Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Nicht zu entfernende Werbung im Firefox. (https://www.trojaner-board.de/173602-entfernende-werbung-firefox.html)

Manuel476 30.11.2015 19:36
Nicht zu entfernende Werbung im Firefox.
 
Hallo,
ich habe folgendes Problem, Werbung im Firefox im rechten Bildrand, die alles überlagert und sich nicht ausblenden lässt und somit den gebrauch von firefox nicht mehr möglich macht, ferner wurde aus Sicherheitsgründen mein ebay Konto geschlossen wegen VirenAlarm.

PS. DANKE für dieses Tolle Forum!

deeprybka 30.11.2015 22:42
:hallo:

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...:abklatsch:
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean :daumenhoc bekommst.



Los geht's:

Schritt 1
http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://deeprybka.trojaner-board.de/tdss/codetags.gif

Manuel476 01.12.2015 12:55
FRST Additions Logfile:
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-11-2015
durchgeführt von Manuel (2015-12-01 12:52:14)
Gestartet von C:\Users\Manuel\Downloads
Windows 10 Home (X64) (2015-08-22 03:26:08)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1273145720-561992726-3298081300-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1273145720-561992726-3298081300-503 - Limited - Disabled)
Gast (S-1-5-21-1273145720-561992726-3298081300-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1273145720-561992726-3298081300-1003 - Limited - Enabled)
Manuel (S-1-5-21-1273145720-561992726-3298081300-1001 - Administrator - Enabled) => C:\Users\Manuel

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.08.2005 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2000 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2002.1 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.08.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.103.2020.202 - Alps Electric)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{1B906F85-EA56-5379-F10B-1BA6530240DC}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.2 - AppEx Networks)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.12.2002.0 - Acer Incorporated)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
calibre 64bit (HKLM\...\{A80512D3-A72D-4DAF-B7DF-3804F9FAB1CE}) (Version: 2.44.1 - Kovid Goyal)
Canon iP4300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300) (Version:  - )
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.0.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.0.0 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.2.8 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.14.0.0 - Canon Inc.)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.0.4.1027 - DVDVideoSoft Ltd.)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.4 - Ellora Assets Corporation)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Melody Assistant (HKLM-x32\...\Melody Assistant) (Version: 7.6.3i - Myriad SARL)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
MIDI Pianist  1.30 (HKLM-x32\...\{2669B2D8-3420-4930-AA5A-D70C0726D46F}) (Version:  - Guenther Goerg)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MP3jam 1.1.1.11 (HKLM-x32\...\MP3jam_is1) (Version: 1.1.1.11 - MP3jam)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{276FD4A2-030F-8A24-7DFE-9B1384131BCD}) (Version: 1.00.0000 - Ihr Firmenname)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 33.0.1990.113 (HKLM-x32\...\Opera 33.0.1990.113) (Version: 33.0.1990.113 - Opera Software)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Perfect Effects Free 9 (HKLM-x32\...\Perfect Effects Free 9) (Version: 9.5.0 - on1)
PhotoFiltre 7 (HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\PhotoFiltre 7) (Version:  - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.10.0 - Synaptics Incorporated)
Synthesia (HKLM-x32\...\Synthesia) (Version: 10.2 - Synthesia LLC)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.353 - TuneUp Software) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Web Companion (HKLM-x32\...\{dad73a7c-3d7f-4194-89d9-92714902acbb}) (Version: 2.1.1199.2443 - Lavasoft)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.1.1739 - 1&1 Mail & Media GmbH)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
XW-DJ1 v2.26.0 (HKLM-x32\...\XW-DJ1 v2.26.0) (Version: 2.26.0 - Casio)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1273145720-561992726-3298081300-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Manuel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

21-11-2015 14:57:24 JRT Pre-Junkware Removal
21-11-2015 15:45:17 JRT Pre-Junkware Removal
27-11-2015 12:45:08 AVG PC TuneUp 2015 wird entfernt
27-11-2015 17:47:32 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2015-09-05 18:58 - 00000856 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.1        mssplus.mcafee.com

