Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Weiterleitungsvirus Firefox (https://www.trojaner-board.de/174977-weiterleitungsvirus-firefox.html)

xiao80 11.01.2016 11:19
Weiterleitungsvirus Firefox
 
Liebe Forum-Mitglieder,

ich hoffe sehr auf eure Hilfe :) Ich habe seit Gestern Abend einen Weiterleitungsvirus beim Firefox den ich einfach nicht loswerde.

Ich werde auf andere Seiten umgeleitet, außerdem ploppen Werbebanner links, oben und rechts auf.

Ich habe malwarebytes, SuperAntiSpyware und Defender durchlaufen lassen, es wird auch jedes Mal was gefunden und gelöscht, allerdings kommt es immer wieder zurück.

Für Hilfe wäre ich sehr dankbar und bedanke mich schon im Voraus!:lach:

cosinus 11.01.2016 11:21
Hi,

bitte alle vorhandenen Logs von Malwarebytes etc. posten.


Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

xiao80 11.01.2016 11:59
ich mache mich gleich auf die suche :)

hier ist schon mal das von SUPERAntiSpyware, Malwarebytes habe ich auch gerade durchlaufen lassen, hat aber nichts gefunden :(

Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 01/11/2016 at 11:58 AM

Application Version : 6.0.1210
Database Version : 12318

Scan type      : Quick Scan
Total Scan Time : 00:01:14

Operating System Information
Windows 10 Home 64-bit (Build 10.00.10586)
UAC On - Limited User

Memory items scanned      : 945
Memory threats detected  : 0
Registry items scanned    : 74719
Registry threats detected : 0
File items scanned        : 8445
File threats detected    : 22

Adware.Tracking Cookie
        .srv1.srv-stat.com [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        .srv1.srv-stat.com [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        .scorecardresearch.com [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        .scorecardresearch.com [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        esol.enigma.revenuewire.net [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        esol.enigma.revenuewire.net [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        .criteo.com [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        .adnxs.com [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        .network.adsmarket.com [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        .network.adsmarket.com [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        .336265337.log.optimizely.com [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        .n159adserv.com [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        .adnxs.com [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        .n159adserv.com [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        .criteo.com [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        .criteo.com [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        .criteo.com [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        .criteo.com [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        .adnxs.com [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        .enigma.revenuewire.net [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]
        .track.rqtzz.com [ C:\USERS\XIAOSHU\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\656NQXA8.DEFAULT\COOKIES.SQLITE ]

============
 End of Log
============

cosinus 11.01.2016 12:09
Du hast eben gesagt Malwarebytes sei fündig geworden. Schau bitte richtig im Verlauf nach dem Log.

xiao80 11.01.2016 19:33
Ja gestern Abend hatte malwarebytes was gefunden, heute dann nicht mehr.

Das ist das Protokoll von Gestern

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 10.01.2016
Suchlaufzeit: 08:04
Protokolldatei:
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2016.01.09.05
Rootkit-Datenbank: v2016.01.09.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Xiaoshu

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 370103
Abgelaufene Zeit: 5 Min., 29 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 6
PUP.Optional.Yontoo, C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd\PluginContainer.exe, 13276, Löschen bei Neustart, [8a0fbd7a2b6edc5aa1da18774bb6e818]
PUP.Optional.Yontoo, C:\Program Files (x86)\Common Files\653ac11b-b606-42c5-b357-bca0fd28d1cd\Updater.exe, 11592, Löschen bei Neustart, [9ffa33046633999d2d4e830cf70a53ad]
PUP.Optional.Yontoo, C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd\plugins\8\Plugin.exe, 8688, Löschen bei Neustart, [74251a1d4a4fc86e59225e31c23f20e0]
PUP.Optional.Yontoo, C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd\plugins\2\Plugin.exe, 2884, Löschen bei Neustart, [cbce8cabbbded26489f2345b11f04ab6]
PUP.Optional.Yontoo, C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd\plugins\12\Plugin.exe, 11064, Löschen bei Neustart, [86130d2a831663d337448c03cb36857b]
PUP.Optional.Yontoo, C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd\plugins\12\Plugin.exe, 6512, Löschen bei Neustart, [86130d2a831663d337448c03cb36857b]

Module: 1
PUP.Optional.Yontoo, C:\Users\Xiaoshu\AppData\Local\Temp\{98B90879-1858-48EA-ABEB-BAB222680092}.dll, Löschen bei Neustart, [b5e470c7c1d876c0bfbce0af748de31d],

Registrierungsschlüssel: 24
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Service Mgr DiscoveryApp, In Quarantäne, [8a0fbd7a2b6edc5aa1da18774bb6e818],
PUP.Optional.Yontoo, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Mgr DiscoveryApp, In Quarantäne, [9ffa33046633999d2d4e830cf70a53ad],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\CLSID\{E104B9E4-01BA-4AAF-9957-6A525CC5451A}, In Quarantäne, [930697a0edac989e311c044729d98f71],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E104B9E4-01BA-4AAF-9957-6A525CC5451A}, In Quarantäne, [930697a0edac989e311c044729d98f71],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E104B9E4-01BA-4AAF-9957-6A525CC5451A}, In Quarantäne, [930697a0edac989e311c044729d98f71],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, In Quarantäne, [267347f08b0e1f17ce7ee269936faa56],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, In Quarantäne, [267347f08b0e1f17ce7ee269936faa56],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{ba32987d-db80-4ccb-a8bb-f812b5421c0f}, In Quarantäne, [8d0c2b0c6633b87eb76a532b39c9ed13],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{ba32987d-db80-4ccb-a8bb-f812b5421c0f}, In Quarantäne, [8d0c2b0c6633b87eb76a532b39c9ed13],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\TYPELIB\{23d34738-e43f-455b-b9fe-56968533500d}, In Quarantäne, [8d0c2b0c6633b87eb76a532b39c9ed13],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAF8EEB4-71A2-41DA-B91C-6E2904B188CA}, In Quarantäne, [8d0c2b0c6633b87eb76a532b39c9ed13],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAF8EEB4-71A2-41DA-B91C-6E2904B188CA}, In Quarantäne, [8d0c2b0c6633b87eb76a532b39c9ed13],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EAF8EEB4-71A2-41DA-B91C-6E2904B188CA}, In Quarantäne, [8d0c2b0c6633b87eb76a532b39c9ed13],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{23d34738-e43f-455b-b9fe-56968533500d}, In Quarantäne, [8d0c2b0c6633b87eb76a532b39c9ed13],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{23d34738-e43f-455b-b9fe-56968533500d}, In Quarantäne, [8d0c2b0c6633b87eb76a532b39c9ed13],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{BA32987D-DB80-4CCB-A8BB-F812B5421C0F}, In Quarantäne, [8d0c2b0c6633b87eb76a532b39c9ed13],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, In Quarantäne, [06931e19f2a7cb6bdd73d77447bb0af6],
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, In Quarantäne, [06931e19f2a7cb6bdd73d77447bb0af6],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Discovery App, In Quarantäne, [366344f33b5ea393b8c3365938c94bb5],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\LenovoBrowserGuard, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\DiscoveryApp, In Quarantäne, [089186b1eaafc175b3abc54dda2ac937],
PUP.Optional.LenovoBrowserGuard, HKLM\SOFTWARE\WOW6432NODE\LenovoBrowserGuard, In Quarantäne, [88114beca1f8e55163bfa3818b79a45c],
PUP.Optional.InstallCore, HKU\S-1-5-21-4290222576-957381668-3853716905-1001\SOFTWARE\ICSW1.17, In Quarantäne, [d5c4dd5a1c7db97de295aa107192649c],
PUP.Optional.ProductSetup, HKU\S-1-5-21-4290222576-957381668-3853716905-1001\SOFTWARE\PRODUCTSETUP, In Quarantäne, [2f6a1a1dfd9c2f07ce9f8f3b788b7f81],

Registrierungswerte: 5
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\DISCOVERY APP|URLInfoAbout, hxxp://www.ratediscoverymarket.com/support, In Quarantäne, [fa9f9e998316c5712f3022f073917987]
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\LENOVOBROWSERGUARD|Publisher, ClientConnect LTD, In Quarantäne, [138671c6bcddf145cf55f52f5fa5d927]
PUP.Optional.PluginContainer, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Service Mgr DiscoveryApp|ImagePath, "C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd\plugincontainer.exe", In Quarantäne, [158449ee5b3e61d5db55c305946fda26]
PUP.Optional.Updater, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Mgr DiscoveryApp|ImagePath, "C:\Program Files (x86)\Common Files\653ac11b-b606-42c5-b357-bca0fd28d1cd\updater.exe", In Quarantäne, [d0c98baccbce2214af5f38a2c73cb24e]
PUP.Optional.ProductSetup, HKU\S-1-5-21-4290222576-957381668-3853716905-1001\SOFTWARE\PRODUCTSETUP|tb, In Quarantäne, [2f6a1a1dfd9c2f07ce9f8f3b788b7f81],

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 30
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\rep, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\Main, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\Main\bin, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\Main\rep, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\bin, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\rep, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.Yontoo, C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd, Löschen bei Neustart, [ff9a22159aff94a2f3de457aba481ce4],
PUP.Optional.Yontoo, C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd\plugins, Löschen bei Neustart, [ff9a22159aff94a2f3de457aba481ce4],
PUP.Optional.Yontoo, C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd\plugins\12, Löschen bei Neustart, [ff9a22159aff94a2f3de457aba481ce4],
PUP.Optional.Yontoo, C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd\plugins\12\resources, In Quarantäne, [ff9a22159aff94a2f3de457aba481ce4],
PUP.Optional.Yontoo, C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd\plugins\2, Löschen bei Neustart, [ff9a22159aff94a2f3de457aba481ce4],
PUP.Optional.Yontoo, C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd\plugins\8, Löschen bei Neustart, [ff9a22159aff94a2f3de457aba481ce4],
PUP.Optional.Yontoo, C:\Program Files (x86)\Common Files\653ac11b-b606-42c5-b357-bca0fd28d1cd, Löschen bei Neustart, [b8e14becb9e044f26969833c07fbc63a],
PUP.Optional.Yontoo, C:\Program Files (x86)\Discovery App, In Quarantäne, [bedbaa8d6138f640745ffcc35ea4f907],
PUP.Optional.Yontoo, C:\Program Files (x86)\Discovery App\Extensions, In Quarantäne, [bedbaa8d6138f640745ffcc35ea4f907],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Users\Xiaoshu\AppData\Local\LenovoBrowserGuard, In Quarantäne, [5c3d76c14b4ee55176862a9859a9ab55],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Users\Xiaoshu\AppData\Local\LenovoBrowserGuard\LenovoBrowserGuard, In Quarantäne, [5c3d76c14b4ee55176862a9859a9ab55],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Users\Xiaoshu\AppData\Local\LenovoBrowserGuard\LenovoBrowserGuard\rep, In Quarantäne, [5c3d76c14b4ee55176862a9859a9ab55],

