 (HKLM-x32\...\GeoSetter_is1) (Version:  - Friedemann Schmidt)
GeoSetter 3.4.51 beta (HKLM-x32\...\GeoSetterBeta_is1) (Version:  - Friedemann Schmidt)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.73 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
GoToMeeting 7.7.0.4062 (HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\GoToMeeting) (Version: 7.7.0.4062 - CitrixOnline)
GoToMeeting 7.7.0.4062 (HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GoToMeeting) (Version: 7.7.0.4062 - CitrixOnline)
Hardcopy (HKLM-x32\...\Hardcopy) (Version: 2014.10.06 - www.hardcopy.de)
HDR Efex Pro (HKLM-x32\...\HDR Efex Pro) (Version: 1.2.0.3 - Nik Software, Inc.)
HDR projects 3 professional (64-Bit) (HKLM\...\HDR_PROJECTS_3_3_3BF7CE82_is1) (Version: 3.31 - Franzis Verlag GmbH)
HDR Projects platin (64-Bit) (HKLM\...\HDR Projects platin_is1) (Version: 1.23 - Franzis Verlag GmbH)
HDR projects professional (64-Bit) (HKLM\...\HDR_PROJECTS_1_3_3BF7CE82_is1) (Version: 1.25 - Franzis Verlag GmbH)
Incomedia WebSite X5 v9 - Evolution (HKLM-x32\...\{64392EEB-38EF-45FD-822D-5C75CA136860}_is1) (Version: 9.0.0.1597 - Incomedia s.r.l.)
Intel Driver Update Utility (HKLM-x32\...\{fe92d390-13ee-4660-a2f8-39a066fdffe0}) (Version: 2.2.0.5 - Intel)
Intel(R) Driver Update Utility 2.2.0.5 (x32 Version: 2.2.0.1 - Intel) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
Lexware Finanzmanager 2016 (HKLM-x32\...\{f8af6484-cb0b-426f-b8de-dd70753f69fc}) (Version: 23.33.0.114 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (x32 Version: 5.00.00.0044 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst (x32 Version: 4.01.00.0009 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware online banking (x32 Version: 22.02.00.0040 - Haufe-Lexware GmbH & Co.KG) Hidden
Lightroom 5.2 (HKLM-x32\...\{9bcd38e7-1f9a-4536-8cd4-96448263f367}) (Version: 5.2 - Adobe Systems Incorporated)
Lightroom Plug-in Merge to 32-bit HDR 1.1.3 (HKLM\...\HDRsoftMerge32x64_is1) (Version: 1.1.3 - HDRsoft Ltd)
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM-x32\...\{968AE11C-EDF7-4D18-B416-848DA26EADFA}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneNote Home and Student 2016 - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 16.0.6001.1038 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Neat Image v7.3.0 Pro plug-in for Photoshop (64-bit) (HKLM\...\Neat Image plug-in for Photoshop_is1) (Version:  - Neat Image team, ABSoft)
Nero 11 Platinum (HKLM-x32\...\{79B3E8EE-35F2-4CCD-82D9-4A57F408E449}) (Version: 11.2.00700 - Nero AG)
Nero BackItUp (HKLM-x32\...\{40F2F005-FA4C-4BEA-83A6-BFD969467594}) (Version: 15.63.1.92 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 12.0.4000 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nero MediaHome Free (HKLM-x32\...\{AD35CA78-52F0-4A86-B672-0EF769752CEB}) (Version: 15.0.04700 - Nero AG)
Nero Prerequisite Installer 1.0 (HKLM-x32\...\{82E8286F-5F93-4548-B2C0-E9BD23B04AA7}) (Version: 11.0.12600 - Nero AG)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
Oloneo PhotoEngine (HKLM\...\Oloneo PhotoEngine) (Version: 1.1.400.429 - Oloneo SAS)
ON1 Photo 10 (HKLM\...\ON1 Photo 10 PE) (Version: 10.0.2 - ON1)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photomatix Pro version 4.1.4 (HKLM\...\PhotomatixPro41x64_is1) (Version: 4.1.4 - HDRsoft Sarl)
Photomatix Pro version 4.2.7 (HKLM\...\PhotomatixPro42x64_is1) (Version: 4.2.7 - HDRsoft Ltd)
Photomatix Pro version 5.1.1 (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.1.1 - HDRsoft Ltd)
PhotoPresets with One-Click WOW! for Adobe Camera Raw (HKLM-x32\...\{EB083118-49ED-4CD7-8CE8-241C1F958E2C}) (Version: 1.0 - onOne Software)
PhotoPresets Wow Effects for Adobe Camera Raw (HKLM-x32\...\{7FB1F881-0AA3-4181-A6E6-208FDC8B4DFE}) (Version: 1.0 - onOne Software)
Piccure+ (HKLM-x32\...\{eb57d388-7f96-4b68-a406-9b68a8351002}) (Version: 2.5.0.62 - Intelligent Imaging Solutions)
Piccure+ Setup x64 (Version: 2.5.0.62 - Intelligent Imaging Solutions) Hidden
Piccure+ Setup x86 (x32 Version: 2.5.0.62 - Intelligent Imaging Solutions) Hidden
Picto Selector 1.6 (HKLM-x32\...\{8032E8DE-1764-4F00-B19E-EF2DBBDB649B}_is1) (Version:  - M.C. van der Kooij)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PortraitPro 12.0 (HKLM\...\PortraitPro12_is1) (Version: 12.0 - Anthropics Technology Ltd.)
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
PTLens (HKLM\...\{D527D68F-1730-4FB7-8367-31520BA69F2A}) (Version: 3.0.625 - ePaperPress)
QNAP Qfinder (HKLM-x32\...\QNAP_FINDER) (Version: 5.0.1.0225 - QNAP Systems, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rays (HKLM\...\Digital Film Tools-Rays 2.0) (Version: 2.0 - Digital Film Tools)
Recuva (HKLM\...\Recuva) (Version: 1.46 - Piriform)
Redfield Plugins (HKLM-x32\...\Redfield Plugins) (Version:  - )
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 3.9 - Saal Digital Fotoservice GmbH)
Saal Design Software (x32 Version: 3.9 - Saal Digital Fotoservice GmbH) Hidden
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
ScanSoft OmniPage SE 4 (HKLM-x32\...\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}) (Version: 15.2.0020 - Nuance Communications, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
Servicepack Datumsaktualisierung (x32 Version: 1.00.00.0005 - Haufe-Lexware) Hidden
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - )
SiSoftware Sandra Lite 2015x (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2496}_is1) (Version: 21.15.2015.1 - SiSoftware)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.15 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.103 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
Spyder4Pro (HKLM-x32\...\Spyder4Pro) (Version:  - )
Spyder5Elite (HKLM-x32\...\Spyder5Elite) (Version:  - )
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.51091 Beta - TeamViewer)
Tone Mapping Plug-In 2.2.1 64-bit (HKLM\...\ToneMappingx64_is1) (Version: 2.2.1 - HDRsoft Ltd)
Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.1.0 - Topaz Labs, LLC)
Topaz B&W Effects (HKLM-x32\...\Topaz BW Effects 2) (Version: 2.1.0 - Topaz Labs, LLC)
Topaz Clarity (HKLM-x32\...\Topaz Clarity) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.1.0 - Topaz Labs, LLC)
Topaz DeJpeg 4 (HKLM-x32\...\Topaz DeJpeg 4) (Version: 4.0.2 - Topaz Labs, LLC)
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.1.0 - Topaz Labs, LLC)
Topaz Detail 2 (64-bit) (HKLM-x32\...\Topaz Detail 2 (64-bit)) (Version: 2.0.5 - Topaz Labs)
Topaz Detail 2 (HKLM-x32\...\Topaz Detail 2) (Version: 2.0.5 - Topaz Labs)
Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.2.0 - Topaz Labs, LLC)
Topaz Fusion Express 2 (64-bit) (HKLM-x32\...\Topaz Fusion Express 2 (64-bit)) (Version: 2.1.1 - Topaz Labs)
Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC)
Topaz Glow (HKLM\...\Topaz Glow) (Version: 1.0.1 - Topaz Labs, LLC)
Topaz Impression (HKLM\...\Topaz Impression) (Version: 1.1.2 - Topaz Labs, LLC)
Topaz InFocus (HKLM-x32\...\Topaz InFocus) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Lens Effects (HKLM-x32\...\Topaz Lens Effects) (Version: 1.2.0 - Topaz Labs, LLC)
Topaz ReMask 3 (HKLM-x32\...\Topaz ReMask 3) (Version: 3.2.1 - Topaz Labs, LLC)
Topaz ReMask 4 (HKLM-x32\...\Topaz ReMask 4) (Version: 4.0.0 - Topaz Labs, LLC)
Topaz ReMask 5 (HKLM-x32\...\Topaz ReMask 5) (Version: 5.0.1 - Topaz Labs, LLC)
Topaz ReStyle (HKLM-x32\...\Topaz ReStyle) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Simplify 4 (HKLM-x32\...\Topaz Simplify 4) (Version: 4.1.1 - Topaz Labs, LLC)
Topaz Star Effects (HKLM-x32\...\Topaz Star Effects) (Version: 1.1.0 - Topaz Labs, LLC)
Topaz Texture Effects (HKLM\...\Topaz Texture Effects) (Version: 1.0.1 - Topaz Labs, LLC)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.11w3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Welcome App (Start-up experience) (x32 Version: 11.0.23500.0.0 - Nero AG) Hidden
WhiteWall 5.0 (HKLM-x32\...\WhiteWall_is1) (Version:  - )
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240ED}) (Version: 19.5.11532 - WinZip Computing, S.L. )
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Birgit\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-924447CB8C96}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{38ABCE1F-8713-6F17-99B0-F95C2A045B69}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Birgit\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Birgit\AppData\Local\Citrix\GoToMeeting\3880\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Birgit\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Birgit\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Birgit\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Birgit\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Birgit\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Birgit\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Birgit\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Birgit\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Birgit\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-924447CB8C96}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000_Classes\CLSID\{38ABCE1F-8713-6F17-99B0-F95C2A045B69}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Birgit\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Birgit\AppData\Local\Citrix\GoToMeeting\3880\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Birgit\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Birgit\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Birgit\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Birgit\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Birgit\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Birgit\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Birgit\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Birgit\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

03-12-2015 09:44:23 Sprachpaketdeinstallation
06-12-2015 12:14:00 Sprachpaketdeinstallation
06-12-2015 19:00:27 Windows-Sicherung
07-12-2015 08:32:30 JRT Pre-Junkware Removal
07-12-2015 14:45:42 JRT Pre-Junkware Removal
08-12-2015 08:58:45 JRT Pre-Junkware Removal
08-12-2015 09:07:08 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2013-10-06 16:08 - 00002209 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00862926-A223-40CE-BDAC-6E3F88BB5B03} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {0B3F1058-2F3F-49BB-8801-CF94AB42BC07} - System32\Tasks\{F1382697-0E25-4222-B625-EFBC3ED02707} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{6727F16E-6BF0-4E73-AC73-958A382AA09E}\setup.exe" -c -runfromtemp -l0x0009 -uninst -removeonly
Task: {13E78C79-545A-47D1-831A-F62651CCBE0C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {15B0B144-14B2-4921-AC23-15A799F497B0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {15B84AD4-7823-4263-93AB-B76020450F26} - System32\Tasks\{275E7304-F325-4071-8E5E-F3ABEC1A009B} => pcalua.exe -a D:\Downloads\BT747_Latest_Full\BT747cmd_64b.exe -d D:\Downloads\BT747_Latest_Full
Task: {18D56555-7B30-4311-8E17-DCB6F38ADD9E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {1E4BFE73-F5E0-46D8-85F9-E56DA9CD106C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {22707A06-5C06-4BB5-82AA-617C2AB8EB3C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {23B16736-D55F-44E1-80D4-F8A21ACA9545} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {23E49E97-2331-43DF-8566-92EFE35C8DC8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {266FA271-392B-45AE-8CC1-E99B36906773} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {267DA758-A0E3-4CFF-AC26-8268882542FD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {36E1D77F-2727-4A83-BB39-D587AE11AFB5} - System32\Tasks\AdobeAAMUpdater-1.0-Birgit-PC-Birgit => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated)
Task: {395D20B7-2ED6-4043-851F-26826625A68A} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2012-11-08] ()
Task: {3AB2D54E-BA23-49B1-8C9F-57E2FCED7940} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {3CD13246-32A0-4CD4-A35F-6FF5E9D439EB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {3D24B813-04DD-4B77-AC71-58D96A74FE71} - System32\Tasks\{8D352165-7167-4EE7-9453-46AE080210AB} => pcalua.exe -a "D:\Downloads\ddbac (3).exe" -d D:\Downloads
Task: {3D590EAA-C570-4C42-8A30-C43599A93389} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {42159D61-5E6A-4934-A70C-C5E89DA14858} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {49A81522-6767-4EB3-86A7-6078ECA09780} - System32\Tasks\bd85a1de-c49d-435e-919e-9865c1fd356a 15 0 => C:\Program Files (x86)\Nero\Nero BackItUp\NBCore.exe <==== ACHTUNG
Task: {4CD27F4E-83A6-4170-88A0-33941DF253A3} - System32\Tasks\{C381E834-517B-458A-80EF-36BF3CC44F0B} => pcalua.exe -a "D:\Downloads\ddbac (2).exe" -d D:\Downloads
Task: {4CF79E1E-A62D-4FC8-9076-AE6E384C73B1} - \ASP -> Keine Datei <==== ACHTUNG
Task: {4D166B79-DBDC-465B-9320-6D71383CB80C} - System32\Tasks\{EC59A234-04F9-4E72-A0CB-8A8A92144FD6} => pcalua.exe -a D:\Downloads\ddbac.exe -d D:\Downloads
Task: {54C8D0D3-8DE2-44ED-9754-88ADFFD42E7A} - System32\Tasks\iSCSIAgentAutoStartup => C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe [2015-02-25] ()
Task: {5656D691-2620-46BD-B362-CF573357D180} - System32\Tasks\{1F05FE5F-1507-403C-BE85-834309BBFD7D} => pcalua.exe -a D:\Downloads\BT747_2.0.3_full\BT747.exe -d D:\Downloads\BT747_2.0.3_full
Task: {5906442C-E341-4572-93C7-387A8753BE6E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {5B5CA5CA-D3D6-48F1-A92E-ABB214EEF217} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {615662F9-13B7-4B8C-8C75-AF3125A8E10C} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {61B32762-3CBB-429E-81DE-A8C8A06E7A24} - System32\Tasks\{6207B31E-34E9-47A4-ADF3-7AFD77071B98} => pcalua.exe -a D:\TreckStor\Software\BT747_Latest_Full\BT747.exe -d D:\TreckStor\Software\BT747_Latest_Full
Task: {6362F068-9D95-4F74-8CEF-611D561B72F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {65192B17-02DF-462F-9943-9780FF76DDAE} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2015-10-29] ()
Task: {6DFE2ACE-D453-4D9A-8785-A64C511BDDF0} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-seh-n-sucht@seh-n-sucht.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated)
Task: {6E136D2B-C4D6-45A4-8DEF-A35A5C221575} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {6E5C31FC-F242-4E6B-8F7E-2B5618900DEF} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {724F584B-EFDA-46D1-8725-751A02EACE5D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-11-01] (Microsoft Corporation)
Task: {7419AEFC-4FDB-48AF-B813-ACB9120045B2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {7736A402-7EFC-45D0-AD59-6E5CC16AFA65} - System32\Tasks\G2MUploadTask-S-1-5-21-3964295598-1680719950-2001356993-1000 => C:\Users\Birgit\AppData\Local\Citrix\GoToMeeting\4062\g2mupload.exe [2015-12-08] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {818C2F47-54D8-40C9-B73F-AF3C2C017F96} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {845E7906-B406-4431-9A43-A0D411255F21} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {869B2F8E-6466-47EF-B856-2883CFCBA7C7} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {8CEA94A3-E27C-4316-B665-ECA55F7107A2} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {8EC72398-2AA2-41DA-80D8-6A020640775F} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {9360A38F-7D12-4689-8B27-A4B62B1D0FC7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {93C08732-5815-4F71-A0AC-07E84EC3EA52} - System32\Tasks\{A0428692-8CDB-4E1E-938A-8623090CDEFD} => pcalua.exe -a "D:\Downloads\PhotoTools\PhotoTools 2.6.5 Professional Edition.exe" -d D:\Downloads\PhotoTools
Task: {9B2A7275-DDCD-4F54-93EA-68DF354EB803} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {A9113EA3-3322-4B60-A8D5-B8853E76C180} - System32\Tasks\{CB071D11-95EB-47EB-9CDD-4FDD06CABB4B} => pcalua.exe -a "C:\Users\Birgit\AppData\Local\Temp\Temp1_Perfect_Photo_Suite_7.0.1.zip\Perfect Photo Suite 7.0.1.exe"
Task: {AD00F114-C793-44B8-9369-67A35D933B2F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {AD48D5F2-4B90-4BAA-9617-158371EE1AC4} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {AF6FA6A2-247E-446F-A4F4-76265B35A21F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {B1700F17-1A50-4316-AD52-31B8525D3C5C} - System32\Tasks\G2MUpdateTask-S-1-5-21-3964295598-1680719950-2001356993-1000 => C:\Users\Birgit\AppData\Local\Citrix\GoToMeeting\4062\g2mupdate.exe [2015-12-08] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {BD978989-0C73-40F3-8194-53980DECB03F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C06D57C6-BAFD-45E1-B867-9821E236C3AF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {C2764ADD-BB86-419E-AF41-225F8C222201} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {C3794AE5-A2B1-4234-A1A0-C17267F920F0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {C44BCBA2-BB48-4573-A988-BBE81A3610E1} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {C6CC7457-A9AD-4C97-9C72-9BD9781D5323} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-11-01] (Microsoft Corporation)
Task: {D24F15DF-2B66-4B8F-89C9-9B3E70085E22} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {D61535BD-0438-481F-97E8-D00443F627D0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {E4748AE9-204C-489C-ACC0-EE104244F612} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2013-07-17] ()
Task: {E97583D6-7D1D-41FE-B0A2-00D064EE6261} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {FAE2230A-5258-44B1-991E-61E8117FE52F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {FBEEDA0E-10E9-4E2B-9512-B311A1579899} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {FC04A667-B3CE-4310-9F02-C4F04EEC8467} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {FD20FA4B-C1B4-49F2-A4BF-788217BF4455} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {FDD85D48-E539-4F09-863D-D617B3F15BA1} - System32\Tasks\AdobeAAMUpdater-1.0-Birgit-PC-Administrator => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-10-30] (Adobe Systems Incorporated)
Task: {FFC08CB2-98DD-464E-AF0A-BBADD9F72753} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3964295598-1680719950-2001356993-1000.job => C:\Users\Birgit\AppData\Local\Citrix\GoToMeeting\4062\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3964295598-1680719950-2001356993-1000.job => C:\Users\Birgit\AppData\Local\Citrix\GoToMeeting\4062\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:17 - 2015-10-30 08:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2012-06-28 07:13 - 2006-02-23 10:35 - 00020480 _____ () C:\WINDOWS\System32\FritzColorPort64.dll
2012-06-28 07:13 - 2006-02-22 09:39 - 00020480 _____ () C:\WINDOWS\System32\FritzPort64.dll
2015-11-17 08:51 - 2015-11-01 02:11 - 00161448 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-03 19:57 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 19:57 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-11-28 10:28 - 2015-11-14 04:23 - 00553120 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-10-19 21:00 - 2015-10-19 21:00 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-10-30 08:17 - 2015-10-30 08:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-10-30 08:17 - 2015-10-30 08:17 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-03 19:56 - 2015-11-22 10:23 - 08005632 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-03 19:56 - 2015-11-22 10:18 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-03 19:57 - 2015-11-22 10:19 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-03 19:57 - 2015-11-22 10:21 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-14 15:12 - 2015-11-03 20:18 - 00249384 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-15 03:36 - 2013-02-15 03:36 - 01554496 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2015-11-18 08:23 - 2015-11-18 08:23 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-11-19 14:37 - 2015-11-19 14:37 - 09074176 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-11-19 14:37 - 2015-11-19 14:37 - 02416640 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2015-12-08 10:17 - 2015-12-08 10:18 - 00050477 _____ () D:\Downloads\Defogger.exe
2015-07-08 22:18 - 2015-07-08 22:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2015-11-14 15:12 - 2015-09-24 00:58 - 00080936 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00017448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00088616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 01296424 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00060968 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2015-11-14 15:12 - 2015-11-03 10:45 - 00022568 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CmcTbProxy.dll
2015-11-14 15:12 - 2015-11-03 10:45 - 00186408 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCPipeCenter.dll
2015-11-14 15:12 - 2015-11-03 10:45 - 00165416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCAdapt.dll
2015-11-14 15:12 - 2015-11-03 10:45 - 00058408 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBInfo.dll
2015-11-14 15:12 - 2015-11-03 10:45 - 00015912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CMCNetTokenProxy.dll
2015-11-14 15:12 - 2015-06-23 00:58 - 00108072 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2015-11-14 15:12 - 2015-09-24 00:58 - 00030760 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2015-11-14 15:12 - 2015-09-24 00:58 - 00068136 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00158248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2015-11-14 15:12 - 2015-03-14 11:54 - 00281128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2015-11-14 15:12 - 2015-09-24 00:58 - 00072232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2015-11-14 15:12 - 2015-09-24 00:58 - 00139816 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2015-11-14 15:12 - 2015-06-23 00:58 - 00037416 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2015-11-14 15:12 - 2015-11-03 06:03 - 00769064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00193064 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00407080 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2015-11-14 15:12 - 2015-06-23 00:58 - 00148008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00207912 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00076840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2015-11-14 15:12 - 2015-11-03 20:18 - 00111656 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileStorage.dll
2015-11-14 15:12 - 2015-11-03 06:03 - 00169512 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudInterface.dll
2015-11-14 15:12 - 2015-11-03 06:03 - 00503336 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\StorageMgr.dll
2015-11-14 15:12 - 2015-06-23 00:58 - 00024616 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00020520 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00032296 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00034856 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2015-11-14 15:12 - 2015-08-01 15:10 - 00025128 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00064040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00115752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2015-11-14 15:12 - 2015-09-24 00:58 - 00201768 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00077864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00037928 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2015-11-14 15:12 - 2015-06-23 00:58 - 00136232 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00020008 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00043048 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00353832 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00027176 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll
2015-11-14 15:12 - 2015-09-24 00:58 - 00138792 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll
2015-11-14 15:12 - 2015-09-24 00:58 - 00146984 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00050216 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00061992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00089640 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00056360 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2015-07-20 08:08 - 2015-07-20 08:08 - 00034624 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2015-07-20 08:15 - 2015-07-20 08:15 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2015-07-20 08:10 - 2015-07-20 08:10 - 00129344 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll
2012-06-09 16:27 - 2012-02-07 16:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-11-21 11:45 - 2013-10-30 10:49 - 00117752 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_43_Win32.dll
2015-11-14 03:30 - 2015-11-14 03:30 - 00147136 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2015-11-14 15:12 - 2014-12-15 00:53 - 00223784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\SmartBackup.dll
2015-10-16 11:02 - 2015-10-16 11:02 - 00039384 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-12-07 18:57 - 2015-11-24 09:00 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\libglesv2.dll
2015-12-07 18:57 - 2015-11-24 09:00 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\libegl.dll
2015-11-18 08:23 - 2015-11-18 08:23 - 00152064 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-11-18 08:23 - 2015-11-18 08:23 - 18906624 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Perl:Win32App_1
AlternateDataStreams: C:\Program Files\Adobe:Win32App_1
AlternateDataStreams: C:\Program Files\CamStudio 2.7:Win32App_1
AlternateDataStreams: C:\Program Files\CCleaner:Win32App_1
AlternateDataStreams: C:\Program Files\Garmin GPS Plugin:Win32App_1
AlternateDataStreams: C:\Program Files\Microsoft Office:Win32App_1
AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App_1
AlternateDataStreams: C:\Program Files\Neat Image for Photoshop:Win32App_1
AlternateDataStreams: C:\Program Files\ON1:Win32App_1
AlternateDataStreams: C:\Program Files\onOne Software:Win32App_1
AlternateDataStreams: C:\Program Files\PhotomatixPro4:Win32App_1
AlternateDataStreams: C:\Program Files\PhotomatixPro4.2:Win32App_1
AlternateDataStreams: C:\Program Files\PhotomatixPro5:Win32App_1
AlternateDataStreams: C:\Program Files\Piccure+:Win32App_1
AlternateDataStreams: C:\Program Files\PortraitPro 12:Win32App_1
AlternateDataStreams: C:\Program Files\Recuva:Win32App_1
AlternateDataStreams: C:\Program Files\WinZip:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Adobe:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Adobe Media Player:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Apple Software Update:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Calibre2:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\CrystalDiskInfo:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\ElsterFormular:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\EXIF Date Changer:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\FileZilla FTP Client:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Garmin:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Garmin GPS Plugin:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\GeoSetter:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\GeoSetter beta:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Hardcopy:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Intel Driver Update Utility:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\ Malwarebytes Anti-Malware :Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Mozilla Firefox:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Nero:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Piccure+:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Picto Selector:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\QuickTime:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\SaalDesignSoftware:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\Spybot - Search & Destroy 2:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\TeamViewer:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\WebSite X5 v9 - Evolution:Win32App_1
AlternateDataStreams: C:\Program Files (x86)\WhiteWall:Win32App_1
AlternateDataStreams: C:\Program Files\Common Files\DESIGNER:Win32App_1
AlternateDataStreams: C:\Program Files\Common Files\microsoft shared:Win32App_1
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns1
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns2
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns3
AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns4
AlternateDataStreams: C:\ProgramData\Nero:Win32App_1
AlternateDataStreams: C:\ProgramData\regid.1991-06.com.microsoft:Win32App_1
AlternateDataStreams: C:\ProgramData\TEMP:3241321C
AlternateDataStreams: C:\Users\Public\Documents\Digital Film Tools:232c60c0-6436-11e4-9803-0800200c9a66

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7866 mehr Seiten.

IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

Da befinden sich 7866 mehr Seiten.

IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

Da befinden sich 7866 mehr Seiten.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\Control Panel\Desktop\\Wallpaper -> c:\users\birgit\appdata\local\microsoft\windows\themes\transcodedwallpaper.jpg
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> c:\users\birgit\appdata\local\microsoft\windows\themes\transcodedwallpaper.jpg
HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1 - 141.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: Stereo Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Quicken 2012 Zahlungserinnerung.lnk => C:\Windows\pss\Quicken 2012 Zahlungserinnerung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Quicken 2014 Zahlungserinnerung.lnk => C:\Windows\pss\Quicken 2014 Zahlungserinnerung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Birgit^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Birgit^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EOS Utility.lnk => C:\Windows\pss\EOS Utility.lnk.Startup
MSCONFIG\startupreg: Amazon Music => "C:\Users\Birgit\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Bluetooth Connection Assistant => LBTWIZ.EXE -silent
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Birgit\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GoogleChromeAutoLaunch_F7B17C39534B650D769DA53D3F195912 => "C:\Users\Birgit\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: NBAgent => "C:\Program Files (x86)\Nero\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: OpwareSE4 => "C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

Warlord711 · 08.12.2015, 11:54

Hallo Amarantine

Mein Name ist Timo und ich werde Dir bei deinem Problem behilflich sein.

Bitte arbeite alle Schritte der Reihe nach ab.
Hier findest du die Anleitung für Hilfesuchende
Lese die Anleitungen sorgfältig. Sollte es Probleme geben, bitte stoppen und hier so gut es geht beschreiben.
Nur Scans durchführen zu denen Du von einem Helfer aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder Deinstalliere während der Bereinigung keine Software ausser Du wurdest dazu aufgefordert.
Lese Dir die Anleitung zuerst vollständig durch. Sollte etwas unklar sein, frage bevor Du beginnst.
Poste die Logfiles direkt in deinen Thread. Nicht anhängen ausser ich fordere Dich dazu auf.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist immer der sicherste Weg.

Wir arbeiten hier alle freiwillig und meist auch nur in unserer Freizeit. Daher kann es bei Antworten zu Verzögerungen kommen.
Solltest du innerhalb 48 Std keine Antwort von mir erhalten, dann schreib mit eine PM
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis ich oder jemand vom Team sagt, dass Du clean bist.

Führe sämtliche Tools mit administrativen Rechten aus, Vista, Win7,Win8 User mit Rechtsklick "als Administrator starten".

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Ok, Logs kommen per Editieren wie ich sehe

Amarantine · 08.12.2015, 11:55

Addtion II

Code:

ATTFilter

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{931E184B-ED91-4E83-B2D1-FFB95F6CB615}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{1F57B967-C79F-48BF-A6BD-380BBECF2CC0}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{B6E1CF51-7CC4-4754-88FD-EF1F6C2E6DA0}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{4E1486D8-19E2-44A4-8406-4A152F4CD6DB}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{91D8B648-4A63-4D78-B58B-8AF96805ABA1}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{D5AD2235-AFE6-4CFD-9679-5D1E3DF2A87C}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{6F6A50C5-04AD-4E4A-B4EF-EDA7D90192FD}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe
FirewallRules: [{0B98A36C-AE0B-40BD-A77B-C7935709973A}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{AF62E71E-D9FC-4A5C-8963-13033E99D592}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe
FirewallRules: [{94E389A4-4465-49EF-B30F-CFCD153ED5D1}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{09C01303-9ECC-4B79-86F8-F1A6407891AE}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DB4937F2-81E5-47E2-8A9D-B6EB893B8F9F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{9ECC1782-F0F2-4822-B194-BF983EA8EC84}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{EF129FA5-DD61-4FD9-A202-0F739583CE49}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{49BF219B-9AAE-4B61-8D62-33371FB8E785}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{43B3BC03-0747-4A32-99D3-25699DED89D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{69A6C671-27BD-4726-8ECC-4B201B2C922B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{89CA4AA7-AED3-4F67-A6A8-43BA24668640}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{78A01AB5-A265-492B-8695-EFB378721713}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{96E072EC-2E11-49CE-8CDC-B863AB5A63C1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9C585FDF-B687-43AF-B63E-A4C3C25CCEAA}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{CDDE508F-470A-4D7D-B567-A4DD951F6E75}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{7C5BF8FF-B0C5-42A5-BE75-DC051343028F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2C8716D0-C830-406A-A913-96B112F8A681}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{58029774-96D6-4F71-B96E-4BC17E5DCDFF}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{FA892A51-D89F-4989-AE4A-DF57FD8DE6E6}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{276702BC-5EC4-4FFB-A2EF-5A19F7B71968}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{50D08636-CDBE-411A-BC06-709A401E954B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2E84107B-7BB3-418A-B80B-8DEB75E27678}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0AAF2CB5-6D1A-4337-AFA9-948260F97207}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D3E311B3-9896-4D92-A584-863792E81F3F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{BF5BAF7A-6C68-4F4F-A536-F2B318403EE5}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{82802F4B-4740-4C53-8C12-B0EC0CF3036D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DD4FEF4E-7CEE-43CE-A019-C371C608CF52}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{EF13B760-FB93-4A3B-A4F6-752D225C83C1}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F401A170-71DA-4C7D-BCE2-A07C7F0ABB5A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{70399952-C014-451C-BF10-4A71AE4947DC}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{6E5D90A0-D431-4A30-902A-944F35B7C1D1}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{616E46CB-A54D-47B7-9128-6847C98608D0}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{1BA8C2A9-82F1-4FEF-8A32-0FE58E23C9A8}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E8BC63AD-D71A-4565-9A42-E79176B742B3}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0229DBD6-5909-4689-9F5D-0EB52DB50BBA}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{114405A5-6EC5-4A94-98B2-34F3B374CCF6}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{CCD96550-F746-4154-B84C-8F48A30AF77A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{70EAC10C-0E55-400D-ADED-204A94028F4F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{64E4EE9A-24F4-4A0C-93CF-10F6FB540AB7}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F532AC61-6DB1-4220-B95A-E0213BA34384}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{729B0918-489E-4578-AA25-0FC77F775E3A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{5B611239-F88A-4A65-8D6B-A8B9AC8D6D7A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8FE74618-F0DD-4CC9-8864-8AF52E23838A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{359005BC-4AF4-4975-B2E4-745B2815D5E2}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{64289FFC-7228-4345-BDE2-3578BA7B534F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{072C6C37-9996-49F7-B80E-4F1C80E445D0}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F215D69D-8281-4449-AFAF-B2A8785E0174}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{CD83E69C-2490-4D7B-819D-D2F618AA4CD8}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{AAED0039-22AF-490C-875C-3E81E9899ECF}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{EEE99830-D604-4E53-93FB-0C66D3479A48}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{134BABF6-C0B7-40CA-B0D3-FE3F356B3418}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{EA4D6109-B292-4FEB-9EBE-DF7A5EA65FFB}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B39A2B67-AF78-49B0-A3C2-597391E1C5C1}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2D496364-870F-49F1-A825-1FB4893B8800}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DDB6804F-202E-4EE1-86EA-559651FC9FD9}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8BFBD6A4-E8A3-4759-9902-24CED3926746}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{5A3B7C0E-1E98-4EBD-9B54-226C7080C786}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F0D5895B-69EB-4DEF-9DED-F00EFA4F15D6}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{884072B6-7814-4412-81A4-C142AC814B97}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{45E617FE-256A-40D2-925C-6731F897DD56}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{4600EF7A-E73B-42F7-AF28-EAE238D04EF1}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{7F5F42F9-0830-4F52-8139-D46774BC3A4D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{FD1859DD-2681-48C3-BF20-7D04F9883C23}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F599FB07-FFD1-4558-9960-21FB318C053A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0F68E2AA-0D35-4D61-B1AB-008ED7ACC854}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{7CC4AF04-A7B7-443E-8BF2-FCED080BEB35}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2D78A2A0-967C-4082-B52A-2B03826633A5}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0A0A452D-6A4D-45FC-A31A-4E34262EE394}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{BDA7AC83-CB8B-4C95-A0DC-EF5C4D937791}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C145DD03-0B84-4A0E-9285-4CA487EFD891}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D48AA259-7CC9-4708-89FD-7DE46A15088F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{087A30B8-756C-4122-A711-F5A880F2B98A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{4F1CE545-E95D-4561-B325-8454DB272ABC}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DD85B274-75C9-4A0F-8010-4AB2A9370552}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{9DD9F595-BE06-4D23-86BF-66572D7B157D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{1974826A-19FD-4FAB-BB1F-B94A0ED0B163}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C71B93C1-81A0-4646-9B1F-56C5606C6B7C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{803F84BB-5E30-4B2B-9C7A-0888E684DDCD}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F6FCAE25-C09C-4AC7-8240-DA729B0722AC}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2F0C4B09-61C8-44E3-B629-D9AFB66473D8}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E3296AAB-DED4-4D5D-AF75-695F6B77CE26}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0124D14F-6C79-42D9-8036-E8DB79A187F5}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{697B589E-EA86-4C49-96C7-24DE0DFF1910}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D651A94B-EBB0-4765-8FEF-64A6BFFF5792}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{1A0225D2-42A7-4457-86E5-20B89FBEAD85}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{554409F3-966C-4FC4-AB59-148114D0464B}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{6C31C9E9-2D4B-4972-8734-464C7F893AE3}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B41A9A5D-4899-4860-A7F1-24E4E8D8C7CD}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{6C833174-276A-4B63-8908-221BF857D432}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{5E10292F-2CE9-4234-AF68-C689511A6F5B}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8E6B7F78-8EA0-4577-A2BB-9E837567AB6E}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{CDFBD38F-2847-4F21-8105-E63A4CDC9BFC}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3F833D8A-DE28-43A0-8D0E-488A939FAF9D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{29E429F4-1C95-4AFF-B3E1-6053F2611C13}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{4718BECA-F423-4691-A707-98E60F000E53}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{B11F029C-7BE9-419B-AAF1-653AD1E9C714}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{FB2D7ED6-4A9B-4C21-936C-D6D0AE4C7A97}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C020E5DE-9B1D-4F72-927D-EFAFE1D34049}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B7346713-BDDD-430A-B3D8-783B4BB9BFA4}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8ABC753E-F235-4AD2-904B-4FF404FAED29}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{53190E82-018A-48C8-81C4-D1C73E0C23FF}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0315FA0D-8FF0-424C-8CCD-EB11A17F14E2}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{73E6ED44-11A8-40D3-87F5-47782C49A07E}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8B1B8103-81E9-4D02-B24B-C988B52FF445}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8F9137D8-69EC-43A5-A654-8BB6DF51DFE7}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{73D81C22-7155-4B08-9A31-895244DB5A5C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\BackItUp.exe
FirewallRules: [{8F8D463D-1E96-49D4-BEB6-FFB282C9669E}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{A34E8229-BF2E-4051-BBCE-FCDEA9119584}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{381B7828-F6E1-4CB7-BC39-08179767D350}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{23AB0689-5859-4A4F-9CFC-195F94AAE1F4}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2AD854AC-B45B-41DE-9D60-00B61EB55251}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E79E654E-C58E-4E6A-B5E0-D680DCB52149}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E7DE3E3D-26B2-465B-BA23-2947576F4D43}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{510FC0F0-8F62-4D92-B1EF-E89CDBF18331}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8DE25289-A072-45B8-9F67-DD960D673B04}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DE5E7BBA-9128-42CD-B4AB-01E891B00D87}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{766DA899-D99A-40AE-B419-D0DDF9A3358C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{BB9AE4DE-9C87-4693-A23E-2D85BB81573E}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{A8C35EA3-B414-40B3-8C4D-AB2A8497F3A4}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E77FCBE8-7B46-4669-AF3A-D96982D714D1}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{74584B4D-458F-4D63-977A-300DF4C29439}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0026CF42-C2A1-4E33-B648-469CDC462D11}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{AF8FDFCD-5087-48C6-92D5-9012E3068CE9}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{6B0EE5E8-FAB1-4DDF-B9E1-A3D154AD5D85}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{BD7E8459-A140-4D84-AF8C-C839649DCCEE}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{183EAD6C-251F-45DB-B6FB-7BA6275764A1}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{6516540D-CF71-485F-B234-0F63387997B3}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{B8443444-A039-4CF1-A98D-A61C3B98C3B6}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{D7D2EC69-FA48-4D0D-93C4-FD241EB909EA}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{8F079B55-37DC-4A1F-AD9F-A05C47B011C0}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{7BEBB367-3635-46A7-BC78-579AA9CE17B1}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{F110E1D8-3E3C-43DA-91B7-00AE628F5102}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{9CCA2190-AA37-4408-9B42-BB00FF4904E7}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{60C486F0-A545-4B84-AE8F-A1BA7A5AC928}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{831A06A3-802D-4B26-B7B0-CF93063985D9}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{EBEA5D14-F168-4322-A99E-13153DFC20F1}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{7F43C456-D876-4548-AA0D-9182F02812FA}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3B2F7794-3E21-449F-8719-5C66F2C26FAF}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{6CD63417-79D6-4457-A3C9-2981735A28BE}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E3BF335C-EAE1-4FF0-9E9E-86CC0E9CE743}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F35FACAB-2907-4104-BFA6-C6F57353484C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{95A26DE5-953A-47E8-9C60-75DE50B88278}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{A474ACF0-2A36-4872-AFB3-B5AA7A4494B0}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{4174DAE0-9836-41A7-A970-A054A84C15F8}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{06160263-FE50-454F-B605-481B03C0EF1E}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{199EFC38-DAEC-4976-A8E9-0035F33D642C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8B26EFDF-A36D-495C-AF39-EF99ED30B1AA}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{EA67E17E-3E7B-4C95-B12C-A2E3F87A45CB}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{061CE754-5758-4F71-AC9D-38C9A7A93EC7}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{34960363-9D8C-4C75-948C-48E7A378FECA}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{658E6693-89B3-479B-BB2A-602BD1CFFA5A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{24725C8B-FC89-47E8-BE5A-7E29584A3DB4}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{905B39AC-70B2-4B19-955D-19971AFBACD3}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F4AC6585-10A1-486B-BF8F-85044C6482C8}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D2E76B7C-F77D-46FB-9541-CBDCD77A41BF}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{4188E88B-277B-4AD4-BEB3-98637B6F0CE2}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B6A51BA6-9524-4909-9094-D1A1B549ACBB}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0D98928C-F5B4-4A81-BFA2-44B780E0365F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{5360866D-4738-4531-8EF3-E5598CA74E5F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{AAB3DE18-F9A7-40CC-9FB0-957E456E2E15}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{BEA71356-22FF-49D4-A1FA-EE2165F1D992}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{121371E2-8FC0-40A1-838E-140DDE197896}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E040D58E-4DFC-4726-B286-4F9DCA13C1CC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6109314E-1D57-4E45-AE0D-5ED9B6C2813C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FC10154A-D534-441A-A3BA-FE70B4A0AA32}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A922540F-BDD0-4127-B756-32AB1ACEF053}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9EE8048B-A345-4DE6-8B1E-49E384E39172}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{90E0C1A7-2BE9-4973-B4E0-87323F0EC036}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B2A1BBB9-54E8-4178-812D-41A3147ED40F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{391E3CCC-9079-4E4C-B3C3-09FB89E98B18}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B2F7FB53-A873-45A0-BE47-2373C06A2D0A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{493820AC-3E3E-4355-8F73-12055C8B0ACF}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0C36F2A1-0E84-46AA-9F45-630158686F6C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\BackItUp.exe
FirewallRules: [{245DC47D-09CC-4AB7-A9A7-F26CC19FAB57}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{CCDEBBB5-F207-4409-BEF3-2836269E9CF1}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8E25C450-F2D6-42C0-84D5-38724656EB73}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E077B866-CB3D-419F-B5C2-763E7B5E94B8}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{1AE886DD-166D-4E8E-A218-C564A3736C2D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{EEEEC9D2-AAE4-4266-A5FC-7DA6C0D3EEB0}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{32EBD069-460A-44C3-A577-4EB0AEF06FC4}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{425533FE-AA9E-4941-8DBE-CB22420103D3}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D0344212-F341-42FC-8B59-BE09BCF8162D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{71BA598D-FCB1-4B3C-B66E-AE2C66617C2D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{63306222-2A89-4BBD-97FC-CB7C87F836D7}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{324B78DE-CCCD-4CD7-9DD7-2C1C923C0A8A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{589867C8-67F7-4EF6-B5FA-A980CD1A4AB8}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{A945DAAB-E8BE-4AC9-BA97-8A0393195A36}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B26F45FB-FB59-45F1-8F10-8957A307D0D4}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{7A3FE171-9A76-4576-B0D7-142D0655A0AE}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{81E3650F-3048-4519-A705-4C129B22106C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{47E82BD4-908D-4C90-8071-74980E6C400F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{9CD4CA48-168D-4E3B-8A09-C2A9877CB486}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{14CDBCC2-B598-4067-A41E-EFE3DECBD32F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C283237A-1919-44F2-BE88-C6A79B7DF7B8}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F3E1FFEA-AD70-4136-AD9E-ACD767A7D24F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8186CCFA-DA47-4856-88DB-EEA1740CF844}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{60FFA6D4-3E32-48E6-A84E-D0FADC97F083}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{37EF8CCF-B0D2-474E-B4AC-1BD6F8658E9F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{06566A1D-A536-4511-AA98-B5F9DB799314}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F4EF7A01-5048-4558-9D30-0169BACE8CBD}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{029B5993-956E-4AA3-9DC8-F636188BA37E}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D88444AC-98DA-4F5F-A161-78B4358F6EAA}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8B015F1F-03EE-4105-8216-D1EE14CAD6E3}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8207CA58-964D-4D5F-811C-5F9BC6EA66B9}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{6153AC3A-8225-4726-AB00-E3FE79BE9632}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2BED51EB-978B-4EF1-8810-CB033BB2C20F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{A4B10395-6B4B-4B29-8786-97BF4C97A08B}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{CD34F5C5-29C3-4D5F-8D54-B63E516DD96B}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DC45134F-F796-41FF-B089-C2225CF67F26}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C3D09495-3A12-412B-8903-F434BCB9ADB6}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2E760AC4-439E-4119-A3C5-C72C47A1E8A7}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{9CDACFB3-0B3F-464A-8C1E-288454C193AE}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{5C27E7B2-0B2E-4A69-8908-11374038C381}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E6D76379-685B-4F89-9CFD-896CAD6B8CD3}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2ACE29C5-0BC1-448A-B2D6-2DF2512622A6}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{CC7E5DCE-4ECF-4A69-809E-3E7EF3DCB26B}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0FA6145C-B341-48AA-A310-5E5A7FE59FC6}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{00AEB7EC-8BE3-43EB-B1AE-8B67D2A2D32B}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{CA7191B6-598F-484A-8E3A-6104B2762B00}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{584989BB-C269-44BB-A9EE-BD206AD39DB6}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{92D6217F-7A7F-454D-B8FF-1F2138820709}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C4B1EE14-460E-46BA-B33A-D0091D1A1A9B}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8AF9870B-6EFD-4FD7-8EEF-81369B736A6F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8A4400A1-9854-41C4-B396-4A2F5F1A10FD}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E465CAD6-1E70-4436-917B-EF027A394183}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DD96DE3C-7ECD-4B86-8E3B-C69324DFFCF9}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\BackItUp.exe
FirewallRules: [{19275023-03BC-45D3-BF64-D3869BBA135C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{BCF4C8B8-A147-4EAF-B192-18447861E3FE}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{FA9ABD8A-945E-41CC-96AA-E2728F32F172}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{5F067ACD-D201-4850-9215-880C77CE6EE2}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{55005F9A-95CD-4F2D-9F51-21FF47C64755}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DA5FC6C9-EB1A-4237-ACD0-BD807F9853AD}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{382E2AD1-418B-4730-9764-F3AEFB921325}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{06DDA724-1CED-47AC-A89F-5FC373EB9170}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DA34A2A9-58AA-4DDF-A67B-94868CED3942}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3FCD8ED0-C3B4-4BB8-A036-85F713D31460}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F9411C44-75E3-4C2A-A458-8B0DA622F036}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B7633516-4032-41D8-8AE4-B3E448C535FA}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{1E0BFF61-12D9-4AB0-991B-D8865AC9F924}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{67539120-2E80-477E-83F9-FFD4CDE5D8E4}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C99B536D-5CC5-4D59-B5EB-4ED48C57AC9A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DDFEC9AC-EA87-42E6-BCAB-72C6E36FD3BB}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E9C0C7B0-084B-477A-AC84-20D61273CFB3}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{CA909887-94BE-4951-8A7E-9FB3CBBE4B70}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{919B13FF-ACF2-4A3E-BA3E-4A0DA3947F27}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{93E017F1-ACC5-4385-B351-648031AE8896}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E91F3C51-3C55-4306-B81F-121CB1A53424}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DDFB343C-0164-40CF-B119-B6F4A3BC480F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{36521E0B-0F10-499D-81CE-3D964008420B}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\BackItUp.exe
FirewallRules: [{2FAA1BA7-33EA-4792-B88D-A35954AC66CF}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{6A516409-299A-4150-B39F-932DAEBC6777}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{1011EF88-24BF-4C99-AA02-D5857112A582}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F88F5565-5BBD-45DF-AE2A-AFE345B9E22F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B002A192-3618-4C59-9E85-CACEAADBF408}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{1997F97D-2959-486A-9C20-951DEE3C1654}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C82CD5F3-4549-4AF9-9EE3-DE9C3590C41D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{220F4039-C4C1-4E72-9DCA-0FD92C6871BA}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{15570868-BB9A-4AC5-8666-089917E34D4F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C167E245-4EEC-402F-A2E5-9C66F476157E}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C83F2EE9-A6F5-4A24-ADD9-5BA37129594D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{37C235BB-50B6-4088-A685-4AB1FC4361C0}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C1A177EF-A06F-4AFC-A287-704CD702D146}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2C5E9C3B-E44B-4059-B994-4B11AFD10CA1}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{17941494-763A-4187-8FAE-B638ABFD654D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F356C1AC-9AF0-46CD-9ED1-AF5538323797}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{912B9968-A789-4966-8EDE-F65F4915F0AD}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{28F35664-A50B-48DC-98DD-DF49768515E8}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D1A2A173-F073-494B-88F8-0D1A34C298EC}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{38A4E934-8C79-407A-91F3-CC7C6B91D3D8}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E8A7B699-7A65-45B8-AE29-928BB7B75B6B}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0D1166C8-DB17-4875-90F0-497B1924CBA1}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [UDP Query User{5737903F-45E4-4F8C-AAC0-99653932E09D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{7EFE2864-934C-4E9F-8AAE-FAAB7BABE047}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{17371D9D-1C81-4FFB-816C-FC8B1F963F05}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{CFE426A2-4AD7-420B-A418-969AA8F2AB96}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{FC921035-9E43-4CB6-A1C9-6B8E675F0631}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{4389E91B-801F-45CC-B1D9-F2CCEC376E64}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{175A43C4-B498-4B0F-BA11-9D24AB587D87}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0F5FBBE6-6481-4085-8317-2DA580CE5562}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{A978D7CF-6639-474C-8885-704971EB46B4}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B9D9CF03-1294-4F41-8046-EBDEA2425C26}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{7CC970E8-E34E-4A91-8990-342AFCC53FD7}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{28F0CB40-367B-400F-88B5-6C360E067409}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{A8410484-741D-4813-9B6D-AD79F05A5E18}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{1E0B1697-74BD-42EA-B0F1-DC449DEFADA8}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0A180BC3-18C7-496E-8785-7F7CED501F0D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{9F12B1AF-18A3-4451-BBB2-4917A27D30F9}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [UDP Query User{130180EC-53C1-44F6-BCD1-EFFBEF7EFAB7}C:\program files (x86)\qnap\qfinder\qfinder.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinder.exe
FirewallRules: [TCP Query User{ED42096B-7005-49BF-B1FD-BB0E6FCA906B}C:\program files (x86)\qnap\qfinder\qfinder.exe] => (Allow) C:\program files (x86)\qnap\qfinder\qfinder.exe
FirewallRules: [{6A69C4C2-AE47-48C0-9C46-F28D938F82EC}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{FF5CB32B-A976-4A8F-BAD6-A62E75117F14}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E7999F3A-446F-4E9A-8430-DB51E64223A6}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{00A3EDD5-F015-4B12-AD02-322B033EF0C7}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{9DF56B51-3AB6-4E5D-B398-9FEB90C90CE4}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{7A1FA2E6-40B7-4AC1-A7E1-09EDF823DA29}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{5EF33DBB-F14F-4E82-8D44-3FD421A87051}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{99EC228D-E78D-4BDB-8BD3-196377BAB075}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{142F435F-163F-42D2-8936-26D255FFBC15}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{4162D024-6F2B-4EF2-AC0C-901F9697C01C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0F1EB84E-E19A-4ECC-ACD1-48FB53832737}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{030D7E32-E29B-4872-BAD6-7563CF27F955}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{886BEB1A-230E-4E03-81D1-508041922A6F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{7313CAFB-EB18-4199-803F-06C8F06D3C4B}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{A3A9EAEE-CB4A-4E31-B94E-FB5861998862}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{55E91C5B-293B-4AA5-9632-8998A89D5920}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{FA5C8897-6EAF-48D8-8839-E875CE1826F1}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{78AB5899-FB36-4873-B1F2-885BA14B1CA6}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{7BD67D76-F8D0-4294-BF42-334AEE0784D2}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{95DF8624-B321-4B93-8660-F7EFEE674D54}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{52AF0BB6-1AD6-4667-8C58-F0F73A140DEA}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0CD8828A-86DC-45C1-B549-8A4658BEAFC2}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D83C15ED-6126-4466-9177-0570115E982E}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{A84F38BD-3BF3-4EEE-B0F8-76C8FE980FA8}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{374A05E2-EF24-4031-B840-A19B142B2B8D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{4D09CC7D-01CF-48FC-91F1-7DB01F9EA19B}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{84ACFB4B-0BD1-4567-809A-5228B7A80C5E}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0FB9EAB2-F955-4D50-8454-23DA00A1A873}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E11E7518-6662-440C-AD59-B89F1FEDE66A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3DBC7D04-4719-40B0-BBAC-C8FB5BEB0184}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{5FFAE63B-DC5D-4FE4-907A-4297A315CD41}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F92CD969-EB19-4DAF-92C6-DF2ED6BBDACB}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2492CDD5-7E03-4FB2-916C-FC8BB2572689}] => (Allow) G:\fsetup.exe
FirewallRules: [{6D54F3FE-24C0-4321-A153-9E7AE6F1E1EA}] => (Allow) G:\fsetup.exe
FirewallRules: [{7E9E34DA-F522-4973-A1F1-FFD81E00D27C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{FD28E299-F5FB-477B-A982-72D9B870806A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8D265E2E-0D24-4327-8BF0-876133F900B0}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B2015CFF-84D5-42D0-A3EA-2F252781398E}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{92B719EE-DE0A-4912-A445-58A32ACBF3BA}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{574CF810-8BAF-49FC-9BFF-663F379DB477}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{589445EF-2BFD-4889-9038-A68C36BD02A1}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{93E77975-A8EE-47F0-8BF7-5D4A17A8D840}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3C9EFC4B-0647-4043-A8FA-4F37B0524893}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B1F676D7-21DD-42FC-AADA-1465436B328F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C7B05CD0-461B-4675-A7BA-710FCA9D9B26}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F138F16B-1008-4A0F-8CFC-88EEE999650B}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{078080B9-3DA5-408B-BB9C-861AA0081602}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0145AC8A-5299-4E8B-9ED8-48A7C2593DB0}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E57798C5-805C-4AF5-946C-FFBD25000A35}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{32A4F048-DBFB-4795-AB5F-019C70440902}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B36688CD-AC72-480A-891E-E7AD77FF1290}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{CD83AB74-CD25-4C39-81AF-0084C281DAC6}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{64D71562-9298-40F5-B982-A4465E6ACFEB}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F51B27A4-E165-4DD4-A935-06ECE7E3218F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2A3C6C73-B88F-40AE-BFA3-D3AE886405A1}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DE58F31F-FDC7-4944-8622-8078F0EE5569}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{BC6C9CB9-1775-4C73-8314-225E276D084F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F5A55293-6673-4F80-B931-E6C559442889}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D647F1E9-8FFA-43EC-B5B7-57FF97B4948E}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{AFFFFF62-836F-4E44-A115-75418D7A8180}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{29EC13F2-9C93-4EDF-B197-BEF608FEBBAB}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{47584576-1FFB-4C47-AAEF-7F034D835210}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{167DEF5A-D8D3-4F0C-937A-CE4B6F04854E}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{62C8B617-5CE7-4E45-A537-651EC1F7E2CB}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{9B64E69A-4142-48AE-8F10-CAA4558C79F3}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{05860BDE-F99B-4BAC-B03B-D5A44297E301}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{9C034E26-BEAA-48A9-85B4-141465F1B85B}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{793961AA-76F9-4050-8EFE-548CA1804E29}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\BackItUp.exe
FirewallRules: [{0B9DCC34-45A2-45E4-89BF-D71D38E8C622}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{84A51E28-B878-47BB-BE91-12D7FFC7012D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{14ADF13F-8272-4746-8393-C4A5F46E2746}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DAF1D5C1-F68D-4AE4-BFED-A6A81B506D62}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8F3316FC-CCCB-4DC7-864C-14D9422A308C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{76756F4A-B1EA-4AB5-B969-EB93A00AC03A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F1959A6A-169C-4392-A8B9-9DA607335055}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F3FB20F6-EA10-49CA-B4DE-3FE5505B5FC5}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2E5C4C57-2D8F-404D-BF54-04379FE6251E}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{81D0BCEE-5C1A-4C12-88C9-0E2D7EF4CC49}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{9F0468B4-A161-4578-AB4D-A6DF9F238FD2}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3A5415A7-853A-43F6-AD82-065B6295FEB5}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0522A5E0-8EA7-4BA3-A6D9-F8E4FB29335B}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{85041F77-30B6-467C-9ECE-4093253A8101}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C3C3776E-B39E-41FF-83AB-62052884D9F0}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{6B0B832B-7A9A-48A1-86C7-8817B85BDDB5}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2BE32259-B44A-432A-B670-E3EDCD8F5FA0}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{605B1D3A-C85F-4087-9E4B-12CDC4A3C938}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{403FA3A3-727D-49E9-A79D-1E91A737F5D9}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{92E0D584-FBE0-4EA6-8BF7-E3D9280831A9}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F274B04D-7B2D-44C9-BA24-CC866ABAA2B2}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E21B4A6F-1C73-453D-811F-75363718FC34}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{4681CDD2-ADED-4CB2-BB66-EFC3C251A804}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{4A74CBC0-F7FB-47D5-804A-17248B933443}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{FA24D6BB-1D12-42E2-9E48-670453AFF68A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3AA94818-8757-4F07-A75D-9FD43BF6E4AE}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{93F580FC-3797-431A-B481-03440F2CB729}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DF24178A-5319-49A0-AF4B-3494AA7BF9AD}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{182FBAE3-E7E0-4917-93AE-F4FC0E85166C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{72B28E88-F2B0-4EDF-B649-53E56C32405D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{60251397-7B88-407E-80FF-18B8B2E17FF5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BA211D46-F0C7-4F30-BD9E-FD76B32911A3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A0F93498-06CF-4680-AEFA-B5CA6E39AFC3}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{99599F82-65F7-4572-AC14-7AE0C5BAE9D2}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{72417D3D-2138-4524-A601-03BEC30C20D2}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{1F04A329-2501-4B2E-99BE-FAC045C22D00}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3070ED21-D750-4969-81E6-1713AAD46DD8}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{AD5F8DAA-1A58-40FF-9DAD-CD12A76C2C4C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{887DB3D3-522D-407C-8839-5D2BDD4875AB}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015x\WNt600x64\RpcSandraSrv.exe
FirewallRules: [{C1C813EC-00A4-42AA-8F29-BF105FEBC110}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D17CF633-8A32-4A7B-B6E7-23633DC2E87A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{42D7EA61-A793-4047-BCCA-C42B4C4FC0E7}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{FB3FAA8C-8935-4F83-87FB-8C3D2C56ED5D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{948D7F2E-90C2-424A-8354-E4399E9555D6}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3B4FBCEC-42C5-4770-9388-146E44406BF2}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{56CE661B-1C09-46E5-B863-D60A42309A60}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0F64A00C-5B58-4472-8E06-3D62A81D14BF}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8539ED84-CEFB-41E1-925D-EB51F38ED5FD}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B8C586A1-F4FD-4D55-85A2-F52A16CE880E}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{4A1AF58B-9FDA-409E-BDC2-050358E3382C}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015x\RpcAgentSrv.exe
FirewallRules: [{D1250D77-38A0-4987-A61C-158AF136CFB1}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3A85B9E7-6ED9-4717-9BA9-56BD7709CDA9}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F6A0758A-5DA5-44F5-93D9-AA4848D2A084}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{82E23986-E588-4118-8795-13992684B076}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{A3E33E07-564B-46B0-A691-677B3C2EDD5A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3C2B45D0-4915-48FB-BA0F-44858C43AB45}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{CB8ACBDE-541D-4D5F-BABD-E970BB8789BB}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{605209F5-8668-4E0D-B2B0-B1DD0F48DE51}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{AD6979C9-A495-40F2-884F-F6DECB369336}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D577F405-141D-4956-BACE-22293F16B450}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B6C7BF84-2CD6-4F4C-BFB3-B3708483665C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F9D423D5-A6AE-45ED-89D1-612AE392F67D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{77C1F848-9886-4ED1-B66E-B55714E19F54}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{73B37A5B-6BED-4909-BBC2-3D94DFA9AE21}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{5AE3E1DE-6855-4239-90F4-648F2072B7AD}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{65DD8447-EF80-46E1-BDA8-6A8837EDF595}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{936018F4-AEB1-430E-A903-6D97DF2B304B}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{330109C5-D2D5-407E-86FE-BF75D6277822}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{44950D99-0AAF-4E31-B864-47A46C2F8F40}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{89CC23C0-A4DE-4BF6-ADEA-7580160978CF}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{28D38042-52E9-45F8-BA75-54BE3DB2BF58}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3E69FF23-BCE8-4465-8904-0AD7E2DB3FAB}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0978451E-1823-474E-A185-1E0D895195CA}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{7BB694D6-F572-404E-A0DC-B5751EC927DC}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{E3C489EC-1DB5-4329-8C41-030621C5A415}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{FFB6DE0B-78CF-498E-BD1B-CD008423703C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DD356C1A-4D8B-4E53-80B1-C5564581CB78}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{38EF7C68-A12B-4E1E-8882-E75F6BA8499A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F5CD4433-25E7-415B-A51C-DF295154A4DC}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [UDP Query User{A4107853-E9D5-4711-80C4-134360A111A6}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{EAE8BD9A-361A-4B3A-81E0-8E680A35B39B}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{9A03C53C-82AA-4CEC-8048-29A7E4783879}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B90EFD1E-D234-4BB2-A2CB-6DD5B88AC0B5}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{EBFEAE1C-4B0F-42B0-9BE6-838517DD6752}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{91CAB37A-B59D-455B-92A7-4ABCB0C1FD9A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{795B781F-26E4-48F9-8C97-6E8FEB1F6080}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{FC94023A-5701-41F2-BFEB-4DAD20BB558D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{07A2527B-5DCD-40E9-8EAE-7AC055FE4EDC}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{FD91CAB0-05D0-486F-BAC3-08F2220157CA}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{21A70593-B569-4ACA-B7AE-D167ECB8DD0D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{A3CD8987-8186-4A77-A89C-807ECE0225B8}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{CA6947E1-C155-44E4-8A88-D010386BDA7D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{912576B1-6C9B-4B7B-9DD5-8A88802AEC4E}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{06182288-B8D2-41D3-B44F-A724F2B4F6EE}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{6845480B-A39B-4BB9-B048-5EC726298B05}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{84831841-52CB-4C7F-8781-ED060E297025}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C4E431D2-96EE-4D8C-9185-27FAFE448F11}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0A65CF93-B6D5-4278-A35B-331897C0B32C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{2C3087C8-ABF0-4B14-B523-4286067F4871}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{CD9FCFAB-559B-4100-839E-3930EF2435EE}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F638B3CB-7418-4491-AD64-6639523774FB}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{34BA803F-1BCC-4C82-8056-2ABBD6421D63}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{F01AB8B9-B914-4FAE-8C1C-3B0B589A8625}] => (Block) C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe
FirewallRules: [{5A952EE4-B06A-4AE2-81C2-757124060BE2}] => (Block) C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe
FirewallRules: [UDP Query User{3660A1EA-0E77-436A-B161-E92B831562F9}C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe] => (Allow) C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe
FirewallRules: [TCP Query User{345DB43C-F3EF-47AF-A66B-2D651BE97A24}C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe] => (Allow) C:\program files\onone software\perfect photo suite 9\perfect photo suite 9.exe
FirewallRules: [{74CB2107-11D7-46F2-A9E0-B5E6ABD4A16A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{65F1771D-0D19-44DA-8EA5-90B65388A5F9}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{41397422-1D5F-436B-BE7E-D9D031D37D3F}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{1A0E6DAA-ED42-4750-88BC-7338BAEBC893}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B8148A5E-AA25-4AA5-83D4-119F44BDA016}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{CAE18C37-76A3-4695-8FF6-B632E53A032C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C98CEA8B-615B-4D68-A24B-9FBFFF48EB90}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{90AC69B9-B811-401B-AB82-8180A50449CA}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{D723E34D-7259-4505-AE6B-42969D8B734C}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [UDP Query User{CEBEBCFF-0745-4691-86EC-0FB0AD7B2DCB}C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe] => (Allow) C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe
FirewallRules: [TCP Query User{662BCAFE-3A0C-40D8-A567-DE0E91922AF0}C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe] => (Allow) C:\program files (x86)\nero\nero 11\nero backitup\backitup.exe
FirewallRules: [{2FC680E5-5744-4B6C-A14B-078760CFD6A7}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{28D567E7-2BE0-412A-A45B-4F378A9702D6}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{FC0D0E59-C760-456F-A867-EC1AC07FD1BF}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{92B07108-BFC6-4A6F-937E-485295AAA0E4}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{B9A68932-2FCF-4B79-A8B5-EAB756D537CD}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{8D10EDBE-35DC-46D7-96C2-E6E04856A3A9}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{3FC8ED5D-3363-43C0-85CB-917F010929DB}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{BF857A46-8ABF-4546-8C4A-3DADF4667B1B}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [UDP Query User{D852281C-11F8-45CA-91A0-8F75AA36A0B0}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe
FirewallRules: [TCP Query User{AF95589C-62E7-4129-94CA-99D61DA082AA}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe
FirewallRules: [{B6CD5965-F5C1-4BB5-B708-FD8B30D56FD2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1843B02B-B5F0-427F-9F22-D5E882ACE23D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0E4F0269-E060-4ED6-8F03-240F1B1118EB}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{727339B2-296F-42FB-8354-4924B598C372}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{87F06CCB-290A-4A83-A038-C0FE256F7877}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{DDDA8C18-F530-48DD-ACBD-F60C35C7DC35}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{0862E2F9-0857-4AD4-960E-C3A9B00DCD86}] => (Allow) C:\Users\Birgit\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F748B765-9355-4EE7-9EB9-922862934BA8}] => (Allow) C:\Users\Birgit\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9C33E87B-5D3F-4A09-8FAD-A87B5A1C17E4}] => (Allow) C:\Users\Birgit\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{80E0008E-FEA0-478B-8D23-EBC249506C0E}] => (Allow) C:\Users\Birgit\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9F7D5487-1B87-449B-96FF-871520971165}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{AA8DB6DE-70FE-469A-BCA2-2B05987A8598}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{1C1180BF-231B-4733-93E0-A856938E90D0}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{3657A0D6-D918-4471-AD8A-30451D3BA0EC}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{939ED5AF-6D36-4815-BBDB-681519BCB25A}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{86E098E4-A729-42F6-9D30-56235E6C6B99}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{32510DE3-25A3-4431-B42A-EAE987BFD103}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [UDP Query User{2711B43A-D0BC-4115-A14B-1E14D23552BF}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe
FirewallRules: [TCP Query User{FBC08770-CD18-4344-B361-06E0EDA9C9E3}C:\program files (x86)\fritz!\frifax32.exe] => (Allow) C:\program files (x86)\fritz!\frifax32.exe
FirewallRules: [{48C74692-7BEC-4459-9A1C-829A05E5727E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2BE8CC3D-323D-49C9-B7F0-E906E4A50F40}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{38CE9C3A-F586-40DF-9A35-DD3E3375EF67}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{142F22B5-A468-47B4-B7B9-4FCD20BE35F0}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{0440762B-8970-4485-AF36-FC20121F9FB1}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{CF39DAF3-C250-4493-BCE8-D72952258EE9}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C50A57FD-A1EC-44C8-A9AC-72FD65EAFB1E}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{9083AB8C-6CB3-4488-9B7E-D1DEA8833E9D}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{EF747F8E-0D11-4AB2-B478-00ABB41EE564}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{C18D4528-9864-481D-8ECF-375A49CE9248}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{90DB573D-2F17-44E4-89D6-6DF37BFD9560}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8B9CDDC9-2E88-455D-95B5-C4519331B95D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8CCCC44A-D9C3-41CA-BE0F-3E3F4071A859}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E0E64075-6E6B-4D78-9070-8648978725EC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D4C2DB54-2338-4D52-9F6C-5F3DB7BEF2DE}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{18BC913B-F302-4C2E-9162-0BB16A747A8A}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{EEC20F4D-A51C-4DBD-BA51-E5C030998481}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{DB045BB4-D77D-4547-B50C-04BE217131A6}] => (Allow) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
FirewallRules: [{7356B6C6-D1A1-47D2-9FB7-3B87A117D977}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/08/2015 09:40:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 10.0.0.507, Zeitstempel: 0x56422ca1
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632da1c
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x000bd8a8
ID des fehlerhaften Prozesses: 0x3d68
Startzeit der fehlerhaften Anwendung: 0xSkypeHost.exe0
Pfad der fehlerhaften Anwendung: SkypeHost.exe1
Pfad des fehlerhaften Moduls: SkypeHost.exe2
Berichtskennung: SkypeHost.exe3
Vollständiger Name des fehlerhaften Pakets: SkypeHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkypeHost.exe5

Error: (12/08/2015 09:07:08 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (12/08/2015 08:59:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe CEF Helper.exe, Version: 3.4.0.175, Zeitstempel: 0x564a80aa
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2171.2069.0, Zeitstempel: 0x551bdc44
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00444106
ID des fehlerhaften Prozesses: 0x2b30
Startzeit der fehlerhaften Anwendung: 0xAdobe CEF Helper.exe0
Pfad der fehlerhaften Anwendung: Adobe CEF Helper.exe1
Pfad des fehlerhaften Moduls: Adobe CEF Helper.exe2
Berichtskennung: Adobe CEF Helper.exe3
Vollständiger Name des fehlerhaften Pakets: Adobe CEF Helper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Adobe CEF Helper.exe5

Error: (12/08/2015 08:58:50 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (12/08/2015 08:58:30 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/08/2015 08:58:29 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/08/2015 08:39:56 AM) (Source: LBTServ) (EventID: 2) (User: )
Description: The Bluetooth solution has encountered a problem and may not function properly.
(Get) Bluetooth Hub failed to switch to Full Embedded mode
If the problem persists, please try to re-install the Bluetooth software.

Error: (12/08/2015 02:03:25 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/08/2015 02:02:11 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.

Error: (12/08/2015 02:02:11 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.


Systemfehler:
=============
Error: (12/08/2015 08:38:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_6347d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/08/2015 08:38:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _6347d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/08/2015 08:38:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_6347d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/08/2015 08:38:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_6347d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/08/2015 01:31:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (12/08/2015 01:31:32 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Birgit\AppData\Local\Temp\ehdrv.sys

Error: (12/08/2015 01:31:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (12/08/2015 01:31:31 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Birgit\AppData\Local\Temp\ehdrv.sys

Error: (12/08/2015 01:31:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (12/08/2015 01:31:31 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Birgit\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2015-12-08 01:58:17.292
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-08 01:58:17.160
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-08 01:58:17.068
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-08 01:58:16.936
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-08 01:58:16.861
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-08 01:58:16.775
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-08 01:58:15.758
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-08 01:58:15.584
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-08 01:57:32.342
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-12-08 01:57:32.274
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 17%
Installierter physikalischer RAM: 32723.52 MB
Verfügbarer physikalischer RAM: 26868.39 MB
Summe virtueller Speicher: 32923.52 MB
Verfügbarer virtueller Speicher: 26418.46 MB

==================== Laufwerke ================================

Drive c: (Birgit_0_Programme) (Fixed) (Total:476.15 GB) (Free:75.23 GB) NTFS
Drive d: (Birgit_1) (Fixed) (Total:1862.89 GB) (Free:694.05 GB) NTFS
Drive e: (Birgit_2) (Fixed) (Total:1863.01 GB) (Free:1249.25 GB) NTFS
Drive f: (Birgit_3) (Fixed) (Total:1863.01 GB) (Free:207.85 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: CC8FDC9B)
Partition 1: (Active) - (Size=344 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=476.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 574EE2E6)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 1137B5DD)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 26D9A569)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Defogger

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 10:18 on 08/12/2015 (Birgit)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

Amarantine · 08.12.2015, 11:57

FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
durchgeführt von Birgit (Administrator) auf BIRGIT-PC (08-12-2015 10:27:21)
Gestartet von D:\Downloads
Geladene Profile: Birgit &  (Verfügbare Profile: Birgit & Administrator & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Yahoo Inc.) C:\Program Files (x86)\Yahoo!\yset\{3212EFD5-CC07-4C43-B9FD-64CCD1719469}\YSearchUtilSVC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() D:\Downloads\Defogger.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

Code:

ATTFilter

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [571192 2014-08-14] (Acronis)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-04] (Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5380368 2015-07-20] (Acronis)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-11-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [Nero BackItUp] => C:\Program Files (x86)\Nero\Nero BackItUp\BackItUp.exe [1126904 2015-08-13] (Nero AG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [693336 2015-07-19] (Acronis International GmbH)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [196648 2014-09-26] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\Run: [Amazon Music] => C:\Users\Birgit\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] ()
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50509440 2015-11-30] (Skype Technologies S.A.)
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Amazon Music] => C:\Users\Birgit\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] ()
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50509440 2015-11-30] (Skype Technologies S.A.)
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3964295598-1680719950-2001356993-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-08-24]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Finanzmanager 2016 Zahlungserinnerung.lnk [2015-09-25]
ShortcutTarget: Finanzmanager 2016 Zahlungserinnerung.lnk -> C:\Windows\Installer\{7429B83A-5AB6-4AEE-A53B-79B9742B9158}\BillMinder.8C5DA79E_7079_4AB3_81F7_712153351D0D.exe (Macrovision Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK [2014-11-29]
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2012-06-09]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SpyderUtility.lnk [2015-11-30]
ShortcutTarget: SpyderUtility.lnk -> C:\Program Files (x86)\Datacolor\Spyder5Elite\Utility\SpyderUtility.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-08-24]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-11-17]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

Code:

ATTFilter

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4a69ca58-86bf-49f4-a7e8-21f408ac911c}: [NameServer] 192.168.178.1,141.1.1.1
Tcpip\..\Interfaces\{4a69ca58-86bf-49f4-a7e8-21f408ac911c}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000 -> {B27CE461-FF97-4E82-88D5-175A165E0F2D} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {B27CE461-FF97-4E82-88D5-175A165E0F2D} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24] (CANON INC.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-19] (AO Kaspersky Lab)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2015-11-17] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-04] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-19] (AO Kaspersky Lab)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2015-11-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-04] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Keine Datei
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24] (CANON INC.)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-19] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24] (CANON INC.)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-19] (AO Kaspersky Lab)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-17] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-17] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-17] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-17] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-17] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-17] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-17] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-17] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

Code:

ATTFilter

FireFox:
========
FF ProfilePath: C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-11-17] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-11-25] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2012-11-02] (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2015-11-17] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-08-01] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-11-25] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-3964295598-1680719950-2001356993-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Birgit\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-02-13] (Citrix Online)
FF Plugin HKU\S-1-5-21-3964295598-1680719950-2001356993-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @citrixonline.com/appdetectorplugin -> C:\Users\Birgit\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-02-13] (Citrix Online)
FF Plugin HKU\S-1-5-21-3964295598-1680719950-2001356993-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Extension: Exif Viewer - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\extensions\exif_viewer@mozilla.doslash.org.xpi [2015-06-01]
FF Extension: FxIF - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi [2015-08-15]
FF Extension: Zoom Page - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\extensions\zoompage@DW-dev.xpi [2015-10-20]
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-12-01]
FF Extension: Kein Name - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\Extensions\ich@maltegoetz.de.xpi [2015-08-05] [ist nicht signiert]
FF Extension: Youtube and more - Easy Video Downloader - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\Extensions\vdpure@link64.xpi [2015-07-25]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2015-05-29]
FF Extension: YouTube Unblocker - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\Extensions\youtubeunblocker@unblocker.yt [2015-12-07]
FF Extension: zip converter - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\Extensions\{3b3b1185-876b-49f6-9e2d-dd09a4075f6d}.xpi [2014-11-18] [ist nicht signiert]
FF Extension: Search by Image for Google - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\Extensions\{ab4b5718-3998-4a2c-91ae-18a7c2db513e}.xpi [2015-05-29]
FF Extension: Easy Youtube Video Downloader Express - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2015-12-07]
FF Extension: Video DownloadHelper - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-07]
CHR Extension: (Google Docs) - C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-07]
CHR Extension: (Google Drive) - C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-07]
CHR Extension: (YouTube) - C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-07]
CHR Extension: (Google-Suche) - C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-07]
CHR Extension: (Kaspersky Protection) - C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-12-07]
CHR Extension: (Google Tabellen) - C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-07]
CHR Extension: (Google Docs Offline) - C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-07]
CHR Extension: (Google Mail) - C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-07]
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - <kein Path/update_url>
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [dflinnddekagfkncpgojoppgnppfkbkj] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

Code:

ATTFilter

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [683696 2015-11-16] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-02] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2869432 2015-11-01] (Microsoft Corporation)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36904 2015-08-01] (CHENGDU YIWO Tech Development Co., Ltd)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [777744 2015-10-29] (Garmin Ltd. or its subsidiaries)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-16] (NVIDIA Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [64552 2014-11-06] (Haufe-Lexware GmbH & Co. KG)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26624 2015-11-14] (Microsoft Corporation)
R2 NeroBackItUpBackgroundService; C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe [279544 2015-08-13] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-16] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-16] (NVIDIA Corporation)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015x\RpcAgentSrv.exe [73200 2014-12-17] (SiSoftware) [Datei ist nicht signiert]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6849808 2015-11-10] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-08] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [671512 2014-12-22] (Wacom Technology, Corp.)
R2 YSearchUtilSvc; C:\Program Files (x86)\Yahoo!\yset\{3212EFD5-CC07-4C43-B9FD-64CCD1719469}\YSearchUtilSvc.exe [160536 2015-10-19] (Yahoo Inc.)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2015-08-12] (Acronis International GmbH)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-10-19] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-10-19] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [934272 2015-12-01] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-09-25] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-10-19] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-08] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-11-05] (NVIDIA Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015x\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 Spyder4; C:\Windows\System32\drivers\dccmtr.sys [15360 2011-06-02] (Datacolor)
R3 Spyder5; C:\Windows\System32\drivers\dccmtr.sys [15360 2011-06-02] (Datacolor)
R2 tib; C:\Windows\System32\DRIVERS\tib.sys [1058632 2015-08-12] (Acronis International GmbH)
S2 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [248648 2015-08-12] (Acronis International GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath

Code:

ATTFilter

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Amarantine · 08.12.2015, 11:58

FRST II

Code:

ATTFilter

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-08 10:18 - 2015-12-08 10:18 - 00000000 _____ C:\Users\Birgit\defogger_reenable
2015-12-08 09:20 - 2015-12-08 09:20 - 00000000 ____D C:\Users\Birgit\AppData\Local\YSearchUtil
2015-12-08 09:09 - 2015-12-08 09:09 - 00000668 _____ C:\Users\Birgit\Desktop\JRT.txt
2015-12-08 09:01 - 2015-12-08 09:01 - 00000854 _____ C:\Users\Birgit\Desktop\JRT1.txt
2015-12-07 18:57 - 2015-12-07 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-07 15:01 - 2015-12-08 09:27 - 00000032 _____ C:\WINDOWS\SysWOW64\Eu(0-00000000).OD
2015-12-07 13:22 - 2015-12-08 08:45 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2922662B-BF97-4E47-8AF3-2089EE1F7194}
2015-12-07 10:55 - 2015-12-07 10:55 - 00000000 ____D C:\Users\Birgit\AppData\Local\ESET
2015-12-07 10:46 - 2015-12-07 10:46 - 00000000 ____D C:\Users\Birgit\AppData\Local\Deployment
2015-12-07 10:28 - 2015-12-07 10:28 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-12-07 09:37 - 2015-12-07 09:37 - 00000000 ____D C:\Program Files (x86)\ESET
2015-12-07 08:48 - 2015-12-07 08:48 - 00000000 ____D C:\ProgramData\ESET
2015-12-07 08:48 - 2015-12-07 08:48 - 00000000 ____D C:\Program Files\ESET
2015-12-07 08:08 - 2015-12-07 08:35 - 00000000 ____D C:\AdwCleaner
2015-12-07 00:37 - 2015-12-07 14:46 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-12-07 00:37 - 2015-12-07 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-12-07 00:37 - 2015-12-07 08:33 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Lavasoft
2015-12-07 00:37 - 2015-12-07 00:37 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\LavasoftStatistics
2015-12-07 00:36 - 2015-12-07 00:36 - 00000000 ____D C:\Program Files\Lavasoft
2015-12-07 00:35 - 2015-12-07 14:46 - 00000000 ____D C:\ProgramData\Lavasoft
2015-12-07 00:35 - 2015-12-07 00:35 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2015-12-07 00:24 - 2015-12-07 00:24 - 00000000 ____D C:\VundoFix Backups
2015-12-04 08:46 - 2015-12-04 08:46 - 00000000 ____D C:\Users\Birgit\AppData\LocalLow\Yahoo
2015-12-04 08:46 - 2015-12-04 08:46 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-12-03 20:38 - 2015-12-03 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ON1
2015-12-03 20:38 - 2015-12-03 20:38 - 00000000 ____D C:\Program Files\ON1
2015-12-03 20:38 - 2015-12-03 20:38 - 00000000 ____D C:\Program Files (x86)\ON1
2015-12-03 19:57 - 2015-11-22 11:47 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-03 19:57 - 2015-11-22 11:47 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 19:57 - 2015-11-22 11:41 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-03 19:57 - 2015-11-22 11:41 - 01284960 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-03 19:57 - 2015-11-22 11:41 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-03 19:57 - 2015-11-22 11:35 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-03 19:57 - 2015-11-22 11:34 - 00975200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-03 19:57 - 2015-11-22 11:34 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2015-12-03 19:57 - 2015-11-22 11:33 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2015-12-03 19:57 - 2015-11-22 11:33 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-03 19:57 - 2015-11-22 11:33 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-03 19:57 - 2015-11-22 11:30 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-12-03 19:57 - 2015-11-22 11:30 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-12-03 19:57 - 2015-11-22 11:26 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-03 19:57 - 2015-11-22 11:25 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2015-12-03 19:57 - 2015-11-22 11:24 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-03 19:57 - 2015-11-22 11:20 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-12-03 19:57 - 2015-11-22 11:19 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-12-03 19:57 - 2015-11-22 11:14 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-03 19:57 - 2015-11-22 10:57 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-03 19:57 - 2015-11-22 10:56 - 22394880 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-03 19:57 - 2015-11-22 10:56 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-03 19:57 - 2015-11-22 10:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-03 19:57 - 2015-11-22 10:55 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-03 19:57 - 2015-11-22 10:54 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-03 19:57 - 2015-11-22 10:54 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2015-12-03 19:57 - 2015-11-22 10:54 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-03 19:57 - 2015-11-22 10:52 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-03 19:57 - 2015-11-22 10:50 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2015-12-03 19:57 - 2015-11-22 10:49 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-03 19:57 - 2015-11-22 10:45 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-03 19:57 - 2015-11-22 10:45 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-03 19:57 - 2015-11-22 10:45 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-03 19:57 - 2015-11-22 10:44 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-03 19:57 - 2015-11-22 10:43 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-03 19:57 - 2015-11-22 10:43 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-12-03 19:57 - 2015-11-22 10:43 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2015-12-03 19:57 - 2015-11-22 10:42 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-03 19:57 - 2015-11-22 10:42 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-03 19:57 - 2015-11-22 10:42 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-03 19:57 - 2015-11-22 10:41 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-03 19:57 - 2015-11-22 10:41 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-03 19:57 - 2015-11-22 10:39 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-03 19:57 - 2015-11-22 10:39 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-03 19:57 - 2015-11-22 10:39 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-03 19:57 - 2015-11-22 10:39 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-03 19:57 - 2015-11-22 10:39 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-03 19:57 - 2015-11-22 10:38 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-03 19:57 - 2015-11-22 10:38 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-03 19:57 - 2015-11-22 10:38 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-03 19:57 - 2015-11-22 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2015-12-03 19:57 - 2015-11-22 10:38 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2015-12-03 19:57 - 2015-11-22 10:37 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-03 19:57 - 2015-11-22 10:37 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-03 19:57 - 2015-11-22 10:37 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-12-03 19:57 - 2015-11-22 10:36 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-03 19:57 - 2015-11-22 10:34 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-03 19:57 - 2015-11-22 10:34 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2015-12-03 19:57 - 2015-11-22 10:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-03 19:57 - 2015-11-22 10:33 - 13380608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-03 19:57 - 2015-11-22 10:33 - 02587136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-03 19:57 - 2015-11-22 10:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2015-12-03 19:57 - 2015-11-22 10:32 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-03 19:57 - 2015-11-22 10:31 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-03 19:57 - 2015-11-22 10:31 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-03 19:57 - 2015-11-22 10:30 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-03 19:57 - 2015-11-22 10:30 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-03 19:57 - 2015-11-22 10:28 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-03 19:57 - 2015-11-22 10:28 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-03 19:57 - 2015-11-22 10:28 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-03 19:57 - 2015-11-22 10:28 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-12-03 19:57 - 2015-11-22 10:28 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-03 19:57 - 2015-11-22 10:27 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-03 19:57 - 2015-11-22 10:27 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-03 19:57 - 2015-11-22 10:27 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-03 19:57 - 2015-11-22 10:27 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2015-12-03 19:57 - 2015-11-22 10:26 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-03 19:57 - 2015-11-22 10:26 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-03 19:57 - 2015-11-22 10:26 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2015-12-03 19:57 - 2015-11-22 10:26 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-12-03 19:57 - 2015-11-22 10:25 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-03 19:57 - 2015-11-22 10:24 - 12124672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-03 19:57 - 2015-11-22 10:24 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-03 19:57 - 2015-11-22 10:24 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-03 19:57 - 2015-11-22 10:24 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-12-03 19:57 - 2015-11-22 10:20 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-03 19:57 - 2015-11-22 10:19 - 02064384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-03 19:57 - 2015-11-22 10:18 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-03 19:57 - 2015-11-22 10:18 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-12-03 19:57 - 2015-11-22 10:18 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2015-12-03 19:57 - 2015-11-22 10:17 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-03 19:57 - 2015-11-22 10:17 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-03 19:57 - 2015-11-22 10:16 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-03 19:57 - 2015-11-22 10:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-12-03 19:56 - 2015-11-22 11:00 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2015-12-03 19:56 - 2015-11-22 11:00 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2015-12-03 19:56 - 2015-11-22 10:57 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-03 19:56 - 2015-11-22 10:57 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-03 19:56 - 2015-11-22 10:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-03 19:56 - 2015-11-22 10:57 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-03 19:56 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-03 19:56 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-03 19:56 - 2015-11-22 10:56 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2015-12-03 19:56 - 2015-11-22 10:55 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-03 19:56 - 2015-11-22 10:54 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-03 19:56 - 2015-11-22 10:54 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2015-12-03 19:56 - 2015-11-22 10:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-03 19:56 - 2015-11-22 10:54 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2015-12-03 19:56 - 2015-11-22 10:54 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-03 19:56 - 2015-11-22 10:54 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-03 19:56 - 2015-11-22 10:52 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2015-12-03 19:56 - 2015-11-22 10:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-03 19:56 - 2015-11-22 10:52 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-12-03 19:56 - 2015-11-22 10:52 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-03 19:56 - 2015-11-22 10:51 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-03 19:56 - 2015-11-22 10:51 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-03 19:56 - 2015-11-22 10:51 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2015-12-03 19:56 - 2015-11-22 10:51 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-03 19:56 - 2015-11-22 10:51 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-12-03 19:56 - 2015-11-22 10:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-03 19:56 - 2015-11-22 10:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-12-03 19:56 - 2015-11-22 10:49 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2015-12-03 19:56 - 2015-11-22 10:48 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2015-12-03 19:56 - 2015-11-22 10:47 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-03 19:56 - 2015-11-22 10:46 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-03 19:56 - 2015-11-22 10:46 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-03 19:56 - 2015-11-22 10:45 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-03 19:56 - 2015-11-22 10:45 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-03 19:56 - 2015-11-22 10:45 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-03 19:56 - 2015-11-22 10:45 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-03 19:56 - 2015-11-22 10:45 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2015-12-03 19:56 - 2015-11-22 10:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-03 19:56 - 2015-11-22 10:45 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-03 19:56 - 2015-11-22 10:44 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-03 19:56 - 2015-11-22 10:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2015-12-03 19:56 - 2015-11-22 10:43 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-03 19:56 - 2015-11-22 10:43 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-03 19:56 - 2015-11-22 10:43 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-03 19:56 - 2015-11-22 10:42 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-03 19:56 - 2015-11-22 10:42 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-03 19:56 - 2015-11-22 10:42 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2015-12-03 19:56 - 2015-11-22 10:42 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2015-12-03 19:56 - 2015-11-22 10:41 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-03 19:56 - 2015-11-22 10:40 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-03 19:56 - 2015-11-22 10:40 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-03 19:56 - 2015-11-22 10:40 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-03 19:56 - 2015-11-22 10:40 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2015-12-03 19:56 - 2015-11-22 10:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-03 19:56 - 2015-11-22 10:39 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-03 19:56 - 2015-11-22 10:39 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-03 19:56 - 2015-11-22 10:39 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2015-12-03 19:56 - 2015-11-22 10:39 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2015-12-03 19:56 - 2015-11-22 10:39 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2015-12-03 19:56 - 2015-11-22 10:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-12-03 19:56 - 2015-11-22 10:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-03 19:56 - 2015-11-22 10:34 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-12-03 19:56 - 2015-11-22 10:34 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-03 19:56 - 2015-11-22 10:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-03 19:56 - 2015-11-22 10:33 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2015-12-03 19:56 - 2015-11-22 10:32 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-03 19:56 - 2015-11-22 10:31 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-03 19:56 - 2015-11-22 10:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-03 19:56 - 2015-11-22 10:28 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-03 19:56 - 2015-11-22 10:28 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-03 19:56 - 2015-11-22 10:28 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2015-12-03 19:56 - 2015-11-22 10:28 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2015-12-03 19:56 - 2015-11-22 10:27 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-03 19:56 - 2015-11-22 10:27 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-03 19:56 - 2015-11-22 10:25 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-03 19:56 - 2015-11-22 10:25 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-03 19:56 - 2015-11-22 10:24 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2015-12-03 19:56 - 2015-11-22 10:24 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2015-12-03 19:56 - 2015-11-22 10:23 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-02 14:03 - 2015-11-24 19:42 - 00102704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-12-02 14:02 - 2015-11-25 00:07 - 37882672 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 18389624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 14844304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 13533416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 12040952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 02876536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 02496816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435906.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435906.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 00877872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 00689784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 00445400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-12-01 22:31 - 2015-12-01 22:31 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-12-01 21:14 - 2015-12-01 21:14 - 00000000 ____D C:\Users\Birgit\AppData\Local\Intel
2015-12-01 21:12 - 2015-12-01 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-12-01 21:12 - 2015-12-01 21:12 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2015-12-01 13:59 - 2015-12-01 14:00 - 00000000 ____D C:\Program Files (x86)\Franzis
2015-12-01 11:23 - 2015-12-01 11:23 - 00076330 _____ C:\Users\Birgit\Desktop\PFx REFLECTIONS.atn
2015-12-01 11:13 - 2015-11-16 04:54 - 00112712 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-12-01 11:12 - 2015-11-25 00:07 - 42913912 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-12-01 11:12 - 2015-11-25 00:07 - 16561320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-12-01 11:12 - 2015-11-25 00:07 - 15839392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-12-01 11:12 - 2015-11-16 04:54 - 01905456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435900.dll
2015-12-01 11:12 - 2015-11-16 04:54 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435900.dll
2015-11-30 18:38 - 2015-11-30 18:38 - 00002246 _____ C:\Users\Birgit\Desktop\Spyder5Elite 5.0.lnk
2015-11-29 18:37 - 2015-11-29 18:37 - 00003668 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-(XXX@XXX.de)
2015-11-28 10:28 - 2015-11-28 10:28 - 00001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-11-25 09:16 - 2015-11-21 07:21 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-11-25 09:16 - 2015-11-21 07:02 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-11-25 09:16 - 2015-11-21 06:44 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-11-25 09:16 - 2015-11-21 06:29 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-11-25 09:16 - 2015-11-21 06:07 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-11-21 12:40 - 2015-12-07 13:21 - 00000000 ____D C:\Users\DefaultAppPool
2015-11-21 12:40 - 2015-11-21 12:40 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2015-11-21 12:40 - 2015-11-15 00:17 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\onOne Software
2015-11-21 12:40 - 2015-11-15 00:17 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2015-11-21 12:40 - 2015-11-15 00:17 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia
2015-11-21 12:40 - 2015-11-15 00:17 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Garmin
2015-11-21 12:40 - 2015-11-15 00:17 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Adobe
2015-11-21 12:40 - 2015-11-15 00:17 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2015-11-19 19:28 - 2015-11-13 07:55 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-11-19 19:28 - 2015-11-13 07:51 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-11-19 19:28 - 2015-11-13 07:51 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-11-19 19:28 - 2015-11-13 07:51 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-11-19 19:28 - 2015-11-13 07:43 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-11-19 19:28 - 2015-11-13 07:43 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-11-19 19:28 - 2015-11-13 07:43 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-11-19 19:28 - 2015-11-13 07:43 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-11-19 19:28 - 2015-11-13 07:43 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-11-19 19:28 - 2015-11-13 07:43 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-11-19 19:28 - 2015-11-13 07:43 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-11-19 19:28 - 2015-11-13 07:42 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-11-19 19:28 - 2015-11-13 07:42 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-11-19 19:28 - 2015-11-13 07:42 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-11-19 19:28 - 2015-11-13 07:41 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-11-19 19:28 - 2015-11-13 07:41 - 03670832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-19 19:28 - 2015-11-13 07:33 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-11-19 19:28 - 2015-11-13 07:33 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-11-19 19:28 - 2015-11-13 07:33 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-11-19 19:28 - 2015-11-13 07:32 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-11-19 19:28 - 2015-11-13 07:21 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-11-19 19:28 - 2015-11-13 07:21 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-11-19 19:28 - 2015-11-13 07:21 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-11-19 19:28 - 2015-11-13 07:21 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-11-19 19:28 - 2015-11-13 07:21 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-11-19 19:28 - 2015-11-13 07:21 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-11-19 19:28 - 2015-11-13 07:21 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-11-19 19:28 - 2015-11-13 07:21 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-11-19 19:28 - 2015-11-13 07:19 - 02918808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-19 19:28 - 2015-11-13 07:18 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-11-19 19:28 - 2015-11-13 07:09 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-11-19 19:28 - 2015-11-13 07:07 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-11-19 19:28 - 2015-11-13 07:06 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-11-19 19:28 - 2015-11-13 07:05 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-11-19 19:28 - 2015-11-13 07:05 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-11-19 19:28 - 2015-11-13 07:05 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-11-19 19:28 - 2015-11-13 07:05 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-11-19 19:28 - 2015-11-13 07:04 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-11-19 19:28 - 2015-11-13 07:04 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-11-19 19:28 - 2015-11-13 07:04 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-11-19 19:28 - 2015-11-13 07:03 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-11-19 19:28 - 2015-11-13 07:03 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-11-19 19:28 - 2015-11-13 07:02 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-11-19 19:28 - 2015-11-13 07:02 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-11-19 19:28 - 2015-11-13 07:01 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-11-19 19:28 - 2015-11-13 07:00 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-11-19 19:28 - 2015-11-13 07:00 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-11-19 19:28 - 2015-11-13 06:59 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-11-19 19:28 - 2015-11-13 06:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-11-19 19:28 - 2015-11-13 06:58 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-11-19 19:28 - 2015-11-13 06:57 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-11-19 19:28 - 2015-11-13 06:57 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-11-19 19:28 - 2015-11-13 06:56 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-11-19 19:28 - 2015-11-13 06:56 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-11-19 19:28 - 2015-11-13 06:56 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-11-19 19:28 - 2015-11-13 06:55 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-11-19 19:28 - 2015-11-13 06:55 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-11-19 19:28 - 2015-11-13 06:54 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-11-19 19:28 - 2015-11-13 06:53 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-11-19 19:28 - 2015-11-13 06:53 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-11-19 19:28 - 2015-11-13 06:50 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-19 19:28 - 2015-11-13 06:49 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-19 19:28 - 2015-11-13 06:40 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-11-19 19:28 - 2015-11-13 06:40 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-11-19 19:28 - 2015-11-13 06:39 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-11-19 19:28 - 2015-11-13 06:37 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-11-19 19:28 - 2015-11-13 06:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-11-19 19:28 - 2015-11-13 06:33 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-11-19 19:28 - 2015-11-13 06:32 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-11-19 19:28 - 2015-11-13 06:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-11-19 19:28 - 2015-11-13 06:30 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-11-19 19:28 - 2015-11-13 06:29 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-11-19 19:28 - 2015-11-13 06:28 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-11-19 19:28 - 2015-11-13 06:27 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-11-19 19:28 - 2015-11-13 06:23 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-19 19:28 - 2015-11-13 06:19 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-11-17 16:00 - 2015-11-17 16:00 - 02447648 _____ (DataDesign AG) C:\WINDOWS\SysWOW64\DDBACCPL.CPL
2015-11-17 16:00 - 2015-11-17 16:00 - 01833248 _____ (DataDesign AG) C:\WINDOWS\SysWOW64\ddBACCTM.cpl
2015-11-17 08:52 - 2015-11-17 08:52 - 00002473 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2015-11-17 08:52 - 2015-11-17 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2015-11-17 08:51 - 2015-11-17 08:51 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-11-16 19:30 - 2015-11-16 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photomatix Pro 5.1
2015-11-16 11:19 - 2015-11-16 11:19 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-11-16 11:07 - 2015-11-16 11:07 - 00000000 ____D C:\Users\Birgit\AppData\Local\PeerDistRepub
2015-11-16 10:49 - 2015-11-16 10:49 - 00000707 _____ C:\Users\Birgit\Desktop\BT747.lnk
2015-11-15 11:23 - 2015-11-15 11:23 - 00001103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2015-11-15 08:39 - 2015-11-15 08:39 - 00002541 _____ C:\Users\Birgit\Desktop\Sicherer Zahlungsverkehr.lnk
2015-11-15 08:38 - 2015-11-15 08:38 - 00002231 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-11-15 08:36 - 2015-11-15 08:36 - 00000000 ____D C:\Users\Birgit\AppData\Local\MicrosoftEdge
2015-11-15 08:32 - 2015-11-15 08:32 - 00002420 _____ C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-15 08:32 - 2015-11-15 08:32 - 00000000 ___RD C:\Users\Birgit\OneDrive
2015-11-15 08:31 - 2015-11-15 08:31 - 00000000 ____D C:\Users\Birgit\AppData\Local\Comms
2015-11-15 08:30 - 2015-11-15 08:30 - 00000000 ____D C:\Users\Birgit\AppData\Local\ActiveSync
2015-11-15 08:30 - 2015-11-15 08:30 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-11-15 08:28 - 2015-12-05 10:01 - 00000000 ____D C:\Users\Birgit\AppData\Local\Packages
2015-11-15 08:28 - 2015-11-21 10:08 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-11-15 08:28 - 2015-11-15 08:28 - 00000020 ___SH C:\Users\Birgit\ntuser.ini
2015-11-15 08:28 - 2015-11-15 08:28 - 00000000 ____D C:\Users\Birgit\AppData\Local\TileDataLayer
2015-11-15 08:28 - 2015-11-15 08:28 - 00000000 ____D C:\Users\Birgit\AppData\Local\Publishers
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 ____D C:\ProgramData\USOShared
2015-11-15 00:23 - 2015-12-07 13:19 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-15 00:23 - 2015-11-15 00:23 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-11-15 00:17 - 2015-11-15 00:17 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default\AppData\Roaming\onOne Software
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default\AppData\Roaming\Garmin
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default\AppData\Roaming\Adobe
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default User\AppData\Roaming\onOne Software
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Garmin
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Adobe
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-11-15 00:13 - 2015-11-15 00:13 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-11-15 00:10 - 2015-12-08 10:18 - 00000000 ____D C:\Users\Birgit
2015-11-15 00:10 - 2015-12-07 13:21 - 00000000 ____D C:\Users\Administrator
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\Vorlagen
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\Startmenü
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\Netzwerkumgebung
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\Lokale Einstellungen
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\Eigene Dateien
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\Druckumgebung
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\Documents\Eigene Videos
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\Documents\Eigene Musik
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\Documents\Eigene Bilder
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\AppData\Local\Verlauf
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\AppData\Local\Anwendungsdaten
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\Anwendungsdaten
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2015-11-15 00:07 - 2015-12-07 13:23 - 07363308 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-15 00:07 - 2015-11-15 00:07 - 19252572 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-11-15 00:06 - 2015-12-07 13:19 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-15 00:06 - 2015-12-02 14:03 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-15 00:06 - 2015-11-24 20:32 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-11-15 00:06 - 2015-11-24 20:32 - 02983032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-11-15 00:06 - 2015-11-24 20:32 - 02554672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-11-15 00:06 - 2015-11-24 20:32 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-11-15 00:06 - 2015-11-24 20:32 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-11-15 00:06 - 2015-11-24 20:32 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-11-15 00:06 - 2015-11-23 21:35 - 06049858 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-11-15 00:06 - 2015-11-15 00:06 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_LMouFilt_01005.Wdf
2015-11-15 00:06 - 2015-11-15 00:06 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_LHidFilt_01005.Wdf
2015-11-15 00:06 - 2015-11-15 00:06 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2015-11-15 00:06 - 2015-11-15 00:06 - 00000000 ____D C:\Program Files\VIA
2015-11-15 00:05 - 2015-12-08 08:40 - 00000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2015-11-15 00:05 - 2015-11-15 00:13 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-11-15 00:05 - 2015-11-15 00:13 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-11-15 00:05 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-11-15 00:04 - 2015-11-15 00:13 - 00000000 ____D C:\Program Files\Common Files\logishrd
2015-11-15 00:04 - 2015-11-15 00:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-11-15 00:03 - 2015-11-27 09:30 - 05151232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-15 00:02 - 2015-11-15 08:48 - 00000000 ___DC C:\WINDOWS\Panther
2015-11-14 23:58 - 2015-11-14 23:58 - 00000000 ____D C:\Windows.old
2015-11-14 23:56 - 2015-11-14 23:56 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-14 23:56 - 2015-11-14 23:56 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-14 23:56 - 2015-11-14 23:56 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-14 23:56 - 2015-11-14 23:56 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-14 23:56 - 2015-11-14 23:56 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-14 23:56 - 2015-11-14 23:56 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-14 23:56 - 2015-11-14 23:56 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-11-14 23:56 - 2015-11-14 23:56 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-11-14 19:56 - 2015-10-29 19:43 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2015-11-14 19:56 - 2015-10-29 19:43 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2015-11-14 19:56 - 2015-10-29 19:41 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2015-11-14 19:56 - 2015-10-29 19:25 - 06359040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2015-11-14 19:56 - 2015-10-29 19:24 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2015-11-14 19:13 - 2015-11-14 19:13 - 00000000 ____D C:\WINDOWS\system32\hr
2015-11-14 19:09 - 2015-12-07 13:23 - 00207192 _____ C:\WINDOWS\system32\prfh0404.dat
2015-11-14 19:09 - 2015-12-07 13:23 - 00069504 _____ C:\WINDOWS\system32\prfc0404.dat
2015-11-14 19:09 - 2015-11-14 19:08 - 00119664 _____ C:\WINDOWS\system32\prfi0404.dat
2015-11-14 19:09 - 2015-11-14 19:08 - 00033362 _____ C:\WINDOWS\system32\prfd0404.dat
2015-11-14 18:59 - 2015-11-14 18:59 - 00000000 ____D C:\WINDOWS\system32\sl
2015-11-14 18:56 - 2015-11-14 18:56 - 00000000 ____D C:\WINDOWS\system32\th
2015-11-14 18:47 - 2015-11-14 18:47 - 00000000 ____D C:\WINDOWS\system32\ro
2015-11-14 18:40 - 2015-12-07 13:23 - 00497604 _____ C:\WINDOWS\system32\prfh0804.dat
2015-11-14 18:40 - 2015-12-07 13:23 - 00159306 _____ C:\WINDOWS\system32\prfc0804.dat
2015-11-14 18:40 - 2015-11-14 18:40 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HANS
2015-11-14 18:40 - 2015-11-14 18:40 - 00000000 ____D C:\WINDOWS\system32\zh-HANS
2015-11-14 18:40 - 2015-11-14 18:39 - 00113096 _____ C:\WINDOWS\system32\prfi0804.dat
2015-11-14 18:40 - 2015-11-14 18:39 - 00033362 _____ C:\WINDOWS\system32\prfd0804.dat
2015-11-14 18:25 - 2015-12-07 13:23 - 00548864 _____ C:\WINDOWS\system32\perfh011.dat
2015-11-14 18:25 - 2015-12-07 13:23 - 00159306 _____ C:\WINDOWS\system32\perfc011.dat
2015-11-14 18:25 - 2015-11-14 18:25 - 00144476 _____ C:\WINDOWS\system32\perfi011.dat
2015-11-14 18:25 - 2015-11-14 18:25 - 00033362 _____ C:\WINDOWS\system32\perfd011.dat
2015-11-14 18:25 - 2015-11-14 18:25 - 00000000 ____D C:\WINDOWS\SysWOW64\ja
2015-11-14 18:25 - 2015-11-14 18:25 - 00000000 ____D C:\WINDOWS\system32\ja
2015-11-14 18:24 - 2015-11-14 18:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\lzhfldr2.dll
2015-11-14 18:24 - 2015-11-14 18:24 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lzhfldr2.dll
2015-11-14 18:07 - 2015-11-14 18:07 - 00000000 ____D C:\WINDOWS\system32\lv
2015-11-14 18:00 - 2015-12-07 13:23 - 00791020 _____ C:\WINDOWS\system32\perfh01F.dat
2015-11-14 18:00 - 2015-12-07 13:23 - 00174272 _____ C:\WINDOWS\system32\perfc01F.dat
2015-11-14 18:00 - 2015-11-14 18:00 - 00000000 ____D C:\WINDOWS\SysWOW64\tr
2015-11-14 18:00 - 2015-11-14 18:00 - 00000000 ____D C:\WINDOWS\system32\tr
2015-11-14 18:00 - 2015-11-14 17:59 - 00289982 _____ C:\WINDOWS\system32\perfi01F.dat
2015-11-14 18:00 - 2015-11-14 17:59 - 00039088 _____ C:\WINDOWS\system32\perfd01F.dat
2015-11-14 17:51 - 2015-12-07 13:23 - 00884720 _____ C:\WINDOWS\system32\perfh00C.dat
2015-11-14 17:51 - 2015-12-07 13:23 - 00181276 _____ C:\WINDOWS\system32\perfc00C.dat
2015-11-14 17:51 - 2015-11-14 17:51 - 00350774 _____ C:\WINDOWS\system32\perfi00C.dat
2015-11-14 17:51 - 2015-11-14 17:51 - 00040528 _____ C:\WINDOWS\system32\perfd00C.dat
2015-11-14 17:51 - 2015-11-14 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\fr
2015-11-14 17:51 - 2015-11-14 17:51 - 00000000 ____D C:\WINDOWS\system32\fr
2015-11-14 17:47 - 2015-12-07 13:23 - 00451558 _____ C:\WINDOWS\system32\perfh001.dat
2015-11-14 17:47 - 2015-12-07 13:23 - 00077080 _____ C:\WINDOWS\system32\perfc001.dat
2015-11-14 17:47 - 2015-11-14 17:47 - 00296742 _____ C:\WINDOWS\system32\perfi001.dat
2015-11-14 17:47 - 2015-11-14 17:47 - 00033362 _____ C:\WINDOWS\system32\perfd001.dat
2015-11-14 17:47 - 2015-11-14 17:47 - 00000000 ____D C:\WINDOWS\system32\ar
2015-11-14 17:39 - 2015-12-07 13:23 - 00876900 _____ C:\WINDOWS\system32\perfh015.dat
2015-11-14 17:39 - 2015-12-07 13:23 - 00185740 _____ C:\WINDOWS\system32\perfc015.dat
2015-11-14 17:39 - 2015-11-14 17:39 - 00342912 _____ C:\WINDOWS\system32\perfi015.dat
2015-11-14 17:39 - 2015-11-14 17:39 - 00041236 _____ C:\WINDOWS\system32\perfd015.dat
2015-11-14 17:39 - 2015-11-14 17:39 - 00000000 ____D C:\WINDOWS\SysWOW64\pl
2015-11-14 17:39 - 2015-11-14 17:39 - 00000000 ____D C:\WINDOWS\system32\pl
2015-11-14 17:37 - 2015-11-14 17:37 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-11-14 17:32 - 2015-12-06 12:16 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-11-14 17:32 - 2015-12-04 19:13 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-11-14 17:32 - 2015-11-14 17:32 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-11-14 17:32 - 2015-11-14 17:32 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-11-14 17:32 - 2015-11-14 17:32 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-11-14 17:32 - 2015-11-14 17:32 - 00000000 ____D C:\Program Files\MSBuild
2015-11-14 17:32 - 2015-11-14 17:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-11-14 17:32 - 2015-11-14 17:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-11-14 17:32 - 2015-11-14 17:32 - 00000000 ____D C:\inetpub
2015-11-14 17:32 - 2012-09-21 05:00 - 00303104 _____ (CANON INC.) C:\WINDOWS\system32\CNCALBL.DLL
2015-11-14 17:32 - 2012-09-20 05:00 - 00390656 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMBL.DLL
2015-11-14 17:31 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-11-14 17:31 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-11-14 17:31 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-11-14 17:31 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-11-14 17:31 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-11-14 17:31 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-11-14 17:16 - 2015-11-15 00:23 - 00014259 _____ C:\WINDOWS\diagerr.xml
2015-11-14 17:16 - 2015-11-15 00:23 - 00013338 _____ C:\WINDOWS\diagwrn.xml
2015-11-14 15:13 - 2015-12-07 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup Free 8.9
2015-11-14 15:13 - 2015-11-14 15:15 - 00001821 ____H C:\WINDOWS\EPMBatch.ept
2015-11-14 15:13 - 2015-11-14 15:13 - 00002147 _____ C:\Users\Public\Desktop\EaseUS Todo Backup Free 8.9 .lnk
2015-11-14 15:13 - 2014-12-15 00:59 - 00192040 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\EuFdDisk.sys
2015-11-14 15:13 - 2014-12-15 00:59 - 00060968 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\eubakup.sys
2015-11-14 15:13 - 2014-12-15 00:59 - 00048168 _____ C:\WINDOWS\system32\Drivers\EUBKMON.sys
2015-11-14 15:13 - 2014-12-15 00:59 - 00018472 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\eudskacs.sys
2015-11-14 15:12 - 2015-12-07 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8
2015-11-14 15:12 - 2015-09-21 00:30 - 03557000 _____ C:\WINDOWS\system32\BootMan.exe
2015-11-14 15:12 - 2015-09-21 00:19 - 02658952 _____ C:\WINDOWS\SysWOW64\BootMan.exe
2015-11-14 15:12 - 2014-12-15 01:03 - 00024104 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\fbnative.exe
2015-11-14 15:12 - 2014-11-18 14:46 - 00021088 _____ C:\WINDOWS\SysWOW64\EuEpmGdi.dll
2015-11-14 15:12 - 2014-11-18 14:46 - 00017504 _____ C:\WINDOWS\system32\EuEpmGdi.dll
2015-11-14 15:12 - 2014-11-18 14:39 - 00018528 _____ C:\WINDOWS\system32\epmntdrv.sys
2015-11-14 15:12 - 2014-11-18 14:39 - 00014944 _____ C:\WINDOWS\SysWOW64\epmntdrv.sys
2015-11-14 15:12 - 2014-11-18 14:39 - 00010848 _____ C:\WINDOWS\system32\EuGdiDrv.sys
2015-11-14 15:12 - 2014-11-18 14:39 - 00010208 _____ C:\WINDOWS\SysWOW64\EuGdiDrv.sys
2015-11-14 15:12 - 2014-11-18 14:38 - 00101984 _____ C:\WINDOWS\system32\setupempdrvx64.exe
2015-11-14 15:12 - 2014-11-18 14:38 - 00088160 _____ C:\WINDOWS\SysWOW64\setupempdrv03.exe
2015-11-14 14:58 - 2015-12-07 13:09 - 00000000 ____D C:\Program Files (x86)\EaseUS
2015-11-12 23:00 - 2015-11-12 23:00 - 00001088 _____ C:\Users\Administrator\Desktop\Topaz Texture Effects (64-bit).lnk
2015-11-11 08:35 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
2015-11-11 08:35 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2015-11-11 08:35 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
2015-11-11 08:35 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-11-10 12:50 - 2015-11-05 18:13 - 01572496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-11-10 12:50 - 2015-11-05 18:13 - 00205456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-11-10 12:50 - 2015-11-05 18:13 - 00072504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-11-10 12:50 - 2015-11-05 18:13 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-11-10 12:50 - 2015-11-05 18:13 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-11-10 12:50 - 2015-11-05 18:13 - 00039240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-11-09 18:50 - 2015-11-28 19:00 - 00001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

Code:

ATTFilter

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-08 10:27 - 2015-07-01 22:01 - 00000000 ____D C:\FRST
2015-12-08 10:15 - 2012-06-09 19:21 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Skype
2015-12-08 10:13 - 2015-07-21 21:12 - 00000684 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3964295598-1680719950-2001356993-1000.job
2015-12-08 10:12 - 2015-01-14 12:04 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-12-08 10:12 - 2013-04-12 10:54 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-08 10:06 - 2015-07-21 21:12 - 00000588 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3964295598-1680719950-2001356993-1000.job
2015-12-08 09:50 - 2012-06-19 08:04 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-08 09:40 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2015-12-08 09:12 - 2012-06-09 17:24 - 00000000 ____D C:\Users\Birgit\Documents\Outlook-Dateien
2015-12-08 08:57 - 2015-07-11 08:56 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-08 08:41 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2015-12-08 08:40 - 2015-04-07 20:46 - 00000000 ___RD C:\Users\Birgit\Creative Cloud Files
2015-12-08 08:40 - 2013-04-12 10:54 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-08 08:40 - 2012-06-09 19:34 - 00000000 ____D C:\Users\Birgit\AppData\Local\Adobe
2015-12-08 06:16 - 2015-07-21 21:12 - 00003844 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-3964295598-1680719950-2001356993-1000
2015-12-08 06:16 - 2015-07-21 21:12 - 00003748 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-3964295598-1680719950-2001356993-1000
2015-12-07 18:56 - 2013-04-12 10:54 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-07 13:23 - 2015-10-30 19:35 - 00891608 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-07 13:23 - 2015-10-30 19:35 - 00198192 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-07 13:22 - 2012-07-29 11:08 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-07 13:20 - 2014-09-21 14:38 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-12-07 13:19 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-12-07 13:12 - 2012-06-11 08:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebSite X5 v9 - Evolution
2015-12-07 13:11 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-07 13:11 - 2015-06-17 14:01 - 00000000 ____D C:\Program Files (x86)\SaalDesignSoftware
2015-12-07 13:11 - 2014-10-29 08:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-07 13:11 - 2014-09-05 15:45 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\fc prints Fotobuch
2015-12-07 13:11 - 2014-08-15 08:49 - 00000000 ____D C:\ProgramData\WhiteWall
2015-12-07 13:11 - 2014-08-15 08:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhiteWall
2015-12-07 13:11 - 2014-08-15 08:49 - 00000000 ____D C:\Program Files (x86)\WhiteWall
2015-12-07 13:11 - 2013-12-23 16:05 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-12-07 13:11 - 2013-11-03 13:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7
2015-12-07 13:11 - 2013-11-03 13:08 - 00000000 ____D C:\Program Files\CamStudio 2.7
2015-12-07 13:11 - 2012-11-28 18:34 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-12-07 13:11 - 2012-06-24 11:00 - 00000000 ____D C:\Program Files\CCleaner
2015-12-07 13:11 - 2012-06-11 08:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Datacolor
2015-12-07 13:11 - 2012-06-11 08:00 - 00000000 ____D C:\Program Files (x86)\WebSite X5 v9 - Evolution
2015-12-07 13:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\registration
2015-12-07 13:09 - 2015-03-10 10:52 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-12-07 13:09 - 2014-09-18 06:48 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-07 13:09 - 2014-02-13 15:37 - 00000000 ____D C:\Users\Birgit\AppData\Local\Citrix
2015-12-07 13:09 - 2013-11-03 22:14 - 00000000 ____D C:\ProgramData\Oracle
2015-12-07 13:09 - 2013-07-23 19:38 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\TeamViewer
2015-12-07 13:09 - 2013-04-06 22:58 - 00000000 ____D C:\Users\Birgit\AppData\Local\Apps\2.0
2015-12-07 13:09 - 2012-10-05 08:15 - 00000000 ____D C:\Program Files (x86)\Garmin
2015-12-07 13:09 - 2012-07-29 11:07 - 00000000 ____D C:\Users\Birgit\AppData\Local\Google
2015-12-07 13:09 - 2012-06-11 08:38 - 00000000 ____D C:\Program Files (x86)\Datacolor
2015-12-07 13:09 - 2012-06-11 08:06 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-07 10:34 - 2013-11-28 13:49 - 00000000 ____D C:\Users\Birgit\AppData\Local\WhiteWall
2015-12-07 00:07 - 2015-03-17 20:25 - 00000000 ____D C:\Users\Birgit\Lightroom
2015-12-06 16:40 - 2015-07-11 08:55 - 00001193 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-06 16:40 - 2015-07-11 08:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-06 16:40 - 2015-07-11 08:55 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-06 15:18 - 2012-06-11 08:08 - 00000000 ____D C:\ProgramData\Lexware
2015-12-06 12:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-06 12:18 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal
2015-12-06 12:18 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-12-06 12:18 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\migwiz
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\IME
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Defender
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\System
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-12-06 12:18 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-06 12:18 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-06 12:18 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\servicing
2015-12-06 12:16 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2015-12-06 12:16 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2015-12-06 12:16 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-12-06 12:16 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\winrm
2015-12-06 12:16 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\slmgr
2015-12-06 12:16 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2015-12-06 12:16 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2015-12-06 12:16 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2015-12-06 12:16 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-12-06 12:16 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-12-06 12:16 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2015-12-06 12:16 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-12-06 12:16 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-12-06 12:16 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Com
2015-12-06 12:16 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-06 12:16 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-06 10:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-05 11:33 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-05 11:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-12-05 11:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-12-04 08:43 - 2015-09-01 07:20 - 00000000 ____D C:\Users\Birgit\.oracle_jre_usage
2015-12-04 08:43 - 2014-10-29 08:20 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-12-04 08:03 - 2012-06-09 19:21 - 00000000 ____D C:\ProgramData\Skype
2015-12-03 20:38 - 2015-10-29 23:06 - 00000000 ____D C:\ProgramData\ON1
2015-12-03 09:48 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\dsc
2015-12-03 09:47 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-12-03 09:47 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-12-02 14:03 - 2014-09-19 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-02 07:07 - 2013-04-12 10:54 - 00004196 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 07:07 - 2013-04-12 10:54 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-01 21:15 - 2012-06-09 16:27 - 00000000 ____D C:\ProgramData\Intel
2015-12-01 21:12 - 2013-03-15 16:20 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-01 14:04 - 2014-10-17 15:37 - 00000000 ____D C:\Users\Birgit\HDR Projects 3 Pro
2015-12-01 11:13 - 2014-09-19 19:38 - 00000000 ____D C:\Users\Birgit\AppData\Local\NVIDIA Corporation
2015-12-01 11:01 - 2015-06-30 00:05 - 00934272 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2015-11-30 18:38 - 2012-06-11 08:39 - 00000000 ____D C:\Users\Birgit\AppData\Local\Datacolor
2015-11-30 15:54 - 2012-07-08 19:03 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\FileZilla
2015-11-28 23:17 - 2012-06-13 13:44 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\vlc
2015-11-28 22:25 - 2013-08-13 20:15 - 00000000 ____D C:\Users\Birgit\dwhelper
2015-11-28 19:00 - 2013-07-23 13:45 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-28 11:47 - 2013-08-04 13:45 - 00000000 ____D C:\Users\Birgit\Documents\My Kindle Content
2015-11-28 11:47 - 2012-10-31 10:27 - 00000000 ____D C:\Users\Birgit\Documents\DxO Optics Pro v8 logs
2015-11-28 10:28 - 2012-06-09 19:43 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-27 00:16 - 2015-10-30 19:36 - 00000000 ____D C:\WINDOWS\OCR
2015-11-26 22:22 - 2015-11-02 08:46 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-26 01:34 - 2015-08-29 00:31 - 11228488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-11-25 09:12 - 2012-06-09 19:34 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Adobe
2015-11-25 00:07 - 2015-08-29 00:31 - 22345336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-11-25 00:07 - 2015-08-29 00:31 - 18487360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-11-25 00:07 - 2015-08-29 00:31 - 15933400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-11-25 00:07 - 2015-08-29 00:31 - 12870384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-11-25 00:07 - 2015-08-29 00:31 - 03540360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-11-25 00:07 - 2015-08-29 00:31 - 03126800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-11-25 00:07 - 2015-08-07 08:10 - 00034494 _____ C:\WINDOWS\system32\nvinfo.pb
2015-11-21 15:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-11-21 15:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-11-20 20:39 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-20 20:39 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-11-19 14:48 - 2012-06-09 17:16 - 00000000 ____D C:\Program Files\Microsoft Office
2015-11-17 08:53 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-17 08:53 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-11-17 08:53 - 2014-05-15 21:56 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-11-17 08:52 - 2013-02-07 09:09 - 00000000 ____D C:\Users\Birgit\Documents\OneNote-Notizbücher
2015-11-16 19:30 - 2013-10-08 12:34 - 00000000 ____D C:\Program Files\PhotomatixPro5
2015-11-16 10:51 - 2013-12-23 16:05 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-11-16 10:49 - 2013-04-18 19:24 - 00002633 _____ C:\Users\Birgit\BT747SettingsJ2SE.pdb
2015-11-16 10:12 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-11-16 04:54 - 2014-09-19 19:38 - 01828160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-11-16 04:54 - 2014-09-19 19:38 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-11-16 04:54 - 2014-09-19 19:38 - 01509824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-11-16 04:54 - 2014-09-19 19:38 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-11-15 12:47 - 2015-02-01 17:07 - 00000028 _____ C:\Users\Birgit\AppData\Roaming\kulerdata.json
2015-11-15 11:58 - 2012-12-05 11:23 - 00000000 ____D C:\Program Files\onOne Software
2015-11-15 11:58 - 2012-06-09 19:56 - 00000000 ____D C:\ProgramData\onOne Software
2015-11-15 11:58 - 2012-06-09 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software
2015-11-15 11:58 - 2012-06-09 19:56 - 00000000 ____D C:\Program Files (x86)\onOne Software
2015-11-15 11:41 - 2015-06-28 14:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Piccure+
2015-11-15 11:41 - 2015-06-28 14:08 - 00000000 ____D C:\Program Files\Piccure+
2015-11-15 11:40 - 2015-06-28 14:07 - 00000000 ____D C:\Program Files (x86)\Piccure+
2015-11-15 11:23 - 2012-07-10 18:39 - 00000000 ____D C:\Users\Birgit\Documents\Adobe
2015-11-15 10:51 - 2012-07-10 12:16 - 00001138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2015-11-15 10:51 - 2012-07-10 12:15 - 00001302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2015-11-15 10:50 - 2012-07-10 12:15 - 00001100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2015-11-15 10:50 - 2012-07-10 12:14 - 00001264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2015-11-15 10:48 - 2012-07-10 12:12 - 00001618 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2015-11-15 10:48 - 2012-07-10 12:12 - 00001448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2015-11-15 08:48 - 2015-07-20 13:04 - 00000000 ____D C:\Users\Birgit\AppData\Local\CrashDumps
2015-11-15 08:39 - 2014-04-04 14:02 - 00000624 __RSH C:\ProgramData\ntuser.pol
2015-11-15 08:38 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-11-15 08:28 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-11-15 00:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-11-15 00:24 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-11-15 00:24 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT
2015-11-15 00:23 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media
2015-11-15 00:23 - 2015-02-20 15:10 - 00003072 _____ C:\WINDOWS\System32\Tasks\iSCSIAgentAutoStartup
2015-11-15 00:23 - 2015-01-09 14:55 - 00003390 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2015-11-15 00:23 - 2014-12-26 11:53 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-11-15 00:23 - 2014-12-11 09:21 - 00003238 _____ C:\WINDOWS\System32\Tasks\{8D352165-7167-4EE7-9453-46AE080210AB}
2015-11-15 00:23 - 2014-10-16 08:30 - 00003850 _____ C:\WINDOWS\System32\Tasks\bd85a1de-c49d-435e-919e-9865c1fd356a 15 0
2015-11-15 00:23 - 2014-07-28 07:22 - 00003238 _____ C:\WINDOWS\System32\Tasks\{C381E834-517B-458A-80EF-36BF3CC44F0B}
2015-11-15 00:23 - 2014-07-26 20:58 - 00003226 _____ C:\WINDOWS\System32\Tasks\{EC59A234-04F9-4E72-A0CB-8A8A92144FD6}
2015-11-15 00:23 - 2014-07-02 14:45 - 00003334 _____ C:\WINDOWS\System32\Tasks\{6207B31E-34E9-47A4-ADF3-7AFD77071B98}
2015-11-15 00:23 - 2014-07-02 09:01 - 00003664 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2015-11-15 00:23 - 2014-04-07 14:33 - 00004292 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-11-15 00:23 - 2013-10-06 15:52 - 00003630 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Birgit-PC-Administrator
2015-11-15 00:23 - 2013-09-23 20:24 - 00003616 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Birgit-PC-Birgit
2015-11-15 00:23 - 2013-04-18 20:40 - 00003294 _____ C:\WINDOWS\System32\Tasks\{1F05FE5F-1507-403C-BE85-834309BBFD7D}
2015-11-15 00:23 - 2013-04-18 19:24 - 00003312 _____ C:\WINDOWS\System32\Tasks\{275E7304-F325-4071-8E5E-F3ABEC1A009B}
2015-11-15 00:23 - 2013-01-27 23:56 - 00003354 _____ C:\WINDOWS\System32\Tasks\{CB071D11-95EB-47EB-9CDD-4FDD06CABB4B}
2015-11-15 00:23 - 2013-01-16 17:11 - 00003338 _____ C:\WINDOWS\System32\Tasks\{A0428692-8CDB-4E1E-938A-8623090CDEFD}
2015-11-15 00:23 - 2012-12-19 07:24 - 00002884 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-11-15 00:23 - 2012-12-05 11:51 - 00003464 _____ C:\WINDOWS\System32\Tasks\{F1382697-0E25-4222-B625-EFBC3ED02707}
2015-11-15 00:23 - 2012-06-19 08:04 - 00003932 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-15 00:23 - 2012-06-13 13:56 - 00003282 _____ C:\WINDOWS\System32\Tasks\hcdll2_ex_Win32
2015-11-15 00:23 - 2012-06-13 13:56 - 00003278 _____ C:\WINDOWS\System32\Tasks\hcdll2_ex_x64
2015-11-15 00:22 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-11-15 00:19 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-11-15 00:18 - 2015-10-30 19:47 - 00000000 ____D C:\WINDOWS\ShellNew
2015-11-15 00:18 - 2015-09-02 19:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-11-15 00:18 - 2015-08-24 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-11-15 00:18 - 2015-08-24 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivePerl 5.20.2 Build 2002
2015-11-15 00:18 - 2015-08-24 09:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exifer
2015-11-15 00:18 - 2015-03-10 10:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-11-15 00:18 - 2015-02-22 20:45 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett
2015-11-15 00:18 - 2015-01-09 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2015-11-15 00:18 - 2015-01-09 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2015-11-15 00:18 - 2015-01-05 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
2015-11-15 00:18 - 2014-12-01 08:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2015-11-15 00:18 - 2014-10-08 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO Optics Pro 8
2015-11-15 00:18 - 2014-09-08 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-11-15 00:18 - 2014-09-05 15:45 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\fc prints order
2015-11-15 00:18 - 2014-07-31 15:05 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music
2015-11-15 00:18 - 2014-05-10 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-11-15 00:18 - 2014-04-07 15:02 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-15 00:18 - 2014-03-29 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX920 series Benutzerregistrierung
2015-11-15 00:18 - 2014-03-29 20:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX920 series Manual
2015-11-15 00:18 - 2014-03-29 20:48 - 00000000 ____D C:\WINDOWS\system32\STRING
2015-11-15 00:18 - 2014-03-18 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan 9000F Mark II Manual
2015-11-15 00:18 - 2014-02-04 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PortraitPro 12
2015-11-15 00:18 - 2014-01-31 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-11-15 00:18 - 2013-12-23 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO ViewPoint
2015-11-15 00:18 - 2013-12-03 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-11-15 00:18 - 2013-10-11 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2015-11-15 00:18 - 2013-10-08 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photomatix Pro 5.0
2015-11-15 00:18 - 2013-09-20 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO FilmPack 3
2015-11-15 00:18 - 2013-07-17 07:31 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EnfuseGUI 2.1
2015-11-15 00:18 - 2013-06-21 06:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EXIF Date Changer
2015-11-15 00:18 - 2013-04-18 17:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Silabs
2015-11-15 00:18 - 2013-04-12 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoSetter
2015-11-15 00:18 - 2013-02-11 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP4 To MP3 Converter
2015-11-15 00:18 - 2012-11-25 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neat Image for Photoshop
2015-11-15 00:18 - 2012-10-05 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-11-15 00:18 - 2012-09-15 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO Optics Pro 7
2015-11-15 00:18 - 2012-08-28 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-11-15 00:18 - 2012-07-19 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-11-15 00:18 - 2012-07-17 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picto Selector
2015-11-15 00:18 - 2012-07-08 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-11-15 00:18 - 2012-07-07 11:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\astrojargon.net
2015-11-15 00:18 - 2012-07-02 06:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photomatix Pro 4.2
2015-11-15 00:18 - 2012-06-29 05:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft OmniPage SE 4
2015-11-15 00:18 - 2012-06-28 07:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!
2015-11-15 00:18 - 2012-06-24 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-11-15 00:18 - 2012-06-13 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-11-15 00:18 - 2012-06-11 07:46 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oloneo PhotoEngine
2015-11-15 00:18 - 2012-06-11 07:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photomatix Pro 4.1
2015-11-15 00:18 - 2012-06-09 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-11-15 00:18 - 2012-06-09 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-11-15 00:18 - 2012-06-09 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-11-15 00:17 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated
2015-11-15 00:14 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-11-15 00:14 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-11-15 00:14 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2015-11-15 00:14 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-11-15 00:14 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-11-15 00:14 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-11-15 00:14 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-15 00:14 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\IME
2015-11-15 00:14 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\schemas
2015-11-15 00:14 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-11-15 00:14 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Cursors
2015-11-15 00:14 - 2015-09-03 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2015-11-15 00:14 - 2015-08-29 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-11-15 00:14 - 2015-07-04 10:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetGear
2015-11-15 00:14 - 2015-04-08 09:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QNAP
2015-11-15 00:14 - 2015-01-09 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Samsung
2015-11-15 00:14 - 2015-01-09 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-11-15 00:14 - 2014-11-29 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hardcopy - Bildschirmausdruck
2015-11-15 00:14 - 2014-03-18 17:05 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2015-11-15 00:14 - 2014-03-18 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan 9000F Mark II
2015-11-15 00:14 - 2013-03-06 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis
2015-11-15 00:14 - 2013-01-27 14:55 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-11-15 00:14 - 2012-08-20 15:54 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-CHT
2015-11-15 00:14 - 2012-08-20 15:54 - 00000000 ____D C:\WINDOWS\system32\zh-CHT
2015-11-15 00:14 - 2012-08-20 14:45 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-CHS
2015-11-15 00:14 - 2012-08-20 14:45 - 00000000 ____D C:\WINDOWS\system32\zh-CHS
2015-11-15 00:14 - 2012-07-12 08:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs
2015-11-15 00:14 - 2012-06-29 05:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-11-15 00:14 - 2012-06-13 11:40 - 00000000 ____D C:\WINDOWS\system32\SPReview
2015-11-15 00:14 - 2012-06-13 11:39 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2015-11-15 00:14 - 2012-06-09 22:25 - 00000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e
2015-11-15 00:14 - 2012-06-09 19:56 - 00000000 ____D C:\WINDOWS\SysWOW64\spool
2015-11-15 00:14 - 2009-07-14 08:45 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-11-15 00:13 - 2015-10-30 08:24 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-11-15 00:13 - 2015-10-30 08:24 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-11-15 00:13 - 2012-06-24 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2015-11-15 00:13 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-11-15 00:13 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-11-15 00:10 - 2014-11-21 15:12 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Digital Film Tools
2015-11-15 00:10 - 2014-10-17 07:33 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TrayBackup
2015-11-15 00:10 - 2013-08-13 11:51 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Topaz Labs
2015-11-15 00:10 - 2013-08-04 13:44 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2015-11-15 00:10 - 2012-06-13 13:56 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hardcopy - Bildschirmausdruck
2015-11-15 00:10 - 2009-07-14 04:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-11-15 00:03 - 2015-10-30 19:58 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-11-15 00:01 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-11-14 17:31 - 2015-10-30 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-11-14 17:31 - 2015-10-30 08:19 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-11-14 17:31 - 2015-10-30 08:19 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-11-14 17:31 - 2015-10-30 08:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-11-14 17:31 - 2015-10-30 08:19 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-11-14 17:31 - 2015-10-30 08:19 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-11-14 17:31 - 2015-10-30 08:19 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-11-14 17:31 - 2015-10-30 08:19 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-11-14 17:31 - 2015-10-30 08:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-11-14 17:31 - 2015-10-30 08:19 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-11-14 17:31 - 2015-10-30 08:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-11-14 17:31 - 2015-10-30 08:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-11-14 17:31 - 2015-10-30 08:19 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-11-14 17:31 - 2015-10-30 08:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-11-14 17:31 - 2015-10-30 08:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-11-14 17:31 - 2015-10-30 08:19 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-11-14 17:31 - 2015-10-30 08:18 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-11-14 17:31 - 2015-10-30 08:18 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-11-14 17:31 - 2015-10-30 08:18 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-11-14 17:31 - 2015-10-30 08:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-11-14 17:31 - 2015-10-30 08:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-11-14 17:31 - 2015-10-30 08:18 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-11-14 17:31 - 2015-10-30 08:18 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-11-14 17:31 - 2015-10-30 08:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-11-14 17:31 - 2015-10-30 08:18 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-11-14 17:20 - 2009-07-14 05:45 - 00025200 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-14 17:20 - 2009-07-14 05:45 - 00025200 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-14 17:16 - 2015-10-30 20:28 - 00000000 ___HD C:\$WINDOWS.~BT
2015-11-14 16:07 - 2013-08-14 21:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-14 13:16 - 2014-03-18 17:14 - 00000000 ___HD C:\ProgramData\CanonIJMIG
2015-11-12 23:00 - 2014-09-21 14:36 - 00000000 ____D C:\Program Files\Topaz Labs
2015-11-12 23:00 - 2013-08-13 21:09 - 00000000 ____D C:\Users\Birgit\AppData\Local\Topaz Labs
2015-11-11 20:43 - 2012-06-09 17:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 20:11 - 2012-06-09 17:34 - 00157544 _____ C:\Users\Birgit\AppData\Local\GDIPFONTCACHEV1.DAT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-07-09 14:22 - 2012-07-09 14:22 - 0000132 _____ () C:\Users\Birgit\AppData\Roaming\Adobe BMP Format CS5 Prefs
2012-08-08 20:33 - 2013-04-16 11:06 - 0000132 _____ () C:\Users\Birgit\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2012-07-09 14:24 - 2012-07-09 14:31 - 0000132 _____ () C:\Users\Birgit\AppData\Roaming\Adobe GIF Format CS5 Prefs
2014-02-18 19:38 - 2014-02-20 21:22 - 0000132 _____ () C:\Users\Birgit\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-11-03 13:10 - 2013-11-03 14:45 - 0000096 _____ () C:\Users\Birgit\AppData\Roaming\Camdata.ini
2013-11-03 13:10 - 2013-11-03 14:45 - 0000408 _____ () C:\Users\Birgit\AppData\Roaming\CamLayout.ini
2013-11-03 13:10 - 2013-11-03 14:45 - 0000408 _____ () C:\Users\Birgit\AppData\Roaming\CamShapes.ini
2013-11-03 13:10 - 2013-11-03 14:45 - 0004535 _____ () C:\Users\Birgit\AppData\Roaming\CamStudio.cfg
2013-12-11 08:55 - 2014-01-23 21:47 - 0003072 _____ () C:\Users\Birgit\AppData\Roaming\fotobook Designer Prefsv3
2014-12-08 10:26 - 2015-01-03 17:49 - 0000000 _____ () C:\Users\Birgit\AppData\Roaming\Graphics
2015-02-01 17:07 - 2015-11-15 12:47 - 0000028 _____ () C:\Users\Birgit\AppData\Roaming\kulerdata.json
2013-02-18 10:58 - 2013-02-18 11:06 - 0177152 _____ () C:\Users\Birgit\AppData\Roaming\MeinXXL Prefsv3
2013-04-24 08:24 - 2013-08-25 22:50 - 0178372 _____ () C:\Users\Birgit\AppData\Roaming\PS13_panel.log
2015-01-05 12:36 - 2015-01-11 16:04 - 14397440 _____ () C:\Users\Birgit\AppData\Roaming\Sandra.mdb
2013-05-30 14:53 - 2013-05-30 21:08 - 0001099 _____ () C:\Users\Birgit\AppData\Roaming\ShiftN.ini
2013-11-03 13:08 - 2013-11-03 13:26 - 0000096 _____ () C:\Users\Birgit\AppData\Roaming\version2.xml
2013-07-27 07:21 - 2014-04-04 08:21 - 0000052 _____ () C:\Users\Birgit\AppData\Roaming\WB.CFG
2013-07-17 08:21 - 2014-01-28 09:21 - 0000005 _____ () C:\Users\Birgit\AppData\Roaming\WBPU-TTL.DAT
2015-06-10 15:12 - 2015-06-10 15:12 - 0000038 ___SH () C:\Users\Birgit\AppData\Local\56f857505417e3fe0c6362.11790009
2012-06-11 11:35 - 2012-07-08 21:17 - 0001456 _____ () C:\Users\Birgit\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2012-07-11 09:10 - 2015-10-06 12:01 - 0001456 _____ () C:\Users\Birgit\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-04-04 13:57 - 2014-04-04 13:57 - 0000036 _____ () C:\Users\Birgit\AppData\Local\housecall.guid.cache
2015-01-03 17:49 - 2015-01-03 17:49 - 0000000 _____ () C:\ProgramData\Folder Actions
2015-01-03 17:49 - 2015-01-03 17:49 - 0000000 _____ () C:\ProgramData\Grapher
2014-12-08 10:26 - 2015-01-03 17:49 - 0000000 ____H () C:\ProgramData\PKP_DLet.DAT
2014-12-08 10:26 - 2015-01-03 17:49 - 0000000 ____H () C:\ProgramData\PKP_DLev.DAT

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-08 01:56

==================== Ende von FRST.txt ============================

Warlord711 · 08.12.2015, 12:10

Schritt 1

Prüf bitte, ob in deinen Skype Einstellung dieser Haken vorhanden ist und ggf. deaktivieren.

Schritt 2
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3
Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Amarantine · 08.12.2015, 13:12

Hallo Timo,

erst einmal vielen Dank für deine prompte Hilfe!

Hier die gewünschten Dateien. Der Haken in Skype war schon aus.

Zunächst einmal FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
durchgeführt von Birgit (Administrator) auf BIRGIT-PC (08-12-2015 13:02:37)
Gestartet von D:\Downloads
Geladene Profile: Birgit (Verfügbare Profile: Birgit & Administrator & DefaultAppPool)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Logitech, Inc.) C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.0_none_95e4f9a171a1ad95\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\wmi64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
() C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
() C:\Users\Birgit\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [571192 2014-08-14] (Acronis)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-04] (Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5380368 2015-07-20] (Acronis)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-11-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [Nero BackItUp] => C:\Program Files (x86)\Nero\Nero BackItUp\BackItUp.exe [1126904 2015-08-13] (Nero AG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [693336 2015-07-19] (Acronis International GmbH)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [196648 2014-09-26] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd)
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\Run: [Amazon Music] => C:\Users\Birgit\AppData\Local\Amazon Music\Amazon Music Helper.exe [5887808 2015-07-21] ()
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50509440 2015-11-30] (Skype Technologies S.A.)
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[C1].txt [2818 2015-12-08] ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-08-24]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Finanzmanager 2016 Zahlungserinnerung.lnk [2015-09-25]
ShortcutTarget: Finanzmanager 2016 Zahlungserinnerung.lnk -> C:\Windows\Installer\{7429B83A-5AB6-4AEE-A53B-79B9742B9158}\BillMinder.8C5DA79E_7079_4AB3_81F7_712153351D0D.exe (Macrovision Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK [2014-11-29]
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2012-06-09]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SpyderUtility.lnk [2015-11-30]
ShortcutTarget: SpyderUtility.lnk -> C:\Program Files (x86)\Datacolor\Spyder5Elite\Utility\SpyderUtility.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-08-24]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-11-17]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4a69ca58-86bf-49f4-a7e8-21f408ac911c}: [NameServer] 192.168.178.1,141.1.1.1
Tcpip\..\Interfaces\{4a69ca58-86bf-49f4-a7e8-21f408ac911c}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-3964295598-1680719950-2001356993-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-3964295598-1680719950-2001356993-1000 -> {B27CE461-FF97-4E82-88D5-175A165E0F2D} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24] (CANON INC.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-19] (AO Kaspersky Lab)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2015-11-17] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-04] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-19] (AO Kaspersky Lab)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2015-11-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-04] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Keine Datei
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24] (CANON INC.)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-19] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24] (CANON INC.)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-19] (AO Kaspersky Lab)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-17] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-17] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-17] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-17] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-17] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-17] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-17] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2015-11-17] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-11-17] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-11-25] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2012-11-02] (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2015-11-17] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-08-01] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-11-25] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin HKU\S-1-5-21-3964295598-1680719950-2001356993-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Birgit\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-02-13] (Citrix Online)
FF Plugin HKU\S-1-5-21-3964295598-1680719950-2001356993-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Extension: Exif Viewer - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\extensions\exif_viewer@mozilla.doslash.org.xpi [2015-06-01]
FF Extension: FxIF - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi [2015-08-15]
FF Extension: Zoom Page - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\extensions\zoompage@DW-dev.xpi [2015-10-20]
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-12-01]
FF Extension: Kein Name - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\Extensions\ich@maltegoetz.de.xpi [2015-08-05] [ist nicht signiert]
FF Extension: Youtube and more - Easy Video Downloader - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\Extensions\vdpure@link64.xpi [2015-07-25]
FF Extension: 1-Click YouTube Video Downloader - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2015-05-29]
FF Extension: YouTube Unblocker - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\Extensions\youtubeunblocker@unblocker.yt [2015-12-07]
FF Extension: zip converter - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\Extensions\{3b3b1185-876b-49f6-9e2d-dd09a4075f6d}.xpi [2014-11-18] [ist nicht signiert]
FF Extension: Search by Image for Google - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\Extensions\{ab4b5718-3998-4a2c-91ae-18a7c2db513e}.xpi [2015-05-29]
FF Extension: Easy Youtube Video Downloader Express - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2015-12-07]
FF Extension: Video DownloadHelper - C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox

Chrome: 
=======
CHR Profile: C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-07]
CHR Extension: (Google Docs) - C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-07]
CHR Extension: (Google Drive) - C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-07]
CHR Extension: (YouTube) - C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-07]
CHR Extension: (Google-Suche) - C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-07]
CHR Extension: (Kaspersky Protection) - C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-12-07]
CHR Extension: (Google Tabellen) - C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-07]
CHR Extension: (Google Docs Offline) - C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-07]
CHR Extension: (Google Mail) - C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-07]
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - <kein Path/update_url>
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [dflinnddekagfkncpgojoppgnppfkbkj] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [683696 2015-11-16] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-02] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2869432 2015-11-01] (Microsoft Corporation)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [36904 2015-08-01] (CHENGDU YIWO Tech Development Co., Ltd)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [777744 2015-10-29] (Garmin Ltd. or its subsidiaries)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-16] (NVIDIA Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [64552 2014-11-06] (Haufe-Lexware GmbH & Co. KG)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26624 2015-11-14] (Microsoft Corporation)
R2 NeroBackItUpBackgroundService; C:\Program Files (x86)\Nero\Nero BackItUp\NBService.exe [279544 2015-08-13] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-16] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-16] (NVIDIA Corporation)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015x\RpcAgentSrv.exe [73200 2014-12-17] (SiSoftware) [Datei ist nicht signiert]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6849808 2015-11-10] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-08] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [671512 2014-12-22] (Wacom Technology, Corp.)

Amarantine · 08.12.2015, 14:15

FRST II

Code:

ATTFilter

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [14944 2014-11-18] ()
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48168 2014-12-15] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] ()
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2015-08-12] (Acronis International GmbH)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-10-19] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-10-19] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [934272 2015-12-01] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-09-25] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-10-19] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-11-05] (NVIDIA Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2015x\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 Spyder4; C:\Windows\System32\drivers\dccmtr.sys [15360 2011-06-02] (Datacolor)
R3 Spyder5; C:\Windows\System32\drivers\dccmtr.sys [15360 2011-06-02] (Datacolor)
R2 tib; C:\Windows\System32\DRIVERS\tib.sys [1058632 2015-08-12] (Acronis International GmbH)
S2 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [248648 2015-08-12] (Acronis International GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-08 10:18 - 2015-12-08 10:18 - 00000000 _____ C:\Users\Birgit\defogger_reenable
2015-12-08 09:09 - 2015-12-08 09:09 - 00000668 _____ C:\Users\Birgit\Desktop\JRT.txt
2015-12-08 09:01 - 2015-12-08 09:01 - 00000854 _____ C:\Users\Birgit\Desktop\JRT1.txt
2015-12-07 18:57 - 2015-12-07 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-07 15:01 - 2015-12-08 12:49 - 00000032 _____ C:\WINDOWS\SysWOW64\Eu(0-00000000).OD
2015-12-07 13:22 - 2015-12-08 10:29 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2922662B-BF97-4E47-8AF3-2089EE1F7194}
2015-12-07 10:55 - 2015-12-07 10:55 - 00000000 ____D C:\Users\Birgit\AppData\Local\ESET
2015-12-07 10:46 - 2015-12-07 10:46 - 00000000 ____D C:\Users\Birgit\AppData\Local\Deployment
2015-12-07 10:28 - 2015-12-07 10:28 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-12-07 08:48 - 2015-12-07 08:48 - 00000000 ____D C:\ProgramData\ESET
2015-12-07 08:48 - 2015-12-07 08:48 - 00000000 ____D C:\Program Files\ESET
2015-12-07 08:08 - 2015-12-08 12:59 - 00000000 ____D C:\AdwCleaner
2015-12-07 00:37 - 2015-12-07 14:46 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-12-07 00:37 - 2015-12-07 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-12-07 00:37 - 2015-12-07 08:33 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Lavasoft
2015-12-07 00:37 - 2015-12-07 00:37 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\LavasoftStatistics
2015-12-07 00:36 - 2015-12-07 00:36 - 00000000 ____D C:\Program Files\Lavasoft
2015-12-07 00:35 - 2015-12-07 14:46 - 00000000 ____D C:\ProgramData\Lavasoft
2015-12-07 00:35 - 2015-12-07 00:35 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2015-12-07 00:24 - 2015-12-07 00:24 - 00000000 ____D C:\VundoFix Backups
2015-12-04 08:46 - 2015-12-04 08:46 - 00000000 ____D C:\Users\Birgit\AppData\LocalLow\Yahoo
2015-12-04 08:46 - 2015-12-04 08:46 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-12-03 20:38 - 2015-12-03 20:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ON1
2015-12-03 20:38 - 2015-12-03 20:38 - 00000000 ____D C:\Program Files\ON1
2015-12-03 20:38 - 2015-12-03 20:38 - 00000000 ____D C:\Program Files (x86)\ON1
2015-12-03 19:57 - 2015-11-22 11:47 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-03 19:57 - 2015-11-22 11:47 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 19:57 - 2015-11-22 11:41 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-03 19:57 - 2015-11-22 11:41 - 01284960 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-03 19:57 - 2015-11-22 11:41 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-03 19:57 - 2015-11-22 11:35 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-03 19:57 - 2015-11-22 11:34 - 00975200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-03 19:57 - 2015-11-22 11:34 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2015-12-03 19:57 - 2015-11-22 11:33 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2015-12-03 19:57 - 2015-11-22 11:33 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-03 19:57 - 2015-11-22 11:33 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-03 19:57 - 2015-11-22 11:30 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-12-03 19:57 - 2015-11-22 11:30 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-12-03 19:57 - 2015-11-22 11:26 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-03 19:57 - 2015-11-22 11:25 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2015-12-03 19:57 - 2015-11-22 11:24 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-03 19:57 - 2015-11-22 11:20 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-12-03 19:57 - 2015-11-22 11:19 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-12-03 19:57 - 2015-11-22 11:14 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-03 19:57 - 2015-11-22 10:57 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-03 19:57 - 2015-11-22 10:56 - 22394880 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-03 19:57 - 2015-11-22 10:56 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-03 19:57 - 2015-11-22 10:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-03 19:57 - 2015-11-22 10:55 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-03 19:57 - 2015-11-22 10:54 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-03 19:57 - 2015-11-22 10:54 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2015-12-03 19:57 - 2015-11-22 10:54 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-03 19:57 - 2015-11-22 10:52 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-03 19:57 - 2015-11-22 10:50 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2015-12-03 19:57 - 2015-11-22 10:49 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-03 19:57 - 2015-11-22 10:45 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-03 19:57 - 2015-11-22 10:45 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-03 19:57 - 2015-11-22 10:45 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-03 19:57 - 2015-11-22 10:44 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-03 19:57 - 2015-11-22 10:43 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-03 19:57 - 2015-11-22 10:43 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-12-03 19:57 - 2015-11-22 10:43 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2015-12-03 19:57 - 2015-11-22 10:42 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-03 19:57 - 2015-11-22 10:42 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-03 19:57 - 2015-11-22 10:42 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-03 19:57 - 2015-11-22 10:41 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-03 19:57 - 2015-11-22 10:41 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-03 19:57 - 2015-11-22 10:39 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-03 19:57 - 2015-11-22 10:39 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-03 19:57 - 2015-11-22 10:39 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-03 19:57 - 2015-11-22 10:39 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-03 19:57 - 2015-11-22 10:39 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-03 19:57 - 2015-11-22 10:38 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-03 19:57 - 2015-11-22 10:38 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-03 19:57 - 2015-11-22 10:38 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-03 19:57 - 2015-11-22 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2015-12-03 19:57 - 2015-11-22 10:38 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2015-12-03 19:57 - 2015-11-22 10:37 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-03 19:57 - 2015-11-22 10:37 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-03 19:57 - 2015-11-22 10:37 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-12-03 19:57 - 2015-11-22 10:36 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-03 19:57 - 2015-11-22 10:34 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-03 19:57 - 2015-11-22 10:34 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2015-12-03 19:57 - 2015-11-22 10:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-03 19:57 - 2015-11-22 10:33 - 13380608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-03 19:57 - 2015-11-22 10:33 - 02587136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-03 19:57 - 2015-11-22 10:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2015-12-03 19:57 - 2015-11-22 10:32 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-03 19:57 - 2015-11-22 10:31 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-03 19:57 - 2015-11-22 10:31 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-03 19:57 - 2015-11-22 10:30 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-03 19:57 - 2015-11-22 10:30 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-03 19:57 - 2015-11-22 10:28 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-03 19:57 - 2015-11-22 10:28 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-03 19:57 - 2015-11-22 10:28 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-03 19:57 - 2015-11-22 10:28 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-12-03 19:57 - 2015-11-22 10:28 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-03 19:57 - 2015-11-22 10:27 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-03 19:57 - 2015-11-22 10:27 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-03 19:57 - 2015-11-22 10:27 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-03 19:57 - 2015-11-22 10:27 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2015-12-03 19:57 - 2015-11-22 10:26 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-03 19:57 - 2015-11-22 10:26 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-03 19:57 - 2015-11-22 10:26 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2015-12-03 19:57 - 2015-11-22 10:26 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-12-03 19:57 - 2015-11-22 10:25 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-03 19:57 - 2015-11-22 10:24 - 12124672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-03 19:57 - 2015-11-22 10:24 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-03 19:57 - 2015-11-22 10:24 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-03 19:57 - 2015-11-22 10:24 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-12-03 19:57 - 2015-11-22 10:20 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-03 19:57 - 2015-11-22 10:19 - 02064384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-03 19:57 - 2015-11-22 10:18 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-03 19:57 - 2015-11-22 10:18 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-12-03 19:57 - 2015-11-22 10:18 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2015-12-03 19:57 - 2015-11-22 10:17 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-03 19:57 - 2015-11-22 10:17 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-03 19:57 - 2015-11-22 10:16 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-03 19:57 - 2015-11-22 10:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-12-03 19:56 - 2015-11-22 11:00 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2015-12-03 19:56 - 2015-11-22 11:00 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2015-12-03 19:56 - 2015-11-22 10:57 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-03 19:56 - 2015-11-22 10:57 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-03 19:56 - 2015-11-22 10:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-03 19:56 - 2015-11-22 10:57 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-03 19:56 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-03 19:56 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-03 19:56 - 2015-11-22 10:56 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2015-12-03 19:56 - 2015-11-22 10:55 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-03 19:56 - 2015-11-22 10:54 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-03 19:56 - 2015-11-22 10:54 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2015-12-03 19:56 - 2015-11-22 10:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-03 19:56 - 2015-11-22 10:54 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2015-12-03 19:56 - 2015-11-22 10:54 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-03 19:56 - 2015-11-22 10:54 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-03 19:56 - 2015-11-22 10:52 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2015-12-03 19:56 - 2015-11-22 10:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-03 19:56 - 2015-11-22 10:52 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-12-03 19:56 - 2015-11-22 10:52 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-03 19:56 - 2015-11-22 10:51 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-03 19:56 - 2015-11-22 10:51 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-03 19:56 - 2015-11-22 10:51 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2015-12-03 19:56 - 2015-11-22 10:51 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-03 19:56 - 2015-11-22 10:51 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-12-03 19:56 - 2015-11-22 10:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-03 19:56 - 2015-11-22 10:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-12-03 19:56 - 2015-11-22 10:49 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2015-12-03 19:56 - 2015-11-22 10:48 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2015-12-03 19:56 - 2015-11-22 10:47 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-03 19:56 - 2015-11-22 10:46 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-03 19:56 - 2015-11-22 10:46 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-03 19:56 - 2015-11-22 10:45 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-03 19:56 - 2015-11-22 10:45 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-03 19:56 - 2015-11-22 10:45 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-03 19:56 - 2015-11-22 10:45 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-03 19:56 - 2015-11-22 10:45 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2015-12-03 19:56 - 2015-11-22 10:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-03 19:56 - 2015-11-22 10:45 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-03 19:56 - 2015-11-22 10:44 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-03 19:56 - 2015-11-22 10:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2015-12-03 19:56 - 2015-11-22 10:43 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-03 19:56 - 2015-11-22 10:43 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-03 19:56 - 2015-11-22 10:43 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-03 19:56 - 2015-11-22 10:42 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-03 19:56 - 2015-11-22 10:42 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-03 19:56 - 2015-11-22 10:42 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2015-12-03 19:56 - 2015-11-22 10:42 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2015-12-03 19:56 - 2015-11-22 10:41 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-03 19:56 - 2015-11-22 10:40 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-03 19:56 - 2015-11-22 10:40 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-03 19:56 - 2015-11-22 10:40 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-03 19:56 - 2015-11-22 10:40 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2015-12-03 19:56 - 2015-11-22 10:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-03 19:56 - 2015-11-22 10:39 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-03 19:56 - 2015-11-22 10:39 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-03 19:56 - 2015-11-22 10:39 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2015-12-03 19:56 - 2015-11-22 10:39 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2015-12-03 19:56 - 2015-11-22 10:39 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2015-12-03 19:56 - 2015-11-22 10:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-12-03 19:56 - 2015-11-22 10:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-03 19:56 - 2015-11-22 10:34 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-12-03 19:56 - 2015-11-22 10:34 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-03 19:56 - 2015-11-22 10:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-03 19:56 - 2015-11-22 10:33 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2015-12-03 19:56 - 2015-11-22 10:32 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-03 19:56 - 2015-11-22 10:31 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-03 19:56 - 2015-11-22 10:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-03 19:56 - 2015-11-22 10:28 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-03 19:56 - 2015-11-22 10:28 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-03 19:56 - 2015-11-22 10:28 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2015-12-03 19:56 - 2015-11-22 10:28 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2015-12-03 19:56 - 2015-11-22 10:27 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-03 19:56 - 2015-11-22 10:27 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-03 19:56 - 2015-11-22 10:25 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-03 19:56 - 2015-11-22 10:25 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-03 19:56 - 2015-11-22 10:24 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2015-12-03 19:56 - 2015-11-22 10:24 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2015-12-03 19:56 - 2015-11-22 10:23 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-02 14:03 - 2015-11-24 19:42 - 00102704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-12-02 14:02 - 2015-11-25 00:07 - 37882672 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 18389624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 14844304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 13533416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 12040952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 02876536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 02496816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435906.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435906.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 00877872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 00689784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 00445400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-12-02 14:02 - 2015-11-25 00:07 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-12-01 22:31 - 2015-12-01 22:31 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-12-01 21:14 - 2015-12-01 21:14 - 00000000 ____D C:\Users\Birgit\AppData\Local\Intel
2015-12-01 21:12 - 2015-12-01 21:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-12-01 21:12 - 2015-12-01 21:12 - 00000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2015-12-01 13:59 - 2015-12-01 14:00 - 00000000 ____D C:\Program Files (x86)\Franzis
2015-12-01 11:23 - 2015-12-01 11:23 - 00076330 _____ C:\Users\Birgit\Desktop\PFx REFLECTIONS.atn
2015-12-01 11:13 - 2015-11-16 04:54 - 00112712 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-12-01 11:12 - 2015-11-25 00:07 - 42913912 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-12-01 11:12 - 2015-11-25 00:07 - 16561320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-12-01 11:12 - 2015-11-25 00:07 - 15839392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-12-01 11:12 - 2015-11-16 04:54 - 01905456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435900.dll
2015-12-01 11:12 - 2015-11-16 04:54 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435900.dll
2015-11-30 18:38 - 2015-11-30 18:38 - 00002246 _____ C:\Users\Birgit\Desktop\Spyder5Elite 5.0.lnk
2015-11-29 18:37 - 2015-11-29 18:37 - 00003668 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-seh-n-sucht@seh-n-sucht.de
2015-11-28 10:28 - 2015-11-28 10:28 - 00001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-11-25 09:16 - 2015-11-21 07:21 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-11-25 09:16 - 2015-11-21 07:02 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-11-25 09:16 - 2015-11-21 06:44 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-11-25 09:16 - 2015-11-21 06:29 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-11-25 09:16 - 2015-11-21 06:07 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-11-21 12:40 - 2015-12-07 13:21 - 00000000 ____D C:\Users\DefaultAppPool
2015-11-21 12:40 - 2015-11-21 12:40 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2015-11-21 12:40 - 2015-11-21 12:40 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2015-11-21 12:40 - 2015-11-15 00:17 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\onOne Software
2015-11-21 12:40 - 2015-11-15 00:17 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2015-11-21 12:40 - 2015-11-15 00:17 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia
2015-11-21 12:40 - 2015-11-15 00:17 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Garmin
2015-11-21 12:40 - 2015-11-15 00:17 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Adobe
2015-11-21 12:40 - 2015-11-15 00:17 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Local\Microsoft Help
2015-11-19 19:28 - 2015-11-13 07:55 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-11-19 19:28 - 2015-11-13 07:51 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-11-19 19:28 - 2015-11-13 07:51 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-11-19 19:28 - 2015-11-13 07:51 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-11-19 19:28 - 2015-11-13 07:43 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-11-19 19:28 - 2015-11-13 07:43 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-11-19 19:28 - 2015-11-13 07:43 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-11-19 19:28 - 2015-11-13 07:43 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-11-19 19:28 - 2015-11-13 07:43 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-11-19 19:28 - 2015-11-13 07:43 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-11-19 19:28 - 2015-11-13 07:43 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-11-19 19:28 - 2015-11-13 07:42 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-11-19 19:28 - 2015-11-13 07:42 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-11-19 19:28 - 2015-11-13 07:42 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-11-19 19:28 - 2015-11-13 07:41 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-11-19 19:28 - 2015-11-13 07:41 - 03670832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-19 19:28 - 2015-11-13 07:33 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-11-19 19:28 - 2015-11-13 07:33 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-11-19 19:28 - 2015-11-13 07:33 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-11-19 19:28 - 2015-11-13 07:32 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-11-19 19:28 - 2015-11-13 07:21 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-11-19 19:28 - 2015-11-13 07:21 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-11-19 19:28 - 2015-11-13 07:21 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-11-19 19:28 - 2015-11-13 07:21 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-11-19 19:28 - 2015-11-13 07:21 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-11-19 19:28 - 2015-11-13 07:21 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-11-19 19:28 - 2015-11-13 07:21 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-11-19 19:28 - 2015-11-13 07:21 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-11-19 19:28 - 2015-11-13 07:19 - 02918808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-19 19:28 - 2015-11-13 07:18 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-11-19 19:28 - 2015-11-13 07:09 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-11-19 19:28 - 2015-11-13 07:07 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-11-19 19:28 - 2015-11-13 07:06 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-11-19 19:28 - 2015-11-13 07:05 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-11-19 19:28 - 2015-11-13 07:05 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-11-19 19:28 - 2015-11-13 07:05 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-11-19 19:28 - 2015-11-13 07:05 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-11-19 19:28 - 2015-11-13 07:04 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-11-19 19:28 - 2015-11-13 07:04 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-11-19 19:28 - 2015-11-13 07:04 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-11-19 19:28 - 2015-11-13 07:03 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-11-19 19:28 - 2015-11-13 07:03 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-11-19 19:28 - 2015-11-13 07:02 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-11-19 19:28 - 2015-11-13 07:02 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-11-19 19:28 - 2015-11-13 07:01 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-11-19 19:28 - 2015-11-13 07:00 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-11-19 19:28 - 2015-11-13 07:00 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-11-19 19:28 - 2015-11-13 06:59 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-11-19 19:28 - 2015-11-13 06:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-11-19 19:28 - 2015-11-13 06:58 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-11-19 19:28 - 2015-11-13 06:57 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-11-19 19:28 - 2015-11-13 06:57 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-11-19 19:28 - 2015-11-13 06:56 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-11-19 19:28 - 2015-11-13 06:56 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-11-19 19:28 - 2015-11-13 06:56 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-11-19 19:28 - 2015-11-13 06:55 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-11-19 19:28 - 2015-11-13 06:55 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-11-19 19:28 - 2015-11-13 06:54 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-11-19 19:28 - 2015-11-13 06:53 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-11-19 19:28 - 2015-11-13 06:53 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-11-19 19:28 - 2015-11-13 06:50 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-19 19:28 - 2015-11-13 06:49 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-19 19:28 - 2015-11-13 06:40 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-11-19 19:28 - 2015-11-13 06:40 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-11-19 19:28 - 2015-11-13 06:39 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-11-19 19:28 - 2015-11-13 06:37 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-11-19 19:28 - 2015-11-13 06:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-11-19 19:28 - 2015-11-13 06:33 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-11-19 19:28 - 2015-11-13 06:32 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-11-19 19:28 - 2015-11-13 06:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-11-19 19:28 - 2015-11-13 06:30 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-11-19 19:28 - 2015-11-13 06:29 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-11-19 19:28 - 2015-11-13 06:28 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-11-19 19:28 - 2015-11-13 06:27 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-11-19 19:28 - 2015-11-13 06:23 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-19 19:28 - 2015-11-13 06:19 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-11-17 16:00 - 2015-11-17 16:00 - 02447648 _____ (DataDesign AG) C:\WINDOWS\SysWOW64\DDBACCPL.CPL
2015-11-17 16:00 - 2015-11-17 16:00 - 01833248 _____ (DataDesign AG) C:\WINDOWS\SysWOW64\ddBACCTM.cpl
2015-11-17 08:52 - 2015-11-17 08:52 - 00002473 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2015-11-17 08:52 - 2015-11-17 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2015-11-17 08:51 - 2015-11-17 08:51 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-11-16 19:30 - 2015-11-16 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photomatix Pro 5.1
2015-11-16 11:19 - 2015-11-16 11:19 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-11-16 11:07 - 2015-11-16 11:07 - 00000000 ____D C:\Users\Birgit\AppData\Local\PeerDistRepub
2015-11-16 10:49 - 2015-11-16 10:49 - 00000707 _____ C:\Users\Birgit\Desktop\BT747.lnk
2015-11-15 11:23 - 2015-11-15 11:23 - 00001103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2015-11-15 08:39 - 2015-11-15 08:39 - 00002541 _____ C:\Users\Birgit\Desktop\Sicherer Zahlungsverkehr.lnk
2015-11-15 08:38 - 2015-11-15 08:38 - 00002231 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-11-15 08:36 - 2015-11-15 08:36 - 00000000 ____D C:\Users\Birgit\AppData\Local\MicrosoftEdge
2015-11-15 08:32 - 2015-11-15 08:32 - 00002420 _____ C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-15 08:32 - 2015-11-15 08:32 - 00000000 ___RD C:\Users\Birgit\OneDrive
2015-11-15 08:31 - 2015-11-15 08:31 - 00000000 ____D C:\Users\Birgit\AppData\Local\Comms
2015-11-15 08:30 - 2015-11-15 08:30 - 00000000 ____D C:\Users\Birgit\AppData\Local\ActiveSync
2015-11-15 08:30 - 2015-11-15 08:30 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-11-15 08:28 - 2015-12-05 10:01 - 00000000 ____D C:\Users\Birgit\AppData\Local\Packages
2015-11-15 08:28 - 2015-11-21 10:08 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-11-15 08:28 - 2015-11-15 08:28 - 00000020 ___SH C:\Users\Birgit\ntuser.ini
2015-11-15 08:28 - 2015-11-15 08:28 - 00000000 ____D C:\Users\Birgit\AppData\Local\TileDataLayer
2015-11-15 08:28 - 2015-11-15 08:28 - 00000000 ____D C:\Users\Birgit\AppData\Local\Publishers
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-11-15 00:24 - 2015-11-15 00:24 - 00000000 ____D C:\ProgramData\USOShared
2015-11-15 00:23 - 2015-12-08 13:00 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-15 00:23 - 2015-11-15 00:23 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-11-15 00:17 - 2015-11-15 00:17 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default\AppData\Roaming\onOne Software
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default\AppData\Roaming\Garmin
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default\AppData\Roaming\Adobe
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default User\AppData\Roaming\onOne Software
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Garmin
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Adobe
2015-11-15 00:17 - 2015-11-15 00:17 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-11-15 00:13 - 2015-11-15 00:13 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-11-15 00:10 - 2015-12-08 10:18 - 00000000 ____D C:\Users\Birgit
2015-11-15 00:10 - 2015-12-07 13:21 - 00000000 ____D C:\Users\Administrator
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\Vorlagen
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\Startmenü
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\Netzwerkumgebung
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\Lokale Einstellungen
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\Eigene Dateien
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\Druckumgebung
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\Documents\Eigene Videos
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\Documents\Eigene Musik
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\Documents\Eigene Bilder
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\AppData\Local\Verlauf
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\AppData\Local\Anwendungsdaten
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Birgit\Anwendungsdaten
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2015-11-15 00:10 - 2015-11-15 00:10 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2015-11-15 00:07 - 2015-12-07 13:23 - 07363308 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-15 00:07 - 2015-11-15 00:07 - 19252572 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-11-15 00:06 - 2015-12-08 13:00 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-15 00:06 - 2015-12-02 14:03 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-15 00:06 - 2015-11-24 20:32 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-11-15 00:06 - 2015-11-24 20:32 - 02983032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-11-15 00:06 - 2015-11-24 20:32 - 02554672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-11-15 00:06 - 2015-11-24 20:32 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-11-15 00:06 - 2015-11-24 20:32 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-11-15 00:06 - 2015-11-24 20:32 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-11-15 00:06 - 2015-11-23 21:35 - 06049858 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-11-15 00:06 - 2015-11-15 00:06 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_LMouFilt_01005.Wdf
2015-11-15 00:06 - 2015-11-15 00:06 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_LHidFilt_01005.Wdf
2015-11-15 00:06 - 2015-11-15 00:06 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2015-11-15 00:06 - 2015-11-15 00:06 - 00000000 ____D C:\Program Files\VIA
2015-11-15 00:05 - 2015-12-08 13:00 - 00000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2015-11-15 00:05 - 2015-11-15 00:13 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-11-15 00:05 - 2015-11-15 00:13 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-11-15 00:05 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-11-15 00:04 - 2015-11-15 00:13 - 00000000 ____D C:\Program Files\Common Files\logishrd
2015-11-15 00:04 - 2015-11-15 00:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-11-15 00:03 - 2015-11-27 09:30 - 05151232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-15 00:02 - 2015-11-15 08:48 - 00000000 ___DC C:\WINDOWS\Panther
2015-11-14 23:58 - 2015-11-14 23:58 - 00000000 ____D C:\Windows.old
2015-11-14 23:56 - 2015-11-14 23:56 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-14 23:56 - 2015-11-14 23:56 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-14 23:56 - 2015-11-14 23:56 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-14 23:56 - 2015-11-14 23:56 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-14 23:56 - 2015-11-14 23:56 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-14 23:56 - 2015-11-14 23:56 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-14 23:56 - 2015-11-14 23:56 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-11-14 23:56 - 2015-11-14 23:56 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-11-14 23:56 - 2015-11-14 23:56 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-11-14 19:56 - 2015-10-29 19:43 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2015-11-14 19:56 - 2015-10-29 19:43 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2015-11-14 19:56 - 2015-10-29 19:41 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2015-11-14 19:56 - 2015-10-29 19:25 - 06359040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2015-11-14 19:56 - 2015-10-29 19:24 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2015-11-14 19:13 - 2015-11-14 19:13 - 00000000 ____D C:\WINDOWS\system32\hr
2015-11-14 19:09 - 2015-12-07 13:23 - 00207192 _____ C:\WINDOWS\system32\prfh0404.dat
2015-11-14 19:09 - 2015-12-07 13:23 - 00069504 _____ C:\WINDOWS\system32\prfc0404.dat
2015-11-14 19:09 - 2015-11-14 19:08 - 00119664 _____ C:\WINDOWS\system32\prfi0404.dat
2015-11-14 19:09 - 2015-11-14 19:08 - 00033362 _____ C:\WINDOWS\system32\prfd0404.dat
2015-11-14 18:59 - 2015-11-14 18:59 - 00000000 ____D C:\WINDOWS\system32\sl
2015-11-14 18:56 - 2015-11-14 18:56 - 00000000 ____D C:\WINDOWS\system32\th
2015-11-14 18:47 - 2015-11-14 18:47 - 00000000 ____D C:\WINDOWS\system32\ro
2015-11-14 18:40 - 2015-12-07 13:23 - 00497604 _____ C:\WINDOWS\system32\prfh0804.dat
2015-11-14 18:40 - 2015-12-07 13:23 - 00159306 _____ C:\WINDOWS\system32\prfc0804.dat
2015-11-14 18:40 - 2015-11-14 18:40 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HANS
2015-11-14 18:40 - 2015-11-14 18:40 - 00000000 ____D C:\WINDOWS\system32\zh-HANS
2015-11-14 18:40 - 2015-11-14 18:39 - 00113096 _____ C:\WINDOWS\system32\prfi0804.dat
2015-11-14 18:40 - 2015-11-14 18:39 - 00033362 _____ C:\WINDOWS\system32\prfd0804.dat
2015-11-14 18:25 - 2015-12-07 13:23 - 00548864 _____ C:\WINDOWS\system32\perfh011.dat
2015-11-14 18:25 - 2015-12-07 13:23 - 00159306 _____ C:\WINDOWS\system32\perfc011.dat
2015-11-14 18:25 - 2015-11-14 18:25 - 00144476 _____ C:\WINDOWS\system32\perfi011.dat
2015-11-14 18:25 - 2015-11-14 18:25 - 00033362 _____ C:\WINDOWS\system32\perfd011.dat
2015-11-14 18:25 - 2015-11-14 18:25 - 00000000 ____D C:\WINDOWS\SysWOW64\ja
2015-11-14 18:25 - 2015-11-14 18:25 - 00000000 ____D C:\WINDOWS\system32\ja
2015-11-14 18:24 - 2015-11-14 18:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\lzhfldr2.dll
2015-11-14 18:24 - 2015-11-14 18:24 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lzhfldr2.dll
2015-11-14 18:07 - 2015-11-14 18:07 - 00000000 ____D C:\WINDOWS\system32\lv
2015-11-14 18:00 - 2015-12-07 13:23 - 00791020 _____ C:\WINDOWS\system32\perfh01F.dat
2015-11-14 18:00 - 2015-12-07 13:23 - 00174272 _____ C:\WINDOWS\system32\perfc01F.dat
2015-11-14 18:00 - 2015-11-14 18:00 - 00000000 ____D C:\WINDOWS\SysWOW64\tr
2015-11-14 18:00 - 2015-11-14 18:00 - 00000000 ____D C:\WINDOWS\system32\tr
2015-11-14 18:00 - 2015-11-14 17:59 - 00289982 _____ C:\WINDOWS\system32\perfi01F.dat
2015-11-14 18:00 - 2015-11-14 17:59 - 00039088 _____ C:\WINDOWS\system32\perfd01F.dat
2015-11-14 17:51 - 2015-12-07 13:23 - 00884720 _____ C:\WINDOWS\system32\perfh00C.dat
2015-11-14 17:51 - 2015-12-07 13:23 - 00181276 _____ C:\WINDOWS\system32\perfc00C.dat
2015-11-14 17:51 - 2015-11-14 17:51 - 00350774 _____ C:\WINDOWS\system32\perfi00C.dat
2015-11-14 17:51 - 2015-11-14 17:51 - 00040528 _____ C:\WINDOWS\system32\perfd00C.dat
2015-11-14 17:51 - 2015-11-14 17:51 - 00000000 ____D C:\WINDOWS\SysWOW64\fr
2015-11-14 17:51 - 2015-11-14 17:51 - 00000000 ____D C:\WINDOWS\system32\fr
2015-11-14 17:47 - 2015-12-07 13:23 - 00451558 _____ C:\WINDOWS\system32\perfh001.dat
2015-11-14 17:47 - 2015-12-07 13:23 - 00077080 _____ C:\WINDOWS\system32\perfc001.dat
2015-11-14 17:47 - 2015-11-14 17:47 - 00296742 _____ C:\WINDOWS\system32\perfi001.dat
2015-11-14 17:47 - 2015-11-14 17:47 - 00033362 _____ C:\WINDOWS\system32\perfd001.dat
2015-11-14 17:47 - 2015-11-14 17:47 - 00000000 ____D C:\WINDOWS\system32\ar
2015-11-14 17:39 - 2015-12-07 13:23 - 00876900 _____ C:\WINDOWS\system32\perfh015.dat
2015-11-14 17:39 - 2015-12-07 13:23 - 00185740 _____ C:\WINDOWS\system32\perfc015.dat
2015-11-14 17:39 - 2015-11-14 17:39 - 00342912 _____ C:\WINDOWS\system32\perfi015.dat
2015-11-14 17:39 - 2015-11-14 17:39 - 00041236 _____ C:\WINDOWS\system32\perfd015.dat
2015-11-14 17:39 - 2015-11-14 17:39 - 00000000 ____D C:\WINDOWS\SysWOW64\pl
2015-11-14 17:39 - 2015-11-14 17:39 - 00000000 ____D C:\WINDOWS\system32\pl
2015-11-14 17:37 - 2015-11-14 17:37 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-11-14 17:32 - 2015-12-06 12:16 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-11-14 17:32 - 2015-12-04 19:13 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-11-14 17:32 - 2015-11-14 17:32 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-11-14 17:32 - 2015-11-14 17:32 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-11-14 17:32 - 2015-11-14 17:32 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-11-14 17:32 - 2015-11-14 17:32 - 00000000 ____D C:\Program Files\MSBuild
2015-11-14 17:32 - 2015-11-14 17:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-11-14 17:32 - 2015-11-14 17:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-11-14 17:32 - 2015-11-14 17:32 - 00000000 ____D C:\inetpub
2015-11-14 17:32 - 2012-09-21 05:00 - 00303104 _____ (CANON INC.) C:\WINDOWS\system32\CNCALBL.DLL
2015-11-14 17:32 - 2012-09-20 05:00 - 00390656 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMBL.DLL
2015-11-14 17:31 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-11-14 17:31 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-11-14 17:31 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-11-14 17:31 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-11-14 17:31 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-11-14 17:31 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-11-14 17:16 - 2015-11-15 00:23 - 00014259 _____ C:\WINDOWS\diagerr.xml
2015-11-14 17:16 - 2015-11-15 00:23 - 00013338 _____ C:\WINDOWS\diagwrn.xml
2015-11-14 15:13 - 2015-12-07 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup Free 8.9
2015-11-14 15:13 - 2015-11-14 15:15 - 00001821 ____H C:\WINDOWS\EPMBatch.ept
2015-11-14 15:13 - 2015-11-14 15:13 - 00002147 _____ C:\Users\Public\Desktop\EaseUS Todo Backup Free 8.9 .lnk
2015-11-14 15:13 - 2014-12-15 00:59 - 00192040 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\EuFdDisk.sys
2015-11-14 15:13 - 2014-12-15 00:59 - 00060968 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\eubakup.sys
2015-11-14 15:13 - 2014-12-15 00:59 - 00048168 _____ C:\WINDOWS\system32\Drivers\EUBKMON.sys
2015-11-14 15:13 - 2014-12-15 00:59 - 00018472 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\Drivers\eudskacs.sys
2015-11-14 15:12 - 2015-12-07 13:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.8
2015-11-14 15:12 - 2015-09-21 00:30 - 03557000 _____ C:\WINDOWS\system32\BootMan.exe
2015-11-14 15:12 - 2015-09-21 00:19 - 02658952 _____ C:\WINDOWS\SysWOW64\BootMan.exe
2015-11-14 15:12 - 2014-12-15 01:03 - 00024104 _____ (CHENGDU YIWO Tech Development Co., Ltd) C:\WINDOWS\system32\fbnative.exe
2015-11-14 15:12 - 2014-11-18 14:46 - 00021088 _____ C:\WINDOWS\SysWOW64\EuEpmGdi.dll
2015-11-14 15:12 - 2014-11-18 14:46 - 00017504 _____ C:\WINDOWS\system32\EuEpmGdi.dll
2015-11-14 15:12 - 2014-11-18 14:39 - 00018528 _____ C:\WINDOWS\system32\epmntdrv.sys
2015-11-14 15:12 - 2014-11-18 14:39 - 00014944 _____ C:\WINDOWS\SysWOW64\epmntdrv.sys
2015-11-14 15:12 - 2014-11-18 14:39 - 00010848 _____ C:\WINDOWS\system32\EuGdiDrv.sys
2015-11-14 15:12 - 2014-11-18 14:39 - 00010208 _____ C:\WINDOWS\SysWOW64\EuGdiDrv.sys
2015-11-14 15:12 - 2014-11-18 14:38 - 00101984 _____ C:\WINDOWS\system32\setupempdrvx64.exe
2015-11-14 15:12 - 2014-11-18 14:38 - 00088160 _____ C:\WINDOWS\SysWOW64\setupempdrv03.exe
2015-11-14 14:58 - 2015-12-07 13:09 - 00000000 ____D C:\Program Files (x86)\EaseUS
2015-11-12 23:00 - 2015-11-12 23:00 - 00001088 _____ C:\Users\Administrator\Desktop\Topaz Texture Effects (64-bit).lnk
2015-11-11 08:35 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.exe
2015-11-11 08:35 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmlmedia.dll
2015-11-11 08:35 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmlmedia.dll
2015-11-11 08:35 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-11-10 12:50 - 2015-11-05 18:13 - 01572496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2015-11-10 12:50 - 2015-11-05 18:13 - 00205456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2015-11-10 12:50 - 2015-11-05 18:13 - 00072504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-11-10 12:50 - 2015-11-05 18:13 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-11-10 12:50 - 2015-11-05 18:13 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-11-10 12:50 - 2015-11-05 18:13 - 00039240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-11-09 18:50 - 2015-11-28 19:00 - 00001058 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-08 13:02 - 2015-07-01 22:01 - 00000000 ____D C:\FRST
2015-12-08 13:02 - 2015-04-07 20:46 - 00000000 ___RD C:\Users\Birgit\Creative Cloud Files
2015-12-08 13:02 - 2015-01-14 12:04 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-12-08 13:02 - 2014-09-21 14:38 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-12-08 13:02 - 2013-04-12 10:54 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-08 13:02 - 2012-06-09 19:34 - 00000000 ____D C:\Users\Birgit\AppData\Local\Adobe
2015-12-08 13:02 - 2012-06-09 19:21 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Skype
2015-12-08 13:00 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-08 13:00 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2015-12-08 12:59 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2015-12-08 12:59 - 2014-04-04 14:02 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-12-08 12:50 - 2012-06-19 08:04 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-08 12:13 - 2015-07-21 21:12 - 00000684 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3964295598-1680719950-2001356993-1000.job
2015-12-08 12:12 - 2013-04-12 10:54 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-08 12:06 - 2015-07-21 21:12 - 00000588 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3964295598-1680719950-2001356993-1000.job
2015-12-08 10:37 - 2015-07-11 08:56 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-08 10:31 - 2012-06-09 17:24 - 00000000 ____D C:\Users\Birgit\Documents\Outlook-Dateien
2015-12-08 06:16 - 2015-07-21 21:12 - 00003844 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-3964295598-1680719950-2001356993-1000
2015-12-08 06:16 - 2015-07-21 21:12 - 00003748 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-3964295598-1680719950-2001356993-1000
2015-12-07 18:56 - 2013-04-12 10:54 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-07 13:23 - 2015-10-30 19:35 - 00891608 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-07 13:23 - 2015-10-30 19:35 - 00198192 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-07 13:22 - 2012-07-29 11:08 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-07 13:19 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-12-07 13:12 - 2012-06-11 08:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebSite X5 v9 - Evolution
2015-12-07 13:11 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-07 13:11 - 2015-06-17 14:01 - 00000000 ____D C:\Program Files (x86)\SaalDesignSoftware
2015-12-07 13:11 - 2014-10-29 08:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-07 13:11 - 2014-09-05 15:45 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\fc prints Fotobuch
2015-12-07 13:11 - 2014-08-15 08:49 - 00000000 ____D C:\ProgramData\WhiteWall
2015-12-07 13:11 - 2014-08-15 08:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhiteWall
2015-12-07 13:11 - 2014-08-15 08:49 - 00000000 ____D C:\Program Files (x86)\WhiteWall
2015-12-07 13:11 - 2013-12-23 16:05 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-12-07 13:11 - 2013-11-03 13:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CamStudio 2.7
2015-12-07 13:11 - 2013-11-03 13:08 - 00000000 ____D C:\Program Files\CamStudio 2.7
2015-12-07 13:11 - 2012-11-28 18:34 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-12-07 13:11 - 2012-06-24 11:00 - 00000000 ____D C:\Program Files\CCleaner
2015-12-07 13:11 - 2012-06-11 08:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Datacolor
2015-12-07 13:11 - 2012-06-11 08:00 - 00000000 ____D C:\Program Files (x86)\WebSite X5 v9 - Evolution
2015-12-07 13:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\registration
2015-12-07 13:09 - 2015-03-10 10:52 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-12-07 13:09 - 2014-09-18 06:48 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-07 13:09 - 2014-02-13 15:37 - 00000000 ____D C:\Users\Birgit\AppData\Local\Citrix
2015-12-07 13:09 - 2013-11-03 22:14 - 00000000 ____D C:\ProgramData\Oracle
2015-12-07 13:09 - 2013-07-23 19:38 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\TeamViewer
2015-12-07 13:09 - 2013-04-06 22:58 - 00000000 ____D C:\Users\Birgit\AppData\Local\Apps\2.0
2015-12-07 13:09 - 2012-10-05 08:15 - 00000000 ____D C:\Program Files (x86)\Garmin
2015-12-07 13:09 - 2012-07-29 11:07 - 00000000 ____D C:\Users\Birgit\AppData\Local\Google
2015-12-07 13:09 - 2012-06-11 08:38 - 00000000 ____D C:\Program Files (x86)\Datacolor
2015-12-07 13:09 - 2012-06-11 08:06 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-07 10:34 - 2013-11-28 13:49 - 00000000 ____D C:\Users\Birgit\AppData\Local\WhiteWall
2015-12-07 00:07 - 2015-03-17 20:25 - 00000000 ____D C:\Users\Birgit\Lightroom
2015-12-06 16:40 - 2015-07-11 08:55 - 00001193 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-06 16:40 - 2015-07-11 08:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-06 16:40 - 2015-07-11 08:55 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-06 15:18 - 2012-06-11 08:08 - 00000000 ____D C:\ProgramData\Lexware
2015-12-06 12:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-06 12:18 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal
2015-12-06 12:18 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-12-06 12:18 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\migwiz
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\IME
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Defender
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\System
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-12-06 12:18 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-12-06 12:18 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-06 12:18 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-06 12:18 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\servicing
2015-12-06 12:16 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2015-12-06 12:16 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2015-12-06 12:16 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-12-06 12:16 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\winrm
2015-12-06 12:16 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\slmgr
2015-12-06 12:16 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2015-12-06 12:16 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2015-12-06 12:16 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2015-12-06 12:16 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-12-06 12:16 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-12-06 12:16 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2015-12-06 12:16 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-12-06 12:16 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-12-06 12:16 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Com
2015-12-06 12:16 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-06 12:16 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-06 10:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-05 11:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-12-05 11:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-12-04 08:43 - 2015-09-01 07:20 - 00000000 ____D C:\Users\Birgit\.oracle_jre_usage
2015-12-04 08:43 - 2014-10-29 08:20 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-12-04 08:03 - 2012-06-09 19:21 - 00000000 ____D C:\ProgramData\Skype
2015-12-03 20:38 - 2015-10-29 23:06 - 00000000 ____D C:\ProgramData\ON1
2015-12-03 09:48 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\dsc
2015-12-03 09:47 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-12-03 09:47 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-12-02 14:03 - 2014-09-19 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-02 07:07 - 2013-04-12 10:54 - 00004196 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-02 07:07 - 2013-04-12 10:54 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-01 21:15 - 2012-06-09 16:27 - 00000000 ____D C:\ProgramData\Intel
2015-12-01 21:12 - 2013-03-15 16:20 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-01 14:04 - 2014-10-17 15:37 - 00000000 ____D C:\Users\Birgit\HDR Projects 3 Pro
2015-12-01 11:13 - 2014-09-19 19:38 - 00000000 ____D C:\Users\Birgit\AppData\Local\NVIDIA Corporation
2015-12-01 11:01 - 2015-06-30 00:05 - 00934272 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2015-11-30 18:38 - 2012-06-11 08:39 - 00000000 ____D C:\Users\Birgit\AppData\Local\Datacolor
2015-11-30 15:54 - 2012-07-08 19:03 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\FileZilla
2015-11-28 23:17 - 2012-06-13 13:44 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\vlc
2015-11-28 22:25 - 2013-08-13 20:15 - 00000000 ____D C:\Users\Birgit\dwhelper
2015-11-28 19:00 - 2013-07-23 13:45 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-28 11:47 - 2013-08-04 13:45 - 00000000 ____D C:\Users\Birgit\Documents\My Kindle Content
2015-11-28 11:47 - 2012-10-31 10:27 - 00000000 ____D C:\Users\Birgit\Documents\DxO Optics Pro v8 logs
2015-11-28 10:28 - 2012-06-09 19:43 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-27 00:16 - 2015-10-30 19:36 - 00000000 ____D C:\WINDOWS\OCR
2015-11-26 22:22 - 2015-11-02 08:46 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-26 01:34 - 2015-08-29 00:31 - 11228488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2015-11-25 09:12 - 2012-06-09 19:34 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Adobe
2015-11-25 00:07 - 2015-08-29 00:31 - 22345336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-11-25 00:07 - 2015-08-29 00:31 - 18487360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2015-11-25 00:07 - 2015-08-29 00:31 - 15933400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2015-11-25 00:07 - 2015-08-29 00:31 - 12870384 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2015-11-25 00:07 - 2015-08-29 00:31 - 03540360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-11-25 00:07 - 2015-08-29 00:31 - 03126800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-11-25 00:07 - 2015-08-07 08:10 - 00034494 _____ C:\WINDOWS\system32\nvinfo.pb
2015-11-21 15:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-11-21 15:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-11-20 20:39 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-20 20:39 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-11-19 14:48 - 2012-06-09 17:16 - 00000000 ____D C:\Program Files\Microsoft Office
2015-11-17 08:53 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-17 08:53 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-11-17 08:53 - 2014-05-15 21:56 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-11-17 08:52 - 2013-02-07 09:09 - 00000000 ____D C:\Users\Birgit\Documents\OneNote-Notizbücher
2015-11-16 19:30 - 2013-10-08 12:34 - 00000000 ____D C:\Program Files\PhotomatixPro5
2015-11-16 10:51 - 2013-12-23 16:05 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-11-16 10:49 - 2013-04-18 19:24 - 00002633 _____ C:\Users\Birgit\BT747SettingsJ2SE.pdb
2015-11-16 10:12 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-11-16 04:54 - 2014-09-19 19:38 - 01828160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-11-16 04:54 - 2014-09-19 19:38 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-11-16 04:54 - 2014-09-19 19:38 - 01509824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-11-16 04:54 - 2014-09-19 19:38 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-11-15 12:47 - 2015-02-01 17:07 - 00000028 _____ C:\Users\Birgit\AppData\Roaming\kulerdata.json
2015-11-15 11:58 - 2012-12-05 11:23 - 00000000 ____D C:\Program Files\onOne Software
2015-11-15 11:58 - 2012-06-09 19:56 - 00000000 ____D C:\ProgramData\onOne Software
2015-11-15 11:58 - 2012-06-09 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software
2015-11-15 11:58 - 2012-06-09 19:56 - 00000000 ____D C:\Program Files (x86)\onOne Software
2015-11-15 11:41 - 2015-06-28 14:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Piccure+
2015-11-15 11:41 - 2015-06-28 14:08 - 00000000 ____D C:\Program Files\Piccure+
2015-11-15 11:40 - 2015-06-28 14:07 - 00000000 ____D C:\Program Files (x86)\Piccure+
2015-11-15 11:23 - 2012-07-10 18:39 - 00000000 ____D C:\Users\Birgit\Documents\Adobe
2015-11-15 10:51 - 2012-07-10 12:16 - 00001138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2015-11-15 10:51 - 2012-07-10 12:15 - 00001302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2015-11-15 10:50 - 2012-07-10 12:15 - 00001100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2015-11-15 10:50 - 2012-07-10 12:14 - 00001264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2015-11-15 10:48 - 2012-07-10 12:12 - 00001618 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2015-11-15 10:48 - 2012-07-10 12:12 - 00001448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2015-11-15 08:48 - 2015-07-20 13:04 - 00000000 ____D C:\Users\Birgit\AppData\Local\CrashDumps
2015-11-15 08:38 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-11-15 08:28 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-11-15 00:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-11-15 00:24 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-11-15 00:24 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT
2015-11-15 00:23 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media
2015-11-15 00:23 - 2015-02-20 15:10 - 00003072 _____ C:\WINDOWS\System32\Tasks\iSCSIAgentAutoStartup
2015-11-15 00:23 - 2015-01-09 14:55 - 00003390 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2015-11-15 00:23 - 2014-12-26 11:53 - 00003996 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-11-15 00:23 - 2014-12-11 09:21 - 00003238 _____ C:\WINDOWS\System32\Tasks\{8D352165-7167-4EE7-9453-46AE080210AB}
2015-11-15 00:23 - 2014-10-16 08:30 - 00003850 _____ C:\WINDOWS\System32\Tasks\bd85a1de-c49d-435e-919e-9865c1fd356a 15 0
2015-11-15 00:23 - 2014-07-28 07:22 - 00003238 _____ C:\WINDOWS\System32\Tasks\{C381E834-517B-458A-80EF-36BF3CC44F0B}
2015-11-15 00:23 - 2014-07-26 20:58 - 00003226 _____ C:\WINDOWS\System32\Tasks\{EC59A234-04F9-4E72-A0CB-8A8A92144FD6}
2015-11-15 00:23 - 2014-07-02 14:45 - 00003334 _____ C:\WINDOWS\System32\Tasks\{6207B31E-34E9-47A4-ADF3-7AFD77071B98}
2015-11-15 00:23 - 2014-07-02 09:01 - 00003664 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2015-11-15 00:23 - 2014-04-07 14:33 - 00004292 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-11-15 00:23 - 2013-10-06 15:52 - 00003630 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Birgit-PC-Administrator
2015-11-15 00:23 - 2013-09-23 20:24 - 00003616 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-Birgit-PC-Birgit
2015-11-15 00:23 - 2013-04-18 20:40 - 00003294 _____ C:\WINDOWS\System32\Tasks\{1F05FE5F-1507-403C-BE85-834309BBFD7D}
2015-11-15 00:23 - 2013-04-18 19:24 - 00003312 _____ C:\WINDOWS\System32\Tasks\{275E7304-F325-4071-8E5E-F3ABEC1A009B}
2015-11-15 00:23 - 2013-01-27 23:56 - 00003354 _____ C:\WINDOWS\System32\Tasks\{CB071D11-95EB-47EB-9CDD-4FDD06CABB4B}
2015-11-15 00:23 - 2013-01-16 17:11 - 00003338 _____ C:\WINDOWS\System32\Tasks\{A0428692-8CDB-4E1E-938A-8623090CDEFD}
2015-11-15 00:23 - 2012-12-19 07:24 - 00002884 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-11-15 00:23 - 2012-12-05 11:51 - 00003464 _____ C:\WINDOWS\System32\Tasks\{F1382697-0E25-4222-B625-EFBC3ED02707}
2015-11-15 00:23 - 2012-06-19 08:04 - 00003932 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-15 00:23 - 2012-06-13 13:56 - 00003282 _____ C:\WINDOWS\System32\Tasks\hcdll2_ex_Win32
2015-11-15 00:23 - 2012-06-13 13:56 - 00003278 _____ C:\WINDOWS\System32\Tasks\hcdll2_ex_x64
2015-11-15 00:22 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-11-15 00:19 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-11-15 00:18 - 2015-10-30 19:47 - 00000000 ____D C:\WINDOWS\ShellNew
2015-11-15 00:18 - 2015-09-02 19:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-11-15 00:18 - 2015-08-24 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-11-15 00:18 - 2015-08-24 09:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ActivePerl 5.20.2 Build 2002
2015-11-15 00:18 - 2015-08-24 09:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exifer
2015-11-15 00:18 - 2015-03-10 10:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-11-15 00:18 - 2015-02-22 20:45 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablett
2015-11-15 00:18 - 2015-01-09 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2015-11-15 00:18 - 2015-01-09 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2015-11-15 00:18 - 2015-01-05 12:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiSoftware
2015-11-15 00:18 - 2014-12-01 08:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2015-11-15 00:18 - 2014-10-08 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO Optics Pro 8
2015-11-15 00:18 - 2014-09-08 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-11-15 00:18 - 2014-09-05 15:45 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\fc prints order
2015-11-15 00:18 - 2014-07-31 15:05 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music
2015-11-15 00:18 - 2014-05-10 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-11-15 00:18 - 2014-04-07 15:02 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-15 00:18 - 2014-03-29 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX920 series Benutzerregistrierung
2015-11-15 00:18 - 2014-03-29 20:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX920 series Manual
2015-11-15 00:18 - 2014-03-29 20:48 - 00000000 ____D C:\WINDOWS\system32\STRING
2015-11-15 00:18 - 2014-03-18 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon CanoScan 9000F Mark II Manual
2015-11-15 00:18 - 2014-02-04 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PortraitPro 12
2015-11-15 00:18 - 2014-01-31 12:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-11-15 00:18 - 2013-12-23 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO ViewPoint
2015-11-15 00:18 - 2013-12-03 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2015-11-15 00:18 - 2013-10-11 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2015-11-15 00:18 - 2013-10-08 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photomatix Pro 5.0
2015-11-15 00:18 - 2013-09-20 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO FilmPack 3
2015-11-15 00:18 - 2013-07-17 07:31 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EnfuseGUI 2.1
2015-11-15 00:18 - 2013-06-21 06:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EXIF Date Changer
2015-11-15 00:18 - 2013-04-18 17:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Silabs
2015-11-15 00:18 - 2013-04-12 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GeoSetter
2015-11-15 00:18 - 2013-02-11 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP4 To MP3 Converter
2015-11-15 00:18 - 2012-11-25 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neat Image for Photoshop
2015-11-15 00:18 - 2012-10-05 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-11-15 00:18 - 2012-09-15 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO Optics Pro 7
2015-11-15 00:18 - 2012-08-28 11:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-11-15 00:18 - 2012-07-19 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2015-11-15 00:18 - 2012-07-17 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picto Selector
2015-11-15 00:18 - 2012-07-08 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-11-15 00:18 - 2012-07-07 11:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\astrojargon.net
2015-11-15 00:18 - 2012-07-02 06:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photomatix Pro 4.2
2015-11-15 00:18 - 2012-06-29 05:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScanSoft OmniPage SE 4
2015-11-15 00:18 - 2012-06-28 07:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!
2015-11-15 00:18 - 2012-06-24 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-11-15 00:18 - 2012-06-13 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-11-15 00:18 - 2012-06-11 07:46 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oloneo PhotoEngine
2015-11-15 00:18 - 2012-06-11 07:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photomatix Pro 4.1
2015-11-15 00:18 - 2012-06-09 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2015-11-15 00:18 - 2012-06-09 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-11-15 00:18 - 2012-06-09 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-11-15 00:17 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated
2015-11-15 00:14 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-11-15 00:14 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-11-15 00:14 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2015-11-15 00:14 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-11-15 00:14 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-11-15 00:14 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-11-15 00:14 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-15 00:14 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\IME
2015-11-15 00:14 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\schemas
2015-11-15 00:14 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-11-15 00:14 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Cursors
2015-11-15 00:14 - 2015-09-03 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2015-11-15 00:14 - 2015-08-29 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-11-15 00:14 - 2015-07-04 10:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetGear
2015-11-15 00:14 - 2015-04-08 09:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QNAP
2015-11-15 00:14 - 2015-01-09 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Samsung
2015-11-15 00:14 - 2015-01-09 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-11-15 00:14 - 2014-11-29 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hardcopy - Bildschirmausdruck
2015-11-15 00:14 - 2014-03-18 17:05 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2015-11-15 00:14 - 2014-03-18 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CanoScan 9000F Mark II
2015-11-15 00:14 - 2013-03-06 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis
2015-11-15 00:14 - 2013-01-27 14:55 - 00000000 ____D C:\WINDOWS\system32\appmgmt
2015-11-15 00:14 - 2012-08-20 15:54 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-CHT
2015-11-15 00:14 - 2012-08-20 15:54 - 00000000 ____D C:\WINDOWS\system32\zh-CHT
2015-11-15 00:14 - 2012-08-20 14:45 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-CHS
2015-11-15 00:14 - 2012-08-20 14:45 - 00000000 ____D C:\WINDOWS\system32\zh-CHS
2015-11-15 00:14 - 2012-07-12 08:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs
2015-11-15 00:14 - 2012-06-29 05:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-11-15 00:14 - 2012-06-13 11:40 - 00000000 ____D C:\WINDOWS\system32\SPReview
2015-11-15 00:14 - 2012-06-13 11:39 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2015-11-15 00:14 - 2012-06-09 22:25 - 00000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e
2015-11-15 00:14 - 2012-06-09 19:56 - 00000000 ____D C:\WINDOWS\SysWOW64\spool
2015-11-15 00:14 - 2009-07-14 08:45 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-11-15 00:13 - 2015-10-30 08:24 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-11-15 00:13 - 2015-10-30 08:24 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-11-15 00:13 - 2012-06-24 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2015-11-15 00:13 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-11-15 00:13 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-11-15 00:10 - 2014-11-21 15:12 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Digital Film Tools
2015-11-15 00:10 - 2014-10-17 07:33 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TrayBackup
2015-11-15 00:10 - 2013-08-13 11:51 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Topaz Labs
2015-11-15 00:10 - 2013-08-04 13:44 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2015-11-15 00:10 - 2012-06-13 13:56 - 00000000 ____D C:\Users\Birgit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hardcopy - Bildschirmausdruck
2015-11-15 00:03 - 2015-10-30 19:58 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-11-15 00:01 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-11-14 17:31 - 2015-10-30 08:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-11-14 17:31 - 2015-10-30 08:19 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-11-14 17:31 - 2015-10-30 08:19 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-11-14 17:31 - 2015-10-30 08:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-11-14 17:31 - 2015-10-30 08:19 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-11-14 17:31 - 2015-10-30 08:19 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-11-14 17:31 - 2015-10-30 08:19 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-11-14 17:31 - 2015-10-30 08:19 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-11-14 17:31 - 2015-10-30 08:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-11-14 17:31 - 2015-10-30 08:19 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-11-14 17:31 - 2015-10-30 08:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-11-14 17:31 - 2015-10-30 08:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-11-14 17:31 - 2015-10-30 08:19 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-11-14 17:31 - 2015-10-30 08:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-11-14 17:31 - 2015-10-30 08:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-11-14 17:31 - 2015-10-30 08:19 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-11-14 17:31 - 2015-10-30 08:18 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-11-14 17:31 - 2015-10-30 08:18 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-11-14 17:31 - 2015-10-30 08:18 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-11-14 17:31 - 2015-10-30 08:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-11-14 17:31 - 2015-10-30 08:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-11-14 17:31 - 2015-10-30 08:18 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-11-14 17:31 - 2015-10-30 08:18 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-11-14 17:31 - 2015-10-30 08:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-11-14 17:31 - 2015-10-30 08:18 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-11-14 17:31 - 2015-10-30 08:18 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-11-14 17:20 - 2009-07-14 05:45 - 00025200 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-14 17:20 - 2009-07-14 05:45 - 00025200 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-14 17:16 - 2015-10-30 20:28 - 00000000 ___HD C:\$WINDOWS.~BT
2015-11-14 16:07 - 2013-08-14 21:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-14 13:16 - 2014-03-18 17:14 - 00000000 ___HD C:\ProgramData\CanonIJMIG
2015-11-12 23:00 - 2014-09-21 14:36 - 00000000 ____D C:\Program Files\Topaz Labs
2015-11-12 23:00 - 2013-08-13 21:09 - 00000000 ____D C:\Users\Birgit\AppData\Local\Topaz Labs
2015-11-11 20:43 - 2012-06-09 17:16 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 20:11 - 2012-06-09 17:34 - 00157544 _____ C:\Users\Birgit\AppData\Local\GDIPFONTCACHEV1.DAT

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2012-07-09 14:22 - 2012-07-09 14:22 - 0000132 _____ () C:\Users\Birgit\AppData\Roaming\Adobe BMP Format CS5 Prefs
2012-08-08 20:33 - 2013-04-16 11:06 - 0000132 _____ () C:\Users\Birgit\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2012-07-09 14:24 - 2012-07-09 14:31 - 0000132 _____ () C:\Users\Birgit\AppData\Roaming\Adobe GIF Format CS5 Prefs
2014-02-18 19:38 - 2014-02-20 21:22 - 0000132 _____ () C:\Users\Birgit\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2013-11-03 13:10 - 2013-11-03 14:45 - 0000096 _____ () C:\Users\Birgit\AppData\Roaming\Camdata.ini
2013-11-03 13:10 - 2013-11-03 14:45 - 0000408 _____ () C:\Users\Birgit\AppData\Roaming\CamLayout.ini
2013-11-03 13:10 - 2013-11-03 14:45 - 0000408 _____ () C:\Users\Birgit\AppData\Roaming\CamShapes.ini
2013-11-03 13:10 - 2013-11-03 14:45 - 0004535 _____ () C:\Users\Birgit\AppData\Roaming\CamStudio.cfg
2013-12-11 08:55 - 2014-01-23 21:47 - 0003072 _____ () C:\Users\Birgit\AppData\Roaming\fotobook Designer Prefsv3
2014-12-08 10:26 - 2015-01-03 17:49 - 0000000 _____ () C:\Users\Birgit\AppData\Roaming\Graphics
2015-02-01 17:07 - 2015-11-15 12:47 - 0000028 _____ () C:\Users\Birgit\AppData\Roaming\kulerdata.json
2013-02-18 10:58 - 2013-02-18 11:06 - 0177152 _____ () C:\Users\Birgit\AppData\Roaming\MeinXXL Prefsv3
2013-04-24 08:24 - 2013-08-25 22:50 - 0178372 _____ () C:\Users\Birgit\AppData\Roaming\PS13_panel.log
2015-01-05 12:36 - 2015-01-11 16:04 - 14397440 _____ () C:\Users\Birgit\AppData\Roaming\Sandra.mdb
2013-05-30 14:53 - 2013-05-30 21:08 - 0001099 _____ () C:\Users\Birgit\AppData\Roaming\ShiftN.ini
2013-11-03 13:08 - 2013-11-03 13:26 - 0000096 _____ () C:\Users\Birgit\AppData\Roaming\version2.xml
2013-07-27 07:21 - 2014-04-04 08:21 - 0000052 _____ () C:\Users\Birgit\AppData\Roaming\WB.CFG
2013-07-17 08:21 - 2014-01-28 09:21 - 0000005 _____ () C:\Users\Birgit\AppData\Roaming\WBPU-TTL.DAT
2015-06-10 15:12 - 2015-06-10 15:12 - 0000038 ___SH () C:\Users\Birgit\AppData\Local\56f857505417e3fe0c6362.11790009
2012-06-11 11:35 - 2012-07-08 21:17 - 0001456 _____ () C:\Users\Birgit\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2012-07-11 09:10 - 2015-10-06 12:01 - 0001456 _____ () C:\Users\Birgit\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-04-04 13:57 - 2014-04-04 13:57 - 0000036 _____ () C:\Users\Birgit\AppData\Local\housecall.guid.cache
2015-01-03 17:49 - 2015-01-03 17:49 - 0000000 _____ () C:\ProgramData\Folder Actions
2015-01-03 17:49 - 2015-01-03 17:49 - 0000000 _____ () C:\ProgramData\Grapher
2014-12-08 10:26 - 2015-01-03 17:49 - 0000000 ____H () C:\ProgramData\PKP_DLet.DAT
2014-12-08 10:26 - 2015-01-03 17:49 - 0000000 ____H () C:\ProgramData\PKP_DLev.DAT

Einige Dateien in TEMP:
====================
C:\Users\Birgit\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-08 01:56

==================== Ende von FRST.txt ============================

AdwCleaner C1

Code:

ATTFilter

# AdwCleaner v5.024 - Bericht erstellt am 08/12/2015 um 12:59:22
# Aktualisiert am 07/12/2015 von Xplode
# Datenbank : 2015-12-07.3 [Server]
# Betriebssystem : Windows 10 Pro  (x64)
# Benutzername : Birgit - BIRGIT-PC
# Gestartet von : D:\Downloads\AdwCleaner_5.024.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****

[-] Dienst Gelöscht : YSearchUtilSvc

***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Users\Birgit\AppData\Local\YSearchUtil
[-] Ordner Gelöscht : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\elicpjhcidhpjomhibiffojpinpmmpil
[-] Datei Gelöscht : C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.watch4.de_0.localstorage
[-] Datei Gelöscht : C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.watch4.de_0.localstorage-journal

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Softonic
[-] Schlüssel Gelöscht : HKCU\Software\Reg\Clean
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Reg\Clean
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet

***** [ Internetbrowser ] *****

[-] [C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\Birgit\AppData\Roaming\Mozilla\Firefox\Profiles\m1hpcu5e.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[-] [C:\Users\Birgit\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : npdicihegicnhaangkdmcgbjceoemeoo

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2735 Bytes] ##########

Und da war sie gerade wieder die Stimme und im Skype über dem offenen Konversationsfenster war eine Watch4 Werbung. Meistens ist da aber nur Werbung von Microsoft - zum Internet Explorer oder zu dieser neuen Edge.

Ist das von Bedeutung?

Warlord711 · 08.12.2015, 15:50

Hmmtjoa scheint wohl Skype nen nervigen Werbepartner gefunden zu haben.

Mal folgenden Fix probieren, der Rechner startet dabei neu !

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

cmd: echo 127.0.0.1 rad.msn.com >> %systemroot%\system32\drivers\etc\hosts
emptytemp:
reboot:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

Und dann noch ESET, der braucht gewöhnlich längere Zeit:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Amarantine · 09.12.2015, 07:56

Hallo und guten Morgen - ESET hatte eine kleine Nachtschicht eingelegt.
Aber nun hier die Ergebnisse:

Fixlog

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-12-2015
durchgeführt von Birgit (2015-12-08 16:41:20) Run:1
Gestartet von D:\Downloads
Geladene Profile: Birgit (Verfügbare Profile: Birgit & Administrator & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
cmd: echo 127.0.0.1 rad.msn.com >> %systemroot%\system32\drivers\etc\hosts
emptytemp:
reboot:
         
*****************


=========  echo 127.0.0.1 rad.msn.com >> %systemroot%\system32\drivers\etc\hosts =========

127.0.0.1 rad.msn.com 

========= Ende von CMD: =========

EmptyTemp: => 684.9 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 16:42:15 ====

Checkup

Code:

ATTFilter

 Results of screen317's Security Check version 1.009  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender              
Kaspersky Internet Security   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Spyder4Pro     
 Spyder5Elite     
 Spybot - Search & Destroy 
 Java 8 Update 66  
 Java version 32-bit out of Date! 
 Adobe Flash Player 	19.0.0.245  
 Mozilla Firefox (42.0) 
 Google Chrome (47.0.2526.73) 
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled! 
 Kaspersky Lab Kaspersky Internet Security 16.0.0 avp.exe  
 Kaspersky Lab Kaspersky Internet Security 16.0.0 avpui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

ESET

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7739df151f7a514498233722827192bd
# end=init
# utc_time=2015-12-08 03:51:53
# local_time=2015-12-08 04:51:53 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 27101
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7739df151f7a514498233722827192bd
# end=updated
# utc_time=2015-12-08 03:53:51
# local_time=2015-12-08 04:53:51 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=7739df151f7a514498233722827192bd
# engine=27101
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-09 05:36:44
# local_time=2015-12-09 06:36:44 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1305 16777213 100 100 49993 13861656 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 149074 3453547 0 0
# scanned=1990005
# found=20
# cleaned=0
# scan_time=49372
sh=7DCD6AD372342DA96DAC88B79CB5209BA885F3A4 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Windows\Installer\70b90b.msi"
sh=C6E90EA819E4658D65B0A3926F66983EEDDDFCA6 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Zugo evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\BIRGIT-PC\Backup Set 2015-12-06 190001\Backup Files 2015-12-06 190001\Backup files 30.zip"
sh=4CEA55FFF08EF940AD50B5BA5F96D7EBBB10BBCF ft=0 fh=0000000000000000 vn="Win32/InstallMonetizer.AN evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\BIRGIT-PC\Backup Set 2015-12-06 190001\Backup Files 2015-12-06 190001\Backup files 31.zip"
sh=3EC28E374AE99930DC23363ACD72E41DCBDDBEF1 ft=0 fh=0000000000000000 vn="Win32/SoftonicDownloader.D evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\BIRGIT-PC\Backup Set 2015-12-06 190001\Backup Files 2015-12-06 190001\Backup files 33.zip"
sh=956551E9EB70A0DAE3A327F9BBAB7AD02AFE299F ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\BIRGIT-PC\Backup Set 2015-12-06 190001\Backup Files 2015-12-06 190001\Backup files 49.zip"
sh=22A6B71A26E1F8E62AE6F81102527A07B5F4ED69 ft=0 fh=0000000000000000 vn="Variante von Win32/InstallCore.OG evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\BIRGIT-PC\Backup Set 2015-12-06 190001\Backup Files 2015-12-06 190001\Backup files 53.zip"
sh=38BC2294F88D68801CEF514618735B134183BA8E ft=0 fh=0000000000000000 vn="Variante von Win32/InstallCore.NN evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\BIRGIT-PC\Backup Set 2015-12-06 190001\Backup Files 2015-12-06 190001\Backup files 54.zip"
sh=32C797BF69CF8CBD73D6729504AEFBC1E957C062 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\BIRGIT-PC\Backup Set 2015-12-06 190001\Backup Files 2015-12-06 190001\Backup files 56.zip"
sh=97017BF298B47B61B56EFF60DF44F95ADA05EC61 ft=0 fh=0000000000000000 vn="Variante von Win32/InstallCore.PR evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\BIRGIT-PC\Backup Set 2015-12-06 190001\Backup Files 2015-12-06 190001\Backup files 57.zip"
sh=AC93C5E8EDDBF768029D1DA23833B2A0E3AC7F69 ft=0 fh=0000000000000000 vn="Variante von Win32/SoftonicDownloader.E evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\BIRGIT-PC\Backup Set 2015-12-06 190001\Backup Files 2015-12-06 190001\Backup files 61.zip"
sh=FD2DFC4508EC26E8FDEFB09F7394E9578E2644B9 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\BIRGIT-PC\Backup Set 2015-12-06 190001\Backup Files 2015-12-06 190001\Backup files 63.zip"
sh=BEBF3E0AFCA58B07B08CECA569C133ED36109559 ft=0 fh=0000000000000000 vn="Variante von MSIL/AdvancedSystemProtector.F evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\BIRGIT-PC\Backup Set 2015-12-06 190001\Backup Files 2015-12-06 190001\Backup files 64.zip"
sh=79FD623DFB8D679D6ACAFDC62C199EA390F03ED7 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Zugo evtl. unerwÃ¼nschte Anwendung" ac=I fn="F:\BIRGIT-PC\Backup Set 2012-06-26 235742\Backup Files 2012-06-26 235742\Backup files 9.zip"
sh=8C62C7F661121B54AE86571294C62CE449CA9555 ft=0 fh=0000000000000000 vn="Win32/InstallMonetizer.AN evtl. unerwÃ¼nschte Anwendung" ac=I fn="F:\BIRGIT-PC\Backup Set 2012-06-26 235742\Backup Files 2012-07-01 190001\Backup files 4.zip"
sh=70489CD91D4982B58B4D4D29C2F7A417484AB2E7 ft=0 fh=0000000000000000 vn="Win32/SoftonicDownloader.D evtl. unerwÃ¼nschte Anwendung" ac=I fn="F:\BIRGIT-PC\Backup Set 2012-06-26 235742\Backup Files 2012-07-01 190001\Backup files 5.zip"
sh=087CC440ADBF237A3BC2C9C527818796197EFEB5 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Zugo evtl. unerwÃ¼nschte Anwendung" ac=I fn="F:\BIRGIT-PC\Backup Set 2012-07-08 190007\Backup Files 2012-07-08 190007\Backup files 12.zip"
sh=D4B1280409FD81E3CAD91BB269C2367E00BB7128 ft=0 fh=0000000000000000 vn="Win32/InstallMonetizer.AN evtl. unerwÃ¼nschte Anwendung" ac=I fn="F:\BIRGIT-PC\Backup Set 2012-07-08 190007\Backup Files 2012-07-08 190007\Backup files 13.zip"
sh=6A0867061E62EB79CCF6E51510218129CF66E0F9 ft=0 fh=0000000000000000 vn="Win32/SoftonicDownloader.D evtl. unerwÃ¼nschte Anwendung" ac=I fn="F:\BIRGIT-PC\Backup Set 2012-07-08 190007\Backup Files 2012-07-08 190007\Backup files 15.zip"
sh=93CB2B06DB5FC321B907B0BE160D3F259080CBBD ft=0 fh=0000000000000000 vn="Variante von Win32/Somoto.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="F:\BIRGIT-PC\Backup Set 2012-07-08 190007\Backup Files 2012-07-08 190007\Backup files 31.zip"
sh=01D708488514AB1AD284592494E100FF2112ABAC ft=0 fh=0000000000000000 vn="Win32/LoadTubes.D evtl. unerwÃ¼nschte Anwendung" ac=I fn="F:\BIRGIT-PC\Backup Set 2012-07-08 190007\Backup Files 2012-07-22 190007\Backup files 1.zip"

Warlord711 · 09.12.2015, 09:27

Wir löschen noch eine Datei, die anderen Funde sind innnerhalb von .zip Dateien, die scheinbar einem Backup dienen.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\Windows\Installer\70b90b.msi

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Spybot am besten gegen Malwarebytes austauschen, die Erkennungsrate von Malwarebytes ist um Längen besser. Zwar hat die Free Version keine automatischen Scans, aber was bringt nen automatischer Scan, wenn er nix/falsches findet.

Kam denn inzwischen wieder die Watch4 Werbung ?

Amarantine · 09.12.2015, 13:30

Oho - dann muss ich die Backups wohl löschen und werde, wenn das hier beendet ist und ich ein OK habe, sofort einen neuen anlegen. Wenn da was in so alten Backups drin ist, warum haben Spybot und Co. nie "gemeckert"?

Watch4 oder "Stimmen" habe ich nicht mehr wieder gehört. Auch keine Watch4 Werbung im Skype gesehen. Gibt es sicherere Alternativen zu Skype?

Eine andere Frage - woher kommt dieser "Befall" und warum geht der einfach an Herrn Kaspersky vorbei - das ist KEINE FreeVersion - das ist eine gekaufte!!! ? Ein "Bodyguard" der nicht aufpasst ist kein guter Bodyguard! Was würdet ihr vom Team euren Eltern, Freunden empfehlen?

Ich habe sowohl Spybot als auch Malwarebytes. Doppelte Kontrolle. Aber Malwarebytes hat in diesem Fall ja nichts gefunden - nur Spybot hat sich an diesem Zlob.ZibCodec aufgehangen.

FIXLOG von FRST

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-12-2015
durchgeführt von Birgit (2015-12-09 10:52:43) Run:2
Gestartet von C:\Users\Birgit\Desktop
Geladene Profile: Birgit (Verfügbare Profile: Birgit & Administrator & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
cmd: echo 127.0.0.1 rad.msn.com >> %systemroot%\system32\drivers\etc\hosts
emptytemp:
reboot:
         
*****************


=========  echo 127.0.0.1 rad.msn.com >> %systemroot%\system32\drivers\etc\hosts =========

127.0.0.1 rad.msn.com 

========= Ende von CMD: =========

EmptyTemp: => 305.7 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 10:53:28 ====

Ich habe zum Testen mal Spybot laufen lassen, ob der jetzt normal läuft - der hängt sich immer noch auf - siehe Screenshot und auch Herr Kaspersky hat sich zu Wort gemeldet. Beide Fenster sind noch auf.

Warlord711 · 09.12.2015, 16:48

Die npctrl.dll ist das Silverlight Plugin für Firefox.

Das Watch4 scheint in den letzten Tagen vermehrt über die Skype interne Werbefunktion überall für Ärger zu sorgen.

Ich habe den Werbeverteiler von Skype quasi deaktiviert, dadurch sollte keinerlei Werbung mehr in Skype angezeigt werden, somit auch der Watch4 nicht mehr.

Soweit ist alles sauber !

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Abschließend habe ich noch ein paar Tipps zur Absicherung deines Systems.

Ändere regelmäßig alle deine Passwörter, jetzt, nach der Bereinigung ist ein idealer Zeitpunkt dafür

verwende für jede Anwendung und jeden Account ein anderes Passwort
ändere regelmäßig dein Passwort, vor allem bei Onlinebanking oder deinem Emailpostfach ist dieses sehr wichtig
speichere keine Passwörter auf deinem PC, gib diese nicht an dritte weiter
ein sicheres Passwort besteht aus mindestens 8 Zeichen und beinhaltet Groß- und Kleinbuchstaben, Zahlen und Sonderzeichen
benutze keine Zahlen- oder Buchstabenkombinationen, ( zB 12345678, qwertzui) auch keine Zahlen oder Buchstabenmuster
verwende keine Passwörter die einen Bezug zu dir, deinem Wohnort, Familienmitglied oder Haustier (Geburtsdatum, Postleitzahl, Adresse, Name) haben

Ich kann gar nicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7 / 8 : Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti-Viren-Programm und zusätzlicher Schutz

Gehe sicher, dass du immer nur eine Anti-Viren Software installiert hast und dass diese auch up to date ist!
MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demand Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion bietet zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
AdwCleaner
Dieses Tool erkennt eine Vielzahl von Werbeprogrammen (Adware) und unerwünschten Programmen (PUPs).
Starte das Tool einmal die Woche und lass es laufen. Sollte eine neue Version verfügbar sein, so wird dies angezeigt und du kannst dir die neueste Version direkt auf den Desktop downloaden.
SpywareBlaster
Eine kurze Einführung findest du Hier
WOT (Web of trust)
Dieses AddOn warnt dich, bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser
Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Mozilla Firefox

Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
NoScript
Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt, wenn Du es bestätigst.
AdblockPlus
Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
Es spart außerdem Downloadkapazität.

Performance

Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von Registry Cleanern.
Diese Schaden deinem System mehr als dass sie helfen. Hier ein englischer Link:
Miekemoes Blogspot ( MVP )

Was du vermeiden solltest:

Klicke nicht auf alles, nur weil es dich dazu auffordert und schön bunt ist.
Verwende keine P2P oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie z.B. deinFoto.jpg.exe.
Lade keine Software von Softonic oder Chip herunter, da diese Installer oft mit Adware oder unerünschter Software versehen sind!

Nun bleibt mir nur noch dir viel Spaß beim sicheren Surfen zu wünschen... ... und vielleicht möchtest du ja das Trojaner-Board unterstützen oder Lob, Kritik und Wünsche loswerden?

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Amarantine · 10.12.2015, 02:01

Hallo Timo,

vielen Dank für die tolle Hilfe.

Spybot habe ich deinstalliert. Die von Dir vorgeschlagene Software geladen.

Firefox - ist sicherer als Chrome?

Zu Skype - das hatte zwar keine Watch4 mehr, aber noch "normale" Werbung. Das nervt - also gesucht - gefunden: man kann dem aus dem Weg gehen, indem man eine einmalige Aufladung - 10 € - kauft. Die läuft nach 180 Tagen ab, aber man kann sie dann wieder reaktivieren - also verliert die 10 Euro nicht. Skype ist dann wieder clean!

Noch eine Frage: Warum habe ich keine Administrator-Rechte? Ich bin doch der einzige Benutzer und auch Admin. Habe probehalber einen neuen Benutzer mit Admin-Rechten eingerichtet, aber auch der hat diese Admin-Rechte dann nicht.

Code:

ATTFilter

# DelFix v1.011 - Datei am 09/12/2015 um 17:18:13 erstellt
# Aktualisiert am 18/08/2015 von Xplode
# Benutzer : Birgit - BIRGIT-PC
# Betriebssystem : Windows 10 Pro  (64 bits)

~ Aktiviere die Benutzerkontensteuerung ... OK

~ Entferne die Bereinigungsprogramme ...

Gelöscht : C:\VundoFix Backups
Gelöscht : C:\FRST
Gelöscht : C:\AdwCleaner
Gelöscht : C:\Users\Birgit\Desktop\Fixlog.txt
Gelöscht : C:\Users\Birgit\Desktop\FRST64.exe
Gelöscht : C:\Users\Birgit\Desktop\JRT.txt
Gelöscht : C:\Users\Birgit\Desktop\JRT1.txt
Gelöscht : C:\Users\Birgit\Desktop\LogfileMaleware.txt
Gelöscht : C:\Users\Birgit\Desktop\SecurityCheck.exe
Gelöscht : HKLM\SOFTWARE\AdwCleaner

~ Erstelle ein Backup der Registrierungsdatenbank ... OK

~ Lösche die Wiederherstellungspunkte ...

Gelöscht : RP #12 [Sprachpaketdeinstallation | 12/03/2015 08:44:23]
Gelöscht : RP #13 [Sprachpaketdeinstallation | 12/06/2015 11:14:00]
Gelöscht : RP #14 [Windows-Sicherung | 12/06/2015 18:00:27]
Gelöscht : RP #15 [JRT Pre-Junkware Removal | 12/07/2015 07:32:30]
Gelöscht : RP #16 [JRT Pre-Junkware Removal | 12/07/2015 13:45:42]
Gelöscht : RP #17 [JRT Pre-Junkware Removal | 12/08/2015 07:58:45]
Gelöscht : RP #18 [JRT Pre-Junkware Removal | 12/08/2015 08:07:08]
Gelöscht : RP #19 [Revo Uninstaller's restore point - ESET Online Scanner v3 | 12/09/2015 09:46:39]

Ein neuer Wiederherstellungspunkt wurde erstellt !

~ Stelle die Systemeinstellungen wieder her ... OK

########## - EOF - ##########

Warlord711 · 10.12.2015, 09:29

Zitat:

Zitat von Amarantine

Noch eine Frage: Warum habe ich keine Administrator-Rechte? Ich bin doch der einzige Benutzer und auch Admin. Habe probehalber einen neuen Benutzer mit Admin-Rechten eingerichtet, aber auch der hat diese Admin-Rechte dann nicht.

Also laut meinen Log hat der Benutzer "Birgit" Admin-Rechte:

Zitat:

Birgit (S-1-5-21-3964295598-1680719950-2001356993-1000 - Administrator - Enabled)

Das einzige was sich hinsichtlich Konten geändert hat, ist, das die Benutzerkontensteuerung aktiviert wurde (falls diese deaktiviert war).

Sicherheit geht immer auf Kosten von Bequemlichkeit, daher kann ich nur vorschlagen, lieber einen komplett limitierten Benutzer fürs Surfen/Mailing usw. zu verwenden und allein für Installation+Wartung ein Admin-Benutzer zu verwenden (und auch nur dafür).

Damit könnte man locker 90% der Trojaner/Viren verhindern.

Ich will dich aber nicht bevormunden, hier die Anleitung zum Deaktivieren den Kontensteuerung:

http://windows.microsoft.com/de-de/w...#1TC=windows-7

Win10 - Zlob.ZipCodec - Watch4

Log-Analyse und Auswertung: Win10 - Zlob.ZipCodec - Watch4