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0583DAA9-8CCD-4611-847D-229A256D908D} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {0EB7BC5A-6A35-4529-B30B-8E6255C4F704} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-10] (Adobe Systems Incorporated)
Task: {1044DF59-7DF2-49DE-806C-F242CE7B4B58} - System32\Tasks\{D6F067B6-DC67-4EA0-BCBB-5CF0DD427DBE} => pcalua.exe -a "C:\Program Files (x86)\OLBPre\updater\updater.exe" -c -uninstall="MyPC Backup "
Task: {18188656-F548-43A4-BEF7-0892D9B112EC} - System32\Tasks\{E49DE93D-3C2D-4E1A-A749-025F78238EEF} => pcalua.exe -a "C:\Program Files\WNEn\WWE_uninstall.exe"
Task: {1EBF23DF-21FC-4DD8-B731-817F8B77EE58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {1F30D7A3-F649-4211-9326-A685814F8AF0} - System32\Tasks\gte3014 => C:\PROGRA~2\FAST-S~1\gte3014.exe <==== ACHTUNG
Task: {29D1A7C4-8C65-49DF-AF57-6492251C2E27} - \Start Driver Reviver Schedule -> Keine Datei <==== ACHTUNG
Task: {36C6E7DD-4572-422D-A9A1-D345574869D6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {3BD8A3C6-9448-456D-924A-F36F112B9582} - \Form Bus -> Keine Datei <==== ACHTUNG
Task: {3FE981C1-B198-4003-AA79-5C42D0C6E090} - System32\Tasks\Kinafaeheufok => C:\ProgramData\Kinafaeheufok\1.0.6.1\imeibauk.exe
Task: {4FDC8387-931E-439D-B2CC-5C374F3FED8C} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-10-15] (Acer)
Task: {51B4A8C0-A606-4CA5-9A68-7FE931D5FFE6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {711B438A-7FA4-418A-A5C7-58D79E27A7CE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {77AE1EF2-3FC9-4126-8A73-E69DBE956A86} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated)
Task: {8CB1EEEB-F046-4445-9B67-ED3EB58CC2F2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {955D0AAF-8ADF-428C-8D3A-67B003C6F6A9} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-11-04] (Acer Incorporated)
Task: {9B66F92F-0B88-477E-8690-AFC13CB46F7F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-13] (Microsoft Corporation)
Task: {9D0C96A7-64B7-40D4-96CD-D5C28A91391E} - System32\Tasks\Opera scheduled Autoupdate 1448721735 => C:\Program Files (x86)\Opera\launcher.exe [2015-11-16] (Opera Software)
Task: {9D1B6A36-A029-4B78-A226-A78B1E354BC6} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate)
Task: {9DF2F485-CE47-4201-9809-14EB8207E70A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {A69CB606-0D34-4F3E-B7F4-2F05B9F76B07} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {AB467F6A-1B52-42C7-BF58-0690CB40EF27} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {AE6CA2EE-3ADB-43F5-98B0-6D75686607BB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {CD2B74C1-B603-42A2-A6F4-8744262795F2} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
Task: {CEE41AE5-AB08-4134-9C32-C05C715C3C93} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CF4654BB-0740-4BC8-877C-D68E7137BEE3} - System32\Tasks\Dolby Selector => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {DA0CE66D-8A3C-42D1-BE38-9FA352195A2A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {DAFE209B-C28F-490E-82C4-87125500905A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {DB43CDAD-1D7A-49E7-85A6-B117A6662845} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {E48832EA-24FA-4EB2-B6C3-28740C5C7D92} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {E63F2B99-274B-4014-A1A9-E989BBFA6B28} - System32\Tasks\qPHwMWksY9eT0WjIbKxar => C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar.exe <==== ACHTUNG
Task: {EDEF0AE6-833E-44B5-B124-BB4510DB0639} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {F4B3E856-1B33-43DD-B604-16F4F3117964} - \Start Driver Reviver Update -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\qPHwMWksY9eT0WjIbKxar.job => C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar.exe <==== ACHTUNG