Dateien: 90
PUP.Optional.Yontoo, C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd\PluginContainer.exe, Löschen bei Neustart, [8a0fbd7a2b6edc5aa1da18774bb6e818],
PUP.Optional.Yontoo, C:\Program Files (x86)\Common Files\653ac11b-b606-42c5-b357-bca0fd28d1cd\Updater.exe, Löschen bei Neustart, [9ffa33046633999d2d4e830cf70a53ad],
PUP.Optional.Yontoo, C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd\plugins\8\Plugin.exe, Löschen bei Neustart, [74251a1d4a4fc86e59225e31c23f20e0],
PUP.Optional.Yontoo, C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd\plugins\2\Plugin.exe, Löschen bei Neustart, [cbce8cabbbded26489f2345b11f04ab6],
PUP.Optional.Yontoo, C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd\plugins\12\Plugin.exe, Löschen bei Neustart, [86130d2a831663d337448c03cb36857b],
PUP.Optional.Yontoo, C:\Users\Xiaoshu\AppData\Local\Temp\{98B90879-1858-48EA-ABEB-BAB222680092}.dll, Löschen bei Neustart, [b5e470c7c1d876c0bfbce0af748de31d],
PUP.Optional.Yontoo, C:\Program Files (x86)\Discovery App\Extensions\ba32987d-db80-4ccb-a8bb-f812b5421c0f.dll, In Quarantäne, [8d0c2b0c6633b87eb76a532b39c9ed13],
PUP.Optional.Yontoo, C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd\plugins\12\resources\plugin.dll, In Quarantäne, [3e5b71c69108b77f8eedc7c80df4fc04],
PUP.Optional.InstallCore, C:\Users\Xiaoshu\AppData\Roaming\0B1L1H1F0M1P1Q1L1T\Your download is ready Packages\uninstaller.exe, In Quarantäne, [e6b305323267a88ecd709999fa07cc34],
PUP.Optional.Yontoo, C:\Program Files (x86)\Discovery App\Uninstaller.exe, In Quarantäne, [366344f33b5ea393b8c3365938c94bb5],
PUP.Optional.Yontoo, C:\Users\Xiaoshu\AppData\Local\Temp\{2A5C95F7-5EF8-496B-ADA1-C5C1DF753D66}.dll, In Quarantäne, [afea3502e8b16fc71a61a9e6f50cc838],
PUP.Optional.Yontoo, C:\Users\Xiaoshu\AppData\Local\Temp\{616D1C5D-4CC2-4482-9686-D3579CEE7E01}.dll, In Quarantäne, [7f1a8cabcdcc56e05b20840b22df43bd],
PUP.Optional.InstallCore, C:\Users\Xiaoshu\Downloads\install(1).exe, In Quarantäne, [d0c9f93e14853ff7f4c753f835ccd828],
PUP.Optional.AdPeak, C:\Users\Xiaoshu\Downloads\install.exe, In Quarantäne, [aeebfd3ae4b52b0b2a0c671315ec9070],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\EULA.txt, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\cltmng.exe, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPTool64.exe, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32.dll, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC64.dll, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\SPTool.dll, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\Main\bin\uninstall.exe, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\Main\rep\SystemRepository.dat, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\bin\cltmngui.exe, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble\bubble.css, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble\bubble.html, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble\bubble.js, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\bubble\defaults.js, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\btnSilverBig.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\hez.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\Apply-default.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\Apply-onclick.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\Apply-Rollover.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\bg-with-logo.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\bg.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\bgNotif.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\bgSettings.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\bgUninstall.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\btnBlue.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\btnClose.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\btnSilver.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\btnSilverMed.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\checkbox.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\checkbox_checked.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\checkbox_def.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\close-win-def.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\close-win-over-click.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\gray-bg.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\hez-def.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\hez-selected.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\icon-win.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\info-icon.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\menu-rollover.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\menu-selected.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\radio-button-def.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\radio-button-selected.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\radio-button.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\radio-button2.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\Settings-icon.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\text-field.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\v.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\Images\x.png, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\defaults.js, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\dialogUtils.js, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\jquery.1.7.1.min.js, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\json2.min.js, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\main.js, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\libs\SPDialogAPI.js, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection\defaults.js, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection\protection.css, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection\protection.html, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protection\protection.js, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS\defaults.js, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS\protectionDS.css, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS\protectionDS.html, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\protectionDS\protectionDS.js, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings\defaults.js, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings\settings.css, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings\settings.html, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\settings\settings.js, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall\defaults.js, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall\uninstall.css, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall\uninstall.html, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Program Files (x86)\LenovoBrowserGuard\UI\dialogs\uninstall\uninstall.js, In Quarantäne, [17821f183168e65060c3b96bde26cb35],
PUP.Optional.Yontoo, C:\ProgramData\653ac11b-b606-42c5-b357-bca0fd28d1cd\temp, In Quarantäne, [ff9a22159aff94a2f3de457aba481ce4],
PUP.Optional.Yontoo, C:\Program Files (x86)\Discovery App\7za.exe, In Quarantäne, [bedbaa8d6138f640745ffcc35ea4f907],
PUP.Optional.Yontoo, C:\Program Files (x86)\Discovery App\Extensions\ahckhjibgfpddoogbomdemiekkalmema.crx, In Quarantäne, [bedbaa8d6138f640745ffcc35ea4f907],
PUP.Optional.Yontoo, C:\Program Files (x86)\Discovery App\Extensions\{6b685626-86b6-4571-9c6a-ca69e6446965}.xpi, In Quarantäne, [bedbaa8d6138f640745ffcc35ea4f907],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Users\Xiaoshu\AppData\Local\LenovoBrowserGuard\LenovoBrowserGuard\rep\UserRepository.dat, In Quarantäne, [5c3d76c14b4ee55176862a9859a9ab55],
PUP.Optional.LenovoBrowserGuard.PrxySvrRST, C:\Users\Xiaoshu\AppData\Local\LenovoBrowserGuard\LenovoBrowserGuard\rep\UserSettings.dat, In Quarantäne, [5c3d76c14b4ee55176862a9859a9ab55],
PUM.Optional.FireFoxSearchOverride, C:\Users\Xiaoshu\AppData\Roaming\Mozilla\Firefox\Profiles\656nqxa8.default\user.js, In Quarantäne, [d5c48fa8b5e485b15b77914309fb7987],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
Und das ist das Protokoll von eben

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 11.01.2016
Suchlaufzeit: 01:33
Protokolldatei:
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.01.10.03
Rootkit-Datenbank: v2016.01.09.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Xiaoshu

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 365217
Abgelaufene Zeit: 3 Min., 37 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

cosinus 11.01.2016 19:56
Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


xiao80 11.01.2016 21:00
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
durchgeführt von Xiaoshu (2016-01-11 20:58:26)
Gestartet von C:\Users\Xiaoshu\Downloads
Windows 10 Home (X64) (2015-12-29 03:00:50)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4290222576-957381668-3853716905-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4290222576-957381668-3853716905-503 - Limited - Disabled)
Gast (S-1-5-21-4290222576-957381668-3853716905-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4290222576-957381668-3853716905-1003 - Limited - Enabled)
Xiaoshu (S-1-5-21-4290222576-957381668-3853716905-1001 - Administrator - Enabled) => C:\Users\Xiaoshu

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Benutzerhandbücher (x32 Version: 3.0.0.3 - Lenovo) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
Energy Manager (x32 Version: 1.0.0.35 - Lenovo) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.2.1000 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.2.69 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) 4.0 (HKLM-x32\...\{C23B292D-2656-4A05-97D5-41FDC040158C}) (Version: 3.0.1342.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7e493493-a430-4b7b-b8a2-48d61599e220}) (Version: 17.0.0 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{E9325F15-6339-45E8-9DC4-C2D44B623039}) (Version: 2.5.1.0224 - PointGrab)
Lenovo Motion Control (x32 Version: 2.5.1.0224 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.4 - Lenovo)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.0.13.10181 - Lenovo)
Lenovo Yoga 2 Demo (HKLM-x32\...\{03C682A4-05CD-4D22-B50A-B9C3C5F2B137}) (Version: 1.0.7 - Lenovo)
Lenovo Yoga PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.1.9.5 - Lenovo)
Lenovo Yoga PhoneCompanion (x32 Version: 1.1.9.5 - Lenovo) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.6366.2036 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Nitro Pro 9 (HKLM\...\{4C32F7E8-A65F-4D3C-9153-9F3B57CB6872}) (Version: 9.0.5.9 - Nitro)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1210 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Tencent QQMail Plugin (HKLM-x32\...\QQMailPlugin) (Version:  - )
tiptoi® Manager 3.0.9 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.0.9 - Ravensburger AG)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Yoga Picks (HKLM-x32\...\{267C8BA0-876B-4589-9F14-EFB84ABCEA7F}) (Version: 1.5.014.0106 - Lenovo)
Your download is ready Packages (HKU\S-1-5-21-4290222576-957381668-3853716905-1001\...\Your download is ready Packages) (Version:  - ) <==== ACHTUNG
腾讯QQ (HKLM-x32\...\{052CFB79-9D62-42E3-8A15-DE66C2C97C3E}) (Version: 7.5.15456.0 - 腾讯科技(深圳)有限公司)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4290222576-957381668-3853716905-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Xiaoshu\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02224701-469D-43AB-B3AB-97AED8C84181} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-12-04] (Microsoft Corporation)
Task: {03308CA0-16E1-45AB-AD85-97490BEE2383} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {0B0212FB-EEE8-43E0-B746-838A711905EE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {0F9E6E5A-EB33-47A6-99CA-89EA38805566} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {27AD8B1F-E79E-4891-A5BC-36E52D23B7F5} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {297204C6-E218-41DA-908C-28C5663DD6AD} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {300B8EFA-A9F5-4FB5-BFC4-0F6D57804F83} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-11] (Google Inc.)
Task: {4948ABF6-0C86-4C00-81ED-46FE353824C1} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {50042F44-7304-41B9-A9F2-DFA15591D624} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2014-08-21] (Lenovo)
Task: {673D2CE8-BBBE-4BF4-851A-0CE339F30751} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {793DCCA3-EA76-44A9-956F-AD1A5D6BD723} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-14] (Dropbox, Inc.)
Task: {86501CAF-6BF9-42A2-ADBE-AD82F248FB22} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-12-04] (Microsoft Corporation)
Task: {8CD0B0D8-A5B8-404C-995C-8B0292BCEBB8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {B23208F7-1CDC-45F8-A462-56E014DD91E4} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-12-16] (Microsoft Corporation)
Task: {BAFFCF4D-52F4-445B-9BEC-17EFC10BEC32} - System32\Tasks\SUPERAntiSpyware Scheduled Task 761a2c47-7d05-4e48-97a4-9621258d25e7 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {C26B14A5-71B9-4883-8DE1-30568EB1010B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-11] (Google Inc.)
Task: {C8D00D67-6746-45BD-AF51-22C86F63287A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {D2BD82FA-8621-4D03-803B-71BF5703C01C} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()
Task: {D2D41F86-3E9D-485A-8203-EA8D1A154830} - System32\Tasks\SUPERAntiSpyware Scheduled Task 1d196ce4-a2f8-49e7-a7fc-003ca6d6b193 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {D698D09E-39CA-4E87-B866-ACC104978131} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {D8BD0B53-90D4-44A1-B701-FFB6C9ED88D5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {FDC32BAA-7371-4679-BBA8-8EFE9243CAA8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-14] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 1d196ce4-a2f8-49e7-a7fc-003ca6d6b193.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 761a2c47-7d05-4e48-97a4-9621258d25e7.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-12-05 12:49 - 2015-12-04 03:52 - 00162472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2014-08-21 09:30 - 2012-04-24 11:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-08-21 09:30 - 2014-08-21 09:30 - 00061200 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2014-08-21 09:28 - 2014-01-06 14:14 - 00019440 _____ () C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
2014-08-21 09:30 - 2014-08-21 09:30 - 00815104 _____ () C:\Program Files\Lenovo Yoga PhoneCompanion\adb.exe
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00227328 _____ () C:\Windows\System32\mtf.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 00257024 _____ () C:\Windows\System32\mtfserver.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-29 19:46 - 2015-12-29 19:46 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-12-29 03:46 - 2015-12-29 03:46 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-08-21 09:30 - 2014-08-21 09:30 - 00294672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
2014-08-21 09:30 - 2014-08-21 09:30 - 00108304 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
2016-01-09 19:29 - 2016-01-09 19:29 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.36020.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-12-15 16:43 - 2015-12-15 16:43 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.36020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2014-02-24 15:39 - 2014-02-24 15:39 - 00013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll
2014-08-21 09:06 - 2013-09-16 11:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-12-29 19:46 - 2015-12-29 19:46 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-12-29 19:46 - 2015-12-29 19:47 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-12-16 17:29 - 2015-12-16 17:32 - 01064104 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll
2015-12-16 17:35 - 2015-12-16 17:37 - 00452776 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\msfad.dll
2014-08-21 09:30 - 2014-08-21 09:30 - 00102672 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\Config\1366\TransitionLib.dll
2014-08-21 09:30 - 2014-08-21 09:30 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Transition\LUpdatePackage.dll
2015-12-13 16:58 - 2015-10-31 01:59 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-13 16:58 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00022848 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Random.OSRNG.winrandom.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00023352 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util._counter.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00042296 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Cipher._AES.pyd
2015-12-13 16:58 - 2015-10-31 01:59 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-13 16:58 - 2015-10-31 01:59 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-13 16:58 - 2015-10-31 01:59 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-13 16:58 - 2015-10-31 02:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2015-12-13 16:58 - 2015-10-31 01:59 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-13 16:58 - 2015-12-08 22:36 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-13 16:58 - 2015-10-31 01:59 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-13 16:58 - 2015-10-31 02:00 - 00109520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 01737032 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2015-12-13 16:58 - 2015-10-31 02:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-13 16:58 - 2015-10-31 02:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-13 16:58 - 2015-10-31 02:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00021320 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-13 16:58 - 2015-10-31 02:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2015-12-13 16:58 - 2015-10-31 02:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-13 16:58 - 2015-10-31 02:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-13 16:58 - 2015-10-31 02:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-13 16:58 - 2015-10-31 02:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-13 16:58 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-13 16:58 - 2015-10-31 02:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2015-12-13 16:58 - 2015-10-31 02:00 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2015-12-13 16:58 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2015-10-01 10:12 - 2015-11-05 01:04 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2015-12-13 16:58 - 2015-12-08 22:36 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-13 16:58 - 2015-10-31 01:59 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2015-12-13 16:58 - 2015-10-31 01:59 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2015-12-13 16:58 - 2015-10-31 02:00 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00021304 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util.strxor.pyd
2015-12-13 16:58 - 2015-10-31 02:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2015-12-13 16:58 - 2015-12-08 22:36 - 01826608 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-13 16:58 - 2015-10-31 02:00 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 03891504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 01950000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00519984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00133936 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00225080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00486704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2015-12-13 16:58 - 2015-12-08 22:36 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-08-14 19:27 - 2015-10-31 02:01 - 00019920 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-08-14 19:27 - 2015-10-31 02:00 - 00786904 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-14 19:27 - 2015-10-31 02:00 - 00063448 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-08-14 19:27 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2014-08-21 09:30 - 2014-08-21 09:30 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll
2015-12-16 17:30 - 2015-12-16 17:30 - 00149160 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\JitV.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2015-12-16 12:33 - 00000860 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.1        mssplus.mcafee.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4290222576-957381668-3853716905-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Xiaoshu\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img2.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8D5A6A21-44B0-4C9E-869D-87B6A13B8837}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5B81D653-03A3-435F-B357-50820F52AE1F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{03E5BAC6-8309-493F-B448-6B62D47A0BBE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{A3128E1F-DA61-4671-9E98-70F4AF28858A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{52D0EA63-D561-41A8-A892-6B24D5FE629B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{767C5C9F-17BF-4C73-9C89-79F8FE3CC91F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{61BD990D-FF21-426D-9BED-D5A1971597B1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8C79EC58-ADA2-4599-A8DD-CD37BDC4F68E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{35732777-4E45-4581-A7B5-4667983DD6F7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3F5B7A89-88F3-404F-89DE-D58F5322B82C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DFC6585D-11E8-4D24-829E-B6D1C1D5C840}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C3631246-3EB3-412B-A4D8-D81D9CCD64D3}] => (Allow) C:\Users\Public\Documents\Tencent\QQGameMicro\QQGameMicro.exe
FirewallRules: [{C763A780-E1A7-4DBF-8D9C-A7CDD7CE1CD9}] => (Allow) C:\Users\Public\Documents\Tencent\QQGameMicro\IEProc.exe
FirewallRules: [{149ACD33-B75E-4DDD-9061-BF83461AC7BD}] => (Allow) C:\program files (x86)\common files\tencent\qqminidl\60\QQGameUpUI.exe
FirewallRules: [{7883CFCA-9419-4A84-8036-2A697E1013C8}] => (Allow) C:\program files (x86)\common files\tencent\qqminidl\60\QQMiniDLUI.exe
FirewallRules: [{30C8644B-A68F-438B-BA6B-361FA9684987}] => (Allow) C:\program files (x86)\common files\tencent\qqminidl\60\qqminidl.exe
FirewallRules: [{A4ECD58F-0454-47DC-B0F3-5F3C3CF80DC3}] => (Allow) C:\Program Files (x86)\Tencent\QzoneMusic\QzoneMusic.exe
FirewallRules: [{10A80852-FEB8-43CB-BF86-9C45AB8973FC}] => (Allow) C:\Program Files (x86)\Tencent\QzoneMusic\QzoneMusic.exe
FirewallRules: [{E9F67067-1407-4595-AF94-2350782DB65A}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\131\tencentdl.exe
FirewallRules: [{6B4DBAD4-5E27-487A-8DE1-32197CDD3B1E}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\131\bugreport_xf.exe
FirewallRules: [{673E42A1-8B3F-48B8-9C3B-F7664F802D1E}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\maUpdat.exe
FirewallRules: [{8C0780AB-FC7B-4693-8D39-D66B43856DE3}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\maLauncher.exe
FirewallRules: [{C438EBF1-94C8-4509-8833-68F82904C6C7}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\SetupEx\SetupEx.exe
FirewallRules: [{D1032E31-B1D5-4CB9-98AD-CC642FF5A876}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\txupd.exe
FirewallRules: [{C1BC2450-A04A-4E4E-A99E-B2339C2AB258}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\auclt.exe
FirewallRules: [{C2D6CC9C-583C-414A-BD35-EE2FD2962D07}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe
FirewallRules: [{0D519EBE-627C-4AE0-976B-E15854C8C5C4}] => (Allow) C:\Users\Xiaoshu\AppData\Roaming\Tencent\QQ\STemp\SetupEx0\QQSetupEx.exe
FirewallRules: [{59115985-2476-42B9-BFEF-5FA671DE748F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{46936976-0F27-4E85-9165-3D61ABD8BABC}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{836F3512-74E2-44B1-82D5-10E03DAD76A4}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{F1F0945E-917D-4307-AFE8-72A0A31C6CAB}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{669A88E1-D8B6-4152-BA40-1369B85329A0}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{C4382A12-BEF0-4E5B-B73D-370A4236DDF3}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{9731BB2F-222F-42EB-B2C4-B460CE618383}] => (Allow) LPort=55100
FirewallRules: [{7B37C685-4232-42FF-A7D2-82C235F1C4A7}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{58D21C4C-38C5-4ECD-AD8A-2FCA99BE3449}] => (Allow) C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe
FirewallRules: [{F48A1900-DBA0-4AF6-A9DD-E15B90B88A78}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/11/2016 08:08:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1156

Error: (01/11/2016 08:08:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1156

Error: (01/11/2016 08:03:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/11/2016 07:23:37 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220

Error: (01/10/2016 07:21:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1156

Error: (01/10/2016 07:21:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1156

Error: (01/10/2016 07:21:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/10/2016 07:21:35 PM) (Source: LenovoWiFiHotspotSvr) (EventID: 1) (User: )
Description: LenovoWiFiHotspotSvrm_WlanMgr stop HN error. failed with 0

Error: (01/10/2016 07:21:35 PM) (Source: PhoneCompanionVap_WLAN) (EventID: 1) (User: )
Description: PhoneCompanionVap_WLANWlanMgr : ForceStop error. failed with 6

Error: (01/10/2016 06:32:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1219


Systemfehler:
=============
Error: (01/11/2016 08:03:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/11/2016 12:09:12 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/11/2016 12:01:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_1a0d04b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/11/2016 12:01:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _1a0d04b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/11/2016 12:01:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_1a0d04b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/11/2016 12:01:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1a0d04b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/11/2016 12:01:40 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/11/2016 11:53:03 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/11/2016 11:14:18 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (01/11/2016 08:13:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_59d566" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-01-11 11:19:03.143
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-10 20:09:49.622
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-09 09:58:01.886
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-07 17:42:16.552
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-30 17:17:33.250
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-29 19:03:18.128
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-29 19:03:13.960
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-29 03:58:07.716
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-29 03:57:10.437
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-29 03:49:51.850
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 8112.96 MB
Verfügbarer physikalischer RAM: 4285.45 MB
Summe virtueller Speicher: 9392.96 MB
Verfügbarer virtueller Speicher: 5419.01 MB

==================== Laufwerke ================================

Drive c: (Windows8_OS) (Fixed) (Total:102.1 GB) (Free:15.58 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: AD31C4C4)

Partition: GPT.

==================== Ende von Addition.txt ============================

xiao80 11.01.2016 21:05
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
durchgeführt von Xiaoshu (Administrator) auf XIAO (11-01-2016 20:57:41)
Gestartet von C:\Users\Xiaoshu\Downloads
Geladene Profile: Xiaoshu (Verfügbare Profile: Xiaoshu)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
() C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Lenovo Yoga PhoneCompanion\adb.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
() C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.36020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-10-17] (Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-03-26] (Intel Corporation)
HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2014-08-21] (Lenovo)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-08-21] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-08-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-08-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM-x32\...\Run: [Yoga Picks] => C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe [119280 2014-01-06] (Lenovo)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.)
HKU\S-1-5-21-4290222576-957381668-3853716905-1001\...\Run: [QQ2009] => "C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe" /background
HKU\S-1-5-21-4290222576-957381668-3853716905-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2015-12-02] (SUPERAntiSpyware)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 0.0.0.1        mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{784c71aa-b7ba-4674-916c-23e59071ddf6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8a60e412-53ad-4977-b60f-8cf89e6202f8}: [DhcpNameServer] 169.254.54.64

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4290222576-957381668-3853716905-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4290222576-957381668-3853716905-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-4290222576-957381668-3853716905-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4290222576-957381668-3853716905-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-12-16] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-12-16] (Microsoft Corporation)
BHO-x32: QQMiniDL Helper Class -> {C9C7334B-5657-41e1-8F79-F6AACECA05F4} -> C:\Program Files (x86)\Common Files\Tencent\QQMiniDL\60\Browser\QQIEHelper01.dll => Keine Datei
BHO-x32: AccountProtectBHO Class -> {DDD362CF-523B-4BC9-8FDC-58F93B6BC945} -> C:\Users\Xiaoshu\AppData\Roaming\Tencent\QQ\QQAntiPhishing\AccountProtect.dll => Keine Datei
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-16] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-16] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Xiaoshu\AppData\Roaming\Mozilla\Firefox\Profiles\656nqxa8.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-12-16] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-12] (Nitro PDF)
FF Plugin-x32: @qq.com/npqscall -> C:\Program Files (x86)\Common Files\Tencent\Npchrome\npactivex.dll [Keine Datei]
FF Plugin-x32: @qq.com/QQMiniDLPlugin -> C:\Program Files (x86)\Common Files\Tencent\QQMiniDL\60\Browser\npXFMiniDLPlugin.dll [Keine Datei]
FF Plugin-x32: @qq.com/QQPhotoDrawEx -> C:\Program Files (x86)\Tencent\Qzone\npQQPhotoDrawEx.dll [Keine Datei]
FF Plugin-x32: @qq.com/QzoneMusic -> C:\Program Files (x86)\Tencent\QzoneMusic\npQzoneMusic.dll [Keine Datei]
FF Plugin-x32: @tencent.com/npQQMailWebKit,version=1.0.0.1 -> C:\Program Files (x86)\QQMailPlugin\npQQMailWebKit.dll [2013-04-25] (Tencent)
FF Plugin-x32: @tencent.com/nptxftnWebKit,version=1.0.0.1 -> C:\Program Files (x86)\QQMailPlugin\nptxftnWebKit.dll [2013-04-08] (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: Discovery App - C:\Users\Xiaoshu\AppData\Roaming\Mozilla\Firefox\Profiles\656nqxa8.default\Extensions\{6b685626-86b6-4571-9c6a-ca69e6446965}.xpi [2016-01-08] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Xiaoshu\AppData\Roaming\Mozilla\Firefox\Profiles\656nqxa8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-10]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Xiaoshu\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Xiaoshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-11]
CHR Extension: (Google Docs) - C:\Users\Xiaoshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-11]
CHR Extension: (Google Drive) - C:\Users\Xiaoshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-11]
CHR Extension: (YouTube) - C:\Users\Xiaoshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-11]
CHR Extension: (Google-Suche) - C:\Users\Xiaoshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-11]
CHR Extension: (Google Tabellen) - C:\Users\Xiaoshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-11]
CHR Extension: (Google Docs Offline) - C:\Users\Xiaoshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Xiaoshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-11]
CHR Extension: (Google Mail) - C:\Users\Xiaoshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-11]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2748600 2015-12-04] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-14] (Dropbox, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-03-26] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-28] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-08-21] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-08-21] (Lenovo)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-24] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-24] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [285712 2014-08-21] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [304144 2014-08-21] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2014-08-21] (Lenovo)
R2 YogaPicks.AppService; C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe [19440 2014-01-06] ()
S2 QPCore; "C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-11] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2015-10-30] (Intel Corporation)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-17] (Realtek Semiconductor Corp.)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-11 20:57 - 2016-01-11 20:57 - 00025845 _____ C:\Users\Xiaoshu\Downloads\FRST.txt
2016-01-11 20:56 - 2016-01-11 20:57 - 00000000 ____D C:\FRST
2016-01-11 20:56 - 2016-01-11 20:56 - 00000000 ____D C:\Users\Xiaoshu\Downloads\FRST-OlderVersion
2016-01-11 20:53 - 2016-01-11 20:56 - 02370560 _____ (Farbar) C:\Users\Xiaoshu\Downloads\FRST64.exe
2016-01-11 19:14 - 2016-01-11 19:14 - 00000000 ___HD C:\OneDriveTemp
2016-01-11 00:04 - 2016-01-11 00:04 - 00002335 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-11 00:04 - 2016-01-11 00:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-11 00:03 - 2016-01-11 20:13 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-11 00:03 - 2016-01-11 19:14 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-11 00:03 - 2016-01-11 08:03 - 00000524 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 1d196ce4-a2f8-49e7-a7fc-003ca6d6b193.job
2016-01-11 00:03 - 2016-01-11 02:00 - 00000524 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 761a2c47-7d05-4e48-97a4-9621258d25e7.job
2016-01-11 00:03 - 2016-01-11 01:29 - 00000000 ____D C:\Users\Xiaoshu\AppData\Local\Google
2016-01-11 00:03 - 2016-01-11 00:08 - 00004186 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-11 00:03 - 2016-01-11 00:08 - 00003954 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-11 00:03 - 2016-01-11 00:04 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-11 00:03 - 2016-01-11 00:03 - 00003746 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 761a2c47-7d05-4e48-97a4-9621258d25e7
2016-01-11 00:03 - 2016-01-11 00:03 - 00003664 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 1d196ce4-a2f8-49e7-a7fc-003ca6d6b193
2016-01-11 00:03 - 2016-01-11 00:03 - 00000000 ____D C:\Users\Xiaoshu\AppData\Roaming\SUPERAntiSpyware.com
2016-01-11 00:02 - 2016-01-11 00:03 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-01-11 00:02 - 2016-01-11 00:02 - 24384072 _____ (SUPERAntiSpyware) C:\Users\Xiaoshu\Downloads\SUPERAntiSpyware.exe
2016-01-11 00:02 - 2016-01-11 00:02 - 00001860 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-01-11 00:02 - 2016-01-11 00:02 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-01-11 00:02 - 2016-01-11 00:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-01-11 00:01 - 2016-01-11 00:01 - 01749504 _____ C:\Users\Xiaoshu\Downloads\adwcleaner_5.028(1).exe
2016-01-10 22:06 - 2016-01-11 00:01 - 00000000 ____D C:\AdwCleaner
2016-01-10 22:06 - 2016-01-10 22:06 - 01749504 _____ C:\Users\Xiaoshu\Downloads\adwcleaner_5.028.exe
2016-01-10 08:22 - 2016-01-10 08:22 - 00002120 _____ C:\Users\Public\Desktop\tiptoi® Manager.lnk
2016-01-10 08:22 - 2016-01-10 08:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
2016-01-10 08:14 - 2016-01-10 08:14 - 00002128 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager Deinstallationsprogramm.lnk
2016-01-10 08:14 - 2016-01-10 08:14 - 00002060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi.lnk
2016-01-10 08:14 - 2016-01-10 08:14 - 00000000 ____D C:\Program Files (x86)\Ravensburger tiptoi
2016-01-09 12:34 - 2016-01-09 12:34 - 00000000 ____D C:\Users\Xiaoshu\AppData\Roaming\0B1L1H1F0M1P1Q1L1T
2016-01-09 12:21 - 2016-01-09 13:10 - 00000000 ____D C:\Users\Xiaoshu\Desktop\Setec
2016-01-07 17:53 - 2016-01-10 20:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-30 17:15 - 2015-12-30 17:15 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-29 19:02 - 2015-12-29 19:02 - 00001696 _____ C:\WINDOWS\SysWOW64\NOISE.CHS
2015-12-29 19:02 - 2015-12-29 19:02 - 00001696 _____ C:\WINDOWS\system32\NOISE.CHS
2015-12-29 19:02 - 2015-10-29 19:43 - 02964480 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Models0804.dll
2015-12-29 19:02 - 2015-10-29 19:42 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Lexicons0804.dll
2015-12-29 19:02 - 2015-10-29 19:31 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB70804.dll
2015-12-29 19:02 - 2015-10-29 19:29 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB70804.dll
2015-12-29 19:02 - 2015-10-29 19:26 - 03446272 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Data0804.dll
2015-12-29 19:02 - 2015-10-29 19:25 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NL7Data0804.dll
2015-12-29 19:01 - 2015-12-29 19:01 - 00000000 ____D C:\Users\Xiaoshu\AppData\Local\ActiveSync
2015-12-29 18:59 - 2015-12-29 18:59 - 00000020 ___SH C:\Users\Xiaoshu\ntuser.ini
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-12-29 03:58 - 2016-01-10 22:33 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-29 03:55 - 2015-12-29 03:56 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki
2015-12-29 03:55 - 2015-12-29 03:56 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki
2015-12-29 03:55 - 2015-12-29 03:55 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-29 03:52 - 2016-01-03 08:56 - 00000000 ____D C:\Users\Xiaoshu
2015-12-29 03:52 - 2015-12-29 03:56 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\Vorlagen
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\Startmenü
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\Netzwerkumgebung
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\Lokale Einstellungen
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\Eigene Dateien
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\Druckumgebung
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\Documents\Eigene Videos
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\Documents\Eigene Musik
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\Documents\Eigene Bilder
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\AppData\Local\Verlauf
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\AppData\Local\Anwendungsdaten
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\Anwendungsdaten
2015-12-29 03:51 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-12-29 03:50 - 2016-01-11 19:14 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-12-29 03:50 - 2015-12-29 03:53 - 00000000 ____D C:\Program Files\Intel
2015-12-29 03:50 - 2015-12-29 03:50 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2015-12-29 03:50 - 2015-12-29 03:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-12-29 03:50 - 2015-12-29 03:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-12-29 03:50 - 2015-12-29 03:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-12-29 03:50 - 2015-12-29 03:50 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-12-29 03:50 - 2015-12-29 03:50 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-12-29 03:50 - 2015-12-29 03:50 - 00000000 ____D C:\Program Files\Synaptics
2015-12-29 03:50 - 2015-12-29 03:50 - 00000000 ____D C:\Program Files\Realtek
2015-12-29 03:50 - 2015-12-28 09:52 - 00103944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-12-29 03:50 - 2015-12-28 09:52 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-12-29 03:49 - 2016-01-10 20:05 - 00375048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-29 03:49 - 2015-12-29 19:01 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-29 03:49 - 2015-12-29 03:49 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_SensorsHid_02_15_00.Wdf
2015-12-29 03:46 - 2015-12-29 03:46 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-29 03:46 - 2015-12-29 03:46 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-29 03:46 - 2015-12-29 03:46 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-29 03:46 - 2015-12-29 03:46 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-29 03:46 - 2015-12-29 03:46 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-29 03:46 - 2015-12-29 03:46 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-29 03:46 - 2015-12-29 03:46 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-29 03:46 - 2015-12-29 03:46 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-12-29 03:46 - 2015-12-29 03:46 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-12-29 03:46 - 2015-12-29 03:46 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-29 03:46 - 2015-12-29 03:46 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-12-29 03:46 - 2015-12-29 03:46 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-12-29 03:46 - 2015-12-29 03:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-29 03:46 - 2015-12-29 03:46 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-12-29 03:46 - 2015-12-29 03:46 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00000000 ____D C:\Windows.old
2015-12-29 03:45 - 2015-12-29 03:45 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-29 03:45 - 2015-12-29 03:45 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-29 03:45 - 2015-12-29 03:45 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-12-29 03:45 - 2015-12-29 03:45 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-12-29 03:45 - 2015-12-29 03:45 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-12-29 03:45 - 2015-12-29 03:45 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-29 03:45 - 2015-12-29 03:45 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2015-12-29 03:45 - 2015-12-29 03:45 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-29 03:45 - 2015-12-29 03:45 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2015-12-29 03:45 - 2015-12-29 03:45 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-12-29 03:45 - 2015-12-29 03:45 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-12-29 03:41 - 2015-12-29 03:41 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-29 03:38 - 2015-12-29 03:38 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-12-29 03:38 - 2015-12-29 03:38 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-29 03:38 - 2015-12-29 03:38 - 00000000 ____D C:\Program Files\MSBuild
2015-12-29 03:38 - 2015-12-29 03:38 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-29 03:38 - 2015-12-29 03:38 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-29 03:38 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-12-29 03:38 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-12-29 03:38 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-12-29 03:38 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-29 03:38 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-29 03:38 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 35016296 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 34083104 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 29894272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 29101576 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 28612544 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 19861512 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 15454976 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 13928480 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 13427688 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 11586056 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 11441600 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 08634888 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 07858088 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-12-28 09:52 - 2015-12-28 09:52 - 06560024 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 05797102 _____ C:\WINDOWS\system32\igdclbif.bin
2015-12-28 09:52 - 2015-12-28 09:52 - 05685768 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 05262864 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 05028408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 04608520 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 04482424 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 04324664 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 04123144 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 03970056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 02813952 _____ C:\WINDOWS\system32\iglhxa64.cpa
2015-12-28 09:52 - 2015-12-28 09:52 - 02145232 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 02052104 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 01816720 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 01814064 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 01665200 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 01576968 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 01167880 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 01026464 _____ C:\WINDOWS\system32\igfxSDK.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00962464 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00958880 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00819449 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2015-12-28 09:52 - 2015-12-28 09:52 - 00750088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00641530 _____ C:\WINDOWS\system32\FilmModeDetection.wmv
2015-12-28 09:52 - 2015-12-28 09:52 - 00626696 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00621472 _____ (Intel Corporation) C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00535968 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00511260 _____ C:\WINDOWS\system32\cp_resources.bin
2015-12-28 09:52 - 2015-12-28 09:52 - 00466344 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00439304 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00435088 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00433968 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00415752 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00403671 _____ C:\WINDOWS\system32\ImageStabilization.wmv
2015-12-28 09:52 - 2015-12-28 09:52 - 00402344 _____ C:\WINDOWS\system32\igfxTray.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00390152 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00388616 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00384008 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00381936 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00379792 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00375173 _____ C:\WINDOWS\system32\ColorImageEnhancement.wmv
2015-12-28 09:52 - 2015-12-28 09:52 - 00373160 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00354216 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00350224 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCComp64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00318472 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00310160 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00300968 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00295024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00273416 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-12-28 09:52 - 2015-12-28 09:52 - 00268704 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00266248 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00255496 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00242160 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00236456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00231848 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00231336 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00225288 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00222736 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00206344 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4331.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00205360 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00193032 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00181328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00174504 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00173584 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00111624 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00103944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00103432 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00100872 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00095248 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00083464 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00055248 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00052744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00041296 _____ C:\WINDOWS\system32\iglhxc64_dev.vp
2015-12-28 09:52 - 2015-12-28 09:52 - 00040931 _____ C:\WINDOWS\system32\iglhxo64_dev.vp
2015-12-28 09:52 - 2015-12-28 09:52 - 00040343 _____ C:\WINDOWS\system32\iglhxo64.vp
2015-12-28 09:52 - 2015-12-28 09:52 - 00040316 _____ C:\WINDOWS\system32\iglhxc64.vp
2015-12-28 09:52 - 2015-12-28 09:52 - 00039798 _____ C:\WINDOWS\system32\iglhxg64_dev.vp
2015-12-28 09:52 - 2015-12-28 09:52 - 00039658 _____ C:\WINDOWS\system32\iglhxg64.vp
2015-12-28 09:52 - 2015-12-28 09:52 - 00029192 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00029192 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00027656 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00027656 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00022536 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00022536 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00004730 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-12-28 09:52 - 2015-12-28 09:52 - 00001125 _____ C:\WINDOWS\system32\iglhxa64.vp
2015-12-28 09:52 - 2015-12-28 09:52 - 00000935 _____ C:\WINDOWS\system32\Gfxv4_0.exe.config
2015-12-28 09:52 - 2015-12-28 09:52 - 00000935 _____ C:\WINDOWS\system32\DPTopologyApp.exe.config
2015-12-28 09:52 - 2015-12-28 09:52 - 00000895 _____ C:\WINDOWS\system32\Gfxv2_0.exe.config
2015-12-28 09:52 - 2015-12-28 09:52 - 00000895 _____ C:\WINDOWS\system32\DPTopologyAppv2_0.exe.config
2015-12-26 10:06 - 2015-12-29 03:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-12-26 10:06 - 2015-12-26 10:06 - 00001833 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-12-26 10:06 - 2015-12-26 10:06 - 00000000 ____D C:\Program Files\iTunes
2015-12-26 10:06 - 2015-12-26 10:06 - 00000000 ____D C:\Program Files\iPod
2015-12-26 10:06 - 2015-12-26 10:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-12-25 09:32 - 2015-12-25 09:32 - 00000000 ____D C:\Users\Xiaoshu\AppData\Roaming\RavensburgerTipToi3
2015-12-25 09:29 - 2016-01-10 08:14 - 00000000 ____D C:\ProgramData\RavensburgerTipToi3
2015-12-25 09:04 - 2016-01-10 08:13 - 00000000 ____D C:\Users\Xiaoshu\.oracle_jre_usage
2015-12-25 09:01 - 2015-12-25 09:01 - 00000000 ____D C:\Users\Xiaoshu\AppData\Roaming\RavensburgerTipToi
2015-12-23 08:27 - 2015-12-23 08:27 - 00035840 _____ C:\Users\Xiaoshu\Desktop\猫粮P020150709517333737021.xls
2015-12-16 12:33 - 2015-12-29 03:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-12-14 18:11 - 2016-01-09 12:34 - 00000000 ____D C:\Users\Xiaoshu\AppData\Roaming\Nitro PDF
2015-12-13 16:58 - 2015-12-29 03:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-11 20:56 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2016-01-11 20:48 - 2015-08-13 19:39 - 00000000 ____D C:\Users\Xiaoshu\Documents\Outlook-Dateien
2016-01-11 20:31 - 2015-08-14 19:26 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-01-11 20:31 - 2015-08-14 19:26 - 00001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-01-11 19:59 - 2015-08-14 08:59 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-11 19:14 - 2015-08-14 19:28 - 00000000 ___RD C:\Users\Xiaoshu\Dropbox
2016-01-11 19:14 - 2015-08-14 19:26 - 00000000 ____D C:\Users\Xiaoshu\AppData\Local\Dropbox
2016-01-11 19:14 - 2015-08-10 10:08 - 00000000 __RDO C:\Users\Xiaoshu\OneDrive
2016-01-11 19:14 - 2015-08-10 10:04 - 00000000 __SHD C:\Users\Xiaoshu\IntelGraphicsProfiles
2016-01-10 22:39 - 2015-10-30 19:35 - 00777804 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-10 22:39 - 2015-10-30 19:35 - 00156080 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-10 22:39 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-10 22:39 - 2015-08-10 14:54 - 01802588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-10 22:33 - 2014-08-21 09:28 - 00000000 ____D C:\ProgramData\McAfee
2016-01-10 22:33 - 2014-08-21 09:28 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-01-10 22:32 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-01-10 22:32 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-10 22:32 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-10 22:32 - 2015-08-10 10:49 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2016-01-10 22:31 - 2015-07-10 10:05 - 00000000 ____D C:\Users\Default.migrated
2016-01-10 21:33 - 2015-08-10 15:02 - 00000000 ____D C:\Users\Xiaoshu\Documents\Tencent Files
2016-01-10 20:05 - 2015-10-30 19:36 - 00000000 ____D C:\WINDOWS\OCR
2016-01-10 20:05 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\security
2016-01-10 20:05 - 2015-08-10 15:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-10 20:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\ADFS
2016-01-10 19:49 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-10 19:49 - 2015-08-10 10:04 - 00000000 ____D C:\Users\Xiaoshu\AppData\Local\Packages
2016-01-10 17:12 - 2015-08-14 08:59 - 00001182 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-10 17:12 - 2015-08-14 08:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-10 17:12 - 2015-08-14 08:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-09 19:29 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-09 12:37 - 2015-08-13 20:31 - 00000000 ____D C:\Users\Xiaoshu\Desktop\Verkauf
2016-01-08 19:20 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-30 17:05 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-12-30 17:02 - 2014-08-21 09:33 - 00000000 ____D C:\ProgramData\Energy Manager
2015-12-29 19:16 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-29 19:03 - 2015-12-08 21:48 - 00002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2015-12-29 19:02 - 2015-08-10 14:59 - 00002435 _____ C:\Users\Xiaoshu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-29 19:00 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-12-29 19:00 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-29 18:59 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-29 18:59 - 2015-08-10 15:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-29 18:58 - 2014-08-21 09:08 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-12-29 04:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-29 04:00 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-29 04:00 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT
2015-12-29 04:00 - 2015-08-10 14:25 - 00019053 _____ C:\WINDOWS\diagwrn.xml
2015-12-29 04:00 - 2015-08-10 14:25 - 00019053 _____ C:\WINDOWS\diagerr.xml
2015-12-29 03:59 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration
2015-12-29 03:58 - 2015-09-02 20:25 - 00002954 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-12-29 03:58 - 2015-08-14 19:26 - 00003740 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2015-12-29 03:58 - 2015-08-14 19:26 - 00003516 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2015-12-29 03:58 - 2015-08-10 14:50 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-12-29 03:58 - 2015-08-10 10:09 - 00002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4290222576-957381668-3853716905-1001
2015-12-29 03:58 - 2014-08-21 09:30 - 00002476 _____ C:\WINDOWS\System32\Tasks\Lenovo Smart Voice
2015-12-29 03:58 - 2014-08-21 09:19 - 00003182 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2
2015-12-29 03:58 - 2014-08-21 09:19 - 00002802 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon
2015-12-29 03:58 - 2014-08-21 09:08 - 00002314 _____ C:\WINDOWS\System32\Tasks\DolbySelectorTask
2015-12-29 03:58 - 2014-08-21 08:53 - 00002318 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4290222576-957381668-3853716905-500
2015-12-29 03:57 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-29 03:56 - 2015-12-08 21:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2015-12-29 03:56 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-29 03:56 - 2014-08-21 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Photo Master
2015-12-29 03:56 - 2014-08-21 09:30 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
2015-12-29 03:56 - 2014-08-21 09:27 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaStory
2015-12-29 03:56 - 2014-08-21 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-12-29 03:56 - 2014-08-21 09:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2015-12-29 03:56 - 2014-08-21 09:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-12-29 03:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-12-29 03:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\InputMethod
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-29 03:53 - 2014-08-21 09:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hightail
2015-12-29 03:53 - 2014-08-21 09:09 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2015-12-29 03:53 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-12-29 03:53 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-12-29 03:51 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-29 03:49 - 2015-10-30 19:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-12-29 03:49 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-29 03:46 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-29 03:46 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-29 03:46 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-29 03:46 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-12-29 03:46 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-29 03:46 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-29 03:43 - 2015-10-30 19:44 - 00000000 ____D C:\Program Files\Windows Journal
2015-12-29 03:43 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2015-12-29 03:43 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-12-29 03:43 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2015-12-29 03:43 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-12-29 03:43 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\winrm
2015-12-29 03:43 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-12-29 03:43 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\slmgr
2015-12-29 03:43 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2015-12-29 03:43 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-12-29 03:43 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2015-12-29 03:43 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-12-29 03:43 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\dsc
2015-12-29 03:43 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2015-12-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\migwiz
2015-12-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-12-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Defender
2015-12-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-12-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-12-29 03:43 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\servicing
2015-12-29 03:38 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-12-29 03:38 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-12-29 03:30 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-26 10:06 - 2015-08-14 09:07 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-12-25 09:03 - 2015-08-14 08:38 - 00000000 ____D C:\ProgramData\RavensburgerTipToi
2015-12-20 19:54 - 2015-08-13 20:31 - 00030753 _____ C:\Users\Xiaoshu\Desktop\Rechnungen.xlsx
2015-12-17 08:57 - 2014-08-21 09:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-12-16 12:33 - 2015-11-18 09:51 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-12-13 16:58 - 2015-08-14 19:26 - 00000000 ____D C:\Program Files (x86)\Dropbox

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-10 15:02 - 2015-08-10 15:02 - 0371040 _____ (Tencent) C:\Users\Xiaoshu\AppData\Roaming\3GUykWjKOl9Cis.TXT
2015-08-10 15:02 - 2015-08-10 15:02 - 0000528 _____ () C:\Users\Xiaoshu\AppData\Roaming\52eaKQ9ez9YA.dat
2015-08-10 15:01 - 2015-08-10 15:02 - 3348960 _____ () C:\Users\Xiaoshu\AppData\Roaming\V6BQH17M.TXT
2015-12-29 03:50 - 2015-12-29 03:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-08 19:19

==================== Ende von FRST.txt ============================
So ich hoffe ich habe alles richtig gepostet :) war gar nicht so einfach eine Seite zu finden wo ich das Programm runterladen kann wo der button download nicht von den werbungen verdeckt ist ... ggggrrr....

cosinus 11.01.2016 21:23
Zitat:
腾讯QQ (HKLM-x32\...\{052CFB79-9D62-42E3-8A15-DE66C2C97C3E}) (Version: 7.5.15456.0 - 腾讯科技(深圳)有限公司)
Wasndas? Ich hab den Eindruck, du als Chinesin kannst mal übersetzen für mich :D
Ist das ein Messenger oder täusche ich mich da?

xiao80 11.01.2016 21:46
ja das ist ein messenger :) heisst QQ, aber der war schon vorher lange drauf und sollte eigentlich nicht das problem sein :)

cosinus 11.01.2016 21:52
Gut, wollte nur sichergehen, dass das kein Junk ist :D

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


xiao80 11.01.2016 22:12
Neugestartet hat der nach adwcleaner nicht weil nichts gefunden wurde, kann das sein?

Code:
# AdwCleaner v5.029 - Bericht erstellt am 11/01/2016 um 22:00:25
# Aktualisiert am 11/01/2016 von Xplode
# Datenbank : 2016-01-11.4 [Server]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : Xiaoshu - XIAO
# Gestartet von : C:\Users\Xiaoshu\Downloads\adwcleaner_5.029.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLL ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [620 Bytes] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 10 Home x64
Ran by Xiaoshu (Administrator) on 11.01.2016 at 22:06:18,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.01.2016 at 22:07:31,40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
durchgeführt von Xiaoshu (Administrator) auf XIAO (11-01-2016 22:09:27)
Gestartet von C:\Users\Xiaoshu\Downloads
Geladene Profile: Xiaoshu (Verfügbare Profile: Xiaoshu)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
(Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
() C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Lenovo Yoga PhoneCompanion\adb.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Xiaoshu\Downloads\FRST64(1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2013-10-17] (Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-03-26] (Intel Corporation)
HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2014-08-21] (Lenovo)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-08-21] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-08-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-08-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM-x32\...\Run: [Yoga Picks] => C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe [119280 2014-01-06] (Lenovo)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.)
HKU\S-1-5-21-4290222576-957381668-3853716905-1001\...\Run: [QQ2009] => "C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe" /background
HKU\S-1-5-21-4290222576-957381668-3853716905-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7935904 2015-12-02] (SUPERAntiSpyware)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files (x86)\Hightail\Hightail for Lenovo\YSINSE.dll [2014-06-23] (Hightail Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 0.0.0.1        mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{784c71aa-b7ba-4674-916c-23e59071ddf6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8a60e412-53ad-4977-b60f-8cf89e6202f8}: [DhcpNameServer] 169.254.54.64

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4290222576-957381668-3853716905-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4290222576-957381668-3853716905-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-4290222576-957381668-3853716905-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4290222576-957381668-3853716905-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-12-16] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-12-16] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-16] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-16] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-16] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-12-16] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Xiaoshu\AppData\Roaming\Mozilla\Firefox\Profiles\656nqxa8.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-12-16] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-12] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: Discovery App - C:\Users\Xiaoshu\AppData\Roaming\Mozilla\Firefox\Profiles\656nqxa8.default\Extensions\{6b685626-86b6-4571-9c6a-ca69e6446965}.xpi [2016-01-08] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Xiaoshu\AppData\Roaming\Mozilla\Firefox\Profiles\656nqxa8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-10]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Xiaoshu\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Xiaoshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-11]
CHR Extension: (Google Docs) - C:\Users\Xiaoshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-11]
CHR Extension: (Google Drive) - C:\Users\Xiaoshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-11]
CHR Extension: (YouTube) - C:\Users\Xiaoshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-11]
CHR Extension: (Google-Suche) - C:\Users\Xiaoshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-11]
CHR Extension: (Google Tabellen) - C:\Users\Xiaoshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-11]
CHR Extension: (Google Docs Offline) - C:\Users\Xiaoshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Xiaoshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-11]
CHR Extension: (Google Mail) - C:\Users\Xiaoshu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-11]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2748600 2015-12-04] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-14] (Dropbox, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-03-26] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-28] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-21] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-08-21] (Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-08-21] (Lenovo)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
R2 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-24] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-24] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [285712 2014-08-21] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [304144 2014-08-21] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2014-08-21] (Lenovo)
R2 YogaPicks.AppService; C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe [19440 2014-01-06] ()
S2 QPCore; "C:\Program Files (x86)\Common Files\Tencent\QQProtect\Bin\QQProtect.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-11] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3485696 2015-10-30] (Intel Corporation)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\Windows\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-17] (Realtek Semiconductor Corp.)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-11 22:09 - 2016-01-11 22:09 - 02370560 _____ (Farbar) C:\Users\Xiaoshu\Downloads\FRST64(1).exe
2016-01-11 22:07 - 2016-01-11 22:07 - 00000549 _____ C:\Users\Xiaoshu\Desktop\JRT.txt
2016-01-11 22:06 - 2016-01-11 22:06 - 01600184 _____ (Malwarebytes) C:\Users\Xiaoshu\Downloads\JRT(1).exe
2016-01-11 22:02 - 2016-01-11 22:02 - 01600184 _____ (Malwarebytes) C:\Users\Xiaoshu\Downloads\JRT.exe
2016-01-11 22:00 - 2016-01-11 22:00 - 01754112 _____ C:\Users\Xiaoshu\Downloads\adwcleaner_5.029.exe
2016-01-11 20:58 - 2016-01-11 20:59 - 00042496 _____ C:\Users\Xiaoshu\Downloads\Addition.txt
2016-01-11 20:57 - 2016-01-11 22:09 - 00022574 _____ C:\Users\Xiaoshu\Downloads\FRST.txt
2016-01-11 20:56 - 2016-01-11 22:09 - 00000000 ____D C:\FRST
2016-01-11 20:56 - 2016-01-11 20:56 - 00000000 ____D C:\Users\Xiaoshu\Downloads\FRST-OlderVersion
2016-01-11 20:53 - 2016-01-11 20:56 - 02370560 _____ (Farbar) C:\Users\Xiaoshu\Downloads\FRST64.exe
2016-01-11 19:14 - 2016-01-11 19:14 - 00000000 ___HD C:\OneDriveTemp
2016-01-11 00:04 - 2016-01-11 00:04 - 00002335 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-11 00:04 - 2016-01-11 00:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-11 00:03 - 2016-01-11 21:13 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-11 00:03 - 2016-01-11 19:14 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-11 00:03 - 2016-01-11 08:03 - 00000524 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 1d196ce4-a2f8-49e7-a7fc-003ca6d6b193.job
2016-01-11 00:03 - 2016-01-11 02:00 - 00000524 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 761a2c47-7d05-4e48-97a4-9621258d25e7.job
2016-01-11 00:03 - 2016-01-11 01:29 - 00000000 ____D C:\Users\Xiaoshu\AppData\Local\Google
2016-01-11 00:03 - 2016-01-11 00:08 - 00004186 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-01-11 00:03 - 2016-01-11 00:08 - 00003954 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-01-11 00:03 - 2016-01-11 00:04 - 00000000 ____D C:\Program Files (x86)\Google
2016-01-11 00:03 - 2016-01-11 00:03 - 00003746 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 761a2c47-7d05-4e48-97a4-9621258d25e7
2016-01-11 00:03 - 2016-01-11 00:03 - 00003664 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 1d196ce4-a2f8-49e7-a7fc-003ca6d6b193
2016-01-11 00:03 - 2016-01-11 00:03 - 00000000 ____D C:\Users\Xiaoshu\AppData\Roaming\SUPERAntiSpyware.com
2016-01-11 00:02 - 2016-01-11 00:03 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-01-11 00:02 - 2016-01-11 00:02 - 24384072 _____ (SUPERAntiSpyware) C:\Users\Xiaoshu\Downloads\SUPERAntiSpyware.exe
2016-01-11 00:02 - 2016-01-11 00:02 - 00001860 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-01-11 00:02 - 2016-01-11 00:02 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-01-11 00:02 - 2016-01-11 00:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-01-10 22:06 - 2016-01-11 22:00 - 00000000 ____D C:\AdwCleaner
2016-01-10 22:06 - 2016-01-10 22:06 - 01749504 _____ C:\Users\Xiaoshu\Downloads\adwcleaner_5.028.exe
2016-01-10 08:22 - 2016-01-10 08:22 - 00002120 _____ C:\Users\Public\Desktop\tiptoi® Manager.lnk
2016-01-10 08:22 - 2016-01-10 08:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
2016-01-10 08:14 - 2016-01-10 08:14 - 00002128 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager Deinstallationsprogramm.lnk
2016-01-10 08:14 - 2016-01-10 08:14 - 00002060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi.lnk
2016-01-10 08:14 - 2016-01-10 08:14 - 00000000 ____D C:\Program Files (x86)\Ravensburger tiptoi
2016-01-09 12:21 - 2016-01-09 13:10 - 00000000 ____D C:\Users\Xiaoshu\Desktop\Setec
2016-01-07 17:53 - 2016-01-10 20:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-30 17:15 - 2015-12-30 17:15 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-29 19:02 - 2015-12-29 19:02 - 00001696 _____ C:\WINDOWS\SysWOW64\NOISE.CHS
2015-12-29 19:02 - 2015-12-29 19:02 - 00001696 _____ C:\WINDOWS\system32\NOISE.CHS
2015-12-29 19:02 - 2015-10-29 19:43 - 02964480 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Models0804.dll
2015-12-29 19:02 - 2015-10-29 19:42 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Lexicons0804.dll
2015-12-29 19:02 - 2015-10-29 19:31 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB70804.dll
2015-12-29 19:02 - 2015-10-29 19:29 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB70804.dll
2015-12-29 19:02 - 2015-10-29 19:26 - 03446272 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Data0804.dll
2015-12-29 19:02 - 2015-10-29 19:25 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NL7Data0804.dll
2015-12-29 19:01 - 2015-12-29 19:01 - 00000000 ____D C:\Users\Xiaoshu\AppData\Local\ActiveSync
2015-12-29 18:59 - 2015-12-29 18:59 - 00000020 ___SH C:\Users\Xiaoshu\ntuser.ini
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-12-29 04:00 - 2015-12-29 04:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-12-29 03:58 - 2016-01-10 22:33 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-29 03:55 - 2015-12-29 03:56 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki
2015-12-29 03:55 - 2015-12-29 03:56 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki
2015-12-29 03:55 - 2015-12-29 03:55 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-29 03:52 - 2016-01-03 08:56 - 00000000 ____D C:\Users\Xiaoshu
2015-12-29 03:52 - 2015-12-29 03:56 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\Vorlagen
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\Startmenü
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\Netzwerkumgebung
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\Lokale Einstellungen
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\Eigene Dateien
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\Druckumgebung
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\Documents\Eigene Videos
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\Documents\Eigene Musik
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\Documents\Eigene Bilder
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\AppData\Local\Verlauf
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\AppData\Local\Anwendungsdaten
2015-12-29 03:52 - 2015-12-29 03:52 - 00000000 _SHDL C:\Users\Xiaoshu\Anwendungsdaten
2015-12-29 03:51 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-12-29 03:50 - 2016-01-11 19:14 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-12-29 03:50 - 2015-12-29 03:53 - 00000000 ____D C:\Program Files\Intel
2015-12-29 03:50 - 2015-12-29 03:50 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2015-12-29 03:50 - 2015-12-29 03:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-12-29 03:50 - 2015-12-29 03:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-12-29 03:50 - 2015-12-29 03:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-12-29 03:50 - 2015-12-29 03:50 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-12-29 03:50 - 2015-12-29 03:50 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-12-29 03:50 - 2015-12-29 03:50 - 00000000 ____D C:\Program Files\Synaptics
2015-12-29 03:50 - 2015-12-29 03:50 - 00000000 ____D C:\Program Files\Realtek
2015-12-29 03:50 - 2015-12-28 09:52 - 00103944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-12-29 03:50 - 2015-12-28 09:52 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-12-29 03:49 - 2016-01-10 20:05 - 00375048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-29 03:49 - 2015-12-29 19:01 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-29 03:49 - 2015-12-29 03:49 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_SensorsHid_02_15_00.Wdf
2015-12-29 03:46 - 2015-12-29 03:46 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-29 03:46 - 2015-12-29 03:46 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-29 03:46 - 2015-12-29 03:46 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-29 03:46 - 2015-12-29 03:46 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-29 03:46 - 2015-12-29 03:46 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-29 03:46 - 2015-12-29 03:46 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-29 03:46 - 2015-12-29 03:46 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-29 03:46 - 2015-12-29 03:46 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-12-29 03:46 - 2015-12-29 03:46 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-12-29 03:46 - 2015-12-29 03:46 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-29 03:46 - 2015-12-29 03:46 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-12-29 03:46 - 2015-12-29 03:46 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-12-29 03:46 - 2015-12-29 03:46 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-29 03:46 - 2015-12-29 03:46 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-12-29 03:46 - 2015-12-29 03:46 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00000000 ____D C:\Windows.old
2015-12-29 03:45 - 2015-12-29 03:45 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-29 03:45 - 2015-12-29 03:45 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-29 03:45 - 2015-12-29 03:45 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-12-29 03:45 - 2015-12-29 03:45 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-12-29 03:45 - 2015-12-29 03:45 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-12-29 03:45 - 2015-12-29 03:45 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-29 03:45 - 2015-12-29 03:45 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2015-12-29 03:45 - 2015-12-29 03:45 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-29 03:45 - 2015-12-29 03:45 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2015-12-29 03:45 - 2015-12-29 03:45 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-12-29 03:45 - 2015-12-29 03:45 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-12-29 03:45 - 2015-12-29 03:45 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-12-29 03:41 - 2015-12-29 03:41 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-29 03:38 - 2015-12-29 03:38 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-12-29 03:38 - 2015-12-29 03:38 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-29 03:38 - 2015-12-29 03:38 - 00000000 ____D C:\Program Files\MSBuild
2015-12-29 03:38 - 2015-12-29 03:38 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-29 03:38 - 2015-12-29 03:38 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-29 03:38 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-12-29 03:38 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-12-29 03:38 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-12-29 03:38 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-29 03:38 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-29 03:38 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 35016296 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 34083104 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 29894272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 29101576 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 28612544 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 19861512 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 15454976 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 13928480 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 13427688 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 11586056 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 11441600 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 08634888 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 07858088 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2015-12-28 09:52 - 2015-12-28 09:52 - 06560024 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 05797102 _____ C:\WINDOWS\system32\igdclbif.bin
2015-12-28 09:52 - 2015-12-28 09:52 - 05685768 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 05262864 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 05028408 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 04608520 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 04482424 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 04324664 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 04123144 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 03970056 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 02813952 _____ C:\WINDOWS\system32\iglhxa64.cpa
2015-12-28 09:52 - 2015-12-28 09:52 - 02145232 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 02052104 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 01816720 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 01814064 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 01665200 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 01576968 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 01167880 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 01026464 _____ C:\WINDOWS\system32\igfxSDK.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00962464 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00958880 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00819449 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2015-12-28 09:52 - 2015-12-28 09:52 - 00750088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00641530 _____ C:\WINDOWS\system32\FilmModeDetection.wmv
2015-12-28 09:52 - 2015-12-28 09:52 - 00626696 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00621472 _____ (Intel Corporation) C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00535968 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00511260 _____ C:\WINDOWS\system32\cp_resources.bin
2015-12-28 09:52 - 2015-12-28 09:52 - 00466344 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00439304 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00435088 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00433968 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00415752 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00403671 _____ C:\WINDOWS\system32\ImageStabilization.wmv
2015-12-28 09:52 - 2015-12-28 09:52 - 00402344 _____ C:\WINDOWS\system32\igfxTray.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00390152 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00388616 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00384008 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00381936 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00379792 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00375173 _____ C:\WINDOWS\system32\ColorImageEnhancement.wmv
2015-12-28 09:52 - 2015-12-28 09:52 - 00373160 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00354216 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00350224 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCComp64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00318472 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00310160 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00300968 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00295024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00273416 _____ C:\WINDOWS\system32\igfxCPL.cpl
2015-12-28 09:52 - 2015-12-28 09:52 - 00268704 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00266248 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00255496 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00242160 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00236456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00231848 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00231336 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00225288 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00222736 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00206344 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4331.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00205360 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00193032 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00181328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00174504 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2015-12-28 09:52 - 2015-12-28 09:52 - 00173584 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00111624 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00103944 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00103432 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00100872 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00099848 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00095248 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00083464 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00055248 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00052744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00041296 _____ C:\WINDOWS\system32\iglhxc64_dev.vp
2015-12-28 09:52 - 2015-12-28 09:52 - 00040931 _____ C:\WINDOWS\system32\iglhxo64_dev.vp
2015-12-28 09:52 - 2015-12-28 09:52 - 00040343 _____ C:\WINDOWS\system32\iglhxo64.vp
2015-12-28 09:52 - 2015-12-28 09:52 - 00040316 _____ C:\WINDOWS\system32\iglhxc64.vp
2015-12-28 09:52 - 2015-12-28 09:52 - 00039798 _____ C:\WINDOWS\system32\iglhxg64_dev.vp
2015-12-28 09:52 - 2015-12-28 09:52 - 00039658 _____ C:\WINDOWS\system32\iglhxg64.vp
2015-12-28 09:52 - 2015-12-28 09:52 - 00029192 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00029192 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00027656 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00027656 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00022536 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00022536 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2015-12-28 09:52 - 2015-12-28 09:52 - 00004730 _____ C:\WINDOWS\system32\iglhxs64.vp
2015-12-28 09:52 - 2015-12-28 09:52 - 00001125 _____ C:\WINDOWS\system32\iglhxa64.vp
2015-12-28 09:52 - 2015-12-28 09:52 - 00000935 _____ C:\WINDOWS\system32\Gfxv4_0.exe.config
2015-12-28 09:52 - 2015-12-28 09:52 - 00000935 _____ C:\WINDOWS\system32\DPTopologyApp.exe.config
2015-12-28 09:52 - 2015-12-28 09:52 - 00000895 _____ C:\WINDOWS\system32\Gfxv2_0.exe.config
2015-12-28 09:52 - 2015-12-28 09:52 - 00000895 _____ C:\WINDOWS\system32\DPTopologyAppv2_0.exe.config
2015-12-26 10:06 - 2015-12-29 03:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-12-26 10:06 - 2015-12-26 10:06 - 00001833 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-12-26 10:06 - 2015-12-26 10:06 - 00000000 ____D C:\Program Files\iTunes
2015-12-26 10:06 - 2015-12-26 10:06 - 00000000 ____D C:\Program Files\iPod
2015-12-26 10:06 - 2015-12-26 10:06 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-12-25 09:32 - 2015-12-25 09:32 - 00000000 ____D C:\Users\Xiaoshu\AppData\Roaming\RavensburgerTipToi3
2015-12-25 09:29 - 2016-01-10 08:14 - 00000000 ____D C:\ProgramData\RavensburgerTipToi3
2015-12-25 09:04 - 2016-01-10 08:13 - 00000000 ____D C:\Users\Xiaoshu\.oracle_jre_usage
2015-12-25 09:01 - 2015-12-25 09:01 - 00000000 ____D C:\Users\Xiaoshu\AppData\Roaming\RavensburgerTipToi
2015-12-23 08:27 - 2015-12-23 08:27 - 00035840 _____ C:\Users\Xiaoshu\Desktop\猫粮P020150709517333737021.xls
2015-12-16 12:33 - 2015-12-29 03:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-12-14 18:11 - 2016-01-09 12:34 - 00000000 ____D C:\Users\Xiaoshu\AppData\Roaming\Nitro PDF
2015-12-13 16:58 - 2015-12-29 03:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-11 22:03 - 2015-08-10 10:08 - 00000000 __RDO C:\Users\Xiaoshu\OneDrive
2016-01-11 22:02 - 2015-08-13 19:39 - 00000000 ____D C:\Users\Xiaoshu\Documents\Outlook-Dateien
2016-01-11 21:50 - 2015-08-14 08:59 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-11 21:31 - 2015-08-14 19:26 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-01-11 20:58 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2016-01-11 20:31 - 2015-08-14 19:26 - 00001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-01-11 19:14 - 2015-08-14 19:28 - 00000000 ___RD C:\Users\Xiaoshu\Dropbox
2016-01-11 19:14 - 2015-08-14 19:26 - 00000000 ____D C:\Users\Xiaoshu\AppData\Local\Dropbox
2016-01-11 19:14 - 2015-08-10 10:04 - 00000000 __SHD C:\Users\Xiaoshu\IntelGraphicsProfiles
2016-01-10 22:39 - 2015-10-30 19:35 - 00777804 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-10 22:39 - 2015-10-30 19:35 - 00156080 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-10 22:39 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-01-10 22:39 - 2015-08-10 14:54 - 01802588 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-10 22:33 - 2014-08-21 09:28 - 00000000 ____D C:\ProgramData\McAfee
2016-01-10 22:33 - 2014-08-21 09:28 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-01-10 22:32 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-01-10 22:32 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-10 22:32 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-10 22:32 - 2015-08-10 10:49 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2016-01-10 22:31 - 2015-07-10 10:05 - 00000000 ____D C:\Users\Default.migrated
2016-01-10 21:33 - 2015-08-10 15:02 - 00000000 ____D C:\Users\Xiaoshu\Documents\Tencent Files
2016-01-10 20:05 - 2015-10-30 19:36 - 00000000 ____D C:\WINDOWS\OCR
2016-01-10 20:05 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\security
2016-01-10 20:05 - 2015-08-10 15:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-10 20:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\ADFS
2016-01-10 19:49 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-10 19:49 - 2015-08-10 10:04 - 00000000 ____D C:\Users\Xiaoshu\AppData\Local\Packages
2016-01-10 17:12 - 2015-08-14 08:59 - 00001182 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-10 17:12 - 2015-08-14 08:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-01-10 17:12 - 2015-08-14 08:59 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-09 19:29 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-09 12:37 - 2015-08-13 20:31 - 00000000 ____D C:\Users\Xiaoshu\Desktop\Verkauf
2016-01-08 19:20 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-30 17:05 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-12-30 17:02 - 2014-08-21 09:33 - 00000000 ____D C:\ProgramData\Energy Manager
2015-12-29 19:16 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-29 19:03 - 2015-12-08 21:48 - 00002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2015-12-29 19:02 - 2015-08-10 14:59 - 00002435 _____ C:\Users\Xiaoshu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-29 19:00 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-12-29 19:00 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-29 18:59 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-29 18:59 - 2015-08-10 15:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-29 18:58 - 2014-08-21 09:08 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-12-29 04:01 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-29 04:00 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-29 04:00 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT
2015-12-29 04:00 - 2015-08-10 14:25 - 00019053 _____ C:\WINDOWS\diagwrn.xml
2015-12-29 04:00 - 2015-08-10 14:25 - 00019053 _____ C:\WINDOWS\diagerr.xml
2015-12-29 03:59 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration
2015-12-29 03:58 - 2015-09-02 20:25 - 00002954 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-12-29 03:58 - 2015-08-14 19:26 - 00003740 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2015-12-29 03:58 - 2015-08-14 19:26 - 00003516 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2015-12-29 03:58 - 2015-08-10 14:50 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-12-29 03:58 - 2015-08-10 10:09 - 00002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4290222576-957381668-3853716905-1001
2015-12-29 03:58 - 2014-08-21 09:30 - 00002476 _____ C:\WINDOWS\System32\Tasks\Lenovo Smart Voice
2015-12-29 03:58 - 2014-08-21 09:19 - 00003182 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2
2015-12-29 03:58 - 2014-08-21 09:19 - 00002802 _____ C:\WINDOWS\System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon
2015-12-29 03:58 - 2014-08-21 09:08 - 00002314 _____ C:\WINDOWS\System32\Tasks\DolbySelectorTask
2015-12-29 03:58 - 2014-08-21 08:53 - 00002318 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4290222576-957381668-3853716905-500
2015-12-29 03:57 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-29 03:56 - 2015-12-08 21:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2015-12-29 03:56 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-29 03:56 - 2014-08-21 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Photo Master
2015-12-29 03:56 - 2014-08-21 09:30 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
2015-12-29 03:56 - 2014-08-21 09:27 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaStory
2015-12-29 03:56 - 2014-08-21 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-12-29 03:56 - 2014-08-21 09:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2015-12-29 03:56 - 2014-08-21 09:07 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-12-29 03:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-12-29 03:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\InputMethod
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-12-29 03:53 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-29 03:53 - 2014-08-21 09:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hightail
2015-12-29 03:53 - 2014-08-21 09:09 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2015-12-29 03:53 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-12-29 03:53 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-12-29 03:51 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-29 03:49 - 2015-10-30 19:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-12-29 03:49 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-29 03:46 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-29 03:46 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-29 03:46 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-29 03:46 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-12-29 03:46 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-29 03:46 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-29 03:43 - 2015-10-30 19:44 - 00000000 ____D C:\Program Files\Windows Journal
2015-12-29 03:43 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2015-12-29 03:43 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-12-29 03:43 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2015-12-29 03:43 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-12-29 03:43 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\winrm
2015-12-29 03:43 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-12-29 03:43 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\slmgr
2015-12-29 03:43 - 2015-10-30 19:35 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2015-12-29 03:43 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-12-29 03:43 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2015-12-29 03:43 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-12-29 03:43 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\dsc
2015-12-29 03:43 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2015-12-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\migwiz
2015-12-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-12-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Defender
2015-12-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-12-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-12-29 03:43 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\servicing
2015-12-29 03:38 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-12-29 03:38 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-12-29 03:30 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-26 10:06 - 2015-08-14 09:07 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-12-25 09:03 - 2015-08-14 08:38 - 00000000 ____D C:\ProgramData\RavensburgerTipToi
2015-12-20 19:54 - 2015-08-13 20:31 - 00030753 _____ C:\Users\Xiaoshu\Desktop\Rechnungen.xlsx
2015-12-17 08:57 - 2014-08-21 09:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-12-16 12:33 - 2015-11-18 09:51 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-12-13 16:58 - 2015-08-14 19:26 - 00000000 ____D C:\Program Files (x86)\Dropbox

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-10 15:02 - 2015-08-10 15:02 - 0371040 _____ (Tencent) C:\Users\Xiaoshu\AppData\Roaming\3GUykWjKOl9Cis.TXT
2015-08-10 15:02 - 2015-08-10 15:02 - 0000528 _____ () C:\Users\Xiaoshu\AppData\Roaming\52eaKQ9ez9YA.dat
2015-08-10 15:01 - 2015-08-10 15:02 - 3348960 _____ () C:\Users\Xiaoshu\AppData\Roaming\V6BQH17M.TXT
2015-12-29 03:50 - 2015-12-29 03:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-08 19:19

==================== Ende von FRST.txt ============================
Addition txt von FST kam irgendwie nicht, kann ich das manuell aufrufen?

xiao80 11.01.2016 22:15
habs manuell angeklickt

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
durchgeführt von Xiaoshu (2016-01-11 22:13:41)
Gestartet von C:\Users\Xiaoshu\Downloads
Windows 10 Home (X64) (2015-12-29 03:00:50)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4290222576-957381668-3853716905-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4290222576-957381668-3853716905-503 - Limited - Disabled)
Gast (S-1-5-21-4290222576-957381668-3853716905-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4290222576-957381668-3853716905-1003 - Limited - Enabled)
Xiaoshu (S-1-5-21-4290222576-957381668-3853716905-1001 - Administrator - Enabled) => C:\Users\Xiaoshu

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Benutzerhandbücher (x32 Version: 3.0.0.3 - Lenovo) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
Energy Manager (x32 Version: 1.0.0.35 - Lenovo) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Intel Experience Center - Configuration (x32 Version: 1.7.0.179 - Intel) Hidden
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{3608ec0a-56b4-4d9d-b038-9b3e51d72582}) (Version: 1.7.0.179 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.2.1000 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.6.2.69 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) 4.0 (HKLM-x32\...\{C23B292D-2656-4A05-97D5-41FDC040158C}) (Version: 3.0.1342.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7e493493-a430-4b7b-b8a2-48d61599e220}) (Version: 17.0.0 - Intel Corporation)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo FusionEngine  (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{E9325F15-6339-45E8-9DC4-C2D44B623039}) (Version: 2.5.1.0224 - PointGrab)
Lenovo Motion Control (x32 Version: 2.5.1.0224 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.4 - Lenovo)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.0.13.10181 - Lenovo)
Lenovo Yoga 2 Demo (HKLM-x32\...\{03C682A4-05CD-4D22-B50A-B9C3C5F2B137}) (Version: 1.0.7 - Lenovo)
Lenovo Yoga PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.1.9.5 - Lenovo)
Lenovo Yoga PhoneCompanion (x32 Version: 1.1.9.5 - Lenovo) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
Metric Collection SDK 35 (x32 Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.6366.2036 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Nitro Pro 9 (HKLM\...\{4C32F7E8-A65F-4D3C-9153-9F3B57CB6872}) (Version: 9.0.5.9 - Nitro)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6326.1010 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1210 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Tencent QQMail Plugin (HKLM-x32\...\QQMailPlugin) (Version:  - )
tiptoi® Manager 3.0.9 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.0.9 - Ravensburger AG)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Yoga Picks (HKLM-x32\...\{267C8BA0-876B-4589-9F14-EFB84ABCEA7F}) (Version: 1.5.014.0106 - Lenovo)
Your download is ready Packages (HKU\S-1-5-21-4290222576-957381668-3853716905-1001\...\Your download is ready Packages) (Version:  - ) <==== ACHTUNG
腾讯QQ (HKLM-x32\...\{052CFB79-9D62-42E3-8A15-DE66C2C97C3E}) (Version: 7.5.15456.0 - 腾讯科技(深圳)有限公司)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4290222576-957381668-3853716905-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Xiaoshu\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02224701-469D-43AB-B3AB-97AED8C84181} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-12-04] (Microsoft Corporation)
Task: {03308CA0-16E1-45AB-AD85-97490BEE2383} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {0B0212FB-EEE8-43E0-B746-838A711905EE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {0F9E6E5A-EB33-47A6-99CA-89EA38805566} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {27AD8B1F-E79E-4891-A5BC-36E52D23B7F5} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {297204C6-E218-41DA-908C-28C5663DD6AD} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {300B8EFA-A9F5-4FB5-BFC4-0F6D57804F83} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-11] (Google Inc.)
Task: {4948ABF6-0C86-4C00-81ED-46FE353824C1} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {50042F44-7304-41B9-A9F2-DFA15591D624} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2014-08-21] (Lenovo)
Task: {673D2CE8-BBBE-4BF4-851A-0CE339F30751} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {793DCCA3-EA76-44A9-956F-AD1A5D6BD723} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-14] (Dropbox, Inc.)
Task: {86501CAF-6BF9-42A2-ADBE-AD82F248FB22} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-12-04] (Microsoft Corporation)
Task: {8CD0B0D8-A5B8-404C-995C-8B0292BCEBB8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {B23208F7-1CDC-45F8-A462-56E014DD91E4} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-12-16] (Microsoft Corporation)
Task: {BAFFCF4D-52F4-445B-9BEC-17EFC10BEC32} - System32\Tasks\SUPERAntiSpyware Scheduled Task 761a2c47-7d05-4e48-97a4-9621258d25e7 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {C26B14A5-71B9-4883-8DE1-30568EB1010B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-11] (Google Inc.)
Task: {C8D00D67-6746-45BD-AF51-22C86F63287A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {D2BD82FA-8621-4D03-803B-71BF5703C01C} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-21] ()
Task: {D2D41F86-3E9D-485A-8203-EA8D1A154830} - System32\Tasks\SUPERAntiSpyware Scheduled Task 1d196ce4-a2f8-49e7-a7fc-003ca6d6b193 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {D698D09E-39CA-4E87-B866-ACC104978131} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\Bootstrap.exe [2013-07-03] (Intel Corporation)
Task: {D8BD0B53-90D4-44A1-B701-FFB6C9ED88D5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {FDC32BAA-7371-4679-BBA8-8EFE9243CAA8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-14] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 1d196ce4-a2f8-49e7-a7fc-003ca6d6b193.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 761a2c47-7d05-4e48-97a4-9621258d25e7.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-12-05 12:49 - 2015-12-04 03:52 - 00162472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2014-08-21 09:30 - 2012-04-24 11:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-08-21 09:30 - 2014-08-21 09:30 - 00061200 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2014-08-21 09:28 - 2014-01-06 14:14 - 00019440 _____ () C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
2014-08-21 09:30 - 2014-08-21 09:30 - 00815104 _____ () C:\Program Files\Lenovo Yoga PhoneCompanion\adb.exe
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-29 19:46 - 2015-12-29 19:46 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-29 03:46 - 2015-12-29 03:46 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-29 03:46 - 2015-12-29 03:46 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-29 03:45 - 2015-12-29 03:45 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-02-24 15:39 - 2014-02-24 15:39 - 00013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll
2014-08-21 09:06 - 2013-09-16 11:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-12-29 19:46 - 2015-12-29 19:46 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-12-29 19:46 - 2015-12-29 19:47 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2015-12-16 12:33 - 00000860 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.1        mssplus.mcafee.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4290222576-957381668-3853716905-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Xiaoshu\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img2.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8D5A6A21-44B0-4C9E-869D-87B6A13B8837}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5B81D653-03A3-435F-B357-50820F52AE1F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{03E5BAC6-8309-493F-B448-6B62D47A0BBE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{A3128E1F-DA61-4671-9E98-70F4AF28858A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{52D0EA63-D561-41A8-A892-6B24D5FE629B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{767C5C9F-17BF-4C73-9C89-79F8FE3CC91F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{61BD990D-FF21-426D-9BED-D5A1971597B1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8C79EC58-ADA2-4599-A8DD-CD37BDC4F68E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{35732777-4E45-4581-A7B5-4667983DD6F7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3F5B7A89-88F3-404F-89DE-D58F5322B82C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DFC6585D-11E8-4D24-829E-B6D1C1D5C840}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C3631246-3EB3-412B-A4D8-D81D9CCD64D3}] => (Allow) C:\Users\Public\Documents\Tencent\QQGameMicro\QQGameMicro.exe
FirewallRules: [{C763A780-E1A7-4DBF-8D9C-A7CDD7CE1CD9}] => (Allow) C:\Users\Public\Documents\Tencent\QQGameMicro\IEProc.exe
FirewallRules: [{149ACD33-B75E-4DDD-9061-BF83461AC7BD}] => (Allow) C:\program files (x86)\common files\tencent\qqminidl\60\QQGameUpUI.exe
FirewallRules: [{7883CFCA-9419-4A84-8036-2A697E1013C8}] => (Allow) C:\program files (x86)\common files\tencent\qqminidl\60\QQMiniDLUI.exe
FirewallRules: [{30C8644B-A68F-438B-BA6B-361FA9684987}] => (Allow) C:\program files (x86)\common files\tencent\qqminidl\60\qqminidl.exe
FirewallRules: [{A4ECD58F-0454-47DC-B0F3-5F3C3CF80DC3}] => (Allow) C:\Program Files (x86)\Tencent\QzoneMusic\QzoneMusic.exe
FirewallRules: [{10A80852-FEB8-43CB-BF86-9C45AB8973FC}] => (Allow) C:\Program Files (x86)\Tencent\QzoneMusic\QzoneMusic.exe
FirewallRules: [{E9F67067-1407-4595-AF94-2350782DB65A}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\131\tencentdl.exe
FirewallRules: [{6B4DBAD4-5E27-487A-8DE1-32197CDD3B1E}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\131\bugreport_xf.exe
FirewallRules: [{673E42A1-8B3F-48B8-9C3B-F7664F802D1E}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\maUpdat.exe
FirewallRules: [{8C0780AB-FC7B-4693-8D39-D66B43856DE3}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\maLauncher.exe
FirewallRules: [{C438EBF1-94C8-4509-8833-68F82904C6C7}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\SetupEx\SetupEx.exe
FirewallRules: [{D1032E31-B1D5-4CB9-98AD-CC642FF5A876}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\txupd.exe
FirewallRules: [{C1BC2450-A04A-4E4E-A99E-B2339C2AB258}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\auclt.exe
FirewallRules: [{C2D6CC9C-583C-414A-BD35-EE2FD2962D07}] => (Allow) C:\Program Files (x86)\Tencent\QQ\Bin\QQ.exe
FirewallRules: [{0D519EBE-627C-4AE0-976B-E15854C8C5C4}] => (Allow) C:\Users\Xiaoshu\AppData\Roaming\Tencent\QQ\STemp\SetupEx0\QQSetupEx.exe
FirewallRules: [{59115985-2476-42B9-BFEF-5FA671DE748F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{46936976-0F27-4E85-9165-3D61ABD8BABC}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{836F3512-74E2-44B1-82D5-10E03DAD76A4}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{F1F0945E-917D-4307-AFE8-72A0A31C6CAB}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{669A88E1-D8B6-4152-BA40-1369B85329A0}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{C4382A12-BEF0-4E5B-B73D-370A4236DDF3}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{9731BB2F-222F-42EB-B2C4-B460CE618383}] => (Allow) LPort=55100
FirewallRules: [{7B37C685-4232-42FF-A7D2-82C235F1C4A7}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{58D21C4C-38C5-4ECD-AD8A-2FCA99BE3449}] => (Allow) C:\Program Files (x86)\WinZip Driver Updater\winzipdu.exe
FirewallRules: [{F48A1900-DBA0-4AF6-A9DD-E15B90B88A78}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/11/2016 08:08:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1156

Error: (01/11/2016 08:08:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1156

Error: (01/11/2016 08:03:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/11/2016 07:23:37 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418220

Error: (01/10/2016 07:21:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1156

Error: (01/10/2016 07:21:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1156

Error: (01/10/2016 07:21:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/10/2016 07:21:35 PM) (Source: LenovoWiFiHotspotSvr) (EventID: 1) (User: )
Description: LenovoWiFiHotspotSvrm_WlanMgr stop HN error. failed with 0

Error: (01/10/2016 07:21:35 PM) (Source: PhoneCompanionVap_WLAN) (EventID: 1) (User: )
Description: PhoneCompanionVap_WLANWlanMgr : ForceStop error. failed with 6

Error: (01/10/2016 06:32:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1219


Systemfehler:
=============
Error: (01/11/2016 08:03:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/11/2016 12:09:12 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/11/2016 12:01:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_1a0d04b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/11/2016 12:01:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _1a0d04b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/11/2016 12:01:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_1a0d04b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/11/2016 12:01:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_1a0d04b" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/11/2016 12:01:40 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/11/2016 11:53:03 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (01/11/2016 11:14:18 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

Error: (01/11/2016 08:13:32 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_59d566" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-01-11 11:19:03.143
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-10 20:09:49.622
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-09 09:58:01.886
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-07 17:42:16.552
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-30 17:17:33.250
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-29 19:03:18.128
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-29 19:03:13.960
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-29 03:58:07.716
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-29 03:57:10.437
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-29 03:49:51.850
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8112.96 MB
Verfügbarer physikalischer RAM: 5275.75 MB
Summe virtueller Speicher: 9392.96 MB
Verfügbarer virtueller Speicher: 6836.95 MB

==================== Laufwerke ================================

Drive c: (Windows8_OS) (Fixed) (Total:102.1 GB) (Free:15.49 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: AD31C4C4)

Partition: GPT.

==================== Ende von Addition.txt ============================

cosinus 12.01.2016 09:03
Das gibs ja nicht :wtf: weder adwCleaner noch JRT haben was gefunden - oder hast du nur die Logs beim letzten Lauf gepostet?

xiao80 12.01.2016 12:40
was meinst du den mit letzen lauf? die beiden programme hatte ich ja vorher nicht drauf gehabt also habe ich halt das gepostet was ich nach dem ersten lauf sehen konnte

AAAHhhh ich krieg hier noch die Krise :(((( muss ich jetzt für den rest meines tages nur noch auf facebook mich herumtreiben? buhu


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:25 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132