Win 10: Old Explorer unterbricht in kurzen Abständen

Erlu · 21.05.2016, 19:05

Nahc Update von win 7 auf Win 10 tritt bei meinem Rechner folgenbdes Phänomen auf:
Beim Aufruffen des alten Explorers oder der Systemsteuerung mit rechte Maustaste Startfenster bricht das Programm kurz danach wieder ab, es erscheint dann die vorige Oberfläche. Eine Dateisuche ist praktisch nicht möglich, da man andauernd durch die Unterbrechung wieder neu beginnen muss. Weiter kommt gelegentlich beim Starten nur ein schwarzer Bildschirm mit dem Mauszeiger: nach Neustart startet dann Win 10 wie üblich.
Erlu
FRST TXT:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:21-05-2016
durchgeführt von Ernst (Administrator) auf ELINEU (21-05-2016 18:47:19)
Gestartet von C:\Users\Ernst\Downloads
Geladene Profile: Ernst (Verfügbare Profile: Ernst & Administrator & Gast)
Platform: Microsoft Windows 10 Home Version 1511 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\Ashampoo\Ashampoo WinOptimizer 11\LiveTunerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Windows\System32\SecUPDUtilSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2014-02-13] (Realtek Semiconductor)
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner2.exe [3516784 2015-01-12] (Ashampoo Development GmbH & Co. KG)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [213536 2016-02-19] (Geek Software GmbH)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-12-17] (Apple Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2016-01-29] (NVIDIA Corporation)
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files\MyDrive Connect\TomTom MyDrive Connect.exe [2042144 2016-04-14] (TomTom)
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\Run: [iFunBox Fast App Install Handler] => C:\Program Files\i-Funbox DevTeam\iFunBox.exe [2370560 2015-04-12] (i-Funbox.com)
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\Run: [Dropbox Update] => C:\Users\Ernst\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-20] (Dropbox, Inc.)
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\Run: [PicPick Start] => C:\Program Files\PicPick\picpick.exe [19918280 2016-03-08] (NGWIN)
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6675672 2016-04-15] (Piriform Ltd)
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4074160 2016-04-23] (Microsoft Corporation) <==== ACHTUNG
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2010-01-19]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 6.3 HD Lite Edition.lnk [2012-06-23]
ShortcutTarget: PHOTOfunSTUDIO 6.3 HD Lite Edition.lnk -> C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
Startup: C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-05-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1bc8b7b8-2b16-41eb-bd62-d23bb4a63b49}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{bf40525d-0b87-4751-a193-990f2fae70ce}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-14] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-14] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)

FireFox:
========
FF ProfilePath: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default
FF SearchEngineOrder.2: 
FF Homepage: hxxps://www.google.de/?gws_rd=ssl
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-14] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin: @Sibelius.com/Scorch Plugin,version=6.2.0.88 -> C:\Program Files\Sibelius Software\Scorch\npsibelius.dll [2013-03-11] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-3539214255-4280287789-3925056074-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPSibelius.dll [2010-04-08] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\PDFNetC.dll [2010-03-31] (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ScorchAxPlugin.dll [2010-04-08] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ScorchPDFWrapper.dll [2010-04-08] ()
FF SearchPlugin: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\searchplugins\englische-ergebnisse.xml [2012-08-12]
FF SearchPlugin: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\searchplugins\gmx-suche.xml [2012-08-12]
FF SearchPlugin: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\searchplugins\google-images.xml [2014-09-21]
FF SearchPlugin: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\searchplugins\google-maps.xml [2014-09-21]
FF SearchPlugin: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\searchplugins\lastminute.xml [2012-08-12]
FF SearchPlugin: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\searchplugins\webde-suche.xml [2012-08-12]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-11-16]

Chrome: 
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nphjeokkkbngjpiofnfpnafjeofjomfb] - C:\Users\Ernst\AppData\LocalLow\WOT\CHROME\WOT.crx [2012-01-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-04-25] (Digital Wave Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2016-01-29] (NVIDIA Corporation)
R2 HPSLPSVC; C:\Users\Ernst\AppData\Local\Temp\7zS006E\hpslpsvc32.dll [701288 2015-09-21] (Hewlett-Packard Co.)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-01-24] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2016-01-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19775632 2016-01-29] (NVIDIA Corporation)
S2 PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [Datei ist nicht signiert]
R2 SamsungUPDUtilSvc; C:\WINDOWS\system32\SecUPDUtilSvc.exe [118576 2014-11-26] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)
R2 WO_LiveService2; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 11\LiveTunerService.exe [223600 2015-01-12] ()

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 AKSUP; C:\WINDOWS\system32\drivers\aksup.sys [34472 2008-07-29] (Aladdin Knowledge Systems, Ltd.)
S3 Apowersoft_AudioDevice; C:\WINDOWS\System32\drivers\Apowersoft_AudioDevice.sys [26032 2013-06-02] (Wondershare)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [27496 2012-09-04] (AVG Technologies)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2013-03-07] () [Datei ist nicht signiert]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2013-03-07] () [Datei ist nicht signiert]
S3 FTDIBUS; C:\WINDOWS\system32\drivers\ftdibus.sys [60104 2010-07-12] (FTDI Ltd.)
R2 LiveTuner2PM; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner32.sys [14088 2014-03-20] ()
R3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus.sys [171520 2007-01-04] (Pinnacle Systems GmbH)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2016-01-29] (NVIDIA Corporation)
S3 NvStUSB; C:\WINDOWS\System32\drivers\nvstusb.sys [444128 2015-11-19] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [32912 2016-01-29] (NVIDIA Corporation)
R1 RrNetCapFilterDriver; C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys [22184 2014-08-25] (Audials AG)
R3 tbhsd; C:\WINDOWS\system32\drivers\tbhsd.sys [39048 2013-11-27] (RapidSolution Software AG)
R2 tifsfilter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [27648 2010-04-29] (Acronis) [Datei ist nicht signiert]
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
S3 ZTEGsmDataCard; C:\WINDOWS\System32\drivers\zteusbgser.sys [104704 2009-04-09] (ZTE Corporation)
S3 ZTEusbvoice; C:\WINDOWS\System32\drivers\ZTEusbvoice.sys [105344 2009-04-09] (ZTE Incorporated)
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-21 18:47 - 2016-05-21 18:47 - 00017272 _____ C:\Users\Ernst\Downloads\FRST.txt
2016-05-21 18:46 - 2016-05-21 18:47 - 00000000 ____D C:\FRST
2016-05-21 18:45 - 2016-05-21 18:46 - 01733120 _____ (Farbar) C:\Users\Ernst\Downloads\FRST.exe
2016-05-21 18:22 - 2016-05-21 18:22 - 00001072 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-05-21 18:22 - 2016-05-21 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-05-21 18:21 - 2016-05-21 18:22 - 00000000 ____D C:\Program Files\CCleaner
2016-05-21 18:20 - 2016-05-21 18:21 - 06882192 _____ (Piriform Ltd) C:\Users\Ernst\Downloads\ccsetup517.exe
2016-05-21 09:27 - 2016-05-21 09:27 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-21 09:26 - 2016-05-21 09:26 - 00001167 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-05-21 09:26 - 2016-05-21 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-05-21 09:26 - 2016-05-21 09:26 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2016-05-21 09:26 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-05-21 09:26 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-05-21 09:26 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-05-21 09:25 - 2016-05-21 09:25 - 22851472 _____ (Malwarebytes ) C:\Users\Ernst\Downloads\mbam-setup-2.2.1.1043.exe
2016-05-20 12:25 - 2016-05-20 12:25 - 00000312 _____ C:\Users\Ernst\Desktop\OK.URL
2016-05-20 12:00 - 2016-05-20 16:00 - 00000000 ____D C:\Users\Ernst\Downloads\appcrashview_1.25
2016-05-20 12:00 - 2016-05-20 12:00 - 00047265 _____ C:\Users\Ernst\Downloads\appcrashview_1.25.zip
2016-05-19 11:37 - 2016-05-19 11:38 - 00000000 ____D C:\Users\Ernst\Desktop\2016-05-19
2016-05-19 09:28 - 2016-05-19 09:28 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-05-18 20:22 - 2016-05-19 09:07 - 00000000 ____D C:\Users\Ernst\AppData\Local\Chromium
2016-05-18 20:03 - 2016-05-18 20:03 - 00000000 ____D C:\Users\Ernst\Documents\My Videos
2016-05-18 20:03 - 2016-05-18 20:03 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Digiarty
2016-05-18 20:03 - 2016-05-18 20:03 - 00000000 ____D C:\Program Files\Digiarty
2016-05-18 16:02 - 2016-05-18 16:02 - 00000000 ____D C:\Users\Ernst\Documents\Wondershare Video Converter Ultimate
2016-05-18 16:02 - 2016-05-18 16:02 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Wondershare Video Converter Ultimate
2016-05-18 16:02 - 2016-05-18 16:02 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2016-05-18 16:00 - 2016-05-20 16:00 - 00000000 ____D C:\ProgramData\Wondershare Video Converter Ultimate
2016-05-18 16:00 - 2016-05-19 09:25 - 00000000 ____D C:\ProgramData\Wondershare
2016-05-18 16:00 - 2016-05-19 09:25 - 00000000 ____D C:\Program Files\Wondershare
2016-05-18 15:59 - 2016-05-20 16:00 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2016-05-18 15:48 - 2016-05-18 15:48 - 00000000 ____D C:\videodvdmaker
2016-05-18 15:48 - 2016-05-18 15:48 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Video DVD Maker FREE
2016-05-18 14:22 - 2016-05-18 14:22 - 00000000 ____D C:\Users\Ernst\Documents\My Weblog Posts
2016-05-18 14:22 - 2016-05-18 14:22 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Windows Live Writer
2016-05-18 14:22 - 2016-05-18 14:22 - 00000000 ____D C:\Users\Ernst\AppData\Local\Windows Live Writer
2016-05-18 14:11 - 2016-05-18 14:11 - 00000000 ____D C:\Users\Ernst\Tracing
2016-05-18 14:09 - 2016-05-20 16:00 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2016-05-18 13:35 - 2016-05-18 13:35 - 00000000 ____D C:\Users\Ernst\Documents\DreamVideoSoft
2016-05-17 19:44 - 2016-05-20 16:00 - 00000000 ____D C:\Users\Ernst\Downloads\Cortana_deinstallieren
2016-05-15 11:41 - 2016-05-15 11:41 - 00000000 ____D C:\Users\Ernst\Documents\MeineBackups
2016-05-15 11:28 - 2016-05-15 11:31 - 126193224 _____ C:\Users\Ernst\Downloads\TrueImage2010_d_de.exe
2016-05-15 11:21 - 2016-05-15 11:21 - 00000000 ____D C:\ProgramData\Acronis
2016-05-15 11:18 - 2016-05-15 11:18 - 00911680 _____ (Acronis) C:\WINDOWS\system32\Drivers\tdrpm258.sys
2016-05-15 11:18 - 2016-05-15 11:18 - 00160288 ____N (Acronis) C:\WINDOWS\system32\Drivers\afcdp.sys
2016-05-14 20:51 - 2016-05-14 20:51 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-05-14 20:40 - 2016-05-14 20:40 - 00000000 ____D C:\Program Files\Microsoft ASP.NET
2016-05-14 18:02 - 2016-05-14 18:02 - 00000000 ____D C:\Cortanaentfernen
2016-05-14 18:00 - 2016-05-14 18:00 - 00020468 _____ C:\Users\Ernst\Downloads\Cortana_deinstallieren.zip
2016-05-14 13:46 - 2016-05-21 09:22 - 00000000 ____D C:\Users\Ernst\AppData\Local\NVIDIA Corporation
2016-05-14 13:43 - 2016-05-20 16:01 - 00000000 ____D C:\Users\Ernst\AppData\Local\NVIDIA
2016-05-14 13:28 - 2016-01-29 14:04 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge.dll
2016-05-14 13:28 - 2016-01-29 14:04 - 01278920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap.dll
2016-05-14 13:27 - 2016-05-14 13:27 - 00002190 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2016-05-14 13:26 - 2016-01-29 10:45 - 00614848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvStreaming.exe
2016-05-14 13:25 - 2016-01-29 14:04 - 24207296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv32.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 15302712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 14497760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dum.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 11272240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 11209192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 03994560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 01060400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3234195.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 00917048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 00912248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3234195.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 00878648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 00032912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad32v.sys
2016-05-14 13:25 - 2016-01-29 14:04 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap32v.dll
2016-05-14 13:20 - 2016-05-14 13:24 - 227389736 _____ (NVIDIA Corporation) C:\Users\Ernst\Downloads\341.95-desktop-win10-32bit-international.exe
2016-05-14 13:07 - 2016-05-14 13:07 - 00000000 ____D C:\Program Files\Common Files\Java
2016-05-14 13:05 - 2016-05-14 13:05 - 00738368 _____ (Oracle Corporation) C:\Users\Ernst\Downloads\JavaSetup8u91.exe
2016-05-14 11:45 - 2016-05-14 11:45 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-05-14 10:07 - 2016-04-30 08:46 - 02974720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-14 10:07 - 2016-04-23 07:28 - 05796704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-14 10:07 - 2016-04-23 07:28 - 01561392 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-14 10:07 - 2016-04-23 07:28 - 01541792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-14 10:07 - 2016-04-23 07:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-14 10:07 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-14 10:07 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-14 10:07 - 2016-04-23 07:01 - 01714520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-14 10:07 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-14 10:07 - 2016-04-23 06:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-14 10:07 - 2016-04-23 06:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-14 10:07 - 2016-04-23 06:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-14 10:07 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-14 10:07 - 2016-04-23 06:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-14 10:07 - 2016-04-23 06:13 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-14 10:07 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-14 10:07 - 2016-04-23 06:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-14 10:07 - 2016-04-23 06:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-14 10:07 - 2016-04-23 06:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-14 10:07 - 2016-04-23 06:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-14 10:07 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-14 10:07 - 2016-04-23 06:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-14 10:07 - 2016-04-23 06:03 - 01899520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-14 10:07 - 2016-04-02 05:20 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-05-14 10:07 - 2016-04-02 05:14 - 03197440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-05-14 10:07 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-05-14 10:07 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-05-14 10:07 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-05-14 10:07 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-05-14 10:07 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-05-14 10:07 - 2016-03-29 07:49 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-05-14 10:07 - 2016-02-24 10:50 - 02885680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-05-14 10:07 - 2016-02-24 07:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-05-14 10:07 - 2016-02-23 11:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-05-14 10:07 - 2016-02-23 11:37 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-05-14 10:07 - 2016-02-23 09:43 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-05-14 10:07 - 2016-02-23 09:42 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-05-14 10:07 - 2016-02-23 09:16 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-05-14 10:07 - 2016-02-23 08:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-05-14 10:06 - 2016-05-06 07:20 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-14 10:06 - 2016-05-06 06:23 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-14 10:06 - 2016-05-06 06:13 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-14 10:06 - 2016-05-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-14 10:06 - 2016-05-06 06:05 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-14 10:06 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-14 10:06 - 2016-05-06 05:49 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-14 10:06 - 2016-04-30 08:53 - 01152000 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-14 10:06 - 2016-04-23 08:06 - 01232576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-14 10:06 - 2016-04-23 08:06 - 00973504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-14 10:06 - 2016-04-23 08:06 - 00576192 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-14 10:06 - 2016-04-23 08:06 - 00440512 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-14 10:06 - 2016-04-23 08:06 - 00248512 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-14 10:06 - 2016-04-23 08:06 - 00149696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-14 10:06 - 2016-04-23 08:06 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-14 10:06 - 2016-04-23 08:06 - 00042688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-14 10:06 - 2016-04-23 07:28 - 00550240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-14 10:06 - 2016-04-23 07:28 - 00545432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-14 10:06 - 2016-04-23 07:28 - 00278368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-14 10:06 - 2016-04-23 07:28 - 00083808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-14 10:06 - 2016-04-23 07:26 - 00792328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-14 10:06 - 2016-04-23 07:21 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-14 10:06 - 2016-04-23 07:14 - 00310112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-14 10:06 - 2016-04-23 07:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-14 10:06 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-14 10:06 - 2016-04-23 07:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-14 10:06 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-14 10:06 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-14 10:06 - 2016-04-23 07:12 - 00104800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-14 10:06 - 2016-04-23 07:11 - 00259424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-14 10:06 - 2016-04-23 07:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-14 10:06 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-14 10:06 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-14 10:06 - 2016-04-23 07:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-14 10:06 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-14 10:06 - 2016-04-23 07:07 - 00192704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-14 10:06 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-14 10:06 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-14 10:06 - 2016-04-23 07:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-14 10:06 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-14 10:06 - 2016-04-23 07:01 - 00484704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-14 10:06 - 2016-04-23 07:01 - 00336224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-14 10:06 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-14 10:06 - 2016-04-23 07:00 - 01396584 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-14 10:06 - 2016-04-23 07:00 - 01273720 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-14 10:06 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-14 10:06 - 2016-04-23 07:00 - 00049504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-14 10:06 - 2016-04-23 06:55 - 00430432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-14 10:06 - 2016-04-23 06:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-14 10:06 - 2016-04-23 06:29 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-14 10:06 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-14 10:06 - 2016-04-23 06:29 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-14 10:06 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-14 10:06 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-14 10:06 - 2016-04-23 06:27 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-14 10:06 - 2016-04-23 06:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-14 10:06 - 2016-04-23 06:25 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-14 10:06 - 2016-04-23 06:24 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-14 10:06 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-14 10:06 - 2016-04-23 06:24 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-14 10:06 - 2016-04-23 06:24 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-14 10:06 - 2016-04-23 06:23 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-14 10:06 - 2016-04-23 06:23 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-14 10:06 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-14 10:06 - 2016-04-23 06:22 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-14 10:06 - 2016-04-23 06:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-14 10:06 - 2016-04-23 06:21 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-14 10:06 - 2016-04-23 06:21 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-14 10:06 - 2016-04-23 06:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-14 10:06 - 2016-04-23 06:21 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-14 10:06 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-14 10:06 - 2016-04-23 06:20 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-14 10:06 - 2016-04-23 06:20 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-14 10:06 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-14 10:06 - 2016-04-23 06:20 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-14 10:06 - 2016-04-23 06:19 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-14 10:06 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-14 10:06 - 2016-04-23 06:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-14 10:06 - 2016-04-23 06:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-14 10:06 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-14 10:06 - 2016-04-23 06:17 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-14 10:06 - 2016-04-23 06:17 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-14 10:06 - 2016-04-23 06:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-14 10:06 - 2016-04-23 06:16 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-14 10:06 - 2016-04-23 06:16 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-14 10:06 - 2016-04-23 06:16 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-14 10:06 - 2016-04-23 06:15 - 00612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-14 10:06 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-14 10:06 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-14 10:06 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-14 10:06 - 2016-04-23 06:13 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-14 10:06 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-14 10:06 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-14 10:06 - 2016-04-23 06:12 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-14 10:06 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-14 10:06 - 2016-04-23 06:11 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-14 10:06 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-14 10:06 - 2016-04-23 06:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-14 10:06 - 2016-04-23 06:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-14 10:06 - 2016-04-23 06:07 - 01793024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-14 10:06 - 2016-04-23 06:05 - 01895936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-14 10:06 - 2016-04-23 06:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-14 10:06 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-14 10:06 - 2016-04-23 06:04 - 01733632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-14 10:06 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-14 10:06 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-14 10:06 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-14 10:06 - 2016-04-23 06:03 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-14 10:06 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-14 10:06 - 2016-04-23 06:01 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-14 10:06 - 2016-04-23 04:10 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-14 10:06 - 2016-04-02 06:17 - 00297072 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-05-14 10:06 - 2016-04-02 06:14 - 00757192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-05-14 10:06 - 2016-04-02 06:14 - 00613112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-05-14 10:06 - 2016-04-02 06:14 - 00305296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-05-14 10:06 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-05-14 10:06 - 2016-04-02 05:10 - 02871296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-05-14 10:06 - 2016-03-29 11:41 - 00875992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-05-14 10:06 - 2016-03-29 11:41 - 00771120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-05-14 10:06 - 2016-03-29 11:41 - 00228696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-05-14 10:06 - 2016-03-29 11:38 - 01051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-05-14 10:06 - 2016-03-29 11:38 - 00927072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-05-14 10:06 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-14 10:06 - 2016-03-29 11:36 - 01820512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-05-14 10:06 - 2016-03-29 11:33 - 00084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-05-14 10:06 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-05-14 10:06 - 2016-03-29 11:21 - 00922456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-05-14 10:06 - 2016-03-29 11:20 - 00856928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-05-14 10:06 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-05-14 10:06 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-05-14 10:06 - 2016-03-29 10:41 - 00203104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-05-14 10:06 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-05-14 10:06 - 2016-03-29 10:34 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-05-14 10:06 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-05-14 10:06 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-05-14 10:06 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-05-14 10:06 - 2016-03-29 10:24 - 00063008 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-05-14 10:06 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-05-14 10:06 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-05-14 10:06 - 2016-03-29 09:46 - 01861984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-05-14 10:06 - 2016-03-29 09:46 - 00771424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-05-14 10:06 - 2016-03-29 09:42 - 00287072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-05-14 10:06 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msorcl32.dll
2016-05-14 10:06 - 2016-03-29 09:20 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-05-14 10:06 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-05-14 10:06 - 2016-03-29 09:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-05-14 10:06 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-05-14 10:06 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-05-14 10:06 - 2016-03-29 09:09 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-05-14 10:06 - 2016-03-29 09:08 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-05-14 10:06 - 2016-03-29 09:06 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-05-14 10:06 - 2016-03-29 09:05 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-05-14 10:06 - 2016-03-29 09:05 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-05-14 10:06 - 2016-03-29 09:05 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-05-14 10:06 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-05-14 10:06 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-05-14 10:06 - 2016-03-29 09:02 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-05-14 10:06 - 2016-03-29 09:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-05-14 10:06 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-05-14 10:06 - 2016-03-29 08:53 - 00424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-05-14 10:06 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-05-14 10:06 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-05-14 10:06 - 2016-03-29 08:53 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-05-14 10:06 - 2016-03-29 08:52 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-05-14 10:06 - 2016-03-29 08:52 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-05-14 10:06 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-05-14 10:06 - 2016-03-29 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-05-14 10:06 - 2016-03-29 08:47 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-05-14 10:06 - 2016-03-29 08:46 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-05-14 10:06 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-05-14 10:06 - 2016-03-29 08:44 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-05-14 10:06 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-05-14 10:06 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-05-14 10:06 - 2016-03-29 08:41 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-05-14 10:06 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-05-14 10:06 - 2016-03-29 08:40 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-05-14 10:06 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-05-14 10:06 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-05-14 10:06 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-05-14 10:06 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-05-14 10:06 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-05-14 10:06 - 2016-03-29 08:36 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-05-14 10:06 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-05-14 10:06 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-05-14 10:06 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-05-14 10:06 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-05-14 10:06 - 2016-03-29 08:32 - 00601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-05-14 10:06 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-05-14 10:06 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-05-14 10:06 - 2016-03-29 08:29 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-05-14 10:06 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-05-14 10:06 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-05-14 10:06 - 2016-03-29 08:26 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-05-14 10:06 - 2016-03-29 08:25 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-05-14 10:06 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-05-14 10:06 - 2016-03-29 08:18 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-05-14 10:06 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-05-14 10:06 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-05-14 10:06 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-05-14 10:06 - 2016-03-29 08:07 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-05-14 10:06 - 2016-03-29 08:06 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-05-14 10:06 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-05-14 10:06 - 2016-03-29 08:06 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-05-14 10:06 - 2016-03-29 08:06 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-05-14 10:06 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-05-14 10:06 - 2016-03-29 08:04 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-05-14 10:06 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-05-14 10:06 - 2016-03-29 07:55 - 00614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-05-14 10:06 - 2016-03-29 07:46 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-05-14 10:06 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-05-14 10:06 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-05-14 10:06 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-05-14 10:06 - 2016-03-29 07:36 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-05-14 10:06 - 2016-03-29 07:32 - 00742400 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-05-14 10:06 - 2016-03-29 07:30 - 00782336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-05-14 10:06 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-05-14 10:06 - 2016-03-29 07:25 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-05-14 10:06 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-05-14 10:06 - 2016-03-29 07:24 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-05-14 10:06 - 2016-03-29 07:21 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-05-14 10:06 - 2016-03-01 07:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-05-14 10:06 - 2016-02-24 10:57 - 01174368 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-05-14 10:06 - 2016-02-24 10:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-05-14 10:06 - 2016-02-24 10:15 - 00107872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-05-14 10:06 - 2016-02-24 10:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-05-14 10:06 - 2016-02-24 10:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-05-14 10:06 - 2016-02-24 10:03 - 00510880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-05-14 10:06 - 2016-02-24 09:59 - 00118304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-05-14 10:06 - 2016-02-24 09:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-05-14 10:06 - 2016-02-24 09:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-05-14 10:06 - 2016-02-24 09:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-05-14 10:06 - 2016-02-24 09:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2016-05-14 10:06 - 2016-02-24 08:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-05-14 10:06 - 2016-02-24 08:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-05-14 10:06 - 2016-02-24 08:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-05-14 10:06 - 2016-02-24 08:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-05-14 10:06 - 2016-02-24 08:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-05-14 10:06 - 2016-02-24 08:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-05-14 10:06 - 2016-02-24 08:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-05-14 10:06 - 2016-02-24 08:37 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-05-14 10:06 - 2016-02-24 08:37 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-05-14 10:06 - 2016-02-24 08:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-05-14 10:06 - 2016-02-24 08:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-05-14 10:06 - 2016-02-24 08:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-05-14 10:06 - 2016-02-24 08:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-05-14 10:06 - 2016-02-24 08:29 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-05-14 10:06 - 2016-02-24 08:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-05-14 10:06 - 2016-02-24 08:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-05-14 10:06 - 2016-02-24 08:27 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-05-14 10:06 - 2016-02-24 08:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-05-14 10:06 - 2016-02-24 08:23 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-05-14 10:06 - 2016-02-24 08:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-05-14 10:06 - 2016-02-24 08:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-05-14 10:06 - 2016-02-24 08:21 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-05-14 10:06 - 2016-02-24 08:21 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-05-14 10:06 - 2016-02-24 08:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-05-14 10:06 - 2016-02-24 08:20 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-05-14 10:06 - 2016-02-24 08:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-05-14 10:06 - 2016-02-24 08:18 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-05-14 10:06 - 2016-02-24 08:18 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-05-14 10:06 - 2016-02-24 08:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-05-14 10:06 - 2016-02-24 08:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-05-14 10:06 - 2016-02-24 08:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-05-14 10:06 - 2016-02-24 08:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-05-14 10:06 - 2016-02-24 08:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-05-14 10:06 - 2016-02-24 08:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-05-14 10:06 - 2016-02-24 08:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-05-14 10:06 - 2016-02-24 08:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-05-14 10:06 - 2016-02-24 08:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-05-14 10:06 - 2016-02-24 08:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-05-14 10:06 - 2016-02-24 08:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-05-14 10:06 - 2016-02-24 07:55 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-05-14 10:06 - 2016-02-24 07:51 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-05-14 10:06 - 2016-02-24 07:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-05-14 10:06 - 2016-02-24 07:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-05-14 10:06 - 2016-02-23 12:33 - 00354656 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2016-05-14 10:06 - 2016-02-23 12:33 - 00354656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-05-14 10:06 - 2016-02-23 12:32 - 00462688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-05-14 10:06 - 2016-02-23 12:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-05-14 10:06 - 2016-02-23 11:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-05-14 10:06 - 2016-02-23 11:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-05-14 10:06 - 2016-02-23 11:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-05-14 10:06 - 2016-02-23 11:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-05-14 10:06 - 2016-02-23 11:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-05-14 10:06 - 2016-02-23 11:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-05-14 10:06 - 2016-02-23 11:37 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-05-14 10:06 - 2016-02-23 11:23 - 00124256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-05-14 10:06 - 2016-02-23 10:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-05-14 10:06 - 2016-02-23 10:51 - 00381280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-05-14 10:06 - 2016-02-23 10:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-05-14 10:06 - 2016-02-23 10:25 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-05-14 10:06 - 2016-02-23 10:25 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-05-14 10:06 - 2016-02-23 10:18 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-05-14 10:06 - 2016-02-23 10:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-05-14 10:06 - 2016-02-23 10:14 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-05-14 10:06 - 2016-02-23 10:13 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-05-14 10:06 - 2016-02-23 10:08 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-05-14 10:06 - 2016-02-23 10:07 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-05-14 10:06 - 2016-02-23 10:03 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-05-14 10:06 - 2016-02-23 10:01 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-05-14 10:06 - 2016-02-23 10:01 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-05-14 10:06 - 2016-02-23 09:51 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-05-14 10:06 - 2016-02-23 09:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-05-14 10:06 - 2016-02-23 09:50 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-05-14 10:06 - 2016-02-23 09:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-05-14 10:06 - 2016-02-23 09:48 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-05-14 10:06 - 2016-02-23 09:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-05-14 10:06 - 2016-02-23 09:46 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-05-14 10:06 - 2016-02-23 09:45 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-05-14 10:06 - 2016-02-23 09:41 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-05-14 10:06 - 2016-02-23 09:40 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-05-14 10:06 - 2016-02-23 09:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-05-14 10:06 - 2016-02-23 09:38 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-05-14 10:06 - 2016-02-23 09:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-05-14 10:06 - 2016-02-23 09:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-05-14 10:06 - 2016-02-23 09:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-05-14 10:06 - 2016-02-23 09:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-05-14 10:06 - 2016-02-23 09:28 - 00810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-05-14 10:06 - 2016-02-23 09:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-05-14 10:06 - 2016-02-23 09:24 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-05-14 10:06 - 2016-02-23 09:24 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-05-14 10:06 - 2016-02-23 09:23 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-05-14 10:06 - 2016-02-23 09:20 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-05-14 10:06 - 2016-02-23 09:14 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-05-14 10:06 - 2016-02-23 09:05 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-05-14 10:06 - 2016-02-23 08:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-05-14 10:06 - 2016-02-23 08:36 - 01931776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-05-14 10:06 - 2016-02-23 08:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-05-14 10:06 - 2016-02-09 05:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-05-14 10:06 - 2016-02-09 05:09 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-05-14 10:05 - 2016-04-23 06:35 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-14 10:05 - 2016-04-23 06:28 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-14 10:05 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-14 10:05 - 2016-04-23 06:27 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-14 10:05 - 2016-04-23 06:27 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-14 10:05 - 2016-04-23 06:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-14 10:05 - 2016-04-23 06:23 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-14 10:05 - 2016-04-23 06:19 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-14 10:05 - 2016-04-23 06:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-14 10:05 - 2016-04-19 00:30 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-14 10:05 - 2016-03-29 09:28 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-05-14 10:05 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-05-14 10:05 - 2016-03-29 09:20 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-05-14 10:05 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-05-14 10:05 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-05-14 10:05 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-05-14 10:05 - 2016-03-29 09:14 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-05-14 10:05 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-05-14 10:05 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-05-14 10:05 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-05-14 10:05 - 2016-03-29 09:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-05-14 10:05 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-05-14 10:05 - 2016-03-29 09:05 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-05-14 10:05 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-05-14 10:05 - 2016-03-29 08:52 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-05-14 10:05 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\system32\MTF.dll
2016-05-14 10:05 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-05-14 10:05 - 2016-03-29 08:26 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-05-14 10:05 - 2016-02-24 08:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-05-14 10:05 - 2016-02-24 08:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-05-14 10:05 - 2016-02-24 08:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-05-14 10:05 - 2016-02-24 08:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-05-14 10:05 - 2016-02-23 10:16 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-05-14 10:05 - 2016-02-23 10:05 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-05-14 10:05 - 2016-02-23 09:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-05-14 10:05 - 2016-02-23 09:44 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-05-14 09:22 - 2016-05-14 09:22 - 00000000 ____D C:\ProgramData\HP
2016-05-14 09:21 - 2016-05-14 09:21 - 02474920 _____ C:\Users\Ernst\Downloads\hppiw.exe
2016-05-13 19:47 - 2016-05-13 19:47 - 00000000 ____D C:\Users\Ernst\AppData\Local\Comms
2016-05-13 19:07 - 2016-04-04 17:07 - 00044208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-05-13 19:03 - 2016-05-20 16:01 - 00000000 ____D C:\Program Files\Avira
2016-05-13 19:03 - 2016-05-13 19:03 - 04898016 _____ (Avira Operations GmbH & Co. KG) C:\Users\Ernst\Downloads\avira_de_av_573608a76d994__ws.exe
2016-05-13 18:29 - 2016-05-17 19:37 - 00000000 ____D C:\WINDOWS\Minidump
2016-05-13 18:00 - 2016-05-21 18:31 - 00000000 ___DC C:\WINDOWS\Panther
2016-05-13 17:58 - 2016-05-13 17:58 - 00002394 _____ C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-13 17:58 - 2016-05-13 17:58 - 00000000 ___RD C:\Users\Ernst\OneDrive
2016-05-13 17:57 - 2016-05-13 17:58 - 00000000 ____D C:\Windows.old
2016-05-13 17:56 - 2016-05-13 17:56 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-05-13 17:55 - 2015-10-29 19:42 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-05-13 17:55 - 2015-10-29 19:41 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-05-13 17:55 - 2015-10-29 19:24 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-05-13 17:54 - 2016-05-13 17:54 - 00001091 _____ C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2016-05-13 17:54 - 2016-05-13 17:54 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2016-05-13 17:54 - 2016-05-13 17:54 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-05-13 17:54 - 2016-05-13 17:54 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-05-13 17:54 - 2016-05-13 17:54 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-05-13 17:54 - 2016-05-13 17:54 - 00000000 ____D C:\Program Files\MSBuild
2016-05-13 17:54 - 2016-05-13 17:54 - 00000000 ____D C:\inetpub
2016-05-13 17:53 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-05-13 17:53 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-05-13 17:53 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-05-13 17:52 - 2016-05-13 17:52 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-05-13 17:52 - 2016-05-13 17:52 - 00279376 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-05-13 17:52 - 2016-05-13 17:52 - 00000000 ____D C:\Users\Ernst\AppData\Local\Publishers
2016-05-13 17:51 - 2016-05-13 17:51 - 00000000 ____D C:\Users\Ernst\AppData\Local\ActiveSync
2016-05-13 17:49 - 2016-05-13 18:21 - 00000000 ____D C:\Users\Ernst\AppData\Local\Packages
2016-05-13 17:49 - 2016-05-13 17:49 - 00000020 ___SH C:\Users\Ernst\ntuser.ini
2016-05-13 17:49 - 2016-05-13 17:49 - 00000000 ____D C:\Users\Ernst\AppData\Local\TileDataLayer
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-05-13 17:36 - 2016-05-13 17:36 - 00021532 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-05-13 17:20 - 2016-05-13 17:20 - 00001544 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-05-13 17:20 - 2016-05-13 17:20 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-05-13 17:20 - 2016-05-13 17:20 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-05-13 17:12 - 2016-05-13 17:12 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-05-13 17:07 - 2016-05-20 16:06 - 00000000 ____D C:\Users\Gast
2016-05-13 17:07 - 2016-05-20 16:06 - 00000000 ____D C:\Users\Administrator
2016-05-13 17:07 - 2016-05-20 15:10 - 00000000 ____D C:\Users\Ernst
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Startmenü
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Videos
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Vorlagen
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Startmenü
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Netzwerkumgebung
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Lokale Einstellungen
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Eigene Dateien
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Druckumgebung
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Documents\Eigene Videos
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Documents\Eigene Musik
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Documents\Eigene Bilder
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\AppData\Local\Verlauf
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\AppData\Local\Anwendungsdaten
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Anwendungsdaten
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2016-05-13 17:06 - 2016-05-21 18:23 - 02039076 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-13 17:04 - 2016-05-21 18:17 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-13 17:04 - 2016-05-14 13:56 - 00000253 _____ C:\WINDOWS\hpbafd.ini
2016-05-13 17:04 - 2016-01-29 12:14 - 04397624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-05-13 17:04 - 2016-01-29 12:14 - 03068864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc.dll
2016-05-13 17:04 - 2016-01-29 12:14 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-05-13 17:04 - 2016-01-29 12:14 - 00678968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-05-13 17:04 - 2016-01-29 12:14 - 00381888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-05-13 17:04 - 2016-01-29 12:14 - 00070200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-05-13 17:04 - 2016-01-28 18:18 - 06150607 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-05-13 17:03 - 2016-05-21 09:22 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-05-13 17:03 - 2016-05-20 16:01 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-05-13 17:03 - 2016-05-13 17:03 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-05-13 17:03 - 2016-05-13 17:03 - 00000000 ____D C:\WINDOWS\system32\RTCOM
2016-05-13 17:03 - 2016-05-13 17:03 - 00000000 ____D C:\Program Files\Realtek
2016-05-13 16:03 - 2016-05-13 17:38 - 00021881 _____ C:\WINDOWS\diagerr.xml
2016-05-13 16:03 - 2016-05-13 17:38 - 00020958 _____ C:\WINDOWS\diagwrn.xml
2016-05-13 14:54 - 2016-05-13 17:23 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-12 10:14 - 2016-05-12 10:14 - 00000931 _____ C:\Users\Ernst\Documents\AL-KO B2C Ersatzteilsystem - Warenkorb.htm
2016-05-12 09:53 - 2016-05-12 10:25 - 00015872 ___SH C:\Users\Ernst\Thumbs.db
2016-05-10 21:29 - 2016-05-20 15:46 - 00000000 ____D C:\ProgramData\Baidu
2016-05-10 20:30 - 2016-05-10 20:30 - 00000000 ____D C:\Users\Ernst\Documents\video_out
2016-05-10 20:26 - 2016-05-10 20:26 - 00001161 _____ C:\Users\Ernst\Desktop\amvtransform.lnk
2016-05-10 20:25 - 2016-05-13 17:23 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Media Player Utilities 4.46
2016-05-10 20:25 - 2016-05-10 20:25 - 00000000 ____D C:\Program Files\Media Player Utilities 4.46
2016-05-10 09:14 - 2016-05-10 09:14 - 05482783 _____ C:\Users\Ernst\Documents\ehvmitteilung2016.pdf
2016-05-02 13:23 - 2016-05-02 16:31 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2016-04-30 15:24 - 2016-04-30 15:24 - 01334540 _____ (Sebastien.warin.fr ) C:\Users\Ernst\Downloads\SWYH_1.4.16069.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-21 18:43 - 2015-07-20 12:57 - 00001224 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3539214255-4280287789-3925056074-1000UA.job
2016-05-21 18:36 - 2015-03-09 18:10 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-21 18:34 - 2010-08-24 21:40 - 00000000 ____D C:\Program Files\svnet
2016-05-21 18:31 - 2015-10-30 07:47 - 00000000 ____D C:\WINDOWS\INF
2016-05-21 18:31 - 2010-01-18 18:06 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Media Player Classic
2016-05-21 18:29 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-21 18:23 - 2016-02-13 13:57 - 00870322 _____ C:\WINDOWS\system32\perfh007.dat
2016-05-21 18:23 - 2016-02-13 13:57 - 00189546 _____ C:\WINDOWS\system32\perfc007.dat
2016-05-21 18:18 - 2011-01-08 10:44 - 00001098 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-21 18:17 - 2016-02-13 14:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-21 18:17 - 2015-03-21 11:14 - 00000266 _____ C:\WINDOWS\Tasks\AbelssoftPreloader.job
2016-05-21 18:17 - 2011-01-08 10:44 - 00001094 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-21 18:17 - 2010-01-19 14:30 - 00000000 ____D C:\WINDOWS\Msagent
2016-05-21 18:16 - 2015-10-30 07:13 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-05-21 18:16 - 2010-01-18 18:05 - 00000000 ____D C:\Program Files\Digital Video Converter
2016-05-21 17:57 - 2012-09-23 10:36 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-21 13:59 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\rescache
2016-05-20 18:04 - 2015-10-30 07:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-20 16:06 - 2016-01-12 22:23 - 00000000 ____D C:\ProgramData\AllDup
2016-05-20 16:05 - 2015-10-30 07:13 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-05-20 16:02 - 2016-03-16 21:23 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\PicPick
2016-05-20 16:02 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\Help
2016-05-20 16:02 - 2015-10-25 15:31 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2016-05-20 16:02 - 2015-03-05 21:51 - 00000000 ___SD C:\Users\Ernst\Documents\Eigene Datenquellen
2016-05-20 16:02 - 2014-09-28 11:54 - 00000000 ____D C:\Users\Ernst\Documents\Wondershare Video Editor
2016-05-20 16:02 - 2013-12-12 15:30 - 00000000 ____D C:\WINDOWS\de
2016-05-20 16:02 - 2012-09-23 10:32 - 00000000 ____D C:\Users\Ernst\Documents\StreamTransport
2016-05-20 16:02 - 2012-02-04 17:35 - 00000000 ____D C:\Users\Ernst\Documents\Audible
2016-05-20 16:02 - 2011-01-23 11:06 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\vlc
2016-05-20 16:02 - 2010-11-13 18:11 - 00000000 ____D C:\Users\Ernst\Documents\Partituren
2016-05-20 16:02 - 2010-09-07 14:11 - 00000000 ____D C:\Users\Ernst\Documents\DVDVideoSoft
2016-05-20 16:02 - 2010-02-28 17:00 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\dvdcss
2016-05-20 16:02 - 2010-01-19 23:19 - 00000000 ___SD C:\Users\Ernst\Documents\Eigene Webs
2016-05-20 16:02 - 2010-01-19 15:32 - 00000000 ___RD C:\Users\Ernst\Documents\Scanned Documents
2016-05-20 16:02 - 2010-01-17 15:17 - 00000000 ____D C:\Users\Public\Documents\Pinnacle
2016-05-20 16:01 - 2015-09-20 21:00 - 00000000 ____D C:\ProgramData\PDF Writer
2016-05-20 16:01 - 2014-09-30 20:09 - 00000000 ____D C:\ProgramData\Ashampoo
2016-05-20 16:01 - 2014-03-23 18:38 - 00000000 ____D C:\ProgramData\POIbase
2016-05-20 16:01 - 2014-02-13 14:38 - 00000000 ____D C:\ProgramData\IObit
2016-05-20 16:01 - 2013-12-23 09:24 - 00000000 ____D C:\ProgramData\RapidSolution
2016-05-20 16:01 - 2013-11-17 15:30 - 00000000 ____D C:\ProgramData\Samsung
2016-05-20 16:01 - 2013-11-06 17:48 - 00000000 ____D C:\ProgramData\Deskshare
2016-05-20 16:01 - 2013-11-05 23:36 - 00000000 ____D C:\ProgramData\Licenses
2016-05-20 16:01 - 2013-09-14 09:19 - 00000000 ____D C:\ProgramData\Oracle
2016-05-20 16:01 - 2013-09-13 17:25 - 00000000 ____D C:\ProgramData\PDFEditor
2016-05-20 16:01 - 2013-08-31 16:00 - 00000000 ___HD C:\ProgramData\CanonIJEGV
2016-05-20 16:01 - 2013-08-31 15:45 - 00000000 ___HD C:\ProgramData\CanonIJETV
2016-05-20 16:01 - 2012-10-23 08:13 - 00000000 ____D C:\Program Files\Freemake
2016-05-20 16:01 - 2012-01-29 19:27 - 00000000 ____D C:\Program Files\Biet-O-Matic
2016-05-20 16:01 - 2011-12-29 09:07 - 00000000 ____D C:\ProgramData\Norton
2016-05-20 16:01 - 2011-01-13 20:58 - 00000000 ____D C:\ProgramData\Apple Computer
2016-05-20 16:01 - 2010-06-13 15:26 - 00000000 ____D C:\ProgramData\Nero
2016-05-20 16:01 - 2010-04-20 12:39 - 00000000 ____D C:\ProgramData\Apple
2016-05-20 16:01 - 2010-02-07 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AceBIT
2016-05-20 16:01 - 2010-02-07 12:04 - 00000000 ____D C:\Program Files\AceBIT
2016-05-20 16:01 - 2010-01-27 18:33 - 00000000 ____D C:\Program Files\Windows Live
2016-05-20 16:01 - 2010-01-27 18:31 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2016-05-20 16:01 - 2010-01-17 15:09 - 00000000 ____D C:\ProgramData\Pinnacle
2016-05-20 16:01 - 2010-01-16 22:18 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2016-05-20 16:01 - 2010-01-16 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-05-20 15:52 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\SystemResources
2016-05-20 15:52 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\registration
2016-05-20 15:51 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\spool
2016-05-20 15:48 - 2015-10-30 07:48 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-05-20 15:47 - 2015-11-21 12:07 - 00000000 ____D C:\Users\Ernst\Documents\Automanager
2016-05-20 15:47 - 2014-03-22 18:54 - 00000000 ____D C:\Users\Ernst\Documents\Medion
2016-05-20 15:47 - 2012-02-04 10:45 - 00000000 ____D C:\ProgramData\TuneUp Software
2016-05-20 15:47 - 2011-03-12 18:54 - 00000000 ____D C:\Users\Ernst\Documents\OJOsoft Corporation
2016-05-20 15:47 - 2010-01-23 11:27 - 00000000 ____D C:\ProgramData\T-Online
2016-05-20 15:47 - 2010-01-19 15:32 - 00000000 ____D C:\Users\Ernst\Documents\Fax
2016-05-20 15:47 - 2010-01-16 19:14 - 00000000 ____D C:\Users\Ernst\Documents\MAGIX_Video_deluxe_15_Plus_Download-Version
2016-05-20 15:46 - 2015-10-30 07:48 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-05-20 15:46 - 2015-02-27 17:45 - 00000000 ____D C:\ProgramData\Lexware
2016-05-20 15:46 - 2015-02-01 10:50 - 00000000 ____D C:\ProgramData\CyberLink
2016-05-20 15:46 - 2013-08-25 09:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-20 15:46 - 2010-01-22 19:25 - 00000000 ___HD C:\ProgramData\CanonBJ
2016-05-20 15:46 - 2010-01-17 19:24 - 00000000 ____D C:\ProgramData\Adobe
2016-05-20 15:46 - 2010-01-16 22:19 - 00000000 ___HD C:\ProgramData\ArcSoft
2016-05-20 15:46 - 2010-01-16 19:14 - 00000000 ____D C:\ProgramData\MAGIX
2016-05-20 15:25 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-20 09:35 - 2010-12-15 20:26 - 00155832 _____ C:\Users\Ernst\AppData\Roaming\GDIPFONTCACHEV1.DAT
2016-05-20 07:36 - 2010-05-06 13:32 - 00000000 ____D C:\temp
2016-05-18 20:21 - 2012-10-23 08:13 - 00000000 ____D C:\ProgramData\Freemake
2016-05-18 14:10 - 2012-08-30 18:57 - 00000000 ____D C:\Users\Ernst\AppData\Local\Windows Live
2016-05-17 19:37 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-05-15 12:33 - 2010-05-02 10:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2016-05-15 12:33 - 2010-04-29 14:38 - 00000000 ____D C:\Program Files\Common Files\Acronis
2016-05-15 11:42 - 2010-05-02 11:02 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Acronis
2016-05-15 11:22 - 2010-04-29 14:38 - 00158272 _____ (Acronis) C:\WINDOWS\system32\Drivers\snapman.sys
2016-05-15 06:43 - 2015-07-20 12:57 - 00001172 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3539214255-4280287789-3925056074-1000Core.job
2016-05-14 17:36 - 2013-11-12 09:14 - 00001153 _____ C:\Users\Ernst\Desktop\KaraFun Player 2.lnk
2016-05-14 17:36 - 2013-11-12 09:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KaraFun Player 2
2016-05-14 17:36 - 2013-11-12 09:14 - 00000000 ____D C:\Program Files\KaraFun Player 2
2016-05-14 15:22 - 2016-02-13 14:34 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-14 15:20 - 2015-12-13 20:32 - 00000000 ____D C:\Users\Ernst\.idlerc
2016-05-14 14:02 - 2010-01-16 19:06 - 00000000 ____D C:\Users\Ernst\AppData\Local\ElevatedDiagnostics
2016-05-14 13:57 - 2010-01-17 15:09 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2016-05-14 13:27 - 2010-01-16 14:45 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2016-05-14 13:08 - 2015-03-09 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-05-14 13:08 - 2014-10-23 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-14 13:08 - 2010-02-05 19:46 - 00000000 ____D C:\Program Files\Java
2016-05-14 13:07 - 2015-10-01 17:39 - 00000000 ____D C:\Users\Ernst\.oracle_jre_usage
2016-05-14 13:07 - 2015-03-18 18:50 - 00095808 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2016-05-14 11:30 - 2011-12-07 16:35 - 00000848 _____ C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Zertifikatsmanager.lnk
2016-05-14 11:13 - 2013-09-06 18:49 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\DVDVideoSoft
2016-05-14 10:44 - 2016-02-13 05:25 - 00489088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-14 10:41 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-05-14 10:41 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-05-14 10:41 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-14 10:41 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-14 10:41 - 2015-10-30 07:13 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-05-14 10:40 - 2016-02-13 14:15 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 __RSD C:\WINDOWS\Media
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-05-14 10:39 - 2015-10-30 07:48 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-14 08:52 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppCompat
2016-05-13 19:01 - 2010-01-16 22:18 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-05-13 18:55 - 2011-08-07 14:34 - 00000000 ____D C:\MeWDB-X
2016-05-13 18:50 - 2013-09-30 12:57 - 00000000 ____D C:\Program Files\MMI PHARMINDEX
2016-05-13 18:37 - 2014-05-08 14:43 - 00000000 ____D C:\ProgramData\G Data
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\setup
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\ras
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\IME
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\Com
2016-05-13 18:35 - 2015-10-30 07:13 - 00000000 ____D C:\WINDOWS\system32\SMI
2016-05-13 18:35 - 2014-05-08 14:43 - 00000000 ____D C:\Program Files\G Data
2016-05-13 18:00 - 2015-10-30 07:48 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-05-13 17:56 - 2013-08-27 14:29 - 00000000 ___RD C:\Users\Ernst\Dropbox
2016-05-13 17:56 - 2013-08-27 14:25 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Dropbox
2016-05-13 17:55 - 2016-02-13 14:01 - 00000000 ____D C:\WINDOWS\OCR
2016-05-13 17:54 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-05-13 17:54 - 2015-10-30 07:45 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-05-13 17:54 - 2015-10-30 07:45 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-05-13 17:54 - 2015-10-30 07:45 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-05-13 17:54 - 2015-10-30 07:45 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-05-13 17:54 - 2015-10-30 07:45 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-05-13 17:54 - 2015-10-30 07:45 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 01014272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-05-13 17:53 - 2015-10-30 07:45 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-05-13 17:53 - 2015-10-30 07:45 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-05-13 17:53 - 2015-10-30 07:45 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-05-13 17:53 - 2015-10-30 07:45 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-05-13 17:39 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-05-13 17:39 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Windows NT
2016-05-13 17:35 - 2015-10-30 07:48 - 00000000 __RHD C:\Users\Public\Libraries
2016-05-13 17:28 - 2013-11-17 15:30 - 00000000 ____D C:\Program Files\SamsungPrinterLiveUpdateInstaller
2016-05-13 17:23 - 2016-03-16 21:09 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDFtoMusic
2016-05-13 17:23 - 2016-02-23 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-05-13 17:23 - 2016-02-23 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2016-05-13 17:23 - 2016-01-12 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AllDup
2016-05-13 17:23 - 2015-12-13 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2016-05-13 17:23 - 2015-11-26 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-05-13 17:23 - 2015-11-24 10:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD to MP3 Freeware
2016-05-13 17:23 - 2015-10-30 07:13 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-05-13 17:23 - 2015-10-28 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!
2016-05-13 17:23 - 2015-10-18 15:57 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2016-05-13 17:23 - 2015-09-24 07:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Fernzugang
2016-05-13 17:23 - 2015-09-06 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\POIbase
2016-05-13 17:23 - 2015-08-25 20:57 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EL-Demo Softland
2016-05-13 17:23 - 2015-08-20 07:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2016-05-13 17:23 - 2015-07-18 10:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\E.M. Free Photo Collage
2016-05-13 17:23 - 2015-06-12 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam
2016-05-13 17:23 - 2015-06-06 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-05-13 17:23 - 2015-05-30 11:22 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVR-Capture
2016-05-13 17:23 - 2015-03-21 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC-Putzer 2015
2016-05-13 17:23 - 2015-02-01 10:54 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 5
2016-05-13 17:23 - 2014-12-30 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2016-05-13 17:23 - 2014-12-22 09:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 12
2016-05-13 17:23 - 2014-10-02 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QGroundControl
2016-05-13 17:23 - 2014-09-16 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2016-05-13 17:23 - 2014-09-11 08:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stream What You Hear (SWYH)
2016-05-13 17:23 - 2014-07-08 19:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR
2016-05-13 17:23 - 2013-12-23 09:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 11
2016-05-13 17:23 - 2013-12-12 14:30 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2016-05-13 17:23 - 2013-12-12 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2016-05-13 17:23 - 2013-11-18 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP7200 series Benutzerregistrierung
2016-05-13 17:23 - 2013-11-05 22:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KaraFun Player
2016-05-13 17:23 - 2013-10-27 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-05-13 17:23 - 2013-09-27 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 9.2.2
2016-05-13 17:23 - 2013-09-12 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Editor 3.3
2016-05-13 17:23 - 2013-09-06 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-05-13 17:23 - 2013-08-31 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\proDAD
2016-05-13 17:23 - 2013-08-31 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD-LabelPrint
2016-05-13 17:23 - 2013-08-31 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP7200 series Manual
2016-05-13 17:23 - 2013-08-31 15:51 - 00000000 ____D C:\WINDOWS\system32\STRING
2016-05-13 17:23 - 2012-02-04 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager
2016-05-13 17:23 - 2011-08-22 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telekom Fotoservice
2016-05-13 17:23 - 2011-06-01 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCM Microsystems Tools
2016-05-13 17:23 - 2011-04-17 10:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle VideoSpin
2016-05-13 17:23 - 2011-03-24 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2016-05-13 17:23 - 2011-03-12 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © v2011.build.46 (Feb 12, 2011)
2016-05-13 17:23 - 2011-02-09 09:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazingMIDI
2016-05-13 17:23 - 2011-01-23 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free M4a to MP3 Converter
2016-05-13 17:23 - 2011-01-21 19:19 - 00000000 ____D C:\WINDOWS\system32\custom matrices
2016-05-13 17:23 - 2011-01-21 19:19 - 00000000 ____D C:\WINDOWS\system32\C2MP
2016-05-13 17:23 - 2011-01-21 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack
2016-05-13 17:23 - 2011-01-03 09:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2016-05-13 17:23 - 2010-11-16 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
2016-05-13 17:23 - 2010-11-13 18:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neuratron
2016-05-13 17:23 - 2010-11-13 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sibelius Software
2016-05-13 17:23 - 2010-09-18 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePDF
2016-05-13 17:23 - 2010-09-18 10:12 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ghostscript
2016-05-13 17:23 - 2010-06-13 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials
2016-05-13 17:23 - 2010-06-13 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2016-05-13 17:23 - 2010-05-19 05:47 - 00000000 ____D C:\WINDOWS\WindowsMobile
2016-05-13 17:23 - 2010-05-15 17:25 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2016-05-13 17:23 - 2010-05-05 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Hollywood FX 6.0 for Studio 11
2016-05-13 17:23 - 2010-03-16 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPhoto Plus 4
2016-05-13 17:23 - 2010-03-14 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyVoice
2016-05-13 17:23 - 2010-02-06 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2016-05-13 17:23 - 2010-02-06 17:09 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\multiAVCHD
2016-05-13 17:23 - 2010-02-06 16:59 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ODBC
2016-05-13 17:23 - 2010-02-06 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartCutter PsTs 20091004
2016-05-13 17:23 - 2010-01-30 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDS-Expert QM
2016-05-13 17:23 - 2010-01-30 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vanBasco's Karaoke Player
2016-05-13 17:23 - 2010-01-26 21:56 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-05-13 17:23 - 2010-01-26 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-05-13 17:23 - 2010-01-19 22:11 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\P A I P
2016-05-13 17:23 - 2010-01-19 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2016-05-13 17:23 - 2010-01-18 19:49 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WS_FTP
2016-05-13 17:23 - 2010-01-18 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digital Video Converter
2016-05-13 17:23 - 2010-01-18 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-05-13 17:23 - 2010-01-17 20:55 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
2016-05-13 17:20 - 2009-07-14 04:37 - 00000000 ____D C:\Users\Default.migrated
2016-05-13 17:14 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-05-13 17:14 - 2012-02-04 17:25 - 00000000 ____D C:\WINDOWS\system32\SPReview
2016-05-13 17:14 - 2012-02-04 17:25 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2016-05-13 17:13 - 2016-02-13 14:15 - 00000000 ____D C:\WINDOWS\ShellNew
2016-05-13 17:13 - 2016-02-13 13:57 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-05-13 17:13 - 2015-10-30 07:48 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-05-13 17:13 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\System
2016-05-13 17:13 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\schemas
2016-05-13 17:13 - 2013-08-31 15:52 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2016-05-13 17:13 - 2013-08-24 23:01 - 00000000 __SHD C:\WINDOWS\system32\%APPDATA%
2016-05-13 17:13 - 2011-01-13 20:29 - 00000000 ____D C:\WINDOWS\system32\Adobe
2016-05-13 17:12 - 2016-02-23 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2016-05-13 17:12 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Common Files\System
2016-05-13 17:12 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-05-13 17:12 - 2015-09-20 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip
2016-05-13 17:12 - 2015-09-20 07:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2016-05-13 17:12 - 2015-03-21 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2016-05-13 17:12 - 2015-01-31 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-05-13 17:12 - 2014-09-30 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-05-13 17:12 - 2013-11-18 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP7200 series
2016-05-13 17:12 - 2013-11-04 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EURACOM_4D03
2016-05-13 17:12 - 2013-08-31 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2016-05-13 17:12 - 2012-06-08 09:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panasonic
2016-05-13 17:12 - 2012-01-29 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Biet-O-Matic
2016-05-13 17:12 - 2011-06-01 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCM Microsystems
2016-05-13 17:12 - 2010-11-21 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2016-05-13 17:12 - 2010-06-06 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aura4You
2016-05-13 17:12 - 2010-05-05 19:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio 11
2016-05-13 17:12 - 2010-02-18 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon
2016-05-13 17:12 - 2010-01-23 11:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T-Online
2016-05-13 17:12 - 2009-07-14 10:56 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-05-13 17:12 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Microsoft Games
2016-05-13 17:12 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\DVD Maker
2016-05-13 17:11 - 2009-07-14 04:37 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-05-13 16:27 - 2009-07-14 06:34 - 00023168 _____ C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-13 16:27 - 2009-07-14 06:34 - 00023168 _____ C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-13 16:03 - 2016-02-13 15:27 - 00000000 ___HD C:\$WINDOWS.~BT
2016-05-13 15:36 - 2010-12-08 22:12 - 00325120 ___SH C:\Users\Ernst\Downloads\Thumbs.db
2016-05-12 10:06 - 2010-12-08 23:11 - 136686448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-11 21:57 - 2015-10-30 07:49 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-05-11 21:57 - 2015-10-30 07:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-05-11 19:18 - 2010-06-08 20:37 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Audacity
2016-05-11 12:28 - 2013-11-09 19:20 - 00000000 ____D C:\Users\Ernst\AppData\Local\FRITZ!
2016-05-09 17:33 - 2015-10-25 15:31 - 00001370 _____ C:\Users\Ernst\Desktop\CopyTrans Control Center.lnk
2016-05-09 16:41 - 2012-05-06 18:05 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-05-03 13:33 - 2014-09-15 15:57 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2016-05-03 13:33 - 2013-09-06 18:49 - 00000000 ____D C:\Program Files\DVDVideoSoft
2016-04-30 15:25 - 2014-09-11 08:31 - 00001023 _____ C:\Users\Public\Desktop\Stream What You Hear (SWYH).lnk
2016-04-30 15:25 - 2014-09-11 08:31 - 00000000 ____D C:\Program Files\Stream What You Hear
2016-04-24 20:20 - 2015-07-23 07:08 - 00000946 _____ C:\Users\Public\Desktop\TomTom MyDrive Connect.lnk
2016-04-24 20:20 - 2014-12-30 14:13 - 00000000 ____D C:\Program Files\MyDrive Connect
2016-04-22 09:57 - 2010-01-16 18:28 - 00374944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-25 20:52 - 2015-08-25 20:52 - 0002314 _____ () C:\Program Files\INSTALL.LOG
2010-11-13 18:16 - 2010-11-13 18:16 - 0000604 ____H () C:\Program Files\STFT Notifier
2015-11-24 10:12 - 2016-03-18 08:21 - 0000040 _____ () C:\Users\Ernst\AppData\Roaming\cdr.ini
2014-05-08 14:45 - 2014-05-08 14:45 - 0000000 _____ () C:\Users\Ernst\AppData\Roaming\gdfw.log
2014-05-08 14:45 - 2015-05-28 20:48 - 0003313 _____ () C:\Users\Ernst\AppData\Roaming\gdscan.log
2010-01-16 20:02 - 2010-01-15 23:42 - 4302944 _____ () C:\Users\Ernst\AppData\Roaming\IMAG0023.AVI
2014-05-14 21:54 - 2014-05-14 22:06 - 0028268 _____ () C:\Users\Ernst\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2014-12-07 12:01 - 2014-12-07 12:03 - 0583820 _____ () C:\Users\Ernst\AppData\Roaming\Scorch_Install.log
2016-01-17 18:01 - 2016-03-07 17:53 - 0021504 _____ () C:\Users\Ernst\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-03-08 23:21 - 2010-03-08 23:31 - 0282624 _____ () C:\Users\Ernst\AppData\Local\filesync.metadata
2015-11-26 18:03 - 2016-02-23 23:06 - 0000600 _____ () C:\Users\Ernst\AppData\Local\PUTTY.RND
2016-05-13 17:03 - 2016-05-13 17:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2010-02-09 14:39 - 2016-05-20 14:26 - 0000024 _____ () C:\ProgramData\__FileUploader.log

Einige Dateien in TEMP:
====================
C:\Users\Ernst\AppData\Local\Temp\avgnt.exe
C:\Users\Ernst\AppData\Local\Temp\GLB1A2B.EXE
C:\Users\Ernst\AppData\Local\Temp\gluninstall.exe
C:\Users\Ernst\AppData\Local\Temp\WdfCoInstaller01007.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-13 17:01

==================== Ende vom FRST.txt ============================

Erlu · 21.05.2016, 19:06

Hier noch ADD TXT

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:21-05-2016
durchgeführt von Ernst (2016-05-21 18:48:47)
Gestartet von C:\Users\Ernst\Downloads
Microsoft Windows 10 Home Version 1511 (X86) (2016-05-13 15:47:55)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3539214255-4280287789-3925056074-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3539214255-4280287789-3925056074-503 - Limited - Disabled)
Ernst (S-1-5-21-3539214255-4280287789-3925056074-1000 - Administrator - Enabled) => C:\Users\Ernst
Gast (S-1-5-21-3539214255-4280287789-3925056074-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-3539214255-4280287789-3925056074-1053 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

AceBackup 3 (HKLM\...\{87B60A11-AA9E-43FE-A68F-B3C4F80F7D2F}) (Version: 3.0.2 - AceBIT)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
AmazingMIDI (HKLM\...\AmazingMIDI) (Version:  - )
Apple Application Support (32-Bit) (HKLM\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Audials (HKLM\...\{356DC986-755B-471C-83C7-49BD0CB1614F}) (Version: 11.0.55900.0 - Audials AG)
Audials (HKLM\...\{69626CD9-18D4-4DA7-BB50-D452A93B3D68}) (Version: 12.0.54100.0 - Audials AG)
AudibleManager (HKLM\...\AudibleManager) (Version: 2012306720.48.56.25365738 - Audible, Inc.)
AviSynth 2.5 (HKLM\...\AviSynth) (Version:  - )
AVM FRITZ!fax für FRITZ!Box (HKLM\...\FRITZ! 2.0) (Version:  - AVM Berlin)
Biet-O-Matic v2.14.8 (HKLM\...\Biet-O-Matic v2.14.8) (Version: 2.14.8 - BOM Development Team)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon iP7200 series Benutzerregistrierung (HKLM\...\Canon iP7200 series Benutzerregistrierung) (Version:  - Canon Inc.‎)
Canon iP7200 series On-screen Manual (HKLM\...\Canon iP7200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version:  - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon ScanGear Starter (HKLM\...\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}) (Version:  - )
CanoScan Toolbox Ver4.9 (HKLM\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
CD-LabelPrint (HKLM\...\MediaNavigation.CDLabelPrint) (Version:  - )
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\CopyTrans Suite) (Version: 4.008 - WindSolutions)
CyberLink PhotoDirector 5 (HKLM\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5724.0 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DMPmanager (HKLM\...\DMPmanager) (Version:  - )
Dropbox (HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\Dropbox) (Version: 3.20.1 - Dropbox, Inc.)
DVR-Capture 1.03.1 (HKLM\...\DVR-Capture) (Version: 1.03.1 - Haenien-Software)
eHealth500 Terminal (HKLM\...\{0DAB42A7-C726-4E23-B5B9-1D774B96FC2D}) (Version: 1.07 - SCM Microsystems)
EURACOM_4D03 (HKLM\...\EURACOM_4D03) (Version:  - )
Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free CD to MP3 Converter (HKLM\...\Free CD to MP3 Converter) (Version:  - Eusing Software)
FreePDF (Remove only) (HKLM\...\FreePDF_XP) (Version:  - )
FRITZ!Box-Fernzugang einrichten (HKLM\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
GPL Ghostscript 8.56 (HKLM\...\GPL Ghostscript 8.56) (Version:  - )
GPL Ghostscript 9.00 (HKLM\...\GPL Ghostscript 9.00) (Version:  - )
GPL Ghostscript Fonts (HKLM\...\GPL Ghostscript Fonts) (Version:  - )
iCloud (HKLM\...\{9A07AB4F-6B53-43E9-B7FC-7892E8C26BE3}) (Version: 4.1.1.53 - Apple Inc.)
iTunes (HKLM\...\{2C741651-87E0-4479-9703-6DD0D7988B84}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java SE Development Kit 8 Update 40 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180400}) (Version: 8.0.400.25 - Oracle Corporation)
LightScribe System Software  1.12.29.2 (HKLM\...\{CF8C077A-B467-4C43-8DB5-3A9B94FF9681}) (Version: 1.12.29.2 - hxxp://www.lightscribe.com)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Player Utilities 4.46 (HKLM\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.46 -  )
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 (x86) (HKLM\...\{A8BD5A60-E843-46DC-8271-ABF20756BE0F}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 (x86) (HKLM\...\{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MobileMe Control Panel (HKLM\...\{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}) (Version: 3.1.8.0 - Apple Inc.)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0.3 (x86 de) (HKLM\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0.0.5941 - Mozilla)
Mozilla Thunderbird 45.0 (x86 de) (HKLM\...\Mozilla Thunderbird 45.0 (x86 de)) (Version: 45.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyVoice (HKLM\...\MyVoice) (Version:  - )
Nero 7 Essentials (HKLM\...\{7BAA9BA8-0761-42EF-842A-23FAA5321031}) (Version: 7.03.0976 - Nero AG)
Neuratron AudioScore Lite (HKLM\...\Neuratron AudioScore Lite) (Version: 6.5.0 - Neuratron Limited)
Neuratron PhotoScore Lite (HKLM\...\Neuratron PhotoScore Lite) (Version: 6.0.0 - Neuratron Limited)
Notepad++ (HKLM\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.95 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.95 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
PDF Editor 3 (HKLM\...\PDF Editor 3) (Version:  - )
PDFtoMusic (HKLM\...\PDFtoMusic) (Version: 1.5.1 - Myriad SARL)
PicPick (HKLM\...\PicPick) (Version: 4.1.2 - NGWIN)
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
proDAD Heroglyph 2.5 (HKLM\...\proDAD-Heroglyph-2.5) (Version:  - )
Python 2.7.11 (HKLM\...\{16E52445-1392-469F-9ADB-FC03AF00CD61}) (Version: 2.7.11150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Samsung Printer Live Update (HKLM\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Universal Print Driver 2 (HKLM\...\Samsung Universal Print Driver 2) (Version: 2.50.06.00 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Sibelius Scorch (all browsers) (HKLM\...\{F533A90F-4E9E-4A17-A085-BD285B6AA57A}) (Version: 6.1.0 - Sibelius Software)
Sibelius Scorch (Firefox, Opera, Netscape only) (HKLM\...\{10ABE49D-343A-463E-9753-C4C5A05ECEF9}) (Version: 6.2.0 - Sibelius Software)
Sibelius Scorch (Firefox, Opera, Netscape, Chrome only) (HKLM\...\{41626CC0-A854-4402-AD06-D7939515C282}) (Version: 6.2.0 - Sibelius Software, a division of Avid Technology, Inc.)
SmartCutter Ps/Ts 20091004 (HKLM\...\SmartCutter Ps/Ts 20091004) (Version:  - )
Studio 11 (HKLM\...\{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}) (Version: 11.0 - Pinnacle Systems)
Studio 11 (Version: 11.0.0.0 - Pinnacle Systems) Hidden
supra IPCam (HKLM\...\{5445DD57-C988-4CB3-B6BA-62DEBA3C6022}) (Version: 1.8.9.0 - SUPRA Foto-Elektronik-Vertriebs-GmbH)
supra IPCam (HKLM\...\{B0024EE6-6018-4FD6-BC5C-DFE6F0375A95}) (Version: 1.8.4.0 - SUPRA Foto-Elektronik-Vertriebs-GmbH)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TomTom MyDrive Connect 4.1.0.2658 (HKLM\...\MyDriveConnect) (Version: 4.1.0.2658 - TomTom)
T-Online 6.0 (HKLM\...\{B1275E23-717A-4D52-997A-1AD1E24BC7F3}) (Version:  - )
T-Online WLAN-Access Finder (HKLM\...\{295C31E5-3F91-498E-9623-DA24D2FA2B6A}) (Version:  - )
vanBasco's Karaoke Player (HKLM\...\VMidi) (Version:  - )
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows 7 Codec Pack 2.7.0 (HKLM\...\Windows 7 - Codec Pack) (Version:  - Windows 7 Codec Pack)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 5.00 beta 8 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.8 - win.rar GmbH)
Yahoo! Desktop Login (Version: 1.00.0001 - Pinnacle Systems) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Ernst\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Ernst\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Ernst\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Ernst\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Ernst\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Ernst\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Ernst\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {023906BC-AEEF-441F-898C-43761BEEF8F0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {0515BA55-C49E-414F-84EE-A94C9F60807D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {05D0B430-8919-4D8C-BACE-FA93B822E90D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {090D57C8-2E29-45F1-B8D9-E9D02EACB051} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3539214255-4280287789-3925056074-1000Core => C:\Users\Ernst\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-20] (Dropbox, Inc.)
Task: {0A128531-EE1D-42A4-A022-79616D2C52C2} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B084D1E-084B-420E-AB33-F0633022854B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2BD9FF3F-4C40-4C34-82D7-787446A25BD5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {2DF517D2-53E0-4F8C-9464-0FF440DB1D1A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {336000B2-9734-4FD8-860E-9D357EE06442} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {35BB9F07-4A94-41F4-BF83-50070B447266} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3539214255-4280287789-3925056074-1000UA => C:\Users\Ernst\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-20] (Dropbox, Inc.)
Task: {39144606-BA14-4EA4-8B0D-D5DE5D07F99B} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2016-04-01] (Oracle Corporation)
Task: {3B6D79DC-5B48-4BCF-A7A4-F9FBB30A6768} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {428481EC-AACB-4A8B-BA6F-BC72FD6CBE63} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {446E7459-B64D-4D49-A44E-B44B1C0EE929} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4A91C826-0623-47AD-98DB-75AE734C13BE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {4CACA859-6530-4A7D-95CF-2FF34112CD7B} - System32\Tasks\{C4550220-FBAF-421B-BC1A-384FD99EA6E4} => C:\Program Files\IPE\MyVoice\MyVoice.exe [2010-03-14] (Copyright© 2002-2003 International Print Edition M.Vachal)
Task: {50DDD3A0-ED96-4A68-ACCE-D8D73F384CB3} - System32\Tasks\{5EF930E6-E5DC-45BC-8529-00E0E2333E37} => C:\Program Files\IPE\MyVoice\MyVoice.exe [2010-03-14] (Copyright© 2002-2003 International Print Edition M.Vachal)
Task: {51B4E504-D709-4909-91E7-8BD87E866E93} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {5E39F726-015B-479E-A185-C6D72E91E905} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {6E1B0DDD-FD99-46E0-8614-F2FB222CBE8B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {7184CE8D-AC2F-4BDF-8160-21D9EBD4BEFB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {745E2502-2BB6-4C3C-9BA1-7A149D58F2F7} - System32\Tasks\{C800BC0C-157D-4E75-83B8-C6BF1EE32352} => pcalua.exe -a C:\Users\Ernst\Downloads\paipw(3).exe -d C:\Users\Ernst\Downloads
Task: {749C8215-BCC0-49C7-8B03-7F4663C069CE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {74C66E2A-3F40-4078-A5BC-0A4914C2C024} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {76A4C466-5365-4F01-839E-AB25B2C603AD} - System32\Tasks\{A63B9182-3EEB-406E-A139-EE54FAD4F760} => pcalua.exe -a C:\Windows\NVUnInst\Setup.exe
Task: {7714CCB4-6054-46D3-957A-BC9BB2B53ABB} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7D3252B5-11CE-41D4-A311-28BDF18A86E3} - System32\Tasks\AbelssoftPreloader => C:\Program Files\WashAndGo\AbelssoftPreloader.exe [2015-03-06] (Microsoft)
Task: {7D5A7569-B079-4154-A90A-831DBCE7C721} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {7D73684C-E540-47D2-A5C9-092E2D6F8DCE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {898B7B90-5FD3-40B3-97F5-485524125467} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8A3AEB44-3CDB-4FDD-918C-1EC5F4741980} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {8AE32741-6070-454F-AF87-B224025DC0F1} - System32\Tasks\{C0989A87-AB97-47AF-966C-9389E1B3B971} => pcalua.exe -a C:\Users\Ernst\Downloads\vkaraoke(2).exe -d C:\Users\Ernst\Downloads
Task: {925794A6-364B-4ACC-808E-2C597D4639D8} - System32\Tasks\{2C2740A6-6145-41B2-A146-2C5CE2339E51} => pcalua.exe -a D:\NeroExpress\setupx.exe -d D:\NeroExpress
Task: {94996A26-EF6C-4A4D-A378-D47E41B31176} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {997CB033-875B-41DF-9FBF-3E33F7416E49} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A4F5E3FE-E064-41D7-BDEC-9BD131B5B1F3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A6DF0290-7F7A-4CD2-BDC3-31596D0DCDF3} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {AAA52C27-D57E-4669-98EF-07C13E5C181C} - System32\Tasks\{D74FDF6A-0D09-44B9-AAA7-A13DDE9F0B1A} => pcalua.exe -a "C:\Program Files\AviSynth 2.5\Uninstall.exe"
Task: {AB49E7D5-8801-4C01-A4DF-D6E156563236} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd)
Task: {B17A5500-FE15-4B69-BAE2-ED2874BEDD8A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {B58BD9F5-6E25-4AC7-82FA-E0C34453C6A3} - System32\Tasks\{00F428A2-13E7-4E9B-BD2E-748E56309617} => pcalua.exe -a C:\Users\Ernst\Downloads\paipw(2).exe -d C:\Users\Ernst\Downloads
Task: {BEB1B996-A9CD-4214-81FA-D0A859390347} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {C0742AFE-5D16-4AE3-8460-6F4F30E94459} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C14E3E27-7B98-4B69-B7D2-62D9EAAB7872} - System32\Tasks\Apple Diagnostics => C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe [2015-04-26] (Apple Inc.)
Task: {C5464B2E-0D04-48C6-B549-5A65E423B99A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {D05CF396-F783-409B-AAA8-4A3EF331EAB0} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D1931DC3-38C1-48F0-A73B-F244C17443BA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {D5014204-B853-4EDE-AB46-E16C16F71102} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {DE46C009-E409-487E-832C-4C27FC8C5634} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E48F9F01-ECF5-4FF5-8948-986DADF871CF} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EF030D2C-3C6A-425B-82E7-27C25345B1C4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F2997EF2-D257-4B52-919A-40BDF096D15C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {F596A9DE-8B4E-43F9-B6E9-CBD07B550759} - System32\Tasks\{B3BFF757-8659-4205-915B-FFFD4049EC0C} => C:\Program Files\IPE\MyVoice\MyVoice.exe [2010-03-14] (Copyright© 2002-2003 International Print Edition M.Vachal)
Task: {F5A5EC96-C33F-4061-82AF-2AE28A070F5D} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {F5C79687-FED6-4358-80DD-EB35B30F07E1} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {FFF0F916-CFB6-4E1A-A117-F3200F1539F1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\AbelssoftPreloader.job => C:\Program Files\WashAndGo\AbelssoftPreloader.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3539214255-4280287789-3925056074-1000Core.job => C:\Users\Ernst\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3539214255-4280287789-3925056074-1000UA.job => C:\Users\Ernst\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 07:44 - 2015-10-30 07:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-05-13 17:04 - 2016-01-29 12:14 - 00121792 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2010-09-18 10:13 - 2005-01-06 18:33 - 00116224 _____ () C:\WINDOWS\System32\redmonnt.dll
2013-06-28 14:12 - 2013-06-28 13:12 - 00024064 _____ () C:\WINDOWS\System32\ssj1mlm.dll
2015-10-18 15:55 - 2014-04-16 10:22 - 00025600 _____ () C:\WINDOWS\System32\usp02l.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 00073512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-06 18:27 - 2015-01-12 15:55 - 00223600 _____ () C:\Program Files\Ashampoo\Ashampoo WinOptimizer 11\LiveTunerService.exe
2014-09-15 15:57 - 2016-04-25 16:41 - 00378728 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\stat.dll
2014-09-15 15:57 - 2016-04-25 16:53 - 00110952 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\zlib1.dll
2014-09-15 15:57 - 2016-04-25 16:40 - 00343400 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\collector.dll
2014-09-15 15:57 - 2016-04-25 16:40 - 00104296 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2014-09-15 15:57 - 2016-04-25 16:40 - 00044392 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2014-09-15 15:57 - 2016-04-25 16:40 - 00020328 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-10-18 15:57 - 2014-11-26 13:07 - 00118576 _____ () C:\WINDOWS\system32\SecUPDUtilSvc.exe
2016-05-14 10:06 - 2016-03-29 11:37 - 01862008 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-30 07:45 - 2015-10-30 07:45 - 00164224 _____ () c:\windows\system32\WerEtw.dll
2016-04-15 20:07 - 2016-04-15 20:07 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-05-14 10:06 - 2016-03-29 11:37 - 01862008 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-02-13 13:59 - 2016-02-13 13:59 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-14 10:06 - 2016-04-23 06:20 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-14 10:05 - 2016-04-23 06:05 - 05340672 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-14 10:05 - 2016-04-23 05:58 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-14 10:06 - 2016-04-23 05:58 - 02366976 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-14 10:07 - 2016-04-23 06:01 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7668 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:04 - 2015-03-16 20:19 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^Users^Ernst^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: DVAPTray => C:\Windows\System32\DVAPTray.exe
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
MSCONFIG\startupreg: eTMonitor => "C:\Program Files\Aladdin\eToken\PKIClient\x32\PKIMonitor.exe"
MSCONFIG\startupreg: FreePDF Assistant => C:\Program Files\FreePDF_XP\fpassist.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\StartupApproved\StartupFolder: => "PHOTOfunSTUDIO 6.3 HD Lite Edition.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Microsoft Office.lnk"
HKLM\...\StartupApproved\Run: => "Ashampoo WinOptimizer Live-Tuner2"
HKLM\...\StartupApproved\Run: => "G Data ASM"
HKLM\...\StartupApproved\Run: => "GDFirewallTray"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run: => "PDFPrint"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\StartupApproved\Run: => "iFunBox Fast App Install Handler"
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\StartupApproved\Run: => "PicPick Start"
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\StartupApproved\Run: => "MyDriveConnect.exe"

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{0DDE0ADD-AEA2-4E64-BB4F-7DE638A91F1D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{E6DD662F-B505-4D5B-A8DE-468A2C4F3604}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{03559A2E-75EC-4C7F-BA43-3F6D20A09699}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FC472B0C-B6DA-4663-A6B2-BDE1F7BEF309}] => (Allow) C:\Program Files\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe
FirewallRules: [{3E1F6801-CB4F-43DC-89DC-9237D8C2A40C}] => (Allow) D:\fsetup.exe
FirewallRules: [{68800411-AEFC-406C-8383-CAB1BF12EE47}] => (Allow) D:\fsetup.exe
FirewallRules: [{C369B193-7561-4E3D-A91A-A102A443E3F3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{71E96D00-086F-4108-B9C1-AEC32937B768}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{549278F8-520B-44BA-AE7D-A075BBDE3124}] => (Allow) E:\Program Files\Audials\Audials 12\Audials.exe
FirewallRules: [{19BF172D-96E2-47BE-857A-CBE20DA7C973}] => (Allow) LPort=31931
FirewallRules: [{4889EE94-DC1C-4CB7-BA86-9CCCA305620A}] => (Allow) LPort=14714
FirewallRules: [{41F1E003-9E44-4C4A-B7A3-E19923E0C2BF}] => (Allow) LPort=12972
FirewallRules: [{1707B53F-8F99-47FD-8B34-F0CB1BDFACC4}] => (Allow) C:\Program Files\Audials\Audials 11\Audials.exe
FirewallRules: [{910A795A-66A4-4936-ABB4-BABB5F39CFF4}] => (Allow) LPort=1900
FirewallRules: [{75020967-E3C2-400D-B55C-A979DEB023DA}] => (Allow) LPort=2869
FirewallRules: [{38524A6E-CB30-4E3F-97A5-97EC38210625}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{9D00BBFB-06CB-43E6-8A68-1878BE8F65D4}C:\program files\fritz!\frifax32.exe] => (Allow) C:\program files\fritz!\frifax32.exe
FirewallRules: [TCP Query User{999AA3E9-4650-4048-B834-BA3D6BA2026B}C:\program files\fritz!\frifax32.exe] => (Allow) C:\program files\fritz!\frifax32.exe
FirewallRules: [{D4596064-8C94-417C-B780-602DE01C1950}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [UDP Query User{90A3A3E7-C2AB-4C82-9618-65004CEBDD67}C:\users\ernst\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ernst\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{4BDE8623-0300-40FA-B3AA-413AC168E6A8}C:\users\ernst\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ernst\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{1546608D-C02D-40DF-BE58-93992E1A9FD1}] => (Allow) C:\Users\Ernst\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{629D9513-6A11-4DF3-94CA-433646DD7BBD}] => (Allow) C:\Users\Ernst\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FEE88298-8934-4F6F-9371-4F9E041E7E6F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0B6906FE-5419-49B8-B9A3-A1C7AC63D029}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{050AD8A8-AA77-4854-B6A9-59CA0D3CDF80}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [TCP Query User{A739ABBB-6D20-4826-B9D9-71852D4D700F}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{F9615484-6C67-4118-85B8-4822CA68188F}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{76C651F8-7BF6-41F5-9560-B6203638682A}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{BE8ECD78-D56C-43E4-880C-0FC07E4A9550}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{31D71CF0-E360-4ABB-991E-E4476581AA56}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{E89BB41A-91F1-4DC1-99C6-FC45700A2354}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{A645B862-99F9-4C83-B905-5CF25A527765}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [UDP Query User{2C61D6CB-4099-4478-AA11-9168ABFC37EB}C:\windows\system32\wfs.exe] => (Block) C:\windows\system32\wfs.exe
FirewallRules: [TCP Query User{A2F1005A-C687-4B70-B0EF-2291A68D48B5}C:\windows\system32\wfs.exe] => (Block) C:\windows\system32\wfs.exe
FirewallRules: [UDP Query User{849D6DB9-29DD-4457-B37F-BF026A417E86}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{D2318EC5-6B3B-44DA-BB1D-28C4849691B0}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{A56C8C6A-6308-4C6E-8D5C-8B52EE124DF7}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe
FirewallRules: [TCP Query User{15975A09-6F7A-4A0A-B89C-4AAD45C384A3}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe
FirewallRules: [UDP Query User{DD5126E1-B430-48F2-96AB-D114037F8B3E}C:\program files\nero\nero 7\nero home\nerohome.exe] => (Block) C:\program files\nero\nero 7\nero home\nerohome.exe
FirewallRules: [TCP Query User{C0BE8010-5EB3-424D-95AD-8ACC77393CA4}C:\program files\nero\nero 7\nero home\nerohome.exe] => (Block) C:\program files\nero\nero 7\nero home\nerohome.exe
FirewallRules: [{36C3DB1E-79FD-4DA6-B123-FB6616BFE3C6}] => (Allow) D:\NeroExpress\Installation\SetupX.exe
FirewallRules: [{FBE64AD7-26C2-42E4-9C3C-971BBFF9786C}] => (Allow) D:\NeroExpress\Installation\SetupX.exe
FirewallRules: [UDP Query User{B86DF262-35FB-4223-8479-F27B66C54127}C:\program files\ws_ftp\ws_ftp95.exe] => (Block) C:\program files\ws_ftp\ws_ftp95.exe
FirewallRules: [TCP Query User{080F6A03-99D3-4663-B963-880584C950DD}C:\program files\ws_ftp\ws_ftp95.exe] => (Block) C:\program files\ws_ftp\ws_ftp95.exe
FirewallRules: [{60C8D496-7AAF-4BCA-B415-5EEBC71F9A5A}] => (Allow) E:\Program Files\Pinnacle\Studio 11\programs\umi.exe
FirewallRules: [{7FCB8A21-A319-4E41-8A24-4DBC8CC1C6B6}] => (Allow) E:\Program Files\Pinnacle\Studio 11\programs\umi.exe
FirewallRules: [{6E822718-0DF3-4F1E-B617-712747A436F8}] => (Allow) E:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe
FirewallRules: [{27E09C16-924D-4370-8A6D-EFAC87B56C45}] => (Allow) E:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe
FirewallRules: [{A35C937C-C653-407E-A154-B001FE6ECD65}] => (Allow) E:\Program Files\Pinnacle\Studio 11\programs\Studio.exe
FirewallRules: [{E4611160-CD3E-4B61-BDA5-5F9071CE8551}] => (Allow) E:\Program Files\Pinnacle\Studio 11\programs\Studio.exe
FirewallRules: [{BC60A0D5-B6A9-4A76-B728-1299EA3BE491}] => (Allow) E:\Program Files\Pinnacle\Studio 11\programs\RM.exe
FirewallRules: [{2A7E9954-701E-48E4-B0C6-BA4C424FA9C1}] => (Allow) E:\Program Files\Pinnacle\Studio 11\programs\RM.exe
FirewallRules: [{8B827819-153B-4CBA-967C-FE6BD54C3565}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{3DADF51D-5E1D-4044-996D-0EE419711A26}] => (Allow) C:\Users\Ernst\AppData\Local\Temp\7zS006E\hppiw.exe
FirewallRules: [{44C35D45-BC6E-45AF-B1B9-1C4F94290266}] => (Allow) C:\Users\Ernst\AppData\Local\Temp\7zS006E\hppiw.exe
FirewallRules: [{DCDA7746-D702-4B90-ADBE-F2137DAE7479}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B2683BB3-898B-4ECF-832B-6D6C77721030}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B8C53DF3-5B5E-402C-9B91-20DADAD63E2A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F5B508A6-C12A-4E2E-B224-61B798152783}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{3E87A09B-F8D8-4322-B0E3-1A17C73C5224}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{84941DA4-1738-43F5-B74B-0B16B084C6BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Wiederherstellungspunkte =========================

17-05-2016 19:42:05 Entfernt AceBackup 3
17-05-2016 19:58:45 Cortana weg
18-05-2016 10:54:32 Windows-Sicherung
19-05-2016 09:39:01 !):%:NACH eNTFERNUNG ZUSÄTZLICHER dvd pROGRAMME
20-05-2016 14:27:05 Plex Media Server
21-05-2016 18:34:43 Plex Media Server

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/21/2016 06:50:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.10586.306, Zeitstempel: 0x571af5c4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x2fb8
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (05/21/2016 06:49:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.10586.306, Zeitstempel: 0x571af5c4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x2f4c
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (05/21/2016 06:48:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.10586.306, Zeitstempel: 0x571af5c4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1f54
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (05/21/2016 06:47:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.10586.306, Zeitstempel: 0x571af5c4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x2ae8
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (05/21/2016 06:46:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.10586.306, Zeitstempel: 0x571af5c4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x12d0
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (05/21/2016 06:44:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.10586.306, Zeitstempel: 0x571af5c4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x2f98
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (05/21/2016 06:43:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.10586.306, Zeitstempel: 0x571af5c4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x2858
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (05/21/2016 06:42:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.10586.306, Zeitstempel: 0x571af5c4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1f20
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (05/21/2016 06:41:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.10586.306, Zeitstempel: 0x571af5c4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x2264
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (05/21/2016 06:40:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.10586.306, Zeitstempel: 0x571af5c4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1ab0
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5


Systemfehler:
=============
Error: (05/21/2016 06:17:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (05/21/2016 06:16:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "StateRepository-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/21/2016 06:16:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_5c906" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/21/2016 09:28:04 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: ELINEU)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \S-1-5-21-3539214255-4280287789-3925056074-1000-0-ntuser.dat

Error: (05/21/2016 09:27:49 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: ELINEU)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \S-1-5-21-3539214255-4280287789-3925056074-1000-0-ntuser.dat

Error: (05/21/2016 09:13:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (05/21/2016 09:08:18 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_5dfcc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/21/2016 09:02:14 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (05/21/2016 09:02:10 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎20.‎05.‎2016 um 18:00:27 unerwartet heruntergefahren.

Error: (05/20/2016 06:00:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058


CodeIntegrity:
===================================
  Date: 2016-05-20 18:05:46.451
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-20 15:19:37.724
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\Office10\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-20 15:19:37.710
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\Office10\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-20 15:19:37.693
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\Office10\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-19 04:57:17.252
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\Office10\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-19 04:57:17.238
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\Office10\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-19 04:57:17.187
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\Office10\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-19 04:57:17.164
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\Office10\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-19 04:55:20.196
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\Office10\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-19 04:55:20.183
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Office\Office10\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: AMD Phenom(tm) 8650 Triple-Core Processor
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 3583.55 MB
Verfügbarer physikalischer RAM: 2048.46 MB
Summe virtueller Speicher: 12667.55 MB
Verfügbarer virtueller Speicher: 11091.69 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:195.68 GB) (Free:33.12 GB) NTFS
Drive e: (Platte E) (Fixed) (Total:269.54 GB) (Free:143.98 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C4BE7463)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)
Partition 4: (Not Active) - (Size=269.5 GB) - (Type=05)

==================== Ende vom Addition.txt ============================

deeprybka · 29.05.2016, 19:12

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Download und Anleitung
Starte Malwarebytes' Anti-Malware (MBAM).
Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass Deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Bitte starte FRST erneut, markiere auch die checkbox

und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Erlu · 30.05.2016, 13:20

Hallo,
ich habe ja schon vorigen Sonntag angefragt: da zwischenzeitlich gar nichts mehr ging (dauernder kompletter Bildabbruch) habe ich eine Imagedatei von WIN 10 aufgespielt: alles funktioniert dann zunächst wunderbar- aber nur eine gewisse Zeit- dann geht das Spielchen wieder los. Eben seit dem vorletzten Suchlauf ist es wieder da: Bildunterbrechungen, der CPU wird belastet (Lüfter läuft hoch) und auch der Arbeitsspeicher ist mit 50% belastet.
Hier die logs:

Code:

ATTFilter

# AdwCleaner v5.118 - Bericht erstellt am 30/05/2016 um 10:23:30
# Aktualisiert am 23/05/2016 von Xplode
# Datenbank : 2016-05-30.1 [Server]
# Betriebssystem : Windows 10 Home  (X86)
# Benutzername : Ernst - ELINEU
# Gestartet von : C:\Users\Ernst\Desktop\AdwCleaner_5.118.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\WINDOWS\system32\C2MP
[-] Ordner gelöscht : C:\Users\Ernst\AppData\Local\FileViewPro
[-] Ordner gelöscht : C:\Users\Ernst\AppData\Local\CrashRpt

***** [ Dateien ] *****

[-] Datei gelöscht : C:\Users\Ernst\AppData\LocalLow\Microsoft\Internet Explorer\Services\Search_ask.com.xml

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Applications\iLividSetupV1[1].exe
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\iMesh
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Schlüssel gelöscht : HKCU\Software\Browser
[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKCU\Software\WEBAPP
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3539214255-4280287789-3925056074-1000\Software\AskToolbar
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3539214255-4280287789-3925056074-1000\Software\AVG Secure Search
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3539214255-4280287789-3925056074-1000\Software\BabylonToolbar
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3539214255-4280287789-3925056074-1000\Software\SweetIM
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3539214255-4280287789-3925056074-1000\Software\WebConnect
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\059103D1F2AE2884A90A9464776548A2
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\059103D1F2AE2884A90A9464776548A2
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\059103D1F2AE2884A90A9464776548A2
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[-] Schlüssel gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Registry Helper Service

***** [ Internetbrowser ] *****

[-] [C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\prefs.js] gelöscht : user_pref("browser.search.param.yahoo-fr", "chr-greentree_ff&type=616163&ilc=12");
[-] [C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\prefs.js] gelöscht : user_pref("extensions.LVD-SAE.newTabSearchURL", "\"hxxp://dts.search.ask.com/sr?gct=hp&o=APN10644A&sysid=533&qrsc=2871&l=dis&sver=3&t_type=0&dateOfInstall=2015-07-15&d=533-784-0&v=8.5-902-0&apn_ptnrs=[...]
[-] [C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\prefs.js] gelöscht : user_pref("extensions.LVD-SAE.searchURL", "\"hxxp://dts.search.ask.com/sr?gct=ds&o=APN10644&sysid=533&qrsc=2871&l=dis&sver=3&t_type=0&dateOfInstall=2015-07-15&d=533-784-0&v=8.5-902-0&apn_ptnrs=%5EAG5\[...]
[-] [C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\prefs.js] gelöscht : user_pref("extensions.saeListDS", "[\"Ask Search\",\"LVD-SAE@iacsearchandmedia.com\"]");
[-] [C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\prefs.js] gelöscht : user_pref("network.hxxp.request.max-start-delay", 0);
[-] [C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] gelöscht : isearch.avg.com

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [6108 Bytes] - [30/05/2016 10:23:30]
C:\AdwCleaner\AdwCleaner[S1].txt - [6239 Bytes] - [30/05/2016 10:21:31]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6254 Bytes] ##########

Code:

ATTFilter

# AdwCleaner v5.118 - Bericht erstellt am 30/05/2016 um 10:21:31
# Aktualisiert am 23/05/2016 von Xplode
# Datenbank : 2016-05-30.1 [Server]
# Betriebssystem : Windows 10 Home  (X86)
# Benutzername : Ernst - ELINEU
# Gestartet von : C:\Users\Ernst\Desktop\AdwCleaner_5.118.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

Ordner gefunden : C:\WINDOWS\system32\C2MP
Ordner gefunden : C:\Users\Ernst\AppData\Local\FileViewPro
Ordner gefunden : C:\Users\Ernst\AppData\Local\CrashRpt

***** [ Dateien ] *****

Datei gefunden : C:\Users\Ernst\AppData\LocalLow\Microsoft\Internet Explorer\Services\Search_ask.com.xml

***** [ DLL ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel gefunden : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\Applications\iLividSetupV1[1].exe
Schlüssel gefunden : HKLM\SOFTWARE\Classes\iMesh
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Schlüssel gefunden : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Schlüssel gefunden : HKCU\Software\Browser
Schlüssel gefunden : HKCU\Software\OCS
Schlüssel gefunden : HKCU\Software\WEBAPP
Schlüssel gefunden : HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\Software\Browser
Schlüssel gefunden : HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\Software\OCS
Schlüssel gefunden : HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\Software\WEBAPP
Schlüssel gefunden : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3539214255-4280287789-3925056074-1000\Software\AskToolbar
Schlüssel gefunden : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3539214255-4280287789-3925056074-1000\Software\AVG Secure Search
Schlüssel gefunden : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3539214255-4280287789-3925056074-1000\Software\BabylonToolbar
Schlüssel gefunden : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3539214255-4280287789-3925056074-1000\Software\SweetIM
Schlüssel gefunden : HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-3539214255-4280287789-3925056074-1000\Software\WebConnect
Schlüssel gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\18C9E3869A16248439FE3FF9EB02207A
Schlüssel gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D8011310B2622942868A458964FFDC5
Schlüssel gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6C63F7979DCC2154CB9591969A5CB89D
Schlüssel gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6DD31E6C1A73B334383DF186676F4D20
Schlüssel gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB3204F747B20694B8D49EF92D8DC94B
Schlüssel gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C81E33A400B6F814E90C7A3354E2A3A5
Schlüssel gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EDBF68C5F16790341B7C6FD7C7F8E4FC
Schlüssel gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FFA531D0F3A71504DA7AC6A11CE33739
Schlüssel gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\059103D1F2AE2884A90A9464776548A2
Schlüssel gefunden : HKLM\SOFTWARE\Classes\Installer\Features\059103D1F2AE2884A90A9464776548A2
Schlüssel gefunden : HKLM\SOFTWARE\Classes\Installer\Products\059103D1F2AE2884A90A9464776548A2
Schlüssel gefunden : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Schlüssel gefunden : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Schlüssel gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\059103D1F2AE2884A90A9464776548A2
Schlüssel gefunden : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Registry Helper Service

***** [ Internetbrowser ] *****

[C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\prefs.js] gefunden : user_pref("browser.search.param.yahoo-fr", "chr-greentree_ff&type=616163&ilc=12");
[C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\prefs.js] gefunden : user_pref("extensions.LVD-SAE.newTabSearchURL", "\"hxxp://dts.search.ask.com/sr?gct=hp&o=APN10644A&sysid=533&qrsc=2871&l=dis&sver=3&t_type=0&dateOfInstall=2015-07-15&d=533-784-0&v=8.5-902-0&apn_ptnrs=[...]
[C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\prefs.js] gefunden : user_pref("extensions.LVD-SAE.searchURL", "\"hxxp://dts.search.ask.com/sr?gct=ds&o=APN10644&sysid=533&qrsc=2871&l=dis&sver=3&t_type=0&dateOfInstall=2015-07-15&d=533-784-0&v=8.5-902-0&apn_ptnrs=%5EAG5\[...]
[C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\prefs.js] gefunden : user_pref("extensions.saeListDS", "[\"Ask Search\",\"LVD-SAE@iacsearchandmedia.com\"]");
[C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\prefs.js] gefunden : user_pref("network.hxxp.request.max-start-delay", 0);
[C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] gefunden : isearch.avg.com

*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [6087 Bytes] - [30/05/2016 10:21:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6160 Bytes] ##########

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 30.05.2016
Suchlaufzeit: 10:31
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.05.30.04
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x86
Dateisystem: NTFS
Benutzer: Ernst

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 561473
Abgelaufene Zeit: 2 Std., 15 Min., 34 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 7
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\emailnotifier, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\MyStuffComponents, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\radio, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\radio\Skins, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\weather, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 

Dateien: 74
Trojan.Downloader, C:\Program Files\Digital Video Converter\download_codecs.exe, In Quarantäne, [46c66c7037622412c046a0f126db6997], 
PUP.Optional.InstallCore, C:\Users\Ernst\Downloads\FreeMP4VideoConverter_5.0.79.425.exe, In Quarantäne, [5eaeaa321e7b1125b89abe19ea177e82], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\appsMetaData.json, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\getAppsContextMenu.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\languagePack.json, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\LocalSettings.txt, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\postAppsContextMenu.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\searchInNewTabData.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\ServiceMap.json, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\ThirdPartyComponents.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\toolbarContextMenu.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\unsharedAppsContextMenu.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\UserAdditionalComponents.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\emailnotifier\acc, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_kleinezeitung_at_klon_rss_news _history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_kleinezeitung_at_klon_rss_news _structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_myvideo_de_feeds_myVideo-Top10-daily_rss _history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_myvideo_de_feeds_myVideo-Top10-daily_rss _structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_nzz_ch_feeds_recent__history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_nzz_ch_feeds_recent__structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_spiegel_de_schlagzeilen_index_rss _history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_spiegel_de_schlagzeilen_index_rss _structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_sport1_de_de_1_startseite_rss_xml _history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_sport1_de_de_1_startseite_rss_xml _structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_sport_ch_rss_ch_sportch_rss _history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___de_eurosport_yahoo_com_eurosport_tickerdb_sport_0_xml _structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___d_yimg_com_bw_rss_unterhaltung_xml _history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___d_yimg_com_bw_rss_unterhaltung_xml _structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___feeds2_feedburner_com_ConduitLinuxEs_history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___feeds2_feedburner_com_ConduitLinuxEs_structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___feeds2_feedburner_com_ConduitMacDe_history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___feeds2_feedburner_com_ConduitMacDe_structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___feeds2_feedburner_com_ConduitPalmDe_history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___feeds2_feedburner_com_ConduitPalmDe_structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___rss_gmx_net_de_feed_themen_unterhaltung_xml _history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___rss_gmx_net_de_feed_themen_unterhaltung_xml _structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___video_google_de_videofeed_type=top100new_num=20_output=rss _history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___video_google_de_videofeed_type=top100new_num=20_output=rss _structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_bild_de_BILD_rss-feeds_rss_bild-news_html_history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_bild_de_BILD_rss-feeds_rss_bild-news_html_structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_derwesten_de_nachrichten_nachrichten_rss_history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_derwesten_de_nachrichten_nachrichten_rss_structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_faz_net_s_Rub_Tpl~Epartner~SRss_~Ahomepageticker~E1_xml _history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___de_eurosport_yahoo_com_eurosport_tickerdb_sport_0_xml _history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___feeds2_feedburner_com_ConduitPhonesDe _history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___rss_feedsportal_com_c_728_f_9469_index_rss _structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_faz_net_s_Rub_Tpl~Epartner~SRss_~Ahomepageticker~E1_xml _structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_sport_ch_rss_ch_sportch_rss _structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_sueddeutsche_de_app_service_rss_topthemen_topthemen_xml _history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_sueddeutsche_de_app_service_rss_topthemen_topthemen_xml _structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_tagesanzeiger_ch_rss_html_history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_tagesanzeiger_ch_rss_html_structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_wort_lu_wort_web_letzebuerg_luxemburg_xml_history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___www_wort_lu_wort_web_letzebuerg_luxemburg_xml_structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___feeds2_feedburner_com_ConduitPhonesDe _structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___feeds2_feedburner_com_ConduitPocketDe_history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___feeds2_feedburner_com_ConduitPocketDe_structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___feeds2_feedburner_com_ConduitWindowsDe_history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___feeds2_feedburner_com_ConduitWindowsDe_structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___feeds2_feedburner_com_onsoftware_de_history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___feeds2_feedburner_com_onsoftware_de_structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___gdata_youtube_com_feeds_base_standardfeeds_DE_top_rated_client=ytapi-youtube-browse_alt=rss _history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___gdata_youtube_com_feeds_base_standardfeeds_DE_top_rated_client=ytapi-youtube-browse_alt=rss _structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___kurier_at_newsfeed_nachrichten_nachrichten_rss_xml_history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___kurier_at_newsfeed_nachrichten_nachrichten_rss_xml_structured.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\feed\http___rss_feedsportal_com_c_728_f_9469_index_rss _history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\MyStuffComponents\list.json, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\radio\IP_Media_List.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\radio\Predefined_Media_List.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\radio\Recent_Media_List.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\radio\User_Media_List.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\radio\Skins\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_display_xml.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\weather\forecast_de-de.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 
PUP.Optional.ConduitTB.Gen, C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\CT2431245\weather\history.xml, In Quarantäne, [0c008f4d84154aecc3872a84a35f06fa], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

[CODE]Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:29-05-2016 02
durchgeführt von Ernst (Administrator) auf ELINEU (30-05-2016 13:54:02)
Gestartet von C:\Users\Ernst\Desktop
Geladene Profile: Ernst & (Verfügbare Profile: Ernst & Administrator & Gast)
Platform: Microsoft Windows 10 Home Version 1511 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Windows\System32\SecUPDUtilSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files\Ashampoo\Ashampoo WinOptimizer 11\LiveTunerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Malwarebytes) C:\desktop\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes) C:\desktop\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\desktop\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.168_none_1a39dfbc6dff3448\TiWorker.exe
konnte nicht auf den Prozess zugreifen -> explorer.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2014-02-13] (Realtek Semiconductor)
HKLM\...\Run: [G Data ASM] => "C:\Program Files\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" /autostart
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner2.exe [3516784 2015-01-12] (Ashampoo Development GmbH & Co. KG)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [213536 2016-02-19] (Geek Software GmbH)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-12-17] (Apple Inc.)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [814608 2016-04-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2016-01-29] (NVIDIA Corporation)
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files\MyDrive Connect\TomTom MyDrive Connect.exe [2042144 2016-04-14] (TomTom)
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\Run: [iFunBox Fast App Install Handler] => C:\Program Files\i-Funbox DevTeam\iFunBox.exe [2370560 2015-04-12] (i-Funbox.com)
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\Run: [Dropbox Update] => C:\Users\Ernst\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-20] (Dropbox, Inc.)
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\Run: [PicPick Start] => C:\Program Files\PicPick\picpick.exe [19918280 2016-03-08] (NGWIN)
HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2289664 2008-01-24] (Hewlett-Packard Company)
HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [515072 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-3539214255-4280287789-3925056074-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2289664 2008-01-24] (Hewlett-Packard Company)
HKU\S-1-5-21-3539214255-4280287789-3925056074-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [515072 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4074160 2016-04-23] (Microsoft Corporation) <==== ACHTUNG
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2010-01-19]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 6.3 HD Lite Edition.lnk [2012-06-23]
ShortcutTarget: PHOTOfunSTUDIO 6.3 HD Lite Edition.lnk -> C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
Startup: C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-05-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1bc8b7b8-2b16-41eb-bd62-d23bb4a63b49}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{38771ef5-cbe7-406b-b95e-d17cade4807d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bf40525d-0b87-4751-a193-990f2fae70ce}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-3539214255-4280287789-3925056074-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> {1F096B29-E9DA-4D64-8D63-936BE7762CC5} URL =
SearchScopes: HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://isearch.avg.com/search?cid={4898A9FD-279F-4AB5-BEB3-8F714867861C}&mid=461c0000cd1847d0811bd16d5b47c42b-8f6a348b024ad0cebf393beeb48473624affdcb3&lang=de&ds=tt014&pr=sa&d=2012-07-31 14:21:09&v=12.2.5.32&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-14] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-14] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
Toolbar: HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - Keine Datei
Toolbar: HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default
FF SearchEngineOrder.2:
FF Homepage: hxxps://www.google.de/?gws_rd=ssl
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-14] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin: @Sibelius.com/Scorch Plugin,version=6.2.0.88 -> C:\Program Files\Sibelius Software\Scorch\npsibelius.dll [2013-03-11] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-3539214255-4280287789-3925056074-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPSibelius.dll [2010-04-08] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\PDFNetC.dll [2010-03-31] (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ScorchAxPlugin.dll [2010-04-08] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ScorchPDFWrapper.dll [2010-04-08] ()
FF SearchPlugin: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\searchplugins\englische-ergebnisse.xml [2012-08-12]
FF SearchPlugin: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\searchplugins\gmx-suche.xml [2012-08-12]
FF SearchPlugin: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\searchplugins\google-images.xml [2014-09-21]
FF SearchPlugin: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\searchplugins\google-maps.xml [2014-09-21]
FF SearchPlugin: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\searchplugins\lastminute.xml [2012-08-12]
FF SearchPlugin: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\searchplugins\webde-suche.xml [2012-08-12]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-11-16]

Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nphjeokkkbngjpiofnfpnafjeofjomfb] - C:\Users\Ernst\AppData\LocalLow\WOT\CHROME\WOT.crx [2012-01-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [970656 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1435704 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [276424 2016-05-04] (Avira Operations GmbH & Co. KG)
R2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-04-25] (Digital Wave Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2016-01-29] (NVIDIA Corporation)
R2 HPSLPSVC; C:\Users\Ernst\AppData\Local\Temp\7zS006E\hpslpsvc32.dll [701288 2015-09-21] (Hewlett-Packard Co.)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-01-24] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 MBAMScheduler; C:\desktop\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\desktop\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2016-01-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19775632 2016-01-29] (NVIDIA Corporation)
S2 PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [Datei ist nicht signiert]
R2 SamsungUPDUtilSvc; C:\WINDOWS\system32\SecUPDUtilSvc.exe [118576 2014-11-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)
R2 WO_LiveService2; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 11\LiveTunerService.exe [223600 2015-01-12] ()

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 AKSUP; C:\WINDOWS\system32\drivers\aksup.sys [34472 2008-07-29] (Aladdin Knowledge Systems, Ltd.)
S3 Apowersoft_AudioDevice; C:\WINDOWS\System32\drivers\Apowersoft_AudioDevice.sys [26032 2013-06-02] (Wondershare)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [104480 2016-04-04] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [27496 2012-09-04] (AVG Technologies)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [146152 2016-04-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44208 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [66872 2016-04-04] (Avira Operations GmbH & Co. KG)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2013-03-07] () [Datei ist nicht signiert]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2013-03-07] () [Datei ist nicht signiert]
S3 FTDIBUS; C:\WINDOWS\system32\drivers\ftdibus.sys [60104 2010-07-12] (FTDI Ltd.)
R2 LiveTuner2PM; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner32.sys [14088 2014-03-20] ()
R3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus.sys [171520 2007-01-04] (Pinnacle Systems GmbH)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2016-05-30] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2016-01-29] (NVIDIA Corporation)
S3 NvStUSB; C:\WINDOWS\System32\drivers\nvstusb.sys [444128 2015-11-19] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [32912 2016-01-29] (NVIDIA Corporation)
R1 RrNetCapFilterDriver; C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys [22184 2014-08-25] (Audials AG)
R1 ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [31848 2016-04-04] (Avira Operations GmbH & Co. KG)
R3 tbhsd; C:\WINDOWS\system32\drivers\tbhsd.sys [39048 2013-11-27] (RapidSolution Software AG)
R2 tifsfilter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [27648 2010-04-29] (Acronis) [Datei ist nicht signiert]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [44776 2016-03-29] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
S3 ZTEGsmDataCard; C:\WINDOWS\System32\drivers\zteusbgser.sys [104704 2009-04-09] (ZTE Corporation)
S3 ZTEusbvoice; C:\WINDOWS\System32\drivers\ZTEusbvoice.sys [105344 2009-04-09] (ZTE Incorporated)
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-30 13:54 - 2016-05-30 13:54 - 00023475 _____ C:\Users\Ernst\Desktop\FRST.txt
2016-05-30 13:53 - 2016-05-30 13:54 - 00000000 ____D C:\FRST
2016-05-30 13:52 - 2016-05-30 13:53 - 01734656 _____ (Farbar) C:\Users\Ernst\Desktop\FRST.exe
2016-05-30 13:51 - 2016-05-30 13:51 - 00018654 _____ C:\Users\Ernst\Desktop\mbam.txt
2016-05-30 10:30 - 2016-05-30 13:49 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-30 10:30 - 2016-05-30 10:30 - 00000898 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-05-30 10:30 - 2016-05-30 10:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-05-30 10:30 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-05-30 10:30 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-05-30 10:30 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-05-30 10:28 - 2016-05-30 10:29 - 22851472 _____ (Malwarebytes ) C:\Users\Ernst\Desktop\mbam-setup-2.2.1.1043.exe
2016-05-30 10:20 - 2016-05-30 10:23 - 00000000 ____D C:\AdwCleaner
2016-05-30 10:17 - 2016-05-30 10:18 - 03678272 _____ C:\Users\Ernst\Desktop\AdwCleaner_5.118.exe
2016-05-29 16:24 - 2016-05-29 16:24 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-05-15 11:41 - 2016-05-15 11:41 - 00000000 ____D C:\Users\Ernst\Documents\MeineBackups
2016-05-15 11:28 - 2016-05-15 11:31 - 126193224 _____ C:\Users\Ernst\Downloads\TrueImage2010_d_de.exe
2016-05-15 11:21 - 2016-05-15 11:21 - 00000000 ____D C:\ProgramData\Acronis
2016-05-15 11:18 - 2016-05-15 11:18 - 00911680 _____ (Acronis) C:\WINDOWS\system32\Drivers\tdrpm258.sys
2016-05-15 11:18 - 2016-05-15 11:18 - 00160288 ____N (Acronis) C:\WINDOWS\system32\Drivers\afcdp.sys
2016-05-14 20:51 - 2016-05-14 20:51 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-05-14 20:40 - 2016-05-14 20:40 - 00000000 ____D C:\Program Files\Microsoft ASP.NET
2016-05-14 18:02 - 2016-05-14 18:02 - 00000000 ____D C:\Cortanaentfernen
2016-05-14 18:00 - 2016-05-14 18:00 - 00020468 _____ C:\Users\Ernst\Downloads\Cortana_deinstallieren.zip
2016-05-14 13:46 - 2016-05-14 13:55 - 00000000 ____D C:\Users\Ernst\AppData\Local\NVIDIA Corporation
2016-05-14 13:43 - 2016-05-14 13:54 - 00000000 ____D C:\Users\Ernst\AppData\Local\NVIDIA
2016-05-14 13:28 - 2016-01-29 14:04 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge.dll
2016-05-14 13:28 - 2016-01-29 14:04 - 01278920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap.dll
2016-05-14 13:27 - 2016-05-14 13:27 - 00002190 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2016-05-14 13:27 - 2016-05-14 13:27 - 00000000 ____D C:\Program Files\AGEIA Technologies
2016-05-14 13:26 - 2016-01-29 10:45 - 00614848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvStreaming.exe
2016-05-14 13:25 - 2016-01-29 14:04 - 24207296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv32.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 15302712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 14497760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dum.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 11272240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 11209192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 03994560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 01060400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3234195.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 00917048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 00912248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3234195.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 00878648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 00032912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad32v.sys
2016-05-14 13:25 - 2016-01-29 14:04 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap32v.dll
2016-05-14 13:24 - 2016-05-14 13:24 - 00000000 ____D C:\NVIDIA
2016-05-14 13:20 - 2016-05-14 13:24 - 227389736 _____ (NVIDIA Corporation) C:\Users\Ernst\Downloads\341.95-desktop-win10-32bit-international.exe
2016-05-14 13:07 - 2016-05-14 13:07 - 00000000 ____D C:\Program Files\Common Files\Java
2016-05-14 13:05 - 2016-05-14 13:05 - 00738368 _____ (Oracle Corporation) C:\Users\Ernst\Downloads\JavaSetup8u91.exe
2016-05-14 11:45 - 2016-05-14 11:45 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-05-14 10:07 - 2016-04-30 08:46 - 02974720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-14 10:07 - 2016-04-23 07:28 - 05796704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-14 10:07 - 2016-04-23 07:28 - 01561392 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-14 10:07 - 2016-04-23 07:28 - 01541792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-14 10:07 - 2016-04-23 07:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-14 10:07 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-14 10:07 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-14 10:07 - 2016-04-23 07:01 - 01714520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-14 10:07 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-14 10:07 - 2016-04-23 06:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-14 10:07 - 2016-04-23 06:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-14 10:07 - 2016-04-23 06:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-14 10:07 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-14 10:07 - 2016-04-23 06:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-14 10:07 - 2016-04-23 06:13 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-14 10:07 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-14 10:07 - 2016-04-23 06:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-14 10:07 - 2016-04-23 06:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-14 10:07 - 2016-04-23 06:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-14 10:07 - 2016-04-23 06:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-14 10:07 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-14 10:07 - 2016-04-23 06:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-14 10:07 - 2016-04-23 06:03 - 01899520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-14 10:07 - 2016-04-02 05:20 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-05-14 10:07 - 2016-04-02 05:14 - 03197440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-05-14 10:07 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-05-14 10:07 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-05-14 10:07 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-05-14 10:07 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-05-14 10:07 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-05-14 10:07 - 2016-03-29 07:49 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-05-14 10:07 - 2016-02-24 10:50 - 02885680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-05-14 10:07 - 2016-02-24 07:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-05-14 10:07 - 2016-02-23 11:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-05-14 10:07 - 2016-02-23 11:37 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-05-14 10:07 - 2016-02-23 09:43 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-05-14 10:07 - 2016-02-23 09:42 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-05-14 10:07 - 2016-02-23 09:16 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-05-14 10:07 - 2016-02-23 08:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-05-14 10:06 - 2016-05-06 07:20 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-14 10:06 - 2016-05-06 06:23 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-14 10:06 - 2016-05-06 06:13 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-14 10:06 - 2016-05-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-14 10:06 - 2016-05-06 06:05 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-14 10:06 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-14 10:06 - 2016-05-06 05:49 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-14 10:06 - 2016-04-30 08:53 - 01152000 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-14 10:06 - 2016-04-23 08:06 - 01232576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-14 10:06 - 2016-04-23 08:06 - 00973504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-14 10:06 - 2016-04-23 08:06 - 00576192 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-14 10:06 - 2016-04-23 08:06 - 00440512 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-14 10:06 - 2016-04-23 08:06 - 00248512 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-14 10:06 - 2016-04-23 08:06 - 00149696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-14 10:06 - 2016-04-23 08:06 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-14 10:06 - 2016-04-23 08:06 - 00042688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-14 10:06 - 2016-04-23 07:28 - 00550240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-14 10:06 - 2016-04-23 07:28 - 00545432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-14 10:06 - 2016-04-23 07:28 - 00278368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-14 10:06 - 2016-04-23 07:28 - 00083808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-14 10:06 - 2016-04-23 07:26 - 00792328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-14 10:06 - 2016-04-23 07:21 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-14 10:06 - 2016-04-23 07:14 - 00310112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-14 10:06 - 2016-04-23 07:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-14 10:06 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-14 10:06 - 2016-04-23 07:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-14 10:06 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-14 10:06 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-14 10:06 - 2016-04-23 07:12 - 00104800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-14 10:06 - 2016-04-23 07:11 - 00259424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-14 10:06 - 2016-04-23 07:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-14 10:06 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-14 10:06 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-14 10:06 - 2016-04-23 07:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-14 10:06 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-14 10:06 - 2016-04-23 07:07 - 00192704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-14 10:06 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-14 10:06 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-14 10:06 - 2016-04-23 07:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-14 10:06 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-14 10:06 - 2016-04-23 07:01 - 00484704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-14 10:06 - 2016-04-23 07:01 - 00336224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-14 10:06 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-14 10:06 - 2016-04-23 07:00 - 01396584 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-14 10:06 - 2016-04-23 07:00 - 01273720 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-14 10:06 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-14 10:06 - 2016-04-23 07:00 - 00049504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-14 10:06 - 2016-04-23 06:55 - 00430432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-14 10:06 - 2016-04-23 06:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-14 10:06 - 2016-04-23 06:29 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-14 10:06 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-14 10:06 - 2016-04-23 06:29 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-14 10:06 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-14 10:06 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-14 10:06 - 2016-04-23 06:27 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-14 10:06 - 2016-04-23 06:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-14 10:06 - 2016-04-23 06:25 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-14 10:06 - 2016-04-23 06:24 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-14 10:06 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-14 10:06 - 2016-04-23 06:24 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-14 10:06 - 2016-04-23 06:24 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-14 10:06 - 2016-04-23 06:23 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-14 10:06 - 2016-04-23 06:23 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-14 10:06 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-14 10:06 - 2016-04-23 06:22 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-14 10:06 - 2016-04-23 06:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-14 10:06 - 2016-04-23 06:21 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-14 10:06 - 2016-04-23 06:21 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-14 10:06 - 2016-04-23 06:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-14 10:06 - 2016-04-23 06:21 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-14 10:06 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-14 10:06 - 2016-04-23 06:20 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-14 10:06 - 2016-04-23 06:20 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-14 10:06 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-14 10:06 - 2016-04-23 06:20 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-14 10:06 - 2016-04-23 06:19 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-14 10:06 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-14 10:06 - 2016-04-23 06:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-14 10:06 - 2016-04-23 06:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-14 10:06 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-14 10:06 - 2016-04-23 06:17 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-14 10:06 - 2016-04-23 06:17 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-14 10:06 - 2016-04-23 06:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-14 10:06 - 2016-04-23 06:16 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-14 10:06 - 2016-04-23 06:16 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-14 10:06 - 2016-04-23 06:16 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-14 10:06 - 2016-04-23 06:15 - 00612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-14 10:06 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-14 10:06 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-14 10:06 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-14 10:06 - 2016-04-23 06:13 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-14 10:06 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-14 10:06 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-14 10:06 - 2016-04-23 06:12 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-14 10:06 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-14 10:06 - 2016-04-23 06:11 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-14 10:06 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-14 10:06 - 2016-04-23 06:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-14 10:06 - 2016-04-23 06:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-14 10:06 - 2016-04-23 06:07 - 01793024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-14 10:06 - 2016-04-23 06:05 - 01895936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-14 10:06 - 2016-04-23 06:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-14 10:06 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-14 10:06 - 2016-04-23 06:04 - 01733632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-14 10:06 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-14 10:06 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-14 10:06 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-14 10:06 - 2016-04-23 06:03 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-14 10:06 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-14 10:06 - 2016-04-23 06:01 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-14 10:06 - 2016-04-23 04:10 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-14 10:06 - 2016-04-02 06:17 - 00297072 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-05-14 10:06 - 2016-04-02 06:14 - 00757192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-05-14 10:06 - 2016-04-02 06:14 - 00613112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-05-14 10:06 - 2016-04-02 06:14 - 00305296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-05-14 10:06 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-05-14 10:06 - 2016-04-02 05:10 - 02871296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-05-14 10:06 - 2016-03-29 11:41 - 00875992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-05-14 10:06 - 2016-03-29 11:41 - 00771120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-05-14 10:06 - 2016-03-29 11:41 - 00228696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-05-14 10:06 - 2016-03-29 11:38 - 01051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-05-14 10:06 - 2016-03-29 11:38 - 00927072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-05-14 10:06 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-14 10:06 - 2016-03-29 11:36 - 01820512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-05-14 10:06 - 2016-03-29 11:33 - 00084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-05-14 10:06 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-05-14 10:06 - 2016-03-29 11:21 - 00922456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-05-14 10:06 - 2016-03-29 11:20 - 00856928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-05-14 10:06 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-05-14 10:06 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-05-14 10:06 - 2016-03-29 10:41 - 00203104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-05-14 10:06 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-05-14 10:06 - 2016-03-29 10:34 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-05-14 10:06 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-05-14 10:06 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-05-14 10:06 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-05-14 10:06 - 2016-03-29 10:24 - 00063008 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-05-14 10:06 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-05-14 10:06 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-05-14 10:06 - 2016-03-29 09:46 - 01861984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-05-14 10:06 - 2016-03-29 09:46 - 00771424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-05-14 10:06 - 2016-03-29 09:42 - 00287072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-05-14 10:06 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msorcl32.dll
2016-05-14 10:06 - 2016-03-29 09:20 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-05-14 10:06 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-05-14 10:06 - 2016-03-29 09:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-05-14 10:06 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-05-14 10:06 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-05-14 10:06 - 2016-03-29 09:09 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-05-14 10:06 - 2016-03-29 09:08 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-05-14 10:06 - 2016-03-29 09:06 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-05-14 10:06 - 2016-03-29 09:05 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-05-14 10:06 - 2016-03-29 09:05 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-05-14 10:06 - 2016-03-29 09:05 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-05-14 10:06 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-05-14 10:06 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-05-14 10:06 - 2016-03-29 09:02 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-05-14 10:06 - 2016-03-29 09:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-05-14 10:06 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-05-14 10:06 - 2016-03-29 08:53 - 00424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-05-14 10:06 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-05-14 10:06 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-05-14 10:06 - 2016-03-29 08:53 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-05-14 10:06 - 2016-03-29 08:52 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-05-14 10:06 - 2016-03-29 08:52 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-05-14 10:06 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-05-14 10:06 - 2016-03-29 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-05-14 10:06 - 2016-03-29 08:47 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-05-14 10:06 - 2016-03-29 08:46 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-05-14 10:06 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-05-14 10:06 - 2016-03-29 08:44 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-05-14 10:06 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-05-14 10:06 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-05-14 10:06 - 2016-03-29 08:41 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-05-14 10:06 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-05-14 10:06 - 2016-03-29 08:40 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-05-14 10:06 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-05-14 10:06 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-05-14 10:06 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-05-14 10:06 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-05-14 10:06 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-05-14 10:06 - 2016-03-29 08:36 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-05-14 10:06 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-05-14 10:06 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-05-14 10:06 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-05-14 10:06 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-05-14 10:06 - 2016-03-29 08:32 - 00601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-05-14 10:06 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-05-14 10:06 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-05-14 10:06 - 2016-03-29 08:29 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-05-14 10:06 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-05-14 10:06 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-05-14 10:06 - 2016-03-29 08:26 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-05-14 10:06 - 2016-03-29 08:25 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-05-14 10:06 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-05-14 10:06 - 2016-03-29 08:18 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-05-14 10:06 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-05-14 10:06 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-05-14 10:06 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-05-14 10:06 - 2016-03-29 08:07 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-05-14 10:06 - 2016-03-29 08:06 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-05-14 10:06 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-05-14 10:06 - 2016-03-29 08:06 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-05-14 10:06 - 2016-03-29 08:06 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-05-14 10:06 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-05-14 10:06 - 2016-03-29 08:04 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-05-14 10:06 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-05-14 10:06 - 2016-03-29 07:55 - 00614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-05-14 10:06 - 2016-03-29 07:46 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-05-14 10:06 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-05-14 10:06 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-05-14 10:06 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-05-14 10:06 - 2016-03-29 07:36 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-05-14 10:06 - 2016-03-29 07:32 - 00742400 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-05-14 10:06 - 2016-03-29 07:30 - 00782336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-05-14 10:06 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-05-14 10:06 - 2016-03-29 07:25 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-05-14 10:06 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-05-14 10:06 - 2016-03-29 07:24 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-05-14 10:06 - 2016-03-29 07:21 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-05-14 10:06 - 2016-03-01 07:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-05-14 10:06 - 2016-02-24 10:57 - 01174368 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-05-14 10:06 - 2016-02-24 10:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-05-14 10:06 - 2016-02-24 10:15 - 00107872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-05-14 10:06 - 2016-02-24 10:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-05-14 10:06 - 2016-02-24 10:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-05-14 10:06 - 2016-02-24 10:03 - 00510880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-05-14 10:06 - 2016-02-24 09:59 - 00118304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-05-14 10:06 - 2016-02-24 09:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-05-14 10:06 - 2016-02-24 09:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-05-14 10:06 - 2016-02-24 09:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-05-14 10:06 - 2016-02-24 09:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2016-05-14 10:06 - 2016-02-24 08:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-05-14 10:06 - 2016-02-24 08:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-05-14 10:06 - 2016-02-24 08:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-05-14 10:06 - 2016-02-24 08:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-05-14 10:06 - 2016-02-24 08:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-05-14 10:06 - 2016-02-24 08:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-05-14 10:06 - 2016-02-24 08:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-05-14 10:06 - 2016-02-24 08:37 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-05-14 10:06 - 2016-02-24 08:37 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-05-14 10:06 - 2016-02-24 08:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-05-14 10:06 - 2016-02-24 08:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-05-14 10:06 - 2016-02-24 08:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-05-14 10:06 - 2016-02-24 08:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-05-14 10:06 - 2016-02-24 08:29 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-05-14 10:06 - 2016-02-24 08:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-05-14 10:06 - 2016-02-24 08:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-05-14 10:06 - 2016-02-24 08:27 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-05-14 10:06 - 2016-02-24 08:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-05-14 10:06 - 2016-02-24 08:23 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-05-14 10:06 - 2016-02-24 08:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-05-14 10:06 - 2016-02-24 08:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-05-14 10:06 - 2016-02-24 08:21 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-05-14 10:06 - 2016-02-24 08:21 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-05-14 10:06 - 2016-02-24 08:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-05-14 10:06 - 2016-02-24 08:20 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-05-14 10:06 - 2016-02-24 08:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-05-14 10:06 - 2016-02-24 08:18 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-05-14 10:06 - 2016-02-24 08:18 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-05-14 10:06 - 2016-02-24 08:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-05-14 10:06 - 2016-02-24 08:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-05-14 10:06 - 2016-02-24 08:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-05-14 10:06 - 2016-02-24 08:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-05-14 10:06 - 2016-02-24 08:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-05-14 10:06 - 2016-02-24 08:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-05-14 10:06 - 2016-02-24 08:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-05-14 10:06 - 2016-02-24 08:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-05-14 10:06 - 2016-02-24 08:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-05-14 10:06 - 2016-02-24 08:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-05-14 10:06 - 2016-02-24 08:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-05-14 10:06 - 2016-02-24 07:55 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-05-14 10:06 - 2016-02-24 07:51 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-05-14 10:06 - 2016-02-24 07:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-05-14 10:06 - 2016-02-24 07:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-05-14 10:06 - 2016-02-23 12:33 - 00354656 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2016-05-14 10:06 - 2016-02-23 12:33 - 00354656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-05-14 10:06 - 2016-02-23 12:32 - 00462688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-05-14 10:06 - 2016-02-23 12:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-05-14 10:06 - 2016-02-23 11:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-05-14 10:06 - 2016-02-23 11:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-05-14 10:06 - 2016-02-23 11:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-05-14 10:06 - 2016-02-23 11:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-05-14 10:06 - 2016-02-23 11:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-05-14 10:06 - 2016-02-23 11:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-05-14 10:06 - 2016-02-23 11:37 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-05-14 10:06 - 2016-02-23 11:23 - 00124256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-05-14 10:06 - 2016-02-23 10:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-05-14 10:06 - 2016-02-23 10:51 - 00381280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-05-14 10:06 - 2016-02-23 10:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-05-14 10:06 - 2016-02-23 10:25 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-05-14 10:06 - 2016-02-23 10:25 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-05-14 10:06 - 2016-02-23 10:18 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-05-14 10:06 - 2016-02-23 10:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-05-14 10:06 - 2016-02-23 10:14 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-05-14 10:06 - 2016-02-23 10:13 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-05-14 10:06 - 2016-02-23 10:08 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-05-14 10:06 - 2016-02-23 10:07 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-05-14 10:06 - 2016-02-23 10:03 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-05-14 10:06 - 2016-02-23 10:01 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-05-14 10:06 - 2016-02-23 10:01 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-05-14 10:06 - 2016-02-23 09:51 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-05-14 10:06 - 2016-02-23 09:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-05-14 10:06 - 2016-02-23 09:50 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-05-14 10:06 - 2016-02-23 09:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-05-14 10:06 - 2016-02-23 09:48 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-05-14 10:06 - 2016-02-23 09:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-05-14 10:06 - 2016-02-23 09:46 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-05-14 10:06 - 2016-02-23 09:45 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-05-14 10:06 - 2016-02-23 09:41 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-05-14 10:06 - 2016-02-23 09:40 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-05-14 10:06 - 2016-02-23 09:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-05-14 10:06 - 2016-02-23 09:38 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-05-14 10:06 - 2016-02-23 09:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-05-14 10:06 - 2016-02-23 09:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-05-14 10:06 - 2016-02-23 09:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-05-14 10:06 - 2016-02-23 09:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-05-14 10:06 - 2016-02-23 09:28 - 00810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-05-14 10:06 - 2016-02-23 09:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-05-14 10:06 - 2016-02-23 09:24 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-05-14 10:06 - 2016-02-23 09:24 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-05-14 10:06 - 2016-02-23 09:23 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-05-14 10:06 - 2016-02-23 09:20 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-05-14 10:06 - 2016-02-23 09:14 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-05-14 10:06 - 2016-02-23 09:05 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-05-14 10:06 - 2016-02-23 08:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-05-14 10:06 - 2016-02-23 08:36 - 01931776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-05-14 10:06 - 2016-02-23 08:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-05-14 10:06 - 2016-02-09 05:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-05-14 10:06 - 2016-02-09 05:09 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-05-14 10:05 - 2016-04-23 06:35 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-14 10:05 - 2016-04-23 06:28 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-14 10:05 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-14 10:05 - 2016-04-23 06:27 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-14 10:05 - 2016-04-23 06:27 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-14 10:05 - 2016-04-23 06:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-14 10:05 - 2016-04-23 06:23 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-14 10:05 - 2016-04-23 06:19 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-14 10:05 - 2016-04-23 06:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-14 10:05 - 2016-04-19 00:30 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-14 10:05 - 2016-03-29 09:28 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-05-14 10:05 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-05-14 10:05 - 2016-03-29 09:20 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-05-14 10:05 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-05-14 10:05 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-05-14 10:05 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-05-14 10:05 - 2016-03-29 09:14 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-05-14 10:05 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-05-14 10:05 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-05-14 10:05 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-05-14 10:05 - 2016-03-29 09:06 - 00066560 _____ (Microsoft Corporation) C:\WINDO

Erlu · 30.05.2016, 13:22

WS\system32\tzautoupdate.dll
2016-05-14 10:05 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-05-14 10:05 - 2016-03-29 09:05 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-05-14 10:05 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-05-14 10:05 - 2016-03-29 08:52 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-05-14 10:05 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\system32\MTF.dll
2016-05-14 10:05 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-05-14 10:05 - 2016-03-29 08:26 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-05-14 10:05 - 2016-02-24 08:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-05-14 10:05 - 2016-02-24 08:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-05-14 10:05 - 2016-02-24 08:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-05-14 10:05 - 2016-02-24 08:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-05-14 10:05 - 2016-02-23 10:16 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-05-14 10:05 - 2016-02-23 10:05 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-05-14 10:05 - 2016-02-23 09:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-05-14 10:05 - 2016-02-23 09:44 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-05-14 09:22 - 2016-05-14 09:22 - 00000000 ____D C:\ProgramData\HP
2016-05-14 09:21 - 2016-05-14 09:21 - 02474920 _____ C:\Users\Ernst\Downloads\hppiw.exe
2016-05-13 19:47 - 2016-05-13 19:47 - 00000000 ____D C:\Users\Ernst\AppData\Local\Comms
2016-05-13 19:12 - 2016-05-13 19:12 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Avira
2016-05-13 19:07 - 2016-04-04 17:07 - 00146152 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-05-13 19:07 - 2016-04-04 17:07 - 00104480 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-05-13 19:07 - 2016-04-04 17:07 - 00066872 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-05-13 19:07 - 2016-04-04 17:07 - 00044208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-05-13 19:07 - 2016-04-04 17:07 - 00031848 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\ssmdrv.sys
2016-05-13 19:04 - 2016-05-13 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-05-13 19:04 - 2016-05-13 19:04 - 00001279 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-05-13 19:03 - 2016-05-13 19:07 - 00000000 ____D C:\ProgramData\Avira
2016-05-13 19:03 - 2016-05-13 19:07 - 00000000 ____D C:\Program Files\Avira
2016-05-13 19:03 - 2016-05-13 19:03 - 04898016 _____ (Avira Operations GmbH & Co. KG) C:\Users\Ernst\Downloads\avira_de_av_573608a76d994__ws.exe
2016-05-13 18:29 - 2016-05-29 12:26 - 00000000 ____D C:\WINDOWS\Minidump
2016-05-13 18:00 - 2016-05-13 17:47 - 00000000 ___DC C:\WINDOWS\Panther
2016-05-13 17:58 - 2016-05-13 17:58 - 00002394 _____ C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-13 17:58 - 2016-05-13 17:58 - 00000000 ___RD C:\Users\Ernst\OneDrive
2016-05-13 17:57 - 2016-05-13 17:58 - 00000000 ____D C:\Windows.old
2016-05-13 17:56 - 2016-05-13 17:56 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-05-13 17:55 - 2015-10-29 19:42 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-05-13 17:55 - 2015-10-29 19:41 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-05-13 17:55 - 2015-10-29 19:24 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-05-13 17:54 - 2016-05-13 17:54 - 00001091 _____ C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2016-05-13 17:54 - 2016-05-13 17:54 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2016-05-13 17:54 - 2016-05-13 17:54 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-05-13 17:54 - 2016-05-13 17:54 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-05-13 17:54 - 2016-05-13 17:54 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-05-13 17:54 - 2016-05-13 17:54 - 00000000 ____D C:\Program Files\MSBuild
2016-05-13 17:54 - 2016-05-13 17:54 - 00000000 ____D C:\inetpub
2016-05-13 17:53 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-05-13 17:53 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-05-13 17:53 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-05-13 17:52 - 2016-05-13 17:52 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-05-13 17:52 - 2016-05-13 17:52 - 00279376 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-05-13 17:52 - 2016-05-13 17:52 - 00000000 ____D C:\Users\Ernst\AppData\Local\Publishers
2016-05-13 17:51 - 2016-05-13 17:51 - 00000000 ____D C:\Users\Ernst\AppData\Local\ActiveSync
2016-05-13 17:49 - 2016-05-13 18:21 - 00000000 ____D C:\Users\Ernst\AppData\Local\Packages
2016-05-13 17:49 - 2016-05-13 17:49 - 00000020 ___SH C:\Users\Ernst\ntuser.ini
2016-05-13 17:49 - 2016-05-13 17:49 - 00000000 ____D C:\Users\Ernst\AppData\Local\TileDataLayer
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-05-13 17:36 - 2016-05-13 17:36 - 00021532 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-05-13 17:20 - 2016-05-13 17:20 - 00001544 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-05-13 17:20 - 2016-05-13 17:20 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-05-13 17:20 - 2016-05-13 17:20 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-05-13 17:12 - 2016-05-13 17:12 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-05-13 17:07 - 2016-05-29 15:46 - 00000000 ____D C:\Users\Ernst
2016-05-13 17:07 - 2016-05-13 17:35 - 00000000 ____D C:\Users\Gast
2016-05-13 17:07 - 2016-05-13 17:29 - 00000000 ____D C:\Users\Administrator
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Startmenü
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Videos
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Vorlagen
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Startmenü
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Netzwerkumgebung
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Lokale Einstellungen
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Eigene Dateien
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Druckumgebung
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Documents\Eigene Videos
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Documents\Eigene Musik
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Documents\Eigene Bilder
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\AppData\Local\Verlauf
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\AppData\Local\Anwendungsdaten
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Anwendungsdaten
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2016-05-13 17:06 - 2016-05-30 13:52 - 02039076 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-13 17:04 - 2016-05-30 13:45 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-13 17:04 - 2016-05-14 13:56 - 00000253 _____ C:\WINDOWS\hpbafd.ini
2016-05-13 17:04 - 2016-01-29 12:14 - 04397624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-05-13 17:04 - 2016-01-29 12:14 - 03068864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc.dll
2016-05-13 17:04 - 2016-01-29 12:14 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-05-13 17:04 - 2016-01-29 12:14 - 00678968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-05-13 17:04 - 2016-01-29 12:14 - 00381888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-05-13 17:04 - 2016-01-29 12:14 - 00070200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-05-13 17:04 - 2016-01-28 18:18 - 06150607 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-05-13 17:03 - 2016-05-14 13:46 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-05-13 17:03 - 2016-05-14 13:28 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-05-13 17:03 - 2016-05-13 17:03 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-05-13 17:03 - 2016-05-13 17:03 - 00000000 ____D C:\WINDOWS\system32\RTCOM
2016-05-13 17:03 - 2016-05-13 17:03 - 00000000 ____D C:\Program Files\Realtek
2016-05-13 16:03 - 2016-05-13 17:38 - 00021881 _____ C:\WINDOWS\diagerr.xml
2016-05-13 16:03 - 2016-05-13 17:38 - 00020958 _____ C:\WINDOWS\diagwrn.xml
2016-05-13 14:54 - 2016-05-13 17:23 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-12 10:14 - 2016-05-12 10:14 - 00000931 _____ C:\Users\Ernst\Documents\AL-KO B2C Ersatzteilsystem - Warenkorb.htm
2016-05-12 09:53 - 2016-05-12 10:25 - 00015872 ___SH C:\Users\Ernst\Thumbs.db
2016-05-10 21:29 - 2016-05-10 21:29 - 00000000 ____D C:\ProgramData\Baidu
2016-05-10 20:30 - 2016-05-10 20:30 - 00000000 ____D C:\Users\Ernst\Documents\video_out
2016-05-10 20:26 - 2016-05-10 20:26 - 00001161 _____ C:\Users\Ernst\Desktop\amvtransform.lnk
2016-05-10 20:25 - 2016-05-13 17:23 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Media Player Utilities 4.46
2016-05-10 20:25 - 2016-05-10 20:25 - 00000000 ____D C:\Program Files\Media Player Utilities 4.46
2016-05-10 09:14 - 2016-05-10 09:14 - 05482783 _____ C:\Users\Ernst\Documents\ehvmitteilung2016.pdf
2016-05-02 13:23 - 2016-05-02 16:31 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2016-04-30 15:24 - 2016-04-30 15:24 - 01334540 _____ (Sebastien.warin.fr ) C:\Users\Ernst\Downloads\SWYH_1.4.16069.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-30 13:54 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-30 13:52 - 2016-02-13 13:57 - 00870322 _____ C:\WINDOWS\system32\perfh007.dat
2016-05-30 13:52 - 2016-02-13 13:57 - 00189546 _____ C:\WINDOWS\system32\perfc007.dat
2016-05-30 13:52 - 2015-10-30 07:47 - 00000000 ____D C:\WINDOWS\INF
2016-05-30 13:46 - 2015-03-21 11:14 - 00000266 _____ C:\WINDOWS\Tasks\AbelssoftPreloader.job
2016-05-30 13:46 - 2011-01-08 10:44 - 00001094 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-30 13:45 - 2016-02-13 14:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-30 13:45 - 2015-10-30 07:13 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-05-30 13:43 - 2015-07-20 12:57 - 00001224 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3539214255-4280287789-3925056074-1000UA.job
2016-05-30 13:43 - 2010-01-18 18:05 - 00000000 ____D C:\Program Files\Digital Video Converter
2016-05-30 13:18 - 2011-01-08 10:44 - 00001098 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-30 13:17 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\rescache
2016-05-30 12:57 - 2012-09-23 10:36 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-29 18:24 - 2010-06-08 20:37 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Audacity
2016-05-29 17:17 - 2011-01-23 11:06 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\vlc
2016-05-29 16:30 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-29 15:50 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-05-29 12:26 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-05-29 11:36 - 2015-10-30 07:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-15 12:33 - 2010-05-02 10:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2016-05-15 12:33 - 2010-04-29 14:38 - 00000000 ____D C:\Program Files\Common Files\Acronis
2016-05-15 11:42 - 2010-05-02 11:02 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Acronis
2016-05-15 11:22 - 2010-04-29 14:38 - 00158272 _____ (Acronis) C:\WINDOWS\system32\Drivers\snapman.sys
2016-05-15 06:43 - 2015-07-20 12:57 - 00001172 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3539214255-4280287789-3925056074-1000Core.job
2016-05-14 17:36 - 2013-11-12 09:14 - 00001153 _____ C:\Users\Ernst\Desktop\KaraFun Player 2.lnk
2016-05-14 17:36 - 2013-11-12 09:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KaraFun Player 2
2016-05-14 17:36 - 2013-11-12 09:14 - 00000000 ____D C:\Program Files\KaraFun Player 2
2016-05-14 15:22 - 2016-02-13 14:34 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-14 15:20 - 2015-12-13 20:32 - 00000000 ____D C:\Users\Ernst\.idlerc
2016-05-14 14:02 - 2010-01-16 19:06 - 00000000 ____D C:\Users\Ernst\AppData\Local\ElevatedDiagnostics
2016-05-14 13:57 - 2010-01-17 15:09 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2016-05-14 13:28 - 2010-01-16 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-05-14 13:27 - 2010-05-06 13:32 - 00000000 ____D C:\temp
2016-05-14 13:27 - 2010-01-16 14:45 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2016-05-14 13:08 - 2015-03-09 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-05-14 13:08 - 2014-10-23 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-14 13:08 - 2013-09-14 09:19 - 00000000 ____D C:\ProgramData\Oracle
2016-05-14 13:08 - 2010-02-05 19:46 - 00000000 ____D C:\Program Files\Java
2016-05-14 13:07 - 2015-10-01 17:39 - 00000000 ____D C:\Users\Ernst\.oracle_jre_usage
2016-05-14 13:07 - 2015-03-18 18:50 - 00095808 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2016-05-14 11:30 - 2011-12-07 16:35 - 00000848 _____ C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Zertifikatsmanager.lnk
2016-05-14 11:13 - 2013-09-06 18:49 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\DVDVideoSoft
2016-05-14 10:44 - 2016-02-13 05:25 - 00489088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-14 10:41 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-05-14 10:41 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-05-14 10:41 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-14 10:41 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-14 10:41 - 2015-10-30 07:13 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-05-14 10:40 - 2016-02-13 14:15 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 __RSD C:\WINDOWS\Media
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-05-14 10:39 - 2015-10-30 07:48 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-14 10:37 - 2015-10-30 07:48 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-05-14 08:52 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppCompat
2016-05-13 19:03 - 2015-03-09 18:10 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-13 19:01 - 2010-01-16 22:18 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-05-13 18:55 - 2011-08-07 14:34 - 00000000 ____D C:\MeWDB-X
2016-05-13 18:50 - 2013-09-30 12:57 - 00000000 ____D C:\Program Files\MMI PHARMINDEX
2016-05-13 18:40 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\spool
2016-05-13 18:37 - 2014-05-08 14:43 - 00000000 ____D C:\ProgramData\G Data
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\setup
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\ras
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\IME
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\Com
2016-05-13 18:35 - 2015-10-30 07:13 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-05-13 18:35 - 2015-10-30 07:13 - 00000000 ____D C:\WINDOWS\system32\SMI
2016-05-13 18:35 - 2014-05-08 14:43 - 00000000 ____D C:\Program Files\G Data
2016-05-13 18:00 - 2015-10-30 07:48 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-05-13 17:56 - 2013-08-27 14:29 - 00000000 ___RD C:\Users\Ernst\Dropbox
2016-05-13 17:56 - 2013-08-27 14:25 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Dropbox
2016-05-13 17:55 - 2016-02-13 14:01 - 00000000 ____D C:\WINDOWS\OCR
2016-05-13 17:54 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-05-13 17:54 - 2015-10-30 07:45 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-05-13 17:54 - 2015-10-30 07:45 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-05-13 17:54 - 2015-10-30 07:45 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-05-13 17:54 - 2015-10-30 07:45 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-05-13 17:54 - 2015-10-30 07:45 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-05-13 17:54 - 2015-10-30 07:45 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 01014272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-05-13 17:53 - 2015-10-30 07:45 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-05-13 17:53 - 2015-10-30 07:45 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-05-13 17:53 - 2015-10-30 07:45 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-05-13 17:53 - 2015-10-30 07:45 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-05-13 17:39 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-05-13 17:39 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Windows NT
2016-05-13 17:37 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\Registration
2016-05-13 17:35 - 2015-10-30 07:48 - 00000000 __RHD C:\Users\Public\Libraries
2016-05-13 17:28 - 2013-11-17 15:30 - 00000000 ____D C:\Program Files\SamsungPrinterLiveUpdateInstaller
2016-05-13 17:23 - 2016-03-16 21:09 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDFtoMusic
2016-05-13 17:23 - 2016-02-23 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-05-13 17:23 - 2016-02-23 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2016-05-13 17:23 - 2016-01-12 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AllDup
2016-05-13 17:23 - 2015-12-13 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2016-05-13 17:23 - 2015-12-13 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2016-05-13 17:23 - 2015-11-26 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-05-13 17:23 - 2015-11-24 10:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD to MP3 Freeware
2016-05-13 17:23 - 2015-10-30 07:13 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-05-13 17:23 - 2015-10-28 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!
2016-05-13 17:23 - 2015-10-25 15:31 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2016-05-13 17:23 - 2015-10-18 15:57 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2016-05-13 17:23 - 2015-09-24 07:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Fernzugang
2016-05-13 17:23 - 2015-09-06 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\POIbase
2016-05-13 17:23 - 2015-08-25 20:57 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EL-Demo Softland
2016-05-13 17:23 - 2015-08-20 07:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2016-05-13 17:23 - 2015-07-18 10:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\E.M. Free Photo Collage
2016-05-13 17:23 - 2015-06-12 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam
2016-05-13 17:23 - 2015-06-06 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-05-13 17:23 - 2015-05-30 11:22 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVR-Capture
2016-05-13 17:23 - 2015-03-21 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC-Putzer 2015
2016-05-13 17:23 - 2015-02-01 10:54 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 5
2016-05-13 17:23 - 2014-12-30 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2016-05-13 17:23 - 2014-12-22 09:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 12
2016-05-13 17:23 - 2014-10-02 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QGroundControl
2016-05-13 17:23 - 2014-09-16 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2016-05-13 17:23 - 2014-09-11 08:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stream What You Hear (SWYH)
2016-05-13 17:23 - 2014-07-08 19:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR
2016-05-13 17:23 - 2013-12-23 09:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 11
2016-05-13 17:23 - 2013-12-12 15:30 - 00000000 ____D C:\WINDOWS\de
2016-05-13 17:23 - 2013-12-12 14:30 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2016-05-13 17:23 - 2013-12-12 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2016-05-13 17:23 - 2013-11-18 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP7200 series Benutzerregistrierung
2016-05-13 17:23 - 2013-11-05 22:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KaraFun Player
2016-05-13 17:23 - 2013-10-27 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-05-13 17:23 - 2013-09-27 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 9.2.2
2016-05-13 17:23 - 2013-09-12 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Editor 3.3
2016-05-13 17:23 - 2013-09-06 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-05-13 17:23 - 2013-08-31 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\proDAD
2016-05-13 17:23 - 2013-08-31 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD-LabelPrint
2016-05-13 17:23 - 2013-08-31 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP7200 series Manual
2016-05-13 17:23 - 2013-08-31 15:51 - 00000000 ____D C:\WINDOWS\system32\STRING
2016-05-13 17:23 - 2012-02-04 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager
2016-05-13 17:23 - 2011-08-22 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telekom Fotoservice
2016-05-13 17:23 - 2011-06-01 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCM Microsystems Tools
2016-05-13 17:23 - 2011-04-17 10:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle VideoSpin
2016-05-13 17:23 - 2011-03-24 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2016-05-13 17:23 - 2011-03-12 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © v2011.build.46 (Feb 12, 2011)
2016-05-13 17:23 - 2011-02-09 09:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazingMIDI
2016-05-13 17:23 - 2011-01-23 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free M4a to MP3 Converter
2016-05-13 17:23 - 2011-01-21 19:19 - 00000000 ____D C:\WINDOWS\system32\custom matrices
2016-05-13 17:23 - 2011-01-21 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack
2016-05-13 17:23 - 2011-01-03 09:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2016-05-13 17:23 - 2010-11-16 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
2016-05-13 17:23 - 2010-11-13 18:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neuratron
2016-05-13 17:23 - 2010-11-13 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sibelius Software
2016-05-13 17:23 - 2010-09-18 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePDF
2016-05-13 17:23 - 2010-09-18 10:12 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ghostscript
2016-05-13 17:23 - 2010-08-24 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\svnet
2016-05-13 17:23 - 2010-06-13 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials
2016-05-13 17:23 - 2010-06-13 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2016-05-13 17:23 - 2010-05-19 05:47 - 00000000 ____D C:\WINDOWS\WindowsMobile
2016-05-13 17:23 - 2010-05-15 17:25 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2016-05-13 17:23 - 2010-05-05 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Hollywood FX 6.0 for Studio 11
2016-05-13 17:23 - 2010-03-16 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPhoto Plus 4
2016-05-13 17:23 - 2010-03-14 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyVoice
2016-05-13 17:23 - 2010-02-06 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2016-05-13 17:23 - 2010-02-06 17:09 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\multiAVCHD
2016-05-13 17:23 - 2010-02-06 16:59 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ODBC
2016-05-13 17:23 - 2010-02-06 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartCutter PsTs 20091004
2016-05-13 17:23 - 2010-01-30 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDS-Expert QM
2016-05-13 17:23 - 2010-01-30 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vanBasco's Karaoke Player
2016-05-13 17:23 - 2010-01-26 21:56 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-05-13 17:23 - 2010-01-26 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-05-13 17:23 - 2010-01-19 22:11 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\P A I P
2016-05-13 17:23 - 2010-01-19 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2016-05-13 17:23 - 2010-01-18 19:49 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WS_FTP
2016-05-13 17:23 - 2010-01-18 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digital Video Converter
2016-05-13 17:23 - 2010-01-18 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-05-13 17:23 - 2010-01-17 20:55 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
2016-05-13 17:20 - 2009-07-14 04:37 - 00000000 ____D C:\Users\Default.migrated
2016-05-13 17:14 - 2012-02-04 17:25 - 00000000 ____D C:\WINDOWS\system32\SPReview
2016-05-13 17:14 - 2012-02-04 17:25 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2016-05-13 17:13 - 2016-02-13 14:15 - 00000000 ____D C:\WINDOWS\ShellNew
2016-05-13 17:13 - 2016-02-13 13:57 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-05-13 17:13 - 2015-10-30 07:48 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-05-13 17:13 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\System
2016-05-13 17:13 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\schemas
2016-05-13 17:13 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\Help
2016-05-13 17:13 - 2013-08-31 15:52 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2016-05-13 17:13 - 2013-08-24 23:01 - 00000000 __SHD C:\WINDOWS\system32\%APPDATA%
2016-05-13 17:13 - 2011-01-13 20:29 - 00000000 ____D C:\WINDOWS\system32\Adobe
2016-05-13 17:12 - 2016-02-23 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2016-05-13 17:12 - 2015-10-30 07:48 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-05-13 17:12 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Common Files\System
2016-05-13 17:12 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-05-13 17:12 - 2015-09-20 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip
2016-05-13 17:12 - 2015-09-20 07:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2016-05-13 17:12 - 2015-03-21 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2016-05-13 17:12 - 2015-01-31 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-05-13 17:12 - 2014-09-30 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-05-13 17:12 - 2013-11-18 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP7200 series
2016-05-13 17:12 - 2013-11-04 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EURACOM_4D03
2016-05-13 17:12 - 2013-08-31 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2016-05-13 17:12 - 2012-06-08 09:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panasonic
2016-05-13 17:12 - 2012-01-29 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Biet-O-Matic
2016-05-13 17:12 - 2011-06-01 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCM Microsystems
2016-05-13 17:12 - 2010-11-21 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2016-05-13 17:12 - 2010-06-06 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aura4You
2016-05-13 17:12 - 2010-05-05 19:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio 11
2016-05-13 17:12 - 2010-02-18 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon
2016-05-13 17:12 - 2010-02-07 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AceBIT
2016-05-13 17:12 - 2010-01-23 11:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T-Online
2016-05-13 17:12 - 2009-07-14 10:56 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-05-13 17:12 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Microsoft Games
2016-05-13 17:12 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\DVD Maker
2016-05-13 16:27 - 2009-07-14 06:34 - 00023168 _____ C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-13 16:27 - 2009-07-14 06:34 - 00023168 _____ C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-13 16:03 - 2016-02-13 15:27 - 00000000 ___HD C:\$WINDOWS.~BT
2016-05-13 15:36 - 2010-12-08 22:12 - 00325120 ___SH C:\Users\Ernst\Downloads\Thumbs.db
2016-05-12 10:06 - 2010-12-08 23:11 - 136686448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-11 21:57 - 2015-10-30 07:49 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-05-11 21:57 - 2015-10-30 07:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-05-11 12:28 - 2013-11-09 19:20 - 00000000 ____D C:\Users\Ernst\AppData\Local\FRITZ!
2016-05-09 17:33 - 2015-10-25 15:31 - 00001370 _____ C:\Users\Ernst\Desktop\CopyTrans Control Center.lnk
2016-05-09 16:41 - 2012-05-06 18:05 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-05-03 13:33 - 2014-09-15 15:57 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2016-05-03 13:33 - 2013-09-06 18:49 - 00000000 ____D C:\Program Files\DVDVideoSoft
2016-04-30 15:25 - 2014-09-11 08:31 - 00001023 _____ C:\Users\Public\Desktop\Stream What You Hear (SWYH).lnk
2016-04-30 15:25 - 2014-09-11 08:31 - 00000000 ____D C:\Program Files\Stream What You Hear

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-25 20:52 - 2015-08-25 20:52 - 0002314 _____ () C:\Program Files\INSTALL.LOG
2010-11-13 18:16 - 2010-11-13 18:16 - 0000604 ____H () C:\Program Files\STFT Notifier
2015-11-24 10:12 - 2016-03-18 08:21 - 0000040 _____ () C:\Users\Ernst\AppData\Roaming\cdr.ini
2014-05-08 14:45 - 2014-05-08 14:45 - 0000000 _____ () C:\Users\Ernst\AppData\Roaming\gdfw.log
2014-05-08 14:45 - 2015-05-28 20:48 - 0003313 _____ () C:\Users\Ernst\AppData\Roaming\gdscan.log
2010-01-16 20:02 - 2010-01-15 23:42 - 4302944 _____ () C:\Users\Ernst\AppData\Roaming\IMAG0023.AVI
2014-05-14 21:54 - 2014-05-14 22:06 - 0028268 _____ () C:\Users\Ernst\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2014-12-07 12:01 - 2014-12-07 12:03 - 0583820 _____ () C:\Users\Ernst\AppData\Roaming\Scorch_Install.log
2016-01-17 18:01 - 2016-03-07 17:53 - 0021504 _____ () C:\Users\Ernst\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-03-08 23:21 - 2010-03-08 23:31 - 0282624 _____ () C:\Users\Ernst\AppData\Local\filesync.metadata
2015-11-26 18:03 - 2016-02-23 23:06 - 0000600 _____ () C:\Users\Ernst\AppData\Local\PUTTY.RND
2016-05-13 17:03 - 2016-05-13 17:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2010-02-09 14:39 - 2016-05-14 14:02 - 0000024 _____ () C:\ProgramData\__FileUploader.log

Einige Dateien in TEMP:
====================
C:\Users\Ernst\AppData\Local\Temp\avgnt.exe
C:\Users\Ernst\AppData\Local\Temp\gluninstall.exe
C:\Users\Ernst\AppData\Local\Temp\libeay32.dll
C:\Users\Ernst\AppData\Local\Temp\msvcr120.dll
C:\Users\Ernst\AppData\Local\Temp\sqlite3.dll
C:\Users\Ernst\AppData\Local\Temp\WdfCoInstaller01007.dll

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-05-29 12:30

==================== Ende vom FRST.txt ============================Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:29-05-2016 02
durchgeführt von Ernst (Administrator) auf ELINEU (30-05-2016 13:54:02)
Gestartet von C:\Users\Ernst\Desktop
Geladene Profile: Ernst & (Verfügbare Profile: Ernst & Administrator & Gast)
Platform: Microsoft Windows 10 Home Version 1511 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Prozesse (Nicht auf der Ausnahmeliste) =(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Windows\System32\SecUPDUtilSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files\Ashampoo\Ashampoo WinOptimizer 11\LiveTunerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Malwarebytes) C:\desktop\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes) C:\desktop\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\desktop\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.168_none_1a39dfbc6dff3448\TiWorker.exe
konnte nicht auf den Prozess zugreifen -> explorer.exe
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2014-02-13] (Realtek Semiconductor)
HKLM\...\Run: [G Data ASM] => "C:\Program Files\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" /autostart
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner2] => C:\Program Files\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner2.exe [3516784 2015-01-12] (Ashampoo Development GmbH & Co. KG)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [213536 2016-02-19] (Geek Software GmbH)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-12-17] (Apple Inc.)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [814608 2016-04-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2016-01-29] (NVIDIA Corporation)
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files\MyDrive Connect\TomTom MyDrive Connect.exe [2042144 2016-04-14] (TomTom)
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\Run: [iFunBox Fast App Install Handler] => C:\Program Files\i-Funbox DevTeam\iFunBox.exe [2370560 2015-04-12] (i-Funbox.com)
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\Run: [Dropbox Update] => C:\Users\Ernst\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-07-20] (Dropbox, Inc.)
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\Run: [PicPick Start] => C:\Program Files\PicPick\picpick.exe [19918280 2016-03-08] (NGWIN)
HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2289664 2008-01-24] (Hewlett-Packard Company)
HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [515072 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-3539214255-4280287789-3925056074-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2289664 2008-01-24] (Hewlett-Packard Company)
HKU\S-1-5-21-3539214255-4280287789-3925056074-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [515072 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4074160 2016-04-23] (Microsoft Corporation) <==== ACHTUNG
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-05-07] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2010-01-19]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 6.3 HD Lite Edition.lnk [2012-06-23]
ShortcutTarget: PHOTOfunSTUDIO 6.3 HD Lite Edition.lnk -> C:\Program Files\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
Startup: C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-05-13]
ShortcutTarget: Dropbox.lnk -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1bc8b7b8-2b16-41eb-bd62-d23bb4a63b49}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{38771ef5-cbe7-406b-b95e-d17cade4807d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bf40525d-0b87-4751-a193-990f2fae70ce}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-3539214255-4280287789-3925056074-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> {1F096B29-E9DA-4D64-8D63-936BE7762CC5} URL =
SearchScopes: HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://isearch.avg.com/search?cid={4898A9FD-279F-4AB5-BEB3-8F714867861C}&mid=461c0000cd1847d0811bd16d5b47c42b-8f6a348b024ad0cebf393beeb48473624affdcb3&lang=de&ds=tt014&pr=sa&d=2012-07-31 14:21:09&v=12.2.5.32&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-14] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-14] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
Toolbar: HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - Keine Datei
Toolbar: HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> Kein Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default
FF SearchEngineOrder.2:
FF Homepage: hxxps://www.google.de/?gws_rd=ssl
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-07-03] (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-14] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-29] (NVIDIA Corporation)
FF Plugin: @Sibelius.com/Scorch Plugin,version=6.2.0.88 -> C:\Program Files\Sibelius Software\Scorch\npsibelius.dll [2013-03-11] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-3539214255-4280287789-3925056074-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2016-01-18] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPSibelius.dll [2010-04-08] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\PDFNetC.dll [2010-03-31] (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ScorchAxPlugin.dll [2010-04-08] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ScorchPDFWrapper.dll [2010-04-08] ()
FF SearchPlugin: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\searchplugins\englische-ergebnisse.xml [2012-08-12]
FF SearchPlugin: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\searchplugins\gmx-suche.xml [2012-08-12]
FF SearchPlugin: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\searchplugins\google-images.xml [2014-09-21]
FF SearchPlugin: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\searchplugins\google-maps.xml [2014-09-21]
FF SearchPlugin: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\searchplugins\lastminute.xml [2012-08-12]
FF SearchPlugin: C:\Users\Ernst\AppData\Roaming\Mozilla\Firefox\Profiles\z3lqlojh.default\searchplugins\webde-suche.xml [2012-08-12]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-11-16]

Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ACHTUNG
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nphjeokkkbngjpiofnfpnafjeofjomfb] - C:\Users\Ernst\AppData\LocalLow\WOT\CHROME\WOT.crx [2012-01-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [970656 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1435704 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [276424 2016-05-04] (Avira Operations GmbH & Co. KG)
R2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-04-25] (Digital Wave Ltd.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [915600 2016-01-29] (NVIDIA Corporation)
R2 HPSLPSVC; C:\Users\Ernst\AppData\Local\Temp\7zS006E\hpslpsvc32.dll [701288 2015-09-21] (Hewlett-Packard Co.)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-01-24] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 MBAMScheduler; C:\desktop\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\desktop\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2016-01-29] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19775632 2016-01-29] (NVIDIA Corporation)
S2 PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [14165 2005-02-09] (Pinnacle Systems GmbH) [Datei ist nicht signiert]
R2 SamsungUPDUtilSvc; C:\WINDOWS\system32\SecUPDUtilSvc.exe [118576 2014-11-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)
R2 WO_LiveService2; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 11\LiveTunerService.exe [223600 2015-01-12] ()

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 Afc; C:\WINDOWS\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
S3 AKSUP; C:\WINDOWS\system32\drivers\aksup.sys [34472 2008-07-29] (Aladdin Knowledge Systems, Ltd.)
S3 Apowersoft_AudioDevice; C:\WINDOWS\System32\drivers\Apowersoft_AudioDevice.sys [26032 2013-06-02] (Wondershare)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [104480 2016-04-04] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [27496 2012-09-04] (AVG Technologies)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [146152 2016-04-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44208 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [66872 2016-04-04] (Avira Operations GmbH & Co. KG)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [14920 2013-03-07] () [Datei ist nicht signiert]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9160 2013-03-07] () [Datei ist nicht signiert]
S3 FTDIBUS; C:\WINDOWS\system32\drivers\ftdibus.sys [60104 2010-07-12] (FTDI Ltd.)
R2 LiveTuner2PM; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 11\LiveTuner32.sys [14088 2014-03-20] ()
R3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus.sys [171520 2007-01-04] (Pinnacle Systems GmbH)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [170200 2016-05-30] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18576 2016-01-29] (NVIDIA Corporation)
S3 NvStUSB; C:\WINDOWS\System32\drivers\nvstusb.sys [444128 2015-11-19] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [32912 2016-01-29] (NVIDIA Corporation)
R1 RrNetCapFilterDriver; C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys [22184 2014-08-25] (Audials AG)
R1 ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [31848 2016-04-04] (Avira Operations GmbH & Co. KG)
R3 tbhsd; C:\WINDOWS\system32\drivers\tbhsd.sys [39048 2013-11-27] (RapidSolution Software AG)
R2 tifsfilter; C:\WINDOWS\System32\DRIVERS\tifsfilt.sys [27648 2010-04-29] (Acronis) [Datei ist nicht signiert]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [44776 2016-03-29] (Microsoft Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
S3 ZTEGsmDataCard; C:\WINDOWS\System32\drivers\zteusbgser.sys [104704 2009-04-09] (ZTE Corporation)
S3 ZTEusbvoice; C:\WINDOWS\System32\drivers\ZTEusbvoice.sys [105344 2009-04-09] (ZTE Incorporated)
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-30 13:54 - 2016-05-30 13:54 - 00023475 _____ C:\Users\Ernst\Desktop\FRST.txt
2016-05-30 13:53 - 2016-05-30 13:54 - 00000000 ____D C:\FRST
2016-05-30 13:52 - 2016-05-30 13:53 - 01734656 _____ (Farbar) C:\Users\Ernst\Desktop\FRST.exe
2016-05-30 13:51 - 2016-05-30 13:51 - 00018654 _____ C:\Users\Ernst\Desktop\mbam.txt
2016-05-30 10:30 - 2016-05-30 13:49 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-30 10:30 - 2016-05-30 10:30 - 00000898 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-05-30 10:30 - 2016-05-30 10:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-05-30 10:30 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-05-30 10:30 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-05-30 10:30 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-05-30 10:28 - 2016-05-30 10:29 - 22851472 _____ (Malwarebytes ) C:\Users\Ernst\Desktop\mbam-setup-2.2.1.1043.exe
2016-05-30 10:20 - 2016-05-30 10:23 - 00000000 ____D C:\AdwCleaner
2016-05-30 10:17 - 2016-05-30 10:18 - 03678272 _____ C:\Users\Ernst\Desktop\AdwCleaner_5.118.exe
2016-05-29 16:24 - 2016-05-29 16:24 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-05-15 11:41 - 2016-05-15 11:41 - 00000000 ____D C:\Users\Ernst\Documents\MeineBackups
2016-05-15 11:28 - 2016-05-15 11:31 - 126193224 _____ C:\Users\Ernst\Downloads\TrueImage2010_d_de.exe
2016-05-15 11:21 - 2016-05-15 11:21 - 00000000 ____D C:\ProgramData\Acronis
2016-05-15 11:18 - 2016-05-15 11:18 - 00911680 _____ (Acronis) C:\WINDOWS\system32\Drivers\tdrpm258.sys
2016-05-15 11:18 - 2016-05-15 11:18 - 00160288 ____N (Acronis) C:\WINDOWS\system32\Drivers\afcdp.sys
2016-05-14 20:51 - 2016-05-14 20:51 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-05-14 20:40 - 2016-05-14 20:40 - 00000000 ____D C:\Program Files\Microsoft ASP.NET
2016-05-14 18:02 - 2016-05-14 18:02 - 00000000 ____D C:\Cortanaentfernen
2016-05-14 18:00 - 2016-05-14 18:00 - 00020468 _____ C:\Users\Ernst\Downloads\Cortana_deinstallieren.zip
2016-05-14 13:46 - 2016-05-14 13:55 - 00000000 ____D C:\Users\Ernst\AppData\Local\NVIDIA Corporation
2016-05-14 13:43 - 2016-05-14 13:54 - 00000000 ____D C:\Users\Ernst\AppData\Local\NVIDIA
2016-05-14 13:28 - 2016-01-29 14:04 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge.dll
2016-05-14 13:28 - 2016-01-29 14:04 - 01278920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap.dll
2016-05-14 13:27 - 2016-05-14 13:27 - 00002190 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2016-05-14 13:27 - 2016-05-14 13:27 - 00000000 ____D C:\Program Files\AGEIA Technologies
2016-05-14 13:26 - 2016-01-29 10:45 - 00614848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvStreaming.exe
2016-05-14 13:25 - 2016-01-29 14:04 - 24207296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv32.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 15302712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 14497760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dum.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 11272240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 11209192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 03994560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 01060400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco3234195.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 00917048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 00912248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco3234195.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 00878648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC.dll
2016-05-14 13:25 - 2016-01-29 14:04 - 00032912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad32v.sys
2016-05-14 13:25 - 2016-01-29 14:04 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap32v.dll
2016-05-14 13:24 - 2016-05-14 13:24 - 00000000 ____D C:\NVIDIA
2016-05-14 13:20 - 2016-05-14 13:24 - 227389736 _____ (NVIDIA Corporation) C:\Users\Ernst\Downloads\341.95-desktop-win10-32bit-international.exe
2016-05-14 13:07 - 2016-05-14 13:07 - 00000000 ____D C:\Program Files\Common Files\Java
2016-05-14 13:05 - 2016-05-14 13:05 - 00738368 _____ (Oracle Corporation) C:\Users\Ernst\Downloads\JavaSetup8u91.exe
2016-05-14 11:45 - 2016-05-14 11:45 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-05-14 10:07 - 2016-04-30 08:46 - 02974720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-14 10:07 - 2016-04-23 07:28 - 05796704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-14 10:07 - 2016-04-23 07:28 - 01561392 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-14 10:07 - 2016-04-23 07:28 - 01541792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-14 10:07 - 2016-04-23 07:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-14 10:07 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-14 10:07 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-14 10:07 - 2016-04-23 07:01 - 01714520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-14 10:07 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-14 10:07 - 2016-04-23 06:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-14 10:07 - 2016-04-23 06:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-14 10:07 - 2016-04-23 06:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-14 10:07 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-14 10:07 - 2016-04-23 06:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-14 10:07 - 2016-04-23 06:13 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-14 10:07 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-14 10:07 - 2016-04-23 06:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-14 10:07 - 2016-04-23 06:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-14 10:07 - 2016-04-23 06:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-14 10:07 - 2016-04-23 06:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-14 10:07 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-14 10:07 - 2016-04-23 06:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-14 10:07 - 2016-04-23 06:03 - 01899520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-14 10:07 - 2016-04-02 05:20 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-05-14 10:07 - 2016-04-02 05:14 - 03197440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-05-14 10:07 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-05-14 10:07 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-05-14 10:07 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-05-14 10:07 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-05-14 10:07 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-05-14 10:07 - 2016-03-29 07:49 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-05-14 10:07 - 2016-02-24 10:50 - 02885680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-05-14 10:07 - 2016-02-24 07:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-05-14 10:07 - 2016-02-23 11:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-05-14 10:07 - 2016-02-23 11:37 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-05-14 10:07 - 2016-02-23 09:43 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-05-14 10:07 - 2016-02-23 09:42 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-05-14 10:07 - 2016-02-23 09:16 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-05-14 10:07 - 2016-02-23 08:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-05-14 10:06 - 2016-05-06 07:20 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-14 10:06 - 2016-05-06 06:23 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-14 10:06 - 2016-05-06 06:13 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-14 10:06 - 2016-05-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-14 10:06 - 2016-05-06 06:05 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-14 10:06 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-14 10:06 - 2016-05-06 05:49 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-14 10:06 - 2016-04-30 08:53 - 01152000 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-14 10:06 - 2016-04-23 08:06 - 01232576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-14 10:06 - 2016-04-23 08:06 - 00973504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-14 10:06 - 2016-04-23 08:06 - 00576192 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-14 10:06 - 2016-04-23 08:06 - 00440512 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-14 10:06 - 2016-04-23 08:06 - 00248512 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-14 10:06 - 2016-04-23 08:06 - 00149696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-14 10:06 - 2016-04-23 08:06 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-14 10:06 - 2016-04-23 08:06 - 00042688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-14 10:06 - 2016-04-23 07:28 - 00550240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-14 10:06 - 2016-04-23 07:28 - 00545432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-14 10:06 - 2016-04-23 07:28 - 00278368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-14 10:06 - 2016-04-23 07:28 - 00083808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-14 10:06 - 2016-04-23 07:26 - 00792328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-14 10:06 - 2016-04-23 07:21 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-14 10:06 - 2016-04-23 07:14 - 00310112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-14 10:06 - 2016-04-23 07:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-14 10:06 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-14 10:06 - 2016-04-23 07:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-14 10:06 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-14 10:06 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-14 10:06 - 2016-04-23 07:12 - 00104800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-14 10:06 - 2016-04-23 07:11 - 00259424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-14 10:06 - 2016-04-23 07:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-14 10:06 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-14 10:06 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-14 10:06 - 2016-04-23 07:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-14 10:06 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-14 10:06 - 2016-04-23 07:07 - 00192704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-14 10:06 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-14 10:06 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-14 10:06 - 2016-04-23 07:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-14 10:06 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-14 10:06 - 2016-04-23 07:01 - 00484704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-14 10:06 - 2016-04-23 07:01 - 00336224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-14 10:06 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-14 10:06 - 2016-04-23 07:00 - 01396584 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-14 10:06 - 2016-04-23 07:00 - 01273720 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-14 10:06 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-14 10:06 - 2016-04-23 07:00 - 00049504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-14 10:06 - 2016-04-23 06:55 - 00430432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-14 10:06 - 2016-04-23 06:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-14 10:06 - 2016-04-23 06:29 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-14 10:06 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-14 10:06 - 2016-04-23 06:29 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-14 10:06 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-14 10:06 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-14 10:06 - 2016-04-23 06:27 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-14 10:06 - 2016-04-23 06:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-14 10:06 - 2016-04-23 06:25 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-14 10:06 - 2016-04-23 06:24 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-14 10:06 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-14 10:06 - 2016-04-23 06:24 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-14 10:06 - 2016-04-23 06:24 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-14 10:06 - 2016-04-23 06:23 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-14 10:06 - 2016-04-23 06:23 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-14 10:06 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-14 10:06 - 2016-04-23 06:22 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-14 10:06 - 2016-04-23 06:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-14 10:06 - 2016-04-23 06:21 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-14 10:06 - 2016-04-23 06:21 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-14 10:06 - 2016-04-23 06:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-14 10:06 - 2016-04-23 06:21 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-14 10:06 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-14 10:06 - 2016-04-23 06:20 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-14 10:06 - 2016-04-23 06:20 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-14 10:06 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-14 10:06 - 2016-04-23 06:20 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-14 10:06 - 2016-04-23 06:19 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-14 10:06 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-14 10:06 - 2016-04-23 06:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-14 10:06 - 2016-04-23 06:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-14 10:06 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-14 10:06 - 2016-04-23 06:17 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-14 10:06 - 2016-04-23 06:17 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-14 10:06 - 2016-04-23 06:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-14 10:06 - 2016-04-23 06:16 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-14 10:06 - 2016-04-23 06:16 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-14 10:06 - 2016-04-23 06:16 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-14 10:06 - 2016-04-23 06:15 - 00612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-14 10:06 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-14 10:06 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-14 10:06 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-14 10:06 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-14 10:06 - 2016-04-23 06:13 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-14 10:06 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-14 10:06 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-14 10:06 - 2016-04-23 06:12 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-14 10:06 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-14 10:06 - 2016-04-23 06:11 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-14 10:06 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-14 10:06 - 2016-04-23 06:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-14 10:06 - 2016-04-23 06:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-14 10:06 - 2016-04-23 06:07 - 01793024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-14 10:06 - 2016-04-23 06:05 - 01895936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-14 10:06 - 2016-04-23 06:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-14 10:06 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-14 10:06 - 2016-04-23 06:04 - 01733632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-14 10:06 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-14 10:06 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-14 10:06 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-14 10:06 - 2016-04-23 06:03 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-14 10:06 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-14 10:06 - 2016-04-23 06:01 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-14 10:06 - 2016-04-23 04:10 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-14 10:06 - 2016-04-02 06:17 - 00297072 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-05-14 10:06 - 2016-04-02 06:14 - 00757192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-05-14 10:06 - 2016-04-02 06:14 - 00613112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-05-14 10:06 - 2016-04-02 06:14 - 00305296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-05-14 10:06 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-05-14 10:06 - 2016-04-02 05:10 - 02871296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-05-14 10:06 - 2016-03-29 11:41 - 00875992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-05-14 10:06 - 2016-03-29 11:41 - 00771120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-05-14 10:06 - 2016-03-29 11:41 - 00228696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-05-14 10:06 - 2016-03-29 11:38 - 01051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-05-14 10:06 - 2016-03-29 11:38 - 00927072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-05-14 10:06 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-05-14 10:06 - 2016-03-29 11:36 - 01820512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-05-14 10:06 - 2016-03-29 11:33 - 00084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-05-14 10:06 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-05-14 10:06 - 2016-03-29 11:21 - 00922456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-05-14 10:06 - 2016-03-29 11:20 - 00856928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-05-14 10:06 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-05-14 10:06 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-05-14 10:06 - 2016-03-29 10:41 - 00203104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-05-14 10:06 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-05-14 10:06 - 2016-03-29 10:34 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-05-14 10:06 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-05-14 10:06 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-05-14 10:06 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-05-14 10:06 - 2016-03-29 10:24 - 00063008 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-05-14 10:06 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-05-14 10:06 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-05-14 10:06 - 2016-03-29 09:46 - 01861984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-05-14 10:06 - 2016-03-29 09:46 - 00771424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-05-14 10:06 - 2016-03-29 09:42 - 00287072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-05-14 10:06 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msorcl32.dll
2016-05-14 10:06 - 2016-03-29 09:20 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-05-14 10:06 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-05-14 10:06 - 2016-03-29 09:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-05-14 10:06 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-05-14 10:06 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-05-14 10:06 - 2016-03-29 09:09 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-05-14 10:06 - 2016-03-29 09:08 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-05-14 10:06 - 2016-03-29 09:06 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-05-14 10:06 - 2016-03-29 09:05 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-05-14 10:06 - 2016-03-29 09:05 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-05-14 10:06 - 2016-03-29 09:05 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-05-14 10:06 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-05-14 10:06 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-05-14 10:06 - 2016-03-29 09:02 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-05-14 10:06 - 2016-03-29 09:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-05-14 10:06 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-05-14 10:06 - 2016-03-29 08:53 - 00424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-05-14 10:06 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-05-14 10:06 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-05-14 10:06 - 2016-03-29 08:53 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-05-14 10:06 - 2016-03-29 08:52 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-05-14 10:06 - 2016-03-29 08:52 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-05-14 10:06 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-05-14 10:06 - 2016-03-29 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-05-14 10:06 - 2016-03-29 08:47 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-05-14 10:06 - 2016-03-29 08:46 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-05-14 10:06 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-05-14 10:06 - 2016-03-29 08:44 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-05-14 10:06 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-05-14 10:06 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-05-14 10:06 - 2016-03-29 08:41 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-05-14 10:06 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-05-14 10:06 - 2016-03-29 08:40 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-05-14 10:06 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-05-14 10:06 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-05-14 10:06 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-05-14 10:06 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-05-14 10:06 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-05-14 10:06 - 2016-03-29 08:36 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-05-14 10:06 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-05-14 10:06 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-05-14 10:06 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-05-14 10:06 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-05-14 10:06 - 2016-03-29 08:32 - 00601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-05-14 10:06 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-05-14 10:06 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-05-14 10:06 - 2016-03-29 08:29 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-05-14 10:06 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-05-14 10:06 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-05-14 10:06 - 2016-03-29 08:26 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-05-14 10:06 - 2016-03-29 08:25 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-05-14 10:06 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-05-14 10:06 - 2016-03-29 08:18 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-05-14 10:06 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-05-14 10:06 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-05-14 10:06 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-05-14 10:06 - 2016-03-29 08:07 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-05-14 10:06 - 2016-03-29 08:06 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-05-14 10:06 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-05-14 10:06 - 2016-03-29 08:06 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-05-14 10:06 - 2016-03-29 08:06 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-05-14 10:06 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-05-14 10:06 - 2016-03-29 08:04 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-05-14 10:06 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-05-14 10:06 - 2016-03-29 07:55 - 00614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-05-14 10:06 - 2016-03-29 07:46 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-05-14 10:06 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-05-14 10:06 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-05-14 10:06 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-05-14 10:06 - 2016-03-29 07:36 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-05-14 10:06 - 2016-03-29 07:32 - 00742400 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-05-14 10:06 - 2016-03-29 07:30 - 00782336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-05-14 10:06 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-05-14 10:06 - 2016-03-29 07:25 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-05-14 10:06 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-05-14 10:06 - 2016-03-29 07:24 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-05-14 10:06 - 2016-03-29 07:21 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-05-14 10:06 - 2016-03-01 07:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-05-14 10:06 - 2016-02-24 10:57 - 01174368 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-05-14 10:06 - 2016-02-24 10:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-05-14 10:06 - 2016-02-24 10:15 - 00107872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-05-14 10:06 - 2016-02-24 10:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-05-14 10:06 - 2016-02-24 10:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-05-14 10:06 - 2016-02-24 10:03 - 00510880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-05-14 10:06 - 2016-02-24 09:59 - 00118304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-05-14 10:06 - 2016-02-24 09:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-05-14 10:06 - 2016-02-24 09:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-05-14 10:06 - 2016-02-24 09:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-05-14 10:06 - 2016-02-24 09:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2016-05-14 10:06 - 2016-02-24 08:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-05-14 10:06 - 2016-02-24 08:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-05-14 10:06 - 2016-02-24 08:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-05-14 10:06 - 2016-02-24 08:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-05-14 10:06 - 2016-02-24 08:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-05-14 10:06 - 2016-02-24 08:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-05-14 10:06 - 2016-02-24 08:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-05-14 10:06 - 2016-02-24 08:37 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-05-14 10:06 - 2016-02-24 08:37 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-05-14 10:06 - 2016-02-24 08:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-05-14 10:06 - 2016-02-24 08:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-05-14 10:06 - 2016-02-24 08:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-05-14 10:06 - 2016-02-24 08:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-05-14 10:06 - 2016-02-24 08:29 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-05-14 10:06 - 2016-02-24 08:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-05-14 10:06 - 2016-02-24 08:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-05-14 10:06 - 2016-02-24 08:27 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-05-14 10:06 - 2016-02-24 08:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-05-14 10:06 - 2016-02-24 08:23 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-05-14 10:06 - 2016-02-24 08:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-05-14 10:06 - 2016-02-24 08:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-05-14 10:06 - 2016-02-24 08:21 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-05-14 10:06 - 2016-02-24 08:21 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-05-14 10:06 - 2016-02-24 08:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-05-14 10:06 - 2016-02-24 08:20 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-05-14 10:06 - 2016-02-24 08:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-05-14 10:06 - 2016-02-24 08:18 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-05-14 10:06 - 2016-02-24 08:18 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-05-14 10:06 - 2016-02-24 08:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-05-14 10:06 - 2016-02-24 08:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-05-14 10:06 - 2016-02-24 08:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-05-14 10:06 - 2016-02-24 08:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-05-14 10:06 - 2016-02-24 08:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-05-14 10:06 - 2016-02-24 08:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-05-14 10:06 - 2016-02-24 08:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-05-14 10:06 - 2016-02-24 08:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-05-14 10:06 - 2016-02-24 08:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-05-14 10:06 - 2016-02-24 08:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-05-14 10:06 - 2016-02-24 08:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-05-14 10:06 - 2016-02-24 07:55 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll

Erlu · 30.05.2016, 13:23

2016-05-14 10:06 - 2016-02-24 07:51 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-05-14 10:06 - 2016-02-24 07:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-05-14 10:06 - 2016-02-24 07:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-05-14 10:06 - 2016-02-23 12:33 - 00354656 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2016-05-14 10:06 - 2016-02-23 12:33 - 00354656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-05-14 10:06 - 2016-02-23 12:32 - 00462688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-05-14 10:06 - 2016-02-23 12:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-05-14 10:06 - 2016-02-23 11:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-05-14 10:06 - 2016-02-23 11:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-05-14 10:06 - 2016-02-23 11:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-05-14 10:06 - 2016-02-23 11:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-05-14 10:06 - 2016-02-23 11:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-05-14 10:06 - 2016-02-23 11:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-05-14 10:06 - 2016-02-23 11:37 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-05-14 10:06 - 2016-02-23 11:23 - 00124256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-05-14 10:06 - 2016-02-23 10:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-05-14 10:06 - 2016-02-23 10:51 - 00381280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-05-14 10:06 - 2016-02-23 10:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-05-14 10:06 - 2016-02-23 10:25 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-05-14 10:06 - 2016-02-23 10:25 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-05-14 10:06 - 2016-02-23 10:18 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-05-14 10:06 - 2016-02-23 10:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-05-14 10:06 - 2016-02-23 10:14 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-05-14 10:06 - 2016-02-23 10:13 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-05-14 10:06 - 2016-02-23 10:08 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-05-14 10:06 - 2016-02-23 10:07 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-05-14 10:06 - 2016-02-23 10:03 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-05-14 10:06 - 2016-02-23 10:01 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-05-14 10:06 - 2016-02-23 10:01 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-05-14 10:06 - 2016-02-23 09:51 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-05-14 10:06 - 2016-02-23 09:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-05-14 10:06 - 2016-02-23 09:50 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-05-14 10:06 - 2016-02-23 09:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-05-14 10:06 - 2016-02-23 09:48 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-05-14 10:06 - 2016-02-23 09:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-05-14 10:06 - 2016-02-23 09:46 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-05-14 10:06 - 2016-02-23 09:45 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-05-14 10:06 - 2016-02-23 09:41 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-05-14 10:06 - 2016-02-23 09:40 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-05-14 10:06 - 2016-02-23 09:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-05-14 10:06 - 2016-02-23 09:38 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-05-14 10:06 - 2016-02-23 09:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-05-14 10:06 - 2016-02-23 09:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-05-14 10:06 - 2016-02-23 09:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-05-14 10:06 - 2016-02-23 09:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-05-14 10:06 - 2016-02-23 09:28 - 00810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-05-14 10:06 - 2016-02-23 09:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-05-14 10:06 - 2016-02-23 09:24 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-05-14 10:06 - 2016-02-23 09:24 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-05-14 10:06 - 2016-02-23 09:23 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-05-14 10:06 - 2016-02-23 09:20 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-05-14 10:06 - 2016-02-23 09:14 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-05-14 10:06 - 2016-02-23 09:05 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-05-14 10:06 - 2016-02-23 08:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-05-14 10:06 - 2016-02-23 08:36 - 01931776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-05-14 10:06 - 2016-02-23 08:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-05-14 10:06 - 2016-02-09 05:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-05-14 10:06 - 2016-02-09 05:09 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-05-14 10:05 - 2016-04-23 06:35 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-14 10:05 - 2016-04-23 06:28 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-14 10:05 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-14 10:05 - 2016-04-23 06:27 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-14 10:05 - 2016-04-23 06:27 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-14 10:05 - 2016-04-23 06:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-14 10:05 - 2016-04-23 06:23 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-14 10:05 - 2016-04-23 06:19 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-14 10:05 - 2016-04-23 06:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-14 10:05 - 2016-04-19 00:30 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-14 10:05 - 2016-03-29 09:28 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-05-14 10:05 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-05-14 10:05 - 2016-03-29 09:20 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-05-14 10:05 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-05-14 10:05 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-05-14 10:05 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-05-14 10:05 - 2016-03-29 09:14 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-05-14 10:05 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-05-14 10:05 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-05-14 10:05 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-05-14 10:05 - 2016-03-29 09:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-05-14 10:05 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-05-14 10:05 - 2016-03-29 09:05 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-05-14 10:05 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-05-14 10:05 - 2016-03-29 08:52 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-05-14 10:05 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\system32\MTF.dll
2016-05-14 10:05 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-05-14 10:05 - 2016-03-29 08:26 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-05-14 10:05 - 2016-02-24 08:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-05-14 10:05 - 2016-02-24 08:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-05-14 10:05 - 2016-02-24 08:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-05-14 10:05 - 2016-02-24 08:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-05-14 10:05 - 2016-02-23 10:16 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-05-14 10:05 - 2016-02-23 10:05 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-05-14 10:05 - 2016-02-23 09:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-05-14 10:05 - 2016-02-23 09:44 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-05-14 09:22 - 2016-05-14 09:22 - 00000000 ____D C:\ProgramData\HP
2016-05-14 09:21 - 2016-05-14 09:21 - 02474920 _____ C:\Users\Ernst\Downloads\hppiw.exe
2016-05-13 19:47 - 2016-05-13 19:47 - 00000000 ____D C:\Users\Ernst\AppData\Local\Comms
2016-05-13 19:12 - 2016-05-13 19:12 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Avira
2016-05-13 19:07 - 2016-04-04 17:07 - 00146152 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-05-13 19:07 - 2016-04-04 17:07 - 00104480 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-05-13 19:07 - 2016-04-04 17:07 - 00066872 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-05-13 19:07 - 2016-04-04 17:07 - 00044208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-05-13 19:07 - 2016-04-04 17:07 - 00031848 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\ssmdrv.sys
2016-05-13 19:04 - 2016-05-13 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-05-13 19:04 - 2016-05-13 19:04 - 00001279 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-05-13 19:03 - 2016-05-13 19:07 - 00000000 ____D C:\ProgramData\Avira
2016-05-13 19:03 - 2016-05-13 19:07 - 00000000 ____D C:\Program Files\Avira
2016-05-13 19:03 - 2016-05-13 19:03 - 04898016 _____ (Avira Operations GmbH & Co. KG) C:\Users\Ernst\Downloads\avira_de_av_573608a76d994__ws.exe
2016-05-13 18:29 - 2016-05-29 12:26 - 00000000 ____D C:\WINDOWS\Minidump
2016-05-13 18:00 - 2016-05-13 17:47 - 00000000 ___DC C:\WINDOWS\Panther
2016-05-13 17:58 - 2016-05-13 17:58 - 00002394 _____ C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-13 17:58 - 2016-05-13 17:58 - 00000000 ___RD C:\Users\Ernst\OneDrive
2016-05-13 17:57 - 2016-05-13 17:58 - 00000000 ____D C:\Windows.old
2016-05-13 17:56 - 2016-05-13 17:56 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-05-13 17:55 - 2015-10-29 19:42 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-05-13 17:55 - 2015-10-29 19:41 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-05-13 17:55 - 2015-10-29 19:24 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-05-13 17:54 - 2016-05-13 17:54 - 00001091 _____ C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2016-05-13 17:54 - 2016-05-13 17:54 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2016-05-13 17:54 - 2016-05-13 17:54 - 00000000 ____D C:\WINDOWS\system32\msmq
2016-05-13 17:54 - 2016-05-13 17:54 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-05-13 17:54 - 2016-05-13 17:54 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-05-13 17:54 - 2016-05-13 17:54 - 00000000 ____D C:\Program Files\MSBuild
2016-05-13 17:54 - 2016-05-13 17:54 - 00000000 ____D C:\inetpub
2016-05-13 17:53 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-05-13 17:53 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-05-13 17:53 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-05-13 17:52 - 2016-05-13 17:52 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-05-13 17:52 - 2016-05-13 17:52 - 00279376 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-05-13 17:52 - 2016-05-13 17:52 - 00000000 ____D C:\Users\Ernst\AppData\Local\Publishers
2016-05-13 17:51 - 2016-05-13 17:51 - 00000000 ____D C:\Users\Ernst\AppData\Local\ActiveSync
2016-05-13 17:49 - 2016-05-13 18:21 - 00000000 ____D C:\Users\Ernst\AppData\Local\Packages
2016-05-13 17:49 - 2016-05-13 17:49 - 00000020 ___SH C:\Users\Ernst\ntuser.ini
2016-05-13 17:49 - 2016-05-13 17:49 - 00000000 ____D C:\Users\Ernst\AppData\Local\TileDataLayer
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-05-13 17:39 - 2016-05-13 17:39 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-05-13 17:36 - 2016-05-13 17:36 - 00021532 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-05-13 17:20 - 2016-05-13 17:20 - 00001544 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-05-13 17:20 - 2016-05-13 17:20 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-05-13 17:20 - 2016-05-13 17:20 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-05-13 17:12 - 2016-05-13 17:12 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-05-13 17:07 - 2016-05-29 15:46 - 00000000 ____D C:\Users\Ernst
2016-05-13 17:07 - 2016-05-13 17:35 - 00000000 ____D C:\Users\Gast
2016-05-13 17:07 - 2016-05-13 17:29 - 00000000 ____D C:\Users\Administrator
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Startmenü
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Videos
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Vorlagen
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Startmenü
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Netzwerkumgebung
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Lokale Einstellungen
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Eigene Dateien
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Druckumgebung
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Documents\Eigene Videos
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Documents\Eigene Musik
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Documents\Eigene Bilder
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\AppData\Local\Verlauf
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\AppData\Local\Anwendungsdaten
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Ernst\Anwendungsdaten
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Videos
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2016-05-13 17:07 - 2016-05-13 17:07 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2016-05-13 17:06 - 2016-05-30 13:52 - 02039076 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-13 17:04 - 2016-05-30 13:45 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-13 17:04 - 2016-05-14 13:56 - 00000253 _____ C:\WINDOWS\hpbafd.ini
2016-05-13 17:04 - 2016-01-29 12:14 - 04397624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-05-13 17:04 - 2016-01-29 12:14 - 03068864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc.dll
2016-05-13 17:04 - 2016-01-29 12:14 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-05-13 17:04 - 2016-01-29 12:14 - 00678968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-05-13 17:04 - 2016-01-29 12:14 - 00381888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-05-13 17:04 - 2016-01-29 12:14 - 00070200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-05-13 17:04 - 2016-01-28 18:18 - 06150607 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-05-13 17:03 - 2016-05-14 13:46 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-05-13 17:03 - 2016-05-14 13:28 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-05-13 17:03 - 2016-05-13 17:03 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-05-13 17:03 - 2016-05-13 17:03 - 00000000 ____D C:\WINDOWS\system32\RTCOM
2016-05-13 17:03 - 2016-05-13 17:03 - 00000000 ____D C:\Program Files\Realtek
2016-05-13 16:03 - 2016-05-13 17:38 - 00021881 _____ C:\WINDOWS\diagerr.xml
2016-05-13 16:03 - 2016-05-13 17:38 - 00020958 _____ C:\WINDOWS\diagwrn.xml
2016-05-13 14:54 - 2016-05-13 17:23 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-05-12 10:14 - 2016-05-12 10:14 - 00000931 _____ C:\Users\Ernst\Documents\AL-KO B2C Ersatzteilsystem - Warenkorb.htm
2016-05-12 09:53 - 2016-05-12 10:25 - 00015872 ___SH C:\Users\Ernst\Thumbs.db
2016-05-10 21:29 - 2016-05-10 21:29 - 00000000 ____D C:\ProgramData\Baidu
2016-05-10 20:30 - 2016-05-10 20:30 - 00000000 ____D C:\Users\Ernst\Documents\video_out
2016-05-10 20:26 - 2016-05-10 20:26 - 00001161 _____ C:\Users\Ernst\Desktop\amvtransform.lnk
2016-05-10 20:25 - 2016-05-13 17:23 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Media Player Utilities 4.46
2016-05-10 20:25 - 2016-05-10 20:25 - 00000000 ____D C:\Program Files\Media Player Utilities 4.46
2016-05-10 09:14 - 2016-05-10 09:14 - 05482783 _____ C:\Users\Ernst\Documents\ehvmitteilung2016.pdf
2016-05-02 13:23 - 2016-05-02 16:31 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2016-04-30 15:24 - 2016-04-30 15:24 - 01334540 _____ (Sebastien.warin.fr ) C:\Users\Ernst\Downloads\SWYH_1.4.16069.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-30 13:54 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-30 13:52 - 2016-02-13 13:57 - 00870322 _____ C:\WINDOWS\system32\perfh007.dat
2016-05-30 13:52 - 2016-02-13 13:57 - 00189546 _____ C:\WINDOWS\system32\perfc007.dat
2016-05-30 13:52 - 2015-10-30 07:47 - 00000000 ____D C:\WINDOWS\INF
2016-05-30 13:46 - 2015-03-21 11:14 - 00000266 _____ C:\WINDOWS\Tasks\AbelssoftPreloader.job
2016-05-30 13:46 - 2011-01-08 10:44 - 00001094 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-30 13:45 - 2016-02-13 14:30 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-30 13:45 - 2015-10-30 07:13 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-05-30 13:43 - 2015-07-20 12:57 - 00001224 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3539214255-4280287789-3925056074-1000UA.job
2016-05-30 13:43 - 2010-01-18 18:05 - 00000000 ____D C:\Program Files\Digital Video Converter
2016-05-30 13:18 - 2011-01-08 10:44 - 00001098 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-30 13:17 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\rescache
2016-05-30 12:57 - 2012-09-23 10:36 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-29 18:24 - 2010-06-08 20:37 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Audacity
2016-05-29 17:17 - 2011-01-23 11:06 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\vlc
2016-05-29 16:30 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-29 15:50 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-05-29 12:26 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-05-29 11:36 - 2015-10-30 07:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-15 12:33 - 2010-05-02 10:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2016-05-15 12:33 - 2010-04-29 14:38 - 00000000 ____D C:\Program Files\Common Files\Acronis
2016-05-15 11:42 - 2010-05-02 11:02 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Acronis
2016-05-15 11:22 - 2010-04-29 14:38 - 00158272 _____ (Acronis) C:\WINDOWS\system32\Drivers\snapman.sys
2016-05-15 06:43 - 2015-07-20 12:57 - 00001172 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3539214255-4280287789-3925056074-1000Core.job
2016-05-14 17:36 - 2013-11-12 09:14 - 00001153 _____ C:\Users\Ernst\Desktop\KaraFun Player 2.lnk
2016-05-14 17:36 - 2013-11-12 09:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KaraFun Player 2
2016-05-14 17:36 - 2013-11-12 09:14 - 00000000 ____D C:\Program Files\KaraFun Player 2
2016-05-14 15:22 - 2016-02-13 14:34 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-14 15:20 - 2015-12-13 20:32 - 00000000 ____D C:\Users\Ernst\.idlerc
2016-05-14 14:02 - 2010-01-16 19:06 - 00000000 ____D C:\Users\Ernst\AppData\Local\ElevatedDiagnostics
2016-05-14 13:57 - 2010-01-17 15:09 - 00000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2016-05-14 13:28 - 2010-01-16 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-05-14 13:27 - 2010-05-06 13:32 - 00000000 ____D C:\temp
2016-05-14 13:27 - 2010-01-16 14:45 - 00000000 ____D C:\Program Files\Common Files\Wise Installation Wizard
2016-05-14 13:08 - 2015-03-09 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2016-05-14 13:08 - 2014-10-23 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-14 13:08 - 2013-09-14 09:19 - 00000000 ____D C:\ProgramData\Oracle
2016-05-14 13:08 - 2010-02-05 19:46 - 00000000 ____D C:\Program Files\Java
2016-05-14 13:07 - 2015-10-01 17:39 - 00000000 ____D C:\Users\Ernst\.oracle_jre_usage
2016-05-14 13:07 - 2015-03-18 18:50 - 00095808 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2016-05-14 11:30 - 2011-12-07 16:35 - 00000848 _____ C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Zertifikatsmanager.lnk
2016-05-14 11:13 - 2013-09-06 18:49 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\DVDVideoSoft
2016-05-14 10:44 - 2016-02-13 05:25 - 00489088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-14 10:41 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-05-14 10:41 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-05-14 10:41 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-14 10:41 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-14 10:41 - 2015-10-30 07:13 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-05-14 10:40 - 2016-02-13 14:15 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 __RSD C:\WINDOWS\Media
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-05-14 10:40 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-05-14 10:39 - 2015-10-30 07:48 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-14 10:37 - 2015-10-30 07:48 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-05-14 08:52 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppCompat
2016-05-13 19:03 - 2015-03-09 18:10 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-13 19:01 - 2010-01-16 22:18 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-05-13 18:55 - 2011-08-07 14:34 - 00000000 ____D C:\MeWDB-X
2016-05-13 18:50 - 2013-09-30 12:57 - 00000000 ____D C:\Program Files\MMI PHARMINDEX
2016-05-13 18:40 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\spool
2016-05-13 18:37 - 2014-05-08 14:43 - 00000000 ____D C:\ProgramData\G Data
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\setup
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\ras
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\IME
2016-05-13 18:35 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\Com
2016-05-13 18:35 - 2015-10-30 07:13 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-05-13 18:35 - 2015-10-30 07:13 - 00000000 ____D C:\WINDOWS\system32\SMI
2016-05-13 18:35 - 2014-05-08 14:43 - 00000000 ____D C:\Program Files\G Data
2016-05-13 18:00 - 2015-10-30 07:48 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-05-13 17:56 - 2013-08-27 14:29 - 00000000 ___RD C:\Users\Ernst\Dropbox
2016-05-13 17:56 - 2013-08-27 14:25 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Dropbox
2016-05-13 17:55 - 2016-02-13 14:01 - 00000000 ____D C:\WINDOWS\OCR
2016-05-13 17:54 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-05-13 17:54 - 2015-10-30 07:45 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-05-13 17:54 - 2015-10-30 07:45 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2016-05-13 17:54 - 2015-10-30 07:45 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2016-05-13 17:54 - 2015-10-30 07:45 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2016-05-13 17:54 - 2015-10-30 07:45 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2016-05-13 17:54 - 2015-10-30 07:45 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 01014272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2016-05-13 17:53 - 2015-10-30 07:45 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2016-05-13 17:53 - 2015-10-30 07:45 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2016-05-13 17:53 - 2015-10-30 07:45 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2016-05-13 17:53 - 2015-10-30 07:45 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2016-05-13 17:53 - 2015-10-30 07:45 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2016-05-13 17:39 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-05-13 17:39 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Windows NT
2016-05-13 17:37 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\Registration
2016-05-13 17:35 - 2015-10-30 07:48 - 00000000 __RHD C:\Users\Public\Libraries
2016-05-13 17:28 - 2013-11-17 15:30 - 00000000 ____D C:\Program Files\SamsungPrinterLiveUpdateInstaller
2016-05-13 17:23 - 2016-03-16 21:09 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDFtoMusic
2016-05-13 17:23 - 2016-02-23 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-05-13 17:23 - 2016-02-23 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2016-05-13 17:23 - 2016-01-12 22:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AllDup
2016-05-13 17:23 - 2015-12-13 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2016-05-13 17:23 - 2015-12-13 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2016-05-13 17:23 - 2015-11-26 16:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2016-05-13 17:23 - 2015-11-24 10:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD to MP3 Freeware
2016-05-13 17:23 - 2015-10-30 07:13 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-05-13 17:23 - 2015-10-28 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!
2016-05-13 17:23 - 2015-10-25 15:31 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Control Center
2016-05-13 17:23 - 2015-10-18 15:57 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers
2016-05-13 17:23 - 2015-09-24 07:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Fernzugang
2016-05-13 17:23 - 2015-09-06 10:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\POIbase
2016-05-13 17:23 - 2015-08-25 20:57 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EL-Demo Softland
2016-05-13 17:23 - 2015-08-20 07:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2016-05-13 17:23 - 2015-07-18 10:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\E.M. Free Photo Collage
2016-05-13 17:23 - 2015-06-12 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam
2016-05-13 17:23 - 2015-06-06 11:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-05-13 17:23 - 2015-05-30 11:22 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVR-Capture
2016-05-13 17:23 - 2015-03-21 11:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC-Putzer 2015
2016-05-13 17:23 - 2015-02-01 10:54 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 5
2016-05-13 17:23 - 2014-12-30 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2016-05-13 17:23 - 2014-12-22 09:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 12
2016-05-13 17:23 - 2014-10-02 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QGroundControl
2016-05-13 17:23 - 2014-09-16 15:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2016-05-13 17:23 - 2014-09-11 08:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stream What You Hear (SWYH)
2016-05-13 17:23 - 2014-07-08 19:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeOCR
2016-05-13 17:23 - 2013-12-23 09:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audials 11
2016-05-13 17:23 - 2013-12-12 15:30 - 00000000 ____D C:\WINDOWS\de
2016-05-13 17:23 - 2013-12-12 14:30 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2016-05-13 17:23 - 2013-12-12 14:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2016-05-13 17:23 - 2013-11-18 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP7200 series Benutzerregistrierung
2016-05-13 17:23 - 2013-11-05 22:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KaraFun Player
2016-05-13 17:23 - 2013-10-27 12:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-05-13 17:23 - 2013-09-27 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 9.2.2
2016-05-13 17:23 - 2013-09-12 19:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Editor 3.3
2016-05-13 17:23 - 2013-09-06 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-05-13 17:23 - 2013-08-31 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\proDAD
2016-05-13 17:23 - 2013-08-31 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD-LabelPrint
2016-05-13 17:23 - 2013-08-31 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP7200 series Manual
2016-05-13 17:23 - 2013-08-31 15:51 - 00000000 ____D C:\WINDOWS\system32\STRING
2016-05-13 17:23 - 2012-02-04 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager
2016-05-13 17:23 - 2011-08-22 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telekom Fotoservice
2016-05-13 17:23 - 2011-06-01 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCM Microsystems Tools
2016-05-13 17:23 - 2011-04-17 10:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle VideoSpin
2016-05-13 17:23 - 2011-03-24 20:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Handbrake
2016-05-13 17:23 - 2011-03-12 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © v2011.build.46 (Feb 12, 2011)
2016-05-13 17:23 - 2011-02-09 09:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazingMIDI
2016-05-13 17:23 - 2011-01-23 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free M4a to MP3 Converter
2016-05-13 17:23 - 2011-01-21 19:19 - 00000000 ____D C:\WINDOWS\system32\custom matrices
2016-05-13 17:23 - 2011-01-21 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 - Codec Pack
2016-05-13 17:23 - 2011-01-03 09:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2016-05-13 17:23 - 2010-11-16 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
2016-05-13 17:23 - 2010-11-13 18:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neuratron
2016-05-13 17:23 - 2010-11-13 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sibelius Software
2016-05-13 17:23 - 2010-09-18 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePDF
2016-05-13 17:23 - 2010-09-18 10:12 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ghostscript
2016-05-13 17:23 - 2010-08-24 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\svnet
2016-05-13 17:23 - 2010-06-13 15:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Essentials
2016-05-13 17:23 - 2010-06-13 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2016-05-13 17:23 - 2010-05-19 05:47 - 00000000 ____D C:\WINDOWS\WindowsMobile
2016-05-13 17:23 - 2010-05-15 17:25 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2016-05-13 17:23 - 2010-05-05 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Hollywood FX 6.0 for Studio 11
2016-05-13 17:23 - 2010-03-16 23:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPhoto Plus 4
2016-05-13 17:23 - 2010-03-14 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyVoice
2016-05-13 17:23 - 2010-02-06 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2016-05-13 17:23 - 2010-02-06 17:09 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\multiAVCHD
2016-05-13 17:23 - 2010-02-06 16:59 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ODBC
2016-05-13 17:23 - 2010-02-06 11:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartCutter PsTs 20091004
2016-05-13 17:23 - 2010-01-30 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VDS-Expert QM
2016-05-13 17:23 - 2010-01-30 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vanBasco's Karaoke Player
2016-05-13 17:23 - 2010-01-26 21:56 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-05-13 17:23 - 2010-01-26 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-05-13 17:23 - 2010-01-19 22:11 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\P A I P
2016-05-13 17:23 - 2010-01-19 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2016-05-13 17:23 - 2010-01-18 19:49 - 00000000 ____D C:\Users\Ernst\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WS_FTP
2016-05-13 17:23 - 2010-01-18 18:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digital Video Converter
2016-05-13 17:23 - 2010-01-18 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2016-05-13 17:23 - 2010-01-17 20:55 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
2016-05-13 17:20 - 2009-07-14 04:37 - 00000000 ____D C:\Users\Default.migrated
2016-05-13 17:14 - 2012-02-04 17:25 - 00000000 ____D C:\WINDOWS\system32\SPReview
2016-05-13 17:14 - 2012-02-04 17:25 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2016-05-13 17:13 - 2016-02-13 14:15 - 00000000 ____D C:\WINDOWS\ShellNew
2016-05-13 17:13 - 2016-02-13 13:57 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-05-13 17:13 - 2015-10-30 07:48 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-05-13 17:13 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\System
2016-05-13 17:13 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\schemas
2016-05-13 17:13 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\Help
2016-05-13 17:13 - 2013-08-31 15:52 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2016-05-13 17:13 - 2013-08-24 23:01 - 00000000 __SHD C:\WINDOWS\system32\%APPDATA%
2016-05-13 17:13 - 2011-01-13 20:29 - 00000000 ____D C:\WINDOWS\system32\Adobe
2016-05-13 17:12 - 2016-02-23 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2016-05-13 17:12 - 2015-10-30 07:48 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-05-13 17:12 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Common Files\System
2016-05-13 17:12 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-05-13 17:12 - 2015-09-20 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bullzip
2016-05-13 17:12 - 2015-09-20 07:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2016-05-13 17:12 - 2015-03-21 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2016-05-13 17:12 - 2015-01-31 20:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-05-13 17:12 - 2014-09-30 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-05-13 17:12 - 2013-11-18 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP7200 series
2016-05-13 17:12 - 2013-11-04 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EURACOM_4D03
2016-05-13 17:12 - 2013-08-31 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2016-05-13 17:12 - 2012-06-08 09:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panasonic
2016-05-13 17:12 - 2012-01-29 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Biet-O-Matic
2016-05-13 17:12 - 2011-06-01 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCM Microsystems
2016-05-13 17:12 - 2010-11-21 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2016-05-13 17:12 - 2010-06-06 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aura4You
2016-05-13 17:12 - 2010-05-05 19:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio 11
2016-05-13 17:12 - 2010-02-18 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon
2016-05-13 17:12 - 2010-02-07 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AceBIT
2016-05-13 17:12 - 2010-01-23 11:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T-Online
2016-05-13 17:12 - 2009-07-14 10:56 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-05-13 17:12 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\Microsoft Games
2016-05-13 17:12 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\DVD Maker
2016-05-13 16:27 - 2009-07-14 06:34 - 00023168 _____ C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-13 16:27 - 2009-07-14 06:34 - 00023168 _____ C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-13 16:03 - 2016-02-13 15:27 - 00000000 ___HD C:\$WINDOWS.~BT
2016-05-13 15:36 - 2010-12-08 22:12 - 00325120 ___SH C:\Users\Ernst\Downloads\Thumbs.db
2016-05-12 10:06 - 2010-12-08 23:11 - 136686448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-11 21:57 - 2015-10-30 07:49 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-05-11 21:57 - 2015-10-30 07:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-05-11 12:28 - 2013-11-09 19:20 - 00000000 ____D C:\Users\Ernst\AppData\Local\FRITZ!
2016-05-09 17:33 - 2015-10-25 15:31 - 00001370 _____ C:\Users\Ernst\Desktop\CopyTrans Control Center.lnk
2016-05-09 16:41 - 2012-05-06 18:05 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-05-03 13:33 - 2014-09-15 15:57 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2016-05-03 13:33 - 2013-09-06 18:49 - 00000000 ____D C:\Program Files\DVDVideoSoft
2016-04-30 15:25 - 2014-09-11 08:31 - 00001023 _____ C:\Users\Public\Desktop\Stream What You Hear (SWYH).lnk
2016-04-30 15:25 - 2014-09-11 08:31 - 00000000 ____D C:\Program Files\Stream What You Hear

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-25 20:52 - 2015-08-25 20:52 - 0002314 _____ () C:\Program Files\INSTALL.LOG
2010-11-13 18:16 - 2010-11-13 18:16 - 0000604 ____H () C:\Program Files\STFT Notifier
2015-11-24 10:12 - 2016-03-18 08:21 - 0000040 _____ () C:\Users\Ernst\AppData\Roaming\cdr.ini
2014-05-08 14:45 - 2014-05-08 14:45 - 0000000 _____ () C:\Users\Ernst\AppData\Roaming\gdfw.log
2014-05-08 14:45 - 2015-05-28 20:48 - 0003313 _____ () C:\Users\Ernst\AppData\Roaming\gdscan.log
2010-01-16 20:02 - 2010-01-15 23:42 - 4302944 _____ () C:\Users\Ernst\AppData\Roaming\IMAG0023.AVI
2014-05-14 21:54 - 2014-05-14 22:06 - 0028268 _____ () C:\Users\Ernst\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2014-12-07 12:01 - 2014-12-07 12:03 - 0583820 _____ () C:\Users\Ernst\AppData\Roaming\Scorch_Install.log
2016-01-17 18:01 - 2016-03-07 17:53 - 0021504 _____ () C:\Users\Ernst\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-03-08 23:21 - 2010-03-08 23:31 - 0282624 _____ () C:\Users\Ernst\AppData\Local\filesync.metadata
2015-11-26 18:03 - 2016-02-23 23:06 - 0000600 _____ () C:\Users\Ernst\AppData\Local\PUTTY.RND
2016-05-13 17:03 - 2016-05-13 17:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2010-02-09 14:39 - 2016-05-14 14:02 - 0000024 _____ () C:\ProgramData\__FileUploader.log

Einige Dateien in TEMP:
====================
C:\Users\Ernst\AppData\Local\Temp\avgnt.exe
C:\Users\Ernst\AppData\Local\Temp\gluninstall.exe
C:\Users\Ernst\AppData\Local\Temp\libeay32.dll
C:\Users\Ernst\AppData\Local\Temp\msvcr120.dll
C:\Users\Ernst\AppData\Local\Temp\sqlite3.dll
C:\Users\Ernst\AppData\Local\Temp\WdfCoInstaller01007.dll

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-05-29 12:30

==================== Ende vom FRST.txt ============================[/CODE]

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:29-05-2016 02
durchgeführt von Ernst (2016-05-30 13:55:41)
Gestartet von C:\Users\Ernst\Desktop
Microsoft Windows 10 Home Version 1511 (X86) (2016-05-13 15:47:55)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3539214255-4280287789-3925056074-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3539214255-4280287789-3925056074-503 - Limited - Disabled)
Ernst (S-1-5-21-3539214255-4280287789-3925056074-1000 - Administrator - Enabled) => C:\Users\Ernst
Gast (S-1-5-21-3539214255-4280287789-3925056074-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-3539214255-4280287789-3925056074-1053 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

AceBackup 3 (HKLM\...\{87B60A11-AA9E-43FE-A68F-B3C4F80F7D2F}) (Version: 3.0.2 - AceBIT)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
AmazingMIDI (HKLM\...\AmazingMIDI) (Version:  - )
Apple Application Support (32-Bit) (HKLM\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Ask Toolbar Updater (HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.1.22229 - Ask.com) <==== ACHTUNG
Audials (HKLM\...\{356DC986-755B-471C-83C7-49BD0CB1614F}) (Version: 11.0.55900.0 - Audials AG)
Audials (HKLM\...\{69626CD9-18D4-4DA7-BB50-D452A93B3D68}) (Version: 12.0.54100.0 - Audials AG)
AudibleManager (HKLM\...\AudibleManager) (Version: 2012306720.48.56.25365738 - Audible, Inc.)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM\...\{28d41884-9b36-4f54-bed2-92863f08e65d}) (Version: 1.1.62.21333 - Avira Operations GmbH & Co. KG)
Avira Launcher (Version: 1.1.62.21333 - Avira Operations GmbH & Co. KG) Hidden
AviSynth 2.5 (HKLM\...\AviSynth) (Version:  - )
AVM FRITZ!fax für FRITZ!Box (HKLM\...\FRITZ! 2.0) (Version:  - AVM Berlin)
Biet-O-Matic v2.14.8 (HKLM\...\Biet-O-Matic v2.14.8) (Version: 2.14.8 - BOM Development Team)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon iP7200 series Benutzerregistrierung (HKLM\...\Canon iP7200 series Benutzerregistrierung) (Version:  - Canon Inc.‎)
Canon iP7200 series On-screen Manual (HKLM\...\Canon iP7200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version:  - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon ScanGear Starter (HKLM\...\{18A5DFF2-8A95-49F3-873F-743CB5549F3D}) (Version:  - )
CanoScan Toolbox Ver4.9 (HKLM\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version:  - )
CD-LabelPrint (HKLM\...\MediaNavigation.CDLabelPrint) (Version:  - )
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\CopyTrans Suite) (Version: 4.008 - WindSolutions)
CyberLink PhotoDirector 5 (HKLM\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5724.0 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DMPmanager (HKLM\...\DMPmanager) (Version:  - )
Dropbox (HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\Dropbox) (Version: 3.20.1 - Dropbox, Inc.)
DVR-Capture 1.03.1 (HKLM\...\DVR-Capture) (Version: 1.03.1 - Haenien-Software)
eHealth500 Terminal (HKLM\...\{0DAB42A7-C726-4E23-B5B9-1D774B96FC2D}) (Version: 1.07 - SCM Microsystems)
EURACOM_4D03 (HKLM\...\EURACOM_4D03) (Version:  - )
Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free CD to MP3 Converter (HKLM\...\Free CD to MP3 Converter) (Version:  - Eusing Software)
FreePDF (Remove only) (HKLM\...\FreePDF_XP) (Version:  - )
FRITZ!Box-Fernzugang einrichten (HKLM\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
GPL Ghostscript 8.56 (HKLM\...\GPL Ghostscript 8.56) (Version:  - )
GPL Ghostscript 9.00 (HKLM\...\GPL Ghostscript 9.00) (Version:  - )
GPL Ghostscript Fonts (HKLM\...\GPL Ghostscript Fonts) (Version:  - )
iCloud (HKLM\...\{9A07AB4F-6B53-43E9-B7FC-7892E8C26BE3}) (Version: 4.1.1.53 - Apple Inc.)
iTunes (HKLM\...\{2C741651-87E0-4479-9703-6DD0D7988B84}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java SE Development Kit 8 Update 40 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180400}) (Version: 8.0.400.25 - Oracle Corporation)
LightScribe System Software  1.12.29.2 (HKLM\...\{CF8C077A-B467-4C43-8DB5-3A9B94FF9681}) (Version: 1.12.29.2 - hxxp://www.lightscribe.com)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Media Player Utilities 4.46 (HKLM\...\{8B9852AF-B0B0-47B7-9BC5-89A95D77B6C9}) (Version: 4.46 -  )
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 (x86) (HKLM\...\{A8BD5A60-E843-46DC-8271-ABF20756BE0F}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 (x86) (HKLM\...\{03CAB33F-D1C2-48C6-8766-DAE84DFC25FE}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MMI PHARMINDEX (HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Gelbe Liste Pharmindex) (Version:  - )
MobileMe Control Panel (HKLM\...\{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}) (Version: 3.1.8.0 - Apple Inc.)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 40.0.3 (x86 de) (HKLM\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0.0.5941 - Mozilla)
Mozilla Thunderbird 45.0 (x86 de) (HKLM\...\Mozilla Thunderbird 45.0 (x86 de)) (Version: 45.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyVoice (HKLM\...\MyVoice) (Version:  - )
Nero 7 Essentials (HKLM\...\{7BAA9BA8-0761-42EF-842A-23FAA5321031}) (Version: 7.03.0976 - Nero AG)
Neuratron AudioScore Lite (HKLM\...\Neuratron AudioScore Lite) (Version: 6.5.0 - Neuratron Limited)
Neuratron PhotoScore Lite (HKLM\...\Neuratron PhotoScore Lite) (Version: 6.0.0 - Neuratron Limited)
Notepad++ (HKLM\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.95 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.95 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
PDF Editor 3 (HKLM\...\PDF Editor 3) (Version:  - )
PDFtoMusic (HKLM\...\PDFtoMusic) (Version: 1.5.1 - Myriad SARL)
PicPick (HKLM\...\PicPick) (Version: 4.1.2 - NGWIN)
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Plex Media Server (HKLM\...\{24f6f734-f790-479b-bd0f-38409a456508}) (Version: 0.9.1219 - Plex, Inc.)
Plex Media Server (Version: 0.9.1219 - Plex, Inc.) Hidden
proDAD Heroglyph 2.5 (HKLM\...\proDAD-Heroglyph-2.5) (Version:  - )
Python 2.7.11 (HKLM\...\{16E52445-1392-469F-9ADB-FC03AF00CD61}) (Version: 2.7.11150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Samsung Printer Live Update (HKLM\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Universal Print Driver 2 (HKLM\...\Samsung Universal Print Driver 2) (Version: 2.50.06.00 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Sibelius Scorch (all browsers) (HKLM\...\{F533A90F-4E9E-4A17-A085-BD285B6AA57A}) (Version: 6.1.0 - Sibelius Software)
Sibelius Scorch (Firefox, Opera, Netscape only) (HKLM\...\{10ABE49D-343A-463E-9753-C4C5A05ECEF9}) (Version: 6.2.0 - Sibelius Software)
Sibelius Scorch (Firefox, Opera, Netscape, Chrome only) (HKLM\...\{41626CC0-A854-4402-AD06-D7939515C282}) (Version: 6.2.0 - Sibelius Software, a division of Avid Technology, Inc.)
SmartCutter Ps/Ts 20091004 (HKLM\...\SmartCutter Ps/Ts 20091004) (Version:  - )
Studio 11 (HKLM\...\{110B1ADF-2EAE-4E8F-B501-D2A1E6D8ED9D}) (Version: 11.0 - Pinnacle Systems)
Studio 11 (Version: 11.0.0.0 - Pinnacle Systems) Hidden
supra IPCam (HKLM\...\{5445DD57-C988-4CB3-B6BA-62DEBA3C6022}) (Version: 1.8.9.0 - SUPRA Foto-Elektronik-Vertriebs-GmbH)
supra IPCam (HKLM\...\{B0024EE6-6018-4FD6-BC5C-DFE6F0375A95}) (Version: 1.8.4.0 - SUPRA Foto-Elektronik-Vertriebs-GmbH)
sv.net (HKLM\...\sv.net) (Version: 15.0 - ITSG GmbH)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TomTom MyDrive Connect 4.1.0.2658 (HKLM\...\MyDriveConnect) (Version: 4.1.0.2658 - TomTom)
T-Online 6.0 (HKLM\...\{B1275E23-717A-4D52-997A-1AD1E24BC7F3}) (Version:  - )
T-Online WLAN-Access Finder (HKLM\...\{295C31E5-3F91-498E-9623-DA24D2FA2B6A}) (Version:  - )
vanBasco's Karaoke Player (HKLM\...\VMidi) (Version:  - )
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows 7 Codec Pack 2.7.0 (HKLM\...\Windows 7 - Codec Pack) (Version:  - Windows 7 Codec Pack)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 5.00 beta 8 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.8 - win.rar GmbH)
XBMC (HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\XBMC) (Version:  - Team XBMC)
Yahoo! Desktop Login (Version: 1.00.0001 - Pinnacle Systems) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Ernst\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{112EA537-7AB9-4e22-8BFB-7FD5FCB19849}\localserver32 -> "C:\Program Files\Globalscape\CuteFTP\ftpte.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Ernst\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Ernst\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Ernst\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Ernst\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Ernst\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Ernst\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Ernst\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {023906BC-AEEF-441F-898C-43761BEEF8F0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {0515BA55-C49E-414F-84EE-A94C9F60807D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {05D0B430-8919-4D8C-BACE-FA93B822E90D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {090D57C8-2E29-45F1-B8D9-E9D02EACB051} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3539214255-4280287789-3925056074-1000Core => C:\Users\Ernst\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-20] (Dropbox, Inc.)
Task: {0A128531-EE1D-42A4-A022-79616D2C52C2} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B084D1E-084B-420E-AB33-F0633022854B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2BD9FF3F-4C40-4C34-82D7-787446A25BD5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {2DF517D2-53E0-4F8C-9464-0FF440DB1D1A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {336000B2-9734-4FD8-860E-9D357EE06442} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {35BB9F07-4A94-41F4-BF83-50070B447266} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3539214255-4280287789-3925056074-1000UA => C:\Users\Ernst\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-20] (Dropbox, Inc.)
Task: {39144606-BA14-4EA4-8B0D-D5DE5D07F99B} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2016-04-01] (Oracle Corporation)
Task: {3B6D79DC-5B48-4BCF-A7A4-F9FBB30A6768} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {428481EC-AACB-4A8B-BA6F-BC72FD6CBE63} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {446E7459-B64D-4D49-A44E-B44B1C0EE929} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4A91C826-0623-47AD-98DB-75AE734C13BE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {4CACA859-6530-4A7D-95CF-2FF34112CD7B} - System32\Tasks\{C4550220-FBAF-421B-BC1A-384FD99EA6E4} => C:\Program Files\IPE\MyVoice\MyVoice.exe [2010-03-14] (Copyright© 2002-2003 International Print Edition M.Vachal)
Task: {50DDD3A0-ED96-4A68-ACCE-D8D73F384CB3} - System32\Tasks\{5EF930E6-E5DC-45BC-8529-00E0E2333E37} => C:\Program Files\IPE\MyVoice\MyVoice.exe [2010-03-14] (Copyright© 2002-2003 International Print Edition M.Vachal)
Task: {51B4E504-D709-4909-91E7-8BD87E866E93} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {5E39F726-015B-479E-A185-C6D72E91E905} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {6E1B0DDD-FD99-46E0-8614-F2FB222CBE8B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {7184CE8D-AC2F-4BDF-8160-21D9EBD4BEFB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {745E2502-2BB6-4C3C-9BA1-7A149D58F2F7} - System32\Tasks\{C800BC0C-157D-4E75-83B8-C6BF1EE32352} => pcalua.exe -a C:\Users\Ernst\Downloads\paipw(3).exe -d C:\Users\Ernst\Downloads
Task: {749C8215-BCC0-49C7-8B03-7F4663C069CE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {74C66E2A-3F40-4078-A5BC-0A4914C2C024} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {76A4C466-5365-4F01-839E-AB25B2C603AD} - System32\Tasks\{A63B9182-3EEB-406E-A139-EE54FAD4F760} => pcalua.exe -a C:\Windows\NVUnInst\Setup.exe
Task: {7714CCB4-6054-46D3-957A-BC9BB2B53ABB} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7D3252B5-11CE-41D4-A311-28BDF18A86E3} - System32\Tasks\AbelssoftPreloader => C:\Program Files\WashAndGo\AbelssoftPreloader.exe [2015-03-06] (Microsoft)
Task: {7D5A7569-B079-4154-A90A-831DBCE7C721} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {7D73684C-E540-47D2-A5C9-092E2D6F8DCE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {898B7B90-5FD3-40B3-97F5-485524125467} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8A3AEB44-3CDB-4FDD-918C-1EC5F4741980} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {8AE32741-6070-454F-AF87-B224025DC0F1} - System32\Tasks\{C0989A87-AB97-47AF-966C-9389E1B3B971} => pcalua.exe -a C:\Users\Ernst\Downloads\vkaraoke(2).exe -d C:\Users\Ernst\Downloads
Task: {925794A6-364B-4ACC-808E-2C597D4639D8} - System32\Tasks\{2C2740A6-6145-41B2-A146-2C5CE2339E51} => pcalua.exe -a D:\NeroExpress\setupx.exe -d D:\NeroExpress
Task: {94996A26-EF6C-4A4D-A378-D47E41B31176} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {997CB033-875B-41DF-9FBF-3E33F7416E49} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A4F5E3FE-E064-41D7-BDEC-9BD131B5B1F3} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A6DF0290-7F7A-4CD2-BDC3-31596D0DCDF3} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {AAA52C27-D57E-4669-98EF-07C13E5C181C} - System32\Tasks\{D74FDF6A-0D09-44B9-AAA7-A13DDE9F0B1A} => pcalua.exe -a "C:\Program Files\AviSynth 2.5\Uninstall.exe"
Task: {B17A5500-FE15-4B69-BAE2-ED2874BEDD8A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {B58BD9F5-6E25-4AC7-82FA-E0C34453C6A3} - System32\Tasks\{00F428A2-13E7-4E9B-BD2E-748E56309617} => pcalua.exe -a C:\Users\Ernst\Downloads\paipw(2).exe -d C:\Users\Ernst\Downloads
Task: {BEB1B996-A9CD-4214-81FA-D0A859390347} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {C0742AFE-5D16-4AE3-8460-6F4F30E94459} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C14E3E27-7B98-4B69-B7D2-62D9EAAB7872} - System32\Tasks\Apple Diagnostics => C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe [2015-04-26] (Apple Inc.)
Task: {C5464B2E-0D04-48C6-B549-5A65E423B99A} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {D05CF396-F783-409B-AAA8-4A3EF331EAB0} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D1931DC3-38C1-48F0-A73B-F244C17443BA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {D5014204-B853-4EDE-AB46-E16C16F71102} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {DE46C009-E409-487E-832C-4C27FC8C5634} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E48F9F01-ECF5-4FF5-8948-986DADF871CF} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EF030D2C-3C6A-425B-82E7-27C25345B1C4} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F2997EF2-D257-4B52-919A-40BDF096D15C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {F596A9DE-8B4E-43F9-B6E9-CBD07B550759} - System32\Tasks\{B3BFF757-8659-4205-915B-FFFD4049EC0C} => C:\Program Files\IPE\MyVoice\MyVoice.exe [2010-03-14] (Copyright© 2002-2003 International Print Edition M.Vachal)
Task: {F5A5EC96-C33F-4061-82AF-2AE28A070F5D} - \Microsoft\Windows\Setup\gwx\rundetector -> Keine Datei <==== ACHTUNG
Task: {F5C79687-FED6-4358-80DD-EB35B30F07E1} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {FFF0F916-CFB6-4E1A-A117-F3200F1539F1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\AbelssoftPreloader.job => C:\Program Files\WashAndGo\AbelssoftPreloader.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3539214255-4280287789-3925056074-1000Core.job => C:\Users\Ernst\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3539214255-4280287789-3925056074-1000UA.job => C:\Users\Ernst\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 07:44 - 2015-10-30 07:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-05-13 17:04 - 2016-01-29 12:14 - 00121792 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2010-09-18 10:13 - 2005-01-06 18:33 - 00116224 _____ () C:\WINDOWS\System32\redmonnt.dll
2013-06-28 14:12 - 2013-06-28 13:12 - 00024064 _____ () C:\WINDOWS\System32\ssj1mlm.dll
2015-10-18 15:55 - 2014-04-16 10:22 - 00025600 _____ () C:\WINDOWS\System32\usp02l.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 00073512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-15 15:57 - 2016-04-25 16:53 - 00110952 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\zlib1.dll
2014-09-15 15:57 - 2016-04-25 16:40 - 00104296 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2014-09-15 15:57 - 2016-04-25 16:41 - 00378728 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\stat.dll
2014-09-15 15:57 - 2016-04-25 16:40 - 00343400 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\collector.dll
2014-09-15 15:57 - 2016-04-25 16:40 - 00020328 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2014-09-15 15:57 - 2016-04-25 16:40 - 00044392 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-10-18 15:57 - 2014-11-26 13:07 - 00118576 _____ () C:\WINDOWS\system32\SecUPDUtilSvc.exe
2015-09-06 18:27 - 2015-01-12 15:55 - 00223600 _____ () C:\Program Files\Ashampoo\Ashampoo WinOptimizer 11\LiveTunerService.exe
2016-05-14 10:06 - 2016-03-29 11:37 - 01862008 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-30 07:45 - 2015-10-30 07:45 - 00164224 _____ () c:\windows\system32\WerEtw.dll
2016-05-14 10:06 - 2016-03-29 11:37 - 01862008 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-13 13:59 - 2016-02-13 13:59 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-14 10:06 - 2016-04-23 06:20 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-14 10:05 - 2016-04-23 06:05 - 05340672 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-14 10:05 - 2016-04-23 05:58 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-14 10:06 - 2016-04-23 05:58 - 02366976 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-14 10:07 - 2016-04-23 06:01 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7668 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:04 - 2015-03-16 20:19 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
HKU\S-1-5-21-3539214255-4280287789-3925056074-500-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-3539214255-4280287789-3925056074-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^Users^Ernst^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: DVAPTray => C:\Windows\System32\DVAPTray.exe
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
MSCONFIG\startupreg: eTMonitor => "C:\Program Files\Aladdin\eToken\PKIClient\x32\PKIMonitor.exe"
MSCONFIG\startupreg: FreePDF Assistant => C:\Program Files\FreePDF_XP\fpassist.exe
MSCONFIG\startupreg: iCloudServices => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NBKeyScan => "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe"
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\StartupApproved\StartupFolder: => "PHOTOfunSTUDIO 6.3 HD Lite Edition.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Microsoft Office.lnk"
HKLM\...\StartupApproved\Run: => "Ashampoo WinOptimizer Live-Tuner2"
HKLM\...\StartupApproved\Run: => "G Data ASM"
HKLM\...\StartupApproved\Run: => "GDFirewallTray"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run: => "PDFPrint"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\StartupApproved\Run: => "Dropbox Update"
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\StartupApproved\Run: => "iFunBox Fast App Install Handler"
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\StartupApproved\Run: => "PicPick Start"
HKU\S-1-5-21-3539214255-4280287789-3925056074-1000\...\StartupApproved\Run: => "MyDriveConnect.exe"

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [{0DDE0ADD-AEA2-4E64-BB4F-7DE638A91F1D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BF9A1D63-C00A-4798-A84F-E25386A95D96}] => (Allow) C:\Program Files\Plex\Plex Media Server\PlexDlnaServer.exe
FirewallRules: [{472E1F73-FB07-44A1-85E7-9E619DE40BDA}] => (Allow) C:\Program Files\Plex\Plex Media Server\PlexScriptHost.exe
FirewallRules: [{A6995E42-462D-4B03-9AE8-F7124FD80150}] => (Allow) C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe
FirewallRules: [{E6DD662F-B505-4D5B-A8DE-468A2C4F3604}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{03559A2E-75EC-4C7F-BA43-3F6D20A09699}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FC472B0C-B6DA-4663-A6B2-BDE1F7BEF309}] => (Allow) C:\Program Files\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe
FirewallRules: [{3E1F6801-CB4F-43DC-89DC-9237D8C2A40C}] => (Allow) D:\fsetup.exe
FirewallRules: [{68800411-AEFC-406C-8383-CAB1BF12EE47}] => (Allow) D:\fsetup.exe
FirewallRules: [{C369B193-7561-4E3D-A91A-A102A443E3F3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{71E96D00-086F-4108-B9C1-AEC32937B768}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{549278F8-520B-44BA-AE7D-A075BBDE3124}] => (Allow) E:\Program Files\Audials\Audials 12\Audials.exe
FirewallRules: [{19BF172D-96E2-47BE-857A-CBE20DA7C973}] => (Allow) LPort=31931
FirewallRules: [{4889EE94-DC1C-4CB7-BA86-9CCCA305620A}] => (Allow) LPort=14714
FirewallRules: [{41F1E003-9E44-4C4A-B7A3-E19923E0C2BF}] => (Allow) LPort=12972
FirewallRules: [{1707B53F-8F99-47FD-8B34-F0CB1BDFACC4}] => (Allow) C:\Program Files\Audials\Audials 11\Audials.exe
FirewallRules: [{910A795A-66A4-4936-ABB4-BABB5F39CFF4}] => (Allow) LPort=1900
FirewallRules: [{75020967-E3C2-400D-B55C-A979DEB023DA}] => (Allow) LPort=2869
FirewallRules: [{38524A6E-CB30-4E3F-97A5-97EC38210625}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{9D00BBFB-06CB-43E6-8A68-1878BE8F65D4}C:\program files\fritz!\frifax32.exe] => (Allow) C:\program files\fritz!\frifax32.exe
FirewallRules: [TCP Query User{999AA3E9-4650-4048-B834-BA3D6BA2026B}C:\program files\fritz!\frifax32.exe] => (Allow) C:\program files\fritz!\frifax32.exe
FirewallRules: [{D4596064-8C94-417C-B780-602DE01C1950}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [UDP Query User{90A3A3E7-C2AB-4C82-9618-65004CEBDD67}C:\users\ernst\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ernst\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{4BDE8623-0300-40FA-B3AA-413AC168E6A8}C:\users\ernst\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\ernst\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{1546608D-C02D-40DF-BE58-93992E1A9FD1}] => (Allow) C:\Users\Ernst\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{629D9513-6A11-4DF3-94CA-433646DD7BBD}] => (Allow) C:\Users\Ernst\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FEE88298-8934-4F6F-9371-4F9E041E7E6F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0B6906FE-5419-49B8-B9A3-A1C7AC63D029}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{050AD8A8-AA77-4854-B6A9-59CA0D3CDF80}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [TCP Query User{A739ABBB-6D20-4826-B9D9-71852D4D700F}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{F9615484-6C67-4118-85B8-4822CA68188F}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{76C651F8-7BF6-41F5-9560-B6203638682A}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{BE8ECD78-D56C-43E4-880C-0FC07E4A9550}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{31D71CF0-E360-4ABB-991E-E4476581AA56}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{E89BB41A-91F1-4DC1-99C6-FC45700A2354}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{A645B862-99F9-4C83-B905-5CF25A527765}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [UDP Query User{2C61D6CB-4099-4478-AA11-9168ABFC37EB}C:\windows\system32\wfs.exe] => (Block) C:\windows\system32\wfs.exe
FirewallRules: [TCP Query User{A2F1005A-C687-4B70-B0EF-2291A68D48B5}C:\windows\system32\wfs.exe] => (Block) C:\windows\system32\wfs.exe
FirewallRules: [UDP Query User{849D6DB9-29DD-4457-B37F-BF026A417E86}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{D2318EC5-6B3B-44DA-BB1D-28C4849691B0}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{A56C8C6A-6308-4C6E-8D5C-8B52EE124DF7}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe
FirewallRules: [TCP Query User{15975A09-6F7A-4A0A-B89C-4AAD45C384A3}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe
FirewallRules: [UDP Query User{DD5126E1-B430-48F2-96AB-D114037F8B3E}C:\program files\nero\nero 7\nero home\nerohome.exe] => (Block) C:\program files\nero\nero 7\nero home\nerohome.exe
FirewallRules: [TCP Query User{C0BE8010-5EB3-424D-95AD-8ACC77393CA4}C:\program files\nero\nero 7\nero home\nerohome.exe] => (Block) C:\program files\nero\nero 7\nero home\nerohome.exe
FirewallRules: [{36C3DB1E-79FD-4DA6-B123-FB6616BFE3C6}] => (Allow) D:\NeroExpress\Installation\SetupX.exe
FirewallRules: [{FBE64AD7-26C2-42E4-9C3C-971BBFF9786C}] => (Allow) D:\NeroExpress\Installation\SetupX.exe
FirewallRules: [UDP Query User{B86DF262-35FB-4223-8479-F27B66C54127}C:\program files\ws_ftp\ws_ftp95.exe] => (Block) C:\program files\ws_ftp\ws_ftp95.exe
FirewallRules: [TCP Query User{080F6A03-99D3-4663-B963-880584C950DD}C:\program files\ws_ftp\ws_ftp95.exe] => (Block) C:\program files\ws_ftp\ws_ftp95.exe
FirewallRules: [{60C8D496-7AAF-4BCA-B415-5EEBC71F9A5A}] => (Allow) E:\Program Files\Pinnacle\Studio 11\programs\umi.exe
FirewallRules: [{7FCB8A21-A319-4E41-8A24-4DBC8CC1C6B6}] => (Allow) E:\Program Files\Pinnacle\Studio 11\programs\umi.exe
FirewallRules: [{6E822718-0DF3-4F1E-B617-712747A436F8}] => (Allow) E:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe
FirewallRules: [{27E09C16-924D-4370-8A6D-EFAC87B56C45}] => (Allow) E:\Program Files\Pinnacle\Studio 11\programs\PMSRegisterFile.exe
FirewallRules: [{A35C937C-C653-407E-A154-B001FE6ECD65}] => (Allow) E:\Program Files\Pinnacle\Studio 11\programs\Studio.exe
FirewallRules: [{E4611160-CD3E-4B61-BDA5-5F9071CE8551}] => (Allow) E:\Program Files\Pinnacle\Studio 11\programs\Studio.exe
FirewallRules: [{BC60A0D5-B6A9-4A76-B728-1299EA3BE491}] => (Allow) E:\Program Files\Pinnacle\Studio 11\programs\RM.exe
FirewallRules: [{2A7E9954-701E-48E4-B0C6-BA4C424FA9C1}] => (Allow) E:\Program Files\Pinnacle\Studio 11\programs\RM.exe
FirewallRules: [{8B827819-153B-4CBA-967C-FE6BD54C3565}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{3DADF51D-5E1D-4044-996D-0EE419711A26}] => (Allow) C:\Users\Ernst\AppData\Local\Temp\7zS006E\hppiw.exe
FirewallRules: [{44C35D45-BC6E-45AF-B1B9-1C4F94290266}] => (Allow) C:\Users\Ernst\AppData\Local\Temp\7zS006E\hppiw.exe
FirewallRules: [{DCDA7746-D702-4B90-ADBE-F2137DAE7479}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B2683BB3-898B-4ECF-832B-6D6C77721030}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B8C53DF3-5B5E-402C-9B91-20DADAD63E2A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F5B508A6-C12A-4E2E-B224-61B798152783}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{3E87A09B-F8D8-4322-B0E3-1A17C73C5224}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{84941DA4-1738-43F5-B74B-0B16B084C6BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Wiederherstellungspunkte =========================

29-05-2016 17:10:07 mit neuer netzkarte

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/30/2016 01:57:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.10586.306, Zeitstempel: 0x571af5c4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x19fc
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (05/30/2016 01:56:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.10586.306, Zeitstempel: 0x571af5c4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1918
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (05/30/2016 01:55:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.10586.306, Zeitstempel: 0x571af5c4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x14e8
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (05/30/2016 01:53:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.10586.306, Zeitstempel: 0x571af5c4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x10e4
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (05/30/2016 01:52:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.10586.306, Zeitstempel: 0x571af5c4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1c3c
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (05/30/2016 01:51:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.10586.306, Zeitstempel: 0x571af5c4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1a1c
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (05/30/2016 01:50:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 10.0.10586.306, Zeitstempel: 0x571af5c4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1f08
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Vollständiger Name des fehlerhaften Pakets: explorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: explorer.exe5

Error: (05/30/2016 01:49:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 10.0.10586.306, Zeitstempel: 0x571af5c4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x142c
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (05/30/2016 01:44:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d73f
Name des fehlerhaften Moduls: ESENT.dll, Version: 10.0.10586.212, Zeitstempel: 0x56fa1470
Ausnahmecode: 0xc0000602
Fehleroffset: 0x0025088c
ID des fehlerhaften Prozesses: 0xb8c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (05/30/2016 01:44:48 PM) (Source: ESENT) (EventID: 908) (User: )
Description: svchost (2956) Der Prozess wird aufgrund eines nicht behebbaren Fehlers beendet: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1054(tm.cxx:1630): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS)


Systemfehler:
=============
Error: (05/30/2016 01:46:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (05/30/2016 01:44:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "StateRepository-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/30/2016 01:44:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_5bf88" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/30/2016 10:32:40 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: ELINEU)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \S-1-5-21-3539214255-4280287789-3925056074-1000-1-ntuser.dat

Error: (05/30/2016 10:31:57 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: ELINEU)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \S-1-5-21-3539214255-4280287789-3925056074-1000-0-ntuser.dat

Error: (05/30/2016 10:25:13 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (05/30/2016 10:24:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (05/30/2016 10:24:01 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1366f6a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/30/2016 10:23:59 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (05/30/2016 10:23:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-05-29 11:36:38.562
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-15 11:19:09.484
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-14 10:46:27.197
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-14 10:13:44.969
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-13 18:15:38.716
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-13 17:26:42.273
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-13 17:02:46.704
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: AMD Phenom(tm) 8650 Triple-Core Processor
Prozentuale Nutzung des RAM: 51%
Installierter physikalischer RAM: 3327.55 MB
Verfügbarer physikalischer RAM: 1612.5 MB
Summe virtueller Speicher: 12155.55 MB
Verfügbarer virtueller Speicher: 9976.1 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:195.68 GB) (Free:35.38 GB) NTFS
Drive e: (Platte E) (Fixed) (Total:269.54 GB) (Free:143.51 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C4BE7463)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)
Partition 4: (Not Active) - (Size=269.5 GB) - (Type=05)

==================== Ende vom Addition.txt ============================

================

deeprybka · 30.05.2016, 16:14

Welches Image? Von einer sauberen Neuinstallation oder ein Backup nach einiger Zeit?
Ich nur Malwarefuzzy, wenn PC sauber und trotzdem noch mit Problemen, nicht meine Baustelle.

Jetzt bitte Suchscan durchführen:

Schritt 1

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Erlu · 31.05.2016, 16:10

Eset log

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=71eefafd6a3fd1469c412b81b8693a7a
# end=init
# utc_time=2016-05-30 03:53:58
# local_time=2016-05-30 05:53:58 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 29635
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=71eefafd6a3fd1469c412b81b8693a7a
# end=updated
# utc_time=2016-05-30 03:56:37
# local_time=2016-05-30 05:56:37 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=71eefafd6a3fd1469c412b81b8693a7a
# engine=29635
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-05-30 04:46:12
# local_time=2016-05-30 06:46:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 99 16347 4844330 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 9265716 18446497 0 0
# scanned=72697
# found=0
# cleaned=0
# scan_time=2974
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=71eefafd6a3fd1469c412b81b8693a7a
# end=init
# utc_time=2016-05-31 05:25:47
# local_time=2016-05-31 07:25:47 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 29641
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=71eefafd6a3fd1469c412b81b8693a7a
# end=updated
# utc_time=2016-05-31 05:27:02
# local_time=2016-05-31 07:27:02 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=71eefafd6a3fd1469c412b81b8693a7a
# engine=29641
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-05-31 10:40:10
# local_time=2016-05-31 12:40:10 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 99 80785 4908768 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 9326554 18510935 0 0
# scanned=656887
# found=11
# cleaned=0
# scan_time=18788
sh=130EC5E63E1FD3A29404D07BFEC63518AFC5FCDB ft=1 fh=d4fa12624febd5ba vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Ernst\Downloads\AllDup - CHIP-Installer.exe"
sh=CAEAB2837E5D0B84CE71078D864A23992ADDF4BE ft=1 fh=3ac3feb2d81c8c4a vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Ernst\Downloads\Bonjour - CHIP-Installer.exe"
sh=2C5F18A59D6DBD9CD90140859939FAED66458C73 ft=1 fh=a58e82926f1f9b89 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Ernst\Downloads\Greenpoison Greenpois0n - CHIP-Installer.exe"
sh=D4B65772F45FF1EE160121ABD68B98D200323575 ft=1 fh=5c3bae385ee49c7c vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Ernst\Downloads\PDF XChange Viewer - CHIP-Installer.exe"
sh=00BF1424336AD85DAFC1EB9C66C89AFFA4674A79 ft=1 fh=881744f74e50c872 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Ernst\Downloads\PDF24 Creator - CHIP-Installer.exe"
sh=B90F1DB95DCE78AF25481CB8F250AFE705ABDEF4 ft=1 fh=18f83873a12d6cd4 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Ernst\Downloads\PicPick - CHIP-Installer.exe"
sh=E51FB5A71122C830DB0C6164DA545938E82FFB44 ft=1 fh=978e2a08d5389026 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Ernst\Downloads\Seas0nPass - CHIP-Installer.exe"
sh=CB0FFB408870C6D10B9A1CB82FC4AC0A36312DD4 ft=1 fh=9dda181afbd8ec45 vn="Win32/Solvusoft.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Ernst\Downloads\Setup_FileViewPro_2015.exe"
sh=693B257F9F0D15F03A595D60C3AABE8B6CCD66CF ft=1 fh=32c5a383d522ea39 vn="Variante von Win32/OutBrowse.CL evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Windows.old\Users\Ernst\AppData\Local\temp\2H5Of1ql\setup.exe"
sh=25EFC5F0778A51028FF49B40816F17F841C166E7 ft=1 fh=b79ba7112d2a946c vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Windows.old\Users\Ernst\AppData\Local\temp\DMR\dmr_72.exe"
sh=4101270357B096EF454463D13581E3D123C60560 ft=1 fh=2a17fddd6cb742ea vn="Variante von Win32/InstallCore.ACL evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Windows.old\Users\Ernst\AppData\Local\temp\in2D50166B\2DDA7773_stp\RAM.dll"

.txt

Das Image wurde kurz nach dem Update Win7-Win 10 erstellt. Wenn es installiert wird, funktioniert alles wunderbar- nach einigen Tagen fängt dann das problem mit dem Explorer etc. an.

deeprybka · 31.05.2016, 18:08

Offensichtlich kann Malware als Ursache ausgeschlossen werden.

Lesestoff zum Downloadverhalten:
CHIP-Installer - was ist das? - Anleitungen

Win 10: Old Explorer unterbricht in kurzen Abständen

Log-Analyse und Auswertung: Win 10: Old Explorer unterbricht in kurzen Abständen