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-10 12:00 - 2015-07-10 12:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-08-22 04:40 - 2015-08-22 04:40 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-21 21:09 - 2015-08-21 21:09 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-08-22 20:28 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-10-01 20:24 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 20:24 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 20:23 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-01 20:24 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 20:23 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 20:23 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 20:24 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-26 18:25 - 2014-12-10 17:35 - 00323584 _____ () C:\Program Files\Casio\XW-DJ1\CasioCplApp.exe
2015-05-26 13:59 - 2015-02-10 14:08 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2015-10-10 19:49 - 2015-10-27 20:15 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-10-10 19:49 - 2015-10-27 20:15 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-10-10 19:49 - 2015-10-27 20:15 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-10-10 19:49 - 2015-10-27 20:15 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-10-10 19:49 - 2015-10-27 20:15 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-10-10 19:49 - 2015-10-27 20:15 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-10-15 10:56 - 2015-10-15 10:56 - 00201568 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2015-10-15 10:56 - 2015-10-15 10:56 - 00118112 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2015-11-26 18:25 - 2014-12-10 17:35 - 00196608 _____ () C:\Program Files\Casio\XW-DJ1\casioxwdj1api.dll
2015-05-26 13:59 - 2015-02-18 13:11 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2015-07-28 15:33 - 2015-07-28 15:33 - 00201568 _____ () C:\Program Files (x86)\Acer\abMedia\curllib.dll
2015-07-28 15:36 - 2015-07-28 15:36 - 00653112 _____ () C:\Program Files (x86)\Acer\abMedia\sqlite3.dll
2015-07-28 15:36 - 2015-07-28 15:36 - 00640352 _____ () C:\Program Files (x86)\Acer\abMedia\tag.dll
2015-07-28 15:34 - 2015-07-28 15:34 - 00118112 _____ () C:\Program Files (x86)\Acer\abMedia\OpenLDAP.dll
2015-11-26 15:14 - 2015-11-26 15:14 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-11-04 14:07 - 2015-11-04 14:07 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2015-11-04 14:01 - 2015-11-04 14:01 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1273145720-561992726-3298081300-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Manuel\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Fotogalerie-Hintergrundbild.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{3C91E43C-2F3B-488F-B927-79BDE08FFE46}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{FB4F2C30-F7EF-4D02-B146-9DD40930C9DF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{44B08DA1-B9F4-44D9-AF38-59BB8FD79547}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{5ADA1914-E9E0-4155-AE4D-1CE70DE11AA7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7F2C0592-4451-4A03-A63D-782668F6E868}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0CD5F393-7DC8-4FBD-8CF4-0CF5E472E1A3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3CD89CEB-9AB7-4D45-B8FE-441FD86468A1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{027F6AD4-BADA-4A00-8ED3-B1B9F620A73A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{3CC5D384-DE4E-4A6F-B517-0FA83A563D33}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{54E5EC12-7730-447F-B0CF-58F99411340C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{60D27AC3-4C34-4F8A-838B-C65ABC0A374F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{989EE3D5-D5AE-456E-AEE6-CCD6E3339443}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{59975B08-6428-460A-B33F-FC3518CB26C8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{ECE2B27C-57C5-4F28-8CEE-BD30883B8FC0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CE4A058D-5763-415E-9908-77C90EDEA8CD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{36C9CF3D-D297-47BC-9673-8A3F2E4DB7EE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{8F1DE802-D847-4253-9317-02BA5FDD1AD4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{ED3E4370-5A57-498C-B383-CC0FBFF2B571}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{9A886F88-FFB5-4C39-BB45-657A9A317E54}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{10962F37-9BF2-4030-AD47-05FF9B3BC135}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{66E3D7ED-0B30-441D-AD61-3C4DAE82D85C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{9D07CA7C-3832-480E-96EB-FDDCE51DF2C5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{F402FD03-8938-4B89-9814-7E0BE2C4964A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{43C31AA2-A188-4931-85A4-80DE8558C461}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F751B177-0B59-46C0-B378-D127FCF67393}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{65BCBAF9-613D-4FCF-9159-7E1894477D2C}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{BAB6188B-70A1-46B7-AAAC-CC17A0037049}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{25EA8523-99EA-4160-9CC6-C6AC0FC70FA7}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{3002CEB4-0180-4633-AD68-9D0D1A2F857C}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{502E2D48-C599-436A-89EC-1AC7890CEF1E}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{0C61735D-2E4F-42BD-A6AF-34168991A9A6}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{EA4BB18B-DF91-41D8-8C6F-23B4A8D6A1E8}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{72C7FCF0-AE51-4DDC-93A8-7F9D1E0FC9E3}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{22517AD3-B5AC-4DF5-BD42-771B5D3DB22C}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{B63C3024-2751-4470-8F44-D6C3C682E6EA}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{D07F9650-EAF0-40D0-9B4F-B9BF26A5390D}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{31AB3515-7EA3-4C0F-BA6D-F709FC49863F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{B95B132A-2E53-4833-99D9-0B7D9C47F2E1}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{64D7479C-3C3C-4D42-A27B-E15F15E7B548}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{4876EEAD-F807-48A3-B931-B99EFEB302D7}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{5CB0FC13-3A83-4815-BA48-A7C9130D4D88}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{01BF0553-00FB-40A1-A10D-071382132B35}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FBE49B43-8402-4BAB-A26F-AB80964B8523}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{BAD26974-E6DB-473E-8DB7-1D75F7BAE82F}] => (Allow) LPort=2869
FirewallRules: [{C1C89701-7265-4208-A7B4-1C15652609AF}] => (Allow) LPