spliffspliff | 21.10.2015 19:19 | mbam.txt Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlaufdatum: 21.10.2015
Suchlaufzeit: 19:09
Protokolldatei: mbam.txt
Administrator: Ja
Version: 2.2.0.1024
Malware-Datenbank: v2015.10.21.05
Rootkit-Datenbank: v2015.10.16.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Janine
Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 449497
Abgelaufene Zeit: 32 Min., 34 Sek.
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(keine bösartigen Elemente erkannt)
Module: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 16
PUP.Optional.OfferMosquito, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{82B16A3D-F03E-4565-A532-666B219C9A53}, In Quarantäne, [0d8cd5849af1f73f9849e3157a87847c],
PUP.Optional.OfferMosquito, HKLM\SOFTWARE\CLASSES\TYPELIB\{A1669086-99CD-4735-9B7D-BD0ED4EF4893}, In Quarantäne, [0d8cd5849af1f73f9849e3157a87847c],
PUP.Optional.OfferMosquito, HKLM\SOFTWARE\CLASSES\INTERFACE\{E563EA8B-7C40-4E55-AD48-EF3A1463F16C}, In Quarantäne, [0d8cd5849af1f73f9849e3157a87847c],
PUP.Optional.OfferMosquito, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E563EA8B-7C40-4E55-AD48-EF3A1463F16C}, In Quarantäne, [0d8cd5849af1f73f9849e3157a87847c],
PUP.Optional.OfferMosquito, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E563EA8B-7C40-4E55-AD48-EF3A1463F16C}, In Quarantäne, [0d8cd5849af1f73f9849e3157a87847c],
PUP.Optional.OfferMosquito, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A1669086-99CD-4735-9B7D-BD0ED4EF4893}, In Quarantäne, [0d8cd5849af1f73f9849e3157a87847c],
PUP.Optional.OfferMosquito, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{A1669086-99CD-4735-9B7D-BD0ED4EF4893}, In Quarantäne, [0d8cd5849af1f73f9849e3157a87847c],
PUP.Optional.OfferMosquito, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{82B16A3D-F03E-4565-A532-666B219C9A53}, In Quarantäne, [0d8cd5849af1f73f9849e3157a87847c],
PUP.Optional.OfferMosquito, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{82B16A3D-F03E-4565-A532-666B219C9A53}, In Quarantäne, [0d8cd5849af1f73f9849e3157a87847c],
PUP.Optional.OfferMosquito, HKU\S-1-5-21-4208037656-2194979347-3127191415-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{82B16A3D-F03E-4565-A532-666B219C9A53}, In Quarantäne, [0d8cd5849af1f73f9849e3157a87847c],
PUP.Optional.OfferMosquito, HKU\S-1-5-21-4208037656-2194979347-3127191415-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{82B16A3D-F03E-4565-A532-666B219C9A53}, In Quarantäne, [0d8cd5849af1f73f9849e3157a87847c],
PUP.Optional.OfferMosquito, HKCU\SOFTWARE\CLASSES\TYPELIB\{B83C16AE-3C3D-5362-85D6-D19F9FB51262}, In Quarantäne, [6336dd7c8902b97de5e69c9712eeb848],
PUP.Optional.OfferMosquito, HKCU\SOFTWARE\CLASSES\INTERFACE\{2C0830EC-8559-5E15-9DC7-5BB830020064}, In Quarantäne, [6336dd7c8902b97de5e69c9712eeb848],
PUP.Optional.OfferMosquito, HKCU\SOFTWARE\CLASSES\INTERFACE\{A384AB73-46D8-570B-982A-776E7DED115A}, In Quarantäne, [6336dd7c8902b97de5e69c9712eeb848],
PUP.Optional.OfferMosquito, HKCU\SOFTWARE\CLASSES\INTERFACE\{E4BC2DD7-8F3D-5254-8B4C-D2C3888D2A38}, In Quarantäne, [6336dd7c8902b97de5e69c9712eeb848],
PUP.Optional.SimpleNewTab, HKU\S-1-5-21-4208037656-2194979347-3127191415-1001\SOFTWARE\SimpleNewTab, In Quarantäne, [3e5b5504375447efab47ef8e5ba832ce],
Registrierungswerte: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Ordner: 11
PUP.Optional.Snoozer, C:\Users\Janine\AppData\Roaming\Seventh, In Quarantäne, [e5b4154492f9a2943b6ff6a0db288a76],
PUP.Optional.Genius, C:\Users\Janine\AppData\Roaming\Genius, In Quarantäne, [f5a41e3bcdbe4beb1b36e4b454af1ee2],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, In Quarantäne, [9bfeb6a3c3c8d660773bc6760af820e0],
PUP.Optional.OfferMosquito, C:\Users\Janine\AppData\Roaming\OfferMosquito, In Quarantäne, [20790c4da7e4e056adc2db7e8b77b24e],
PUP.Optional.OfferMosquito, C:\Users\Janine\AppData\Local\ext_offermosquito, In Quarantäne, [3069f46594f796a05f11e079b44ea957],
PUP.Optional.OfferMosquito, C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito, In Quarantäne, [d1c881d8f794d85e561bf960e81abb45],
PUP.Optional.SimpleNewTab, C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga, In Quarantäne, [74250f4ae6a560d6bbe1302f18ea59a7],
PUP.Optional.SimpleNewTab, C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga\1.0.1_0, In Quarantäne, [74250f4ae6a560d6bbe1302f18ea59a7],
PUP.Optional.SimpleNewTab, C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga\1.0.1_0\_metadata, In Quarantäne, [74250f4ae6a560d6bbe1302f18ea59a7],
PUP.Optional.SimpleNewTab, C:\Users\Janine\AppData\Local\simple_new_tab, In Quarantäne, [8514d089ee9d2016881506595ca6cc34],
PUP.Optional.SimpleNewTab, C:\Users\Janine\AppData\Local\simple_new_tab\htmls, In Quarantäne, [8514d089ee9d2016881506595ca6cc34],
Dateien: 20
PUP.Optional.OpenCandy, C:\Users\Janine\Desktop\CDex-1.79-win32 (1).exe, In Quarantäne, [18813821abe02412dd8c3113ab5928d8],
PUP.Optional.OpenCandy, C:\Users\Janine\Downloads\DoNotSpy10-1.0.0.2-Setup.exe, In Quarantäne, [94054613810a1125fc7e0dd7867b22de],
PUP.Optional.OfferMosquito, C:\Users\Janine\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll, In Quarantäne, [6336dd7c8902b97de5e69c9712eeb848],
PUP.Optional.SimpleNewTab, C:\Users\Janine\AppData\Roaming\Mozilla\Firefox\Profiles\qj2e8xrh.default\extensions\snt@simplenewtab.com.xpi, In Quarantäne, [7d1ce8710487e353f9f80974df249967],
PUP.Optional.Snoozer, C:\Users\Janine\AppData\Roaming\Seventh\userid.dll, In Quarantäne, [e5b4154492f9a2943b6ff6a0db288a76],
PUP.Optional.Snoozer, C:\Users\Janine\AppData\Roaming\Seventh\version.txt, In Quarantäne, [e5b4154492f9a2943b6ff6a0db288a76],
PUP.Optional.Genius, C:\Users\Janine\AppData\Roaming\Genius\vals.txt, In Quarantäne, [f5a41e3bcdbe4beb1b36e4b454af1ee2],
PUP.Optional.Genius, C:\Users\Janine\AppData\Roaming\Genius\version.txt, In Quarantäne, [f5a41e3bcdbe4beb1b36e4b454af1ee2],
PUP.Optional.OfferMosquito, C:\Users\Janine\AppData\Local\ext_offermosquito\atl100.dll, In Quarantäne, [3069f46594f796a05f11e079b44ea957],
PUP.Optional.OfferMosquito, C:\Users\Janine\AppData\Local\ext_offermosquito\msvcr100d.dll, In Quarantäne, [3069f46594f796a05f11e079b44ea957],
PUP.Optional.SimpleNewTab, C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga\1.0.1_0\manifest.json, In Quarantäne, [74250f4ae6a560d6bbe1302f18ea59a7],
PUP.Optional.SimpleNewTab, C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga\1.0.1_0\newtab.js, In Quarantäne, [74250f4ae6a560d6bbe1302f18ea59a7],
PUP.Optional.SimpleNewTab, C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga\1.0.1_0\options.html, In Quarantäne, [74250f4ae6a560d6bbe1302f18ea59a7],
PUP.Optional.SimpleNewTab, C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga\1.0.1_0\options.js, In Quarantäne, [74250f4ae6a560d6bbe1302f18ea59a7],
PUP.Optional.SimpleNewTab, C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga\1.0.1_0\snt.html, In Quarantäne, [74250f4ae6a560d6bbe1302f18ea59a7],
PUP.Optional.SimpleNewTab, C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga\1.0.1_0\snt.js, In Quarantäne, [74250f4ae6a560d6bbe1302f18ea59a7],
PUP.Optional.SimpleNewTab, C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga\1.0.1_0\_metadata\computed_hashes.json, In Quarantäne, [74250f4ae6a560d6bbe1302f18ea59a7],
PUP.Optional.SimpleNewTab, C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga\1.0.1_0\_metadata\verified_contents.json, In Quarantäne, [74250f4ae6a560d6bbe1302f18ea59a7],
PUP.Optional.SimpleNewTab, C:\Users\Janine\AppData\Local\simple_new_tab\simple_new_tab.dll, In Quarantäne, [8514d089ee9d2016881506595ca6cc34],
PUP.Optional.SimpleNewTab, C:\Users\Janine\AppData\Local\simple_new_tab\htmls\index.html, In Quarantäne, [8514d089ee9d2016881506595ca6cc34],
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end) adwCleaner.txt Code:
# AdwCleaner v5.014 - Bericht erstellt am 21/10/2015 um 19:56:23
# Aktualisiert am 18/10/2015 von Xplode
# Datenbank : 2015-10-18.5 [Server]
# Betriebssystem : Windows 10 Home (x64)
# Benutzername : Janine - DESKTOP-JANINE
# Gestartet von : C:\Users\Janine\Downloads\AdwCleaner_5.014.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\ProgramData\apn
[-] Ordner Gelöscht : C:\ProgramData\Babylon
[-] Ordner Gelöscht : C:\Users\Janine\AppData\Local\DownloadManager
[-] Ordner Gelöscht : C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\simple_new_tab
[-] Ordner Gelöscht : C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\llpnaddghmkpkmnghbdpahlgncpieofn
[-] Ordner Gelöscht : C:\Users\Janine\AppData\Roaming\Babylon
[-] Ordner Gelöscht : C:\Users\Janine\AppData\Roaming\DataMgr
[-] Ordner Gelöscht : C:\Users\Janine\AppData\Roaming\Intermediate
[-] Ordner Gelöscht : C:\Users\Janine\AppData\Roaming\pdfforge
[-] Ordner Gelöscht : C:\Users\Janine\AppData\Roaming\SCheck
[-] Ordner Gelöscht : C:\Users\Janine\AppData\Roaming\Sixth
[-] Ordner Gelöscht : C:\Users\Janine\AppData\Roaming\Snz
[-] Ordner Gelöscht : C:\Users\Janine\AppData\Roaming\SSync
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\END
[-] Datei Gelöscht : C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pmgkeimkiojpjcoiiipekfjaopchhjga_0.localstorage
[-] Datei Gelöscht : C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_llpnaddghmkpkmnghbdpahlgncpieofn_0.localstorage
[-] Datei Gelöscht : C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.fbdownloader.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Janine\AppData\Roaming\Mozilla\Firefox\Profiles\qj2e8xrh.default\user.js
[-] Datei Gelöscht : C:\Users\Janine\AppData\Roaming\Mozilla\Firefox\Profiles\qj2e8xrh.default\searchplugins\avira-safesearch.xml
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
[-] Task Gelöscht : LaunchApp
***** [ Registrierungsdatenbank ] *****
[-] Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Intermediate]
[-] Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [ssync]
[-] Schlüssel Gelöscht : HKCU\Software\MozillaPlugins\bebomedia.com/OfferMosquitoIEHelper
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
[-] Schlüssel Gelöscht : HKCU\Software\Classes\CLSID\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{363F46BE-27B4-4C8D-99E7-B1E049B84376}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{90A9B7D2-3794-45EA-9E23-140E3938D2D9}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A753A1EC-973E-4718-AF8E-A3F554D45C44}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02AFA80F-4BEE-41FD-8572-214B58A9EF90}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F524A2D-5637-006A-76A7-7A786E7484D7}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F524A2D-5637-006A-76A7-7A786E7484D7}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5637-006A-76A7-7A786E7484D7}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Protector
[-] Schlüssel Gelöscht : HKCU\Software\Softonic
[-] Schlüssel Gelöscht : HKCU\Software\Snoozer
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Protector
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Softonic
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Snoozer
***** [ Internetbrowser ] *****
[-] [C:\Users\Janine\AppData\Roaming\Mozilla\Firefox\Profiles\qj2e8xrh.default\prefs.js] [Preference] Gelöscht : user_pref("avira.safe_search.installed", "[\"safesearch\"]");
[-] [C:\Users\Janine\AppData\Roaming\Mozilla\Firefox\Profiles\qj2e8xrh.default\prefs.js] [Preference] Gelöscht : user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"privatebrowsing-button\",\"save-page-button\",\"print-but[...]
[-] [C:\Users\Janine\AppData\Roaming\Mozilla\Firefox\Profiles\qj2e8xrh.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"9950b525984ee287572cbbbd49664eba0f66130f\"");
[-] [C:\Users\Janine\AppData\Roaming\Mozilla\Firefox\Profiles\qj2e8xrh.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.safesearch.install", "1445346833416");
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7701 Bytes] ########## JRT.txt Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 10 Home x64
Ran by Janine on 21.10.2015 at 20:05:55,64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Driver Booster SkipUAC (Janine)
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Driver Booster Update
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\SmartDefrag4_Startup
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Uninstaller_SkipUac_Janine
Successfully deleted: [Task] C:\WINDOWS\Tasks\Uninstaller_SkipUac_Janine.job
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] C:\WINDOWS\SysWOW64\REN8B0.tmp
~~~ Folders
Successfully deleted: [Folder] C:\Program Files (x86)\iobit\driver booster
Successfully deleted: [Folder] C:\ProgramData\iobit\driver booster
Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\driver booster 2
Successfully deleted: [Folder] C:\ProgramData\productdata
Successfully deleted: [Folder] C:\Users\Janine\AppData\Roaming\iobit\driver booster
Successfully deleted: [Folder] C:\Users\Janine\AppData\Roaming\productdata
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Janine\AppData\Roaming\mozilla\firefox\profiles\qj2e8xrh.default\extensions\iobitascsurfingprotection@iobit.com
Successfully deleted: [Folder] C:\Users\Janine\AppData\Roaming\mozilla\firefox\profiles\qj2e8xrh.default\extensions\safesearch@avira.com
Successfully deleted the following from C:\Users\Janine\AppData\Roaming\mozilla\firefox\profiles\qj2e8xrh.default\prefs.js
user_pref(extensions.xpiState, {\app-profile\:{\2020Player_IKEA@2020Technologies.com\:{\d\:\C:\\\\Users\\\\Janine\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Prof
Emptied folder: C:\Users\Janine\AppData\Roaming\mozilla\firefox\profiles\qj2e8xrh.default\minidumps [11 files]
~~~ Chrome
[C:\Users\Janine\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Janine\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Janine\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Janine\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.10.2015 at 20:10:41,40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST.txt Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:21-10-2015
durchgeführt von Janine (Administrator) auf DESKTOP-JANINE (21-10-2015 20:12:17)
Gestartet von C:\Users\Janine\Downloads
Geladene Profile: Janine (Verfügbare Profile: Janine)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-09-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-09-13] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-23] (Apple Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-09-23] (Apple Inc.)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.)
HKLM-x32\...\Run: [Memeo Instant Backup] => C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2011-09-16] (Memeo Inc.)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-02-07] (BlackBerry Limited)
HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [401280 2014-06-20] ()
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\Winampa.exe [12288 2003-04-17] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-10-08] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-10-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-09-10] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-4208037656-2194979347-3127191415-1001\...\Run: [StartMenuX] => C:\Program Files\Start Menu X\StartMenuX.exe [7673664 2013-11-20] (OrdinarySoft)
HKU\S-1-5-21-4208037656-2194979347-3127191415-1001\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272624 2013-02-05] (Microsoft Corporation)
HKU\S-1-5-21-4208037656-2194979347-3127191415-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4208037656-2194979347-3127191415-1001\...\Run: [HP Officejet Pro 8600 (NET) #2] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4208037656-2194979347-3127191415-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-4208037656-2194979347-3127191415-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-4208037656-2194979347-3127191415-1001\...\Run: [Amazon Music] => C:\Users\Janine\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] ()
HKU\S-1-5-21-4208037656-2194979347-3127191415-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-4208037656-2194979347-3127191415-1001\...\Run: [Dropbox Update] => C:\Users\Janine\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-4208037656-2194979347-3127191415-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Janine\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Janine\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Janine\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-09-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Janine\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Janine\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Janine\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Janine\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Janine\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Janine\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Janine\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Janine\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Janine\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Janine\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-15] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Janine\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-09-15] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-09-05]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2014-11-27]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
Startup: C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-10-20]
ShortcutTarget: Dropbox.lnk -> C:\Users\Janine\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerkkopie 1).lnk [2013-12-19]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerkkopie 1).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk * SmartDefragBootTime.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{7b04c631-38eb-4200-a59b-09247ad81e21}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-4208037656-2194979347-3127191415-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKU\S-1-5-21-4208037656-2194979347-3127191415-1001 -> {56A7E625-FC34-47CE-B677-585B0CD702A9} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-17] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-17] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-14] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-12] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-14] (Oracle Corporation)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1263.cab
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-14] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2015-08-14] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Janine\AppData\Roaming\Mozilla\Firefox\Profiles\qj2e8xrh.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-17] ()
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-14] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-08-14] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2015-08-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2014-04-30] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Janine\AppData\Roaming\Mozilla\Firefox\Profiles\qj2e8xrh.default\Extensions\2020Player_IKEA@2020Technologies.com [2015-10-03]
FF Extension: Avira Browser Safety - C:\Users\Janine\AppData\Roaming\Mozilla\Firefox\Profiles\qj2e8xrh.default\Extensions\abs@avira.com [2015-10-03] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Janine\AppData\Roaming\Mozilla\Firefox\Profiles\qj2e8xrh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-10-03]
FF Extension: Kein Name - C:\Users\Janine\AppData\Roaming\Mozilla\Firefox\Profiles\qj2e8xrh.default\extensions\snt@simplenewtab.com.xpi [nicht gefunden]
Chrome:
=======
CHR Profile: C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-10]
CHR Extension: (Google Docs) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-10]
CHR Extension: (Google Drive) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-13]
CHR Extension: (YouTube) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-10]
CHR Extension: (Google Search) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-09]
CHR Extension: (The Delta Game) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\fafhncaackamnbeioeccpcboifnkhblj [2015-07-13]
CHR Extension: (Google Sheets) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-10]
CHR Extension: (Google Docs Offline) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-13]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-13]
CHR Extension: (Gmail) - C:\Users\Janine\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-09]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-10-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-10-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-10-08] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1147720 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [240872 2015-09-10] (Avira Operations GmbH & Co. KG)
S4 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
S4 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [Datei ist nicht signiert]
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-08] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-08] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-08] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
S2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-08-19] () [Datei ist nicht signiert]
S4 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625632 2015-07-22] (Lenovo)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe [289256 2015-07-31] (McAfee, Inc.)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [Datei ist nicht signiert]
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-05-20] (IObit)
S2 StartMenuXService; C:\Program Files\Start Menu X\StartMenuXService.exe [67904 2013-02-09] (OrdinarySoft)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-10-08] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-07-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-07-15] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-10-08] (Avira Operations GmbH & Co. KG)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-08] (BlueStack Systems)
S3 ewusbnet; C:\Windows\system32\DRIVERS\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-09-13] (REALiX(tm))
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-10-21] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
S3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-09-13] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-09-13] (Realsil Semiconductor Corporation)
R3 rtwlane_13; C:\Windows\System32\drivers\rtwlane_13.sys [3749888 2015-07-10] (Realtek Semiconductor Corporation )
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
U5 usbfilter; C:\Windows\System32\Drivers\usbfilter.sys [57000 2012-06-19] (Advanced Micro Devices)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 WinDriver6; C:\Windows\system32\drivers\windrvr6.sys [254976 2010-07-15] (Jungo)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 RimUsb; \SystemRoot\System32\Drivers\RimUsb_AMD64.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-21 20:12 - 2015-10-21 20:12 - 00000000 ____D C:\Users\Janine\Downloads\FRST-OlderVersion
2015-10-21 20:11 - 2015-10-21 20:12 - 02195968 _____ (Farbar) C:\Users\Janine\Downloads\FRST64.exe
2015-10-21 20:10 - 2015-10-21 20:11 - 00002809 _____ C:\Users\Janine\Desktop\JRT.txt
2015-10-21 20:05 - 2015-10-05 23:23 - 01801288 _____ (Malwarebytes) C:\Users\Janine\Desktop\JRT.exe
2015-10-21 20:04 - 2015-10-21 20:04 - 01798976 _____ (Malwarebytes) C:\Users\Janine\Downloads\JRT.exe
2015-10-21 20:02 - 2015-10-21 20:02 - 00007812 _____ C:\Users\Janine\Desktop\AdwCleaner[C1].txt
2015-10-21 20:00 - 2015-10-21 20:00 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-JANINE_Janine_HistoryPrediction.bin
2015-10-21 19:54 - 2015-10-21 19:56 - 00000000 ____D C:\AdwCleaner
2015-10-21 19:52 - 2015-10-21 19:52 - 01691648 _____ C:\Users\Janine\Downloads\AdwCleaner_5.014.exe
2015-10-21 19:52 - 2015-10-21 19:52 - 00008766 _____ C:\Users\Janine\Desktop\mbam.txt
2015-10-21 19:51 - 2015-10-21 19:51 - 00002199 _____ C:\Users\Janine\Desktop\mbam1.txt
2015-10-21 19:47 - 2015-10-21 19:47 - 00000000 ___HD C:\OneDriveTemp
2015-10-21 19:09 - 2015-10-21 20:00 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-21 19:08 - 2015-10-21 19:08 - 00001202 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-21 19:08 - 2015-10-21 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-21 19:08 - 2015-10-21 19:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-21 19:08 - 2015-10-21 19:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-21 19:08 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-21 19:08 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-21 19:08 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-21 19:07 - 2015-10-21 19:07 - 22908888 _____ (Malwarebytes ) C:\Users\Janine\Downloads\mbam-setup-2.2.0.1024.exe
2015-10-21 18:58 - 2015-10-21 18:58 - 00001370 _____ C:\Users\Janine\Desktop\Revo Uninstaller.lnk
2015-10-21 18:58 - 2015-10-21 18:58 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-10-21 18:57 - 2015-10-21 18:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Janine\Downloads\revosetup95.exe
2015-10-20 21:10 - 2015-10-20 21:11 - 00063762 _____ C:\Users\Janine\Downloads\Addition.txt
2015-10-20 21:08 - 2015-10-21 20:12 - 00026970 _____ C:\Users\Janine\Downloads\FRST.txt
2015-10-20 21:07 - 2015-10-21 20:12 - 00000000 ____D C:\FRST
2015-10-20 21:04 - 2015-10-20 21:04 - 00000000 ____D C:\WINDOWS\F94A63D79A61403B8F6F90B1BF77211A.TMP
2015-10-20 19:39 - 2015-10-20 19:39 - 01461024 _____ C:\Users\Janine\Downloads\Panda Ransomware Decrypt - CHIP-Installer.exe
2015-10-20 03:08 - 2015-10-20 03:08 - 00000000 ____D C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-19 23:22 - 2015-10-16 05:10 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-10-19 23:22 - 2015-10-16 05:10 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-19 19:57 - 2015-10-19 19:58 - 00001219 _____ C:\Users\Janine\Desktop\spyhuntercode.txt.txt
2015-10-19 19:56 - 2015-10-19 19:33 - 00025984 _____ C:\WINDOWS\system32\sh4native.exe
2015-10-19 19:46 - 2015-10-19 19:57 - 45237058 _____ C:\Users\Janine\Downloads\SpyHunter v4.15.1.4270 Incl Crack - [MUMBAI].rar
2015-10-19 19:35 - 2015-10-19 19:35 - 00000000 _____ C:\autoexec.bat
2015-10-19 19:32 - 2015-10-20 21:00 - 00000000 ____D C:\Program Files\Enigma Software Group
2015-10-19 19:32 - 2015-10-19 19:32 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Janine\Downloads\SpyHunter-Installer.exe
2015-10-18 19:15 - 2015-10-18 19:15 - 00001226 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-10-18 17:30 - 2015-10-19 16:28 - 00000000 ____D C:\Users\Janine\Desktop\celine
2015-10-14 14:22 - 2015-10-17 08:22 - 03996360 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2015-10-14 14:17 - 2015-10-10 09:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-14 14:17 - 2015-10-10 08:40 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-14 14:17 - 2015-10-10 08:07 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-14 14:17 - 2015-10-06 05:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-14 14:17 - 2015-10-06 04:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-14 14:17 - 2015-10-01 06:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-10-14 14:17 - 2015-10-01 06:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-10-14 14:17 - 2015-10-01 06:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-10-14 14:17 - 2015-10-01 06:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-10-14 14:17 - 2015-10-01 06:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-14 14:17 - 2015-10-01 05:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-10-14 14:17 - 2015-09-25 06:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-10-14 14:17 - 2015-09-25 06:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-10-14 14:17 - 2015-09-25 05:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-10-14 14:17 - 2015-09-25 05:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-10-14 14:17 - 2015-09-25 05:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-10-14 14:17 - 2015-09-25 05:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-10-14 14:17 - 2015-09-25 05:17 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-14 14:17 - 2015-09-25 05:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-14 14:17 - 2015-09-25 05:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-14 14:17 - 2015-09-25 05:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-10-14 14:17 - 2015-09-25 05:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-14 14:17 - 2015-09-25 05:04 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-14 14:17 - 2015-09-25 05:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-10-14 14:17 - 2015-09-25 05:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-14 14:17 - 2015-09-25 05:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-14 14:17 - 2015-09-25 05:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-10-14 14:17 - 2015-09-25 05:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-14 14:17 - 2015-09-25 05:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-10-14 14:17 - 2015-09-25 05:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-14 14:17 - 2015-09-25 05:02 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-14 14:17 - 2015-09-25 05:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-14 14:17 - 2015-09-25 05:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-14 14:17 - 2015-09-25 05:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-14 14:17 - 2015-09-25 05:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-14 14:17 - 2015-09-25 05:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-14 14:17 - 2015-09-25 05:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-14 14:17 - 2015-09-25 04:59 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-14 14:17 - 2015-09-25 04:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-14 14:17 - 2015-09-25 04:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-14 14:17 - 2015-09-25 04:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-14 14:17 - 2015-09-25 04:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-14 14:17 - 2015-09-25 04:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-14 14:17 - 2015-09-25 04:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-14 14:17 - 2015-09-25 04:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-10-14 14:17 - 2015-09-25 04:48 - 19325952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-14 14:17 - 2015-09-25 04:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-14 14:17 - 2015-09-25 04:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-14 14:17 - 2015-09-25 04:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-14 14:17 - 2015-09-25 04:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-10-14 14:17 - 2015-09-25 04:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-14 14:17 - 2015-09-25 04:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-10-14 14:17 - 2015-09-25 04:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-10-14 14:17 - 2015-09-25 04:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-14 14:17 - 2015-09-25 04:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-14 14:17 - 2015-09-25 04:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-10-14 14:17 - 2015-09-25 04:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-14 14:17 - 2015-09-25 04:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-14 14:17 - 2015-09-25 04:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-14 14:17 - 2015-09-25 04:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-14 14:17 - 2015-09-25 04:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-14 14:17 - 2015-09-25 04:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-14 14:17 - 2015-09-25 04:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-14 14:17 - 2015-09-25 04:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-10-14 14:17 - 2015-09-25 04:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-13 16:01 - 2015-10-13 16:01 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-10-12 10:57 - 2015-10-12 11:02 - 00000000 ____D C:\Users\Janine\Desktop\Listening_2015
2015-10-12 08:44 - 2015-10-12 08:44 - 00338904 _____ C:\Users\Janine\Downloads\beg_spelling.HM0
2015-10-12 08:44 - 2015-10-12 08:44 - 00040632 _____ C:\Users\Janine\Downloads\beg_spelling (1).HMP
2015-10-03 08:22 - 2015-10-03 08:22 - 00001833 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-10-03 08:22 - 2015-10-03 08:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-10-03 08:22 - 2015-10-03 08:22 - 00000000 ____D C:\Program Files\iTunes
2015-10-03 08:22 - 2015-10-03 08:22 - 00000000 ____D C:\Program Files\iPod
2015-10-03 08:22 - 2015-10-03 08:22 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-10-03 08:20 - 2015-10-03 08:20 - 00002579 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-10-03 08:20 - 2015-10-03 08:20 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-10-03 08:20 - 2015-10-03 08:20 - 00000000 ____D C:\Program Files\Bonjour
2015-10-03 08:20 - 2015-10-03 08:20 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-10-03 08:20 - 2015-10-03 08:20 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-10-01 20:25 - 2015-10-01 20:25 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2015-10-01 20:24 - 2015-10-01 20:25 - 00527423 _____ ( ) C:\Users\Janine\Downloads\Lame_v3.99.3_for_Windows.exe
2015-10-01 20:16 - 2015-10-01 21:32 - 00000000 ____D C:\Users\Janine\AppData\Roaming\Audacity
2015-10-01 20:16 - 2015-10-01 20:16 - 00001103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2015-10-01 20:16 - 2015-10-01 20:16 - 00001091 _____ C:\Users\Public\Desktop\Audacity.lnk
2015-10-01 20:16 - 2015-10-01 20:16 - 00000000 ____D C:\Program Files (x86)\Audacity
2015-10-01 20:15 - 2015-10-01 20:15 - 25186399 _____ (Audacity Team ) C:\Users\Janine\Downloads\audacity-win-2.1.1.exe
2015-10-01 14:05 - 2015-09-17 08:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-01 14:05 - 2015-09-17 08:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-01 14:05 - 2015-09-17 08:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-01 14:05 - 2015-09-17 08:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-01 14:05 - 2015-09-17 08:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-01 14:05 - 2015-09-17 08:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 14:05 - 2015-09-17 08:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 14:05 - 2015-09-17 08:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 14:05 - 2015-09-17 08:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-01 14:05 - 2015-09-17 08:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 14:05 - 2015-09-17 08:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-01 14:05 - 2015-09-17 08:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 14:05 - 2015-09-17 08:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-01 14:05 - 2015-09-17 08:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-01 14:05 - 2015-09-17 08:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 14:05 - 2015-09-17 08:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 14:05 - 2015-09-17 08:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-01 14:05 - 2015-09-17 08:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-01 14:05 - 2015-09-17 08:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 14:05 - 2015-09-17 08:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-01 14:05 - 2015-09-17 08:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-01 14:05 - 2015-09-17 08:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-01 14:05 - 2015-09-17 08:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 14:05 - 2015-09-17 08:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-01 14:05 - 2015-09-17 08:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 14:05 - 2015-09-17 08:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-01 14:05 - 2015-09-17 08:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-01 14:05 - 2015-09-17 08:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-01 14:05 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-01 14:05 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-01 14:05 - 2015-09-17 08:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-01 14:05 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-01 14:05 - 2015-09-17 08:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-01 14:05 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-01 14:05 - 2015-09-17 08:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-01 14:05 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-01 14:05 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-01 14:05 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-01 14:05 - 2015-09-17 08:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-01 14:05 - 2015-09-17 08:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-01 14:05 - 2015-09-17 08:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-01 14:05 - 2015-09-17 08:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-01 14:05 - 2015-09-17 08:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 14:05 - 2015-09-17 08:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 14:05 - 2015-09-17 08:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 14:05 - 2015-09-17 08:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 14:05 - 2015-09-17 08:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 14:05 - 2015-09-17 08:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 14:05 - 2015-09-17 08:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-01 14:05 - 2015-09-17 08:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 14:05 - 2015-09-17 08:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 14:05 - 2015-09-17 08:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 14:05 - 2015-09-17 07:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 14:05 - 2015-09-17 07:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-01 14:05 - 2015-09-17 07:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 14:05 - 2015-09-17 07:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 14:05 - 2015-09-17 07:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 14:05 - 2015-09-17 07:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 14:05 - 2015-09-17 07:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 14:05 - 2015-09-17 07:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-01 14:05 - 2015-09-17 07:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 14:05 - 2015-09-17 07:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 14:05 - 2015-09-17 07:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-01 14:05 - 2015-09-17 07:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 14:05 - 2015-09-17 07:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 14:05 - 2015-09-17 07:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 14:05 - 2015-09-17 07:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-01 14:05 - 2015-09-17 07:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-01 14:05 - 2015-09-17 07:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 14:05 - 2015-09-17 07:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 14:05 - 2015-09-17 07:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-01 14:05 - 2015-09-17 07:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 14:05 - 2015-09-17 07:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 14:05 - 2015-09-17 07:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 14:05 - 2015-09-17 07:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-01 14:05 - 2015-09-17 07:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 14:05 - 2015-09-17 07:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-01 14:05 - 2015-09-17 07:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-01 14:05 - 2015-09-17 07:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 14:05 - 2015-09-17 07:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-01 14:05 - 2015-09-17 07:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 14:05 - 2015-09-17 07:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-01 14:05 - 2015-09-17 07:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 14:05 - 2015-09-17 07:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-01 14:05 - 2015-09-17 07:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 14:05 - 2015-09-17 07:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 14:05 - 2015-09-17 07:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 14:05 - 2015-09-17 07:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 14:05 - 2015-09-17 07:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 14:05 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 14:05 - 2015-09-17 07:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-01 14:05 - 2015-09-17 07:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 14:05 - 2015-09-17 07:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 14:05 - 2015-09-17 07:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 14:05 - 2015-09-17 07:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 14:05 - 2015-09-17 07:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 14:05 - 2015-09-17 07:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 14:05 - 2015-09-17 07:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-01 14:05 - 2015-09-17 07:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 14:05 - 2015-09-17 07:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 14:05 - 2015-09-17 07:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-01 14:05 - 2015-09-17 07:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 14:05 - 2015-09-17 07:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 14:05 - 2015-09-17 07:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-01 14:05 - 2015-09-17 07:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-01 14:05 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-01 14:05 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-01 14:05 - 2015-09-17 07:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-01 14:05 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-01 14:05 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 14:05 - 2015-09-17 07:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-01 14:05 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-01 14:05 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-01 14:05 - 2015-09-17 07:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-01 14:05 - 2015-09-17 07:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-01 14:05 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 14:05 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-01 14:05 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-01 14:05 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-01 14:05 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 14:05 - 2015-09-17 07:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-01 14:05 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-01 14:05 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-01 14:05 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-01 14:05 - 2015-09-17 07:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-01 14:05 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-01 14:05 - 2015-09-17 07:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-01 14:05 - 2015-09-13 04:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-01 14:05 - 2015-09-13 03:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-01 14:04 - 2015-09-19 07:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-01 14:04 - 2015-09-17 08:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-01 14:04 - 2015-09-17 08:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 14:04 - 2015-09-17 08:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-01 14:04 - 2015-09-17 08:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-01 14:04 - 2015-09-17 08:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-01 14:04 - 2015-09-17 08:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-01 14:04 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-01 14:04 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-01 14:04 - 2015-09-17 08:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 14:04 - 2015-09-17 08:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 14:04 - 2015-09-17 08:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-01 14:04 - 2015-09-17 08:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 14:04 - 2015-09-17 08:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 14:04 - 2015-09-17 08:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 14:04 - 2015-09-17 08:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 14:04 - 2015-09-17 08:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 14:04 - 2015-09-17 08:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 14:04 - 2015-09-17 08:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 14:04 - 2015-09-17 08:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 14:04 - 2015-09-17 08:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 14:04 - 2015-09-17 08:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 14:04 - 2015-09-17 08:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 14:04 - 2015-09-17 08:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 14:04 - 2015-09-17 07:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-01 14:04 - 2015-09-17 07:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 14:04 - 2015-09-17 07:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-01 14:04 - 2015-09-17 07:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-01 14:04 - 2015-09-17 07:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-01 14:04 - 2015-09-17 07:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 14:04 - 2015-09-17 07:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-01 14:04 - 2015-09-17 07:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-01 14:04 - 2015-09-17 07:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 14:04 - 2015-09-17 07:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-01 14:04 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-01 14:04 - 2015-09-17 07:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 14:04 - 2015-09-17 07:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-01 14:04 - 2015-09-17 07:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 14:04 - 2015-09-17 07:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 14:04 - 2015-09-17 07:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-01 14:04 - 2015-09-17 07:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 14:04 - 2015-09-17 07:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 14:04 - 2015-09-17 07:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 14:04 - 2015-09-17 07:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 14:04 - 2015-09-17 07:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 14:04 - 2015-09-17 07:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 14:04 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-01 14:04 - 2015-09-17 07:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 14:04 - 2015-09-17 07:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 14:04 - 2015-09-17 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 14:04 - 2015-09-17 07:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 14:04 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-01 14:04 - 2015-09-17 07:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-01 14:04 - 2015-09-17 07:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-01 14:04 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-01 14:04 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 14:04 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-01 14:04 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-01 14:04 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-09-29 21:39 - 2015-09-29 21:39 - 00001288 _____ C:\Users\Public\Desktop\SHAREit.lnk
2015-09-29 21:39 - 2015-09-29 21:39 - 00000000 ____D C:\Users\Janine\AppData\Local\Lenovo
2015-09-29 21:38 - 2015-09-29 21:38 - 00001051 _____ C:\Users\Public\Desktop\CDex.lnk
2015-09-29 21:38 - 2015-09-29 21:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2015-09-29 21:38 - 2015-09-29 21:38 - 00000000 ____D C:\Users\Janine\AppData\Local\CDex
2015-09-29 21:38 - 2015-09-29 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex
2015-09-29 21:37 - 2015-09-29 21:37 - 00003966 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1443555438
2015-09-29 21:37 - 2015-09-29 21:37 - 00001219 _____ C:\Users\Public\Desktop\Opera.lnk
2015-09-29 21:37 - 2015-09-29 21:37 - 00001219 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-09-29 21:37 - 2015-09-29 21:37 - 00000000 ____D C:\Users\Janine\AppData\Roaming\Opera Software
2015-09-29 21:37 - 2015-09-29 21:37 - 00000000 ____D C:\Users\Janine\AppData\Local\Opera Software
2015-09-29 21:35 - 2015-10-19 22:00 - 00000000 ____D C:\Program Files (x86)\Opera
2015-09-29 21:35 - 2015-09-29 21:38 - 00000000 ____D C:\Program Files (x86)\CDex
2015-09-29 21:29 - 2015-09-29 21:29 - 01457952 _____ C:\Users\Janine\Downloads\Exact Audio Copy - CHIP-Installer (1).exe
2015-09-29 21:28 - 2015-09-29 21:29 - 01457952 _____ C:\Users\Janine\Downloads\Exact Audio Copy - CHIP-Installer.exe
2015-09-29 21:20 - 2015-09-29 21:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-09-29 21:06 - 2015-09-29 21:23 - 00000000 ____D C:\Users\Janine\Desktop\Penthouse_Fenster
2015-09-29 21:06 - 2015-09-29 21:06 - 00128271 _____ C:\Users\Janine\Desktop\Grundriss_Fenster.pptx
2015-09-28 20:02 - 2015-09-28 20:02 - 00009737 _____ C:\Users\Janine\Downloads\services.m3u
2015-09-28 16:03 - 2015-09-28 16:03 - 00000000 ____D C:\Program Files (x86)\PDF Architect 2
2015-09-28 11:13 - 2015-09-28 11:14 - 00000022 _____ C:\Users\Janine\Downloads\Jgst-Test_2012-2015-09-28.zip
2015-09-28 11:12 - 2015-09-28 11:14 - 00000022 _____ C:\Users\Janine\Downloads\Jgst-Test_2013-2015-09-28.zip
2015-09-28 11:11 - 2015-09-28 11:12 - 00000022 _____ C:\Users\Janine\Downloads\Jgst-Test_2014-2015-09-28.zip
2015-09-21 18:55 - 2015-09-21 18:36 - 00032816 _____ C:\Users\Janine\Desktop\V14_unique_emm.log
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-21 20:09 - 2015-09-13 11:37 - 00000000 ____D C:\Users\Janine\AppData\Roaming\IObit
2015-10-21 20:09 - 2015-09-13 11:36 - 00000000 ____D C:\ProgramData\IObit
2015-10-21 20:08 - 2015-09-13 11:36 - 00000000 ____D C:\Program Files (x86)\IObit
2015-10-21 20:08 - 2013-12-19 21:08 - 00000000 ___DO C:\Users\Janine\SkyDrive
2015-10-21 20:02 - 2014-09-03 20:33 - 00000000 ___RD C:\Users\Janine\Dropbox
2015-10-21 20:02 - 2014-09-03 20:31 - 00000000 ____D C:\Users\Janine\AppData\Roaming\Dropbox
2015-10-21 20:01 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-21 20:01 - 2015-06-05 08:25 - 00000000 ___RD C:\Users\Janine\iCloudDrive
2015-10-21 20:00 - 2015-09-19 07:44 - 00001144 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-21 19:59 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-21 19:58 - 2015-09-13 19:52 - 00015918 _____ C:\WINDOWS\PFRO.log
2015-10-21 19:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-21 19:57 - 2015-07-10 11:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-10-21 19:49 - 2015-09-19 07:44 - 00001148 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-21 19:49 - 2013-12-19 21:16 - 00004172 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8D5DBA0F-C74F-4B55-B5B2-C0D51930B905}
2015-10-21 19:30 - 2015-06-16 20:20 - 00001258 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4208037656-2194979347-3127191415-1001UA.job
2015-10-21 19:22 - 2014-01-03 13:27 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-21 17:05 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-20 21:28 - 2014-04-04 11:40 - 00000600 _____ C:\Users\Janine\AppData\Roaming\winscp.rnd
2015-10-20 11:30 - 2015-06-16 20:20 - 00001206 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4208037656-2194979347-3127191415-1001Core.job
2015-10-19 23:22 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-19 21:48 - 2013-10-23 19:57 - 00000000 ____D C:\Users\Janine\AppData\Roaming\Common
2015-10-19 19:35 - 2015-08-13 19:01 - 00000000 ____D C:\Users\Janine
2015-10-19 15:31 - 2013-08-08 15:08 - 00000000 ____D C:\Users\Janine\AppData\Local\Packages
2015-10-18 19:15 - 2014-08-14 22:38 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-18 19:14 - 2015-08-14 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-10-17 07:50 - 2014-11-25 16:17 - 00002263 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-10-14 20:48 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-13 20:58 - 2015-08-13 19:21 - 01798724 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-13 20:58 - 2015-07-10 18:34 - 00774610 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-13 20:58 - 2015-07-10 18:34 - 00154974 _____ C:\WINDOWS\system32\perfc007.dat
2015-10-13 20:54 - 2015-09-15 19:49 - 00004062 _____ C:\WINDOWS\setupact.log
2015-10-08 14:11 - 2015-08-14 18:55 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-10-08 14:11 - 2015-08-14 18:55 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-10-03 10:01 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-03 08:22 - 2013-08-09 19:49 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-10-01 21:47 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-01 21:47 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-01 21:47 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-01 21:47 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-01 21:47 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-01 21:47 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-01 21:47 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-01 21:47 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-09-29 21:39 - 2013-06-06 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-09-29 21:39 - 2013-06-06 13:32 - 00000000 ____D C:\Program Files (x86)\Lenovo
2015-09-29 21:38 - 2013-08-08 23:07 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2015-09-29 21:30 - 2015-05-24 14:41 - 00001154 _____ C:\Users\Public\Desktop\Exact Audio Copy.lnk
2015-09-29 21:30 - 2015-05-24 14:41 - 00000000 ____D C:\Program Files (x86)\Exact Audio Copy
2015-09-29 21:22 - 2014-06-25 16:25 - 00000000 ____D C:\Users\Janine\AppData\Local\Research In Motion
2015-09-29 21:22 - 2014-06-25 16:24 - 00001937 _____ C:\Users\Janine\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-09-25 16:37 - 2015-08-14 19:24 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-21 19:22 - 2014-01-03 13:27 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2012-12-22 08:13 - 2012-12-22 08:13 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2014-06-25 16:25 - 2014-06-25 21:20 - 0000308 _____ () C:\Users\Janine\AppData\Roaming\Rim.Desktop.Exception.log
2014-06-25 16:24 - 2015-09-29 21:22 - 0001937 _____ () C:\Users\Janine\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-06-25 16:25 - 2014-06-25 21:20 - 0000308 _____ () C:\Users\Janine\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-04-04 11:40 - 2015-10-20 21:28 - 0000600 _____ () C:\Users\Janine\AppData\Roaming\winscp.rnd
2014-04-06 10:47 - 2015-06-21 11:16 - 0004096 ____H () C:\Users\Janine\AppData\Local\keyfile3.drm
2013-12-22 14:30 - 2015-09-10 20:09 - 0000600 _____ () C:\Users\Janine\AppData\Local\PUTTY.RND
2013-09-01 10:48 - 2013-09-01 10:48 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-08-13 18:58 - 2015-08-13 18:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Janine\AppData\Local\Temp\avgnt.exe
C:\Users\Janine\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpon68ae.dll
C:\Users\Janine\AppData\Local\Temp\RHSetup.exe
C:\Users\Janine\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-21 16:55
==================== Ende von FRST.txt ============================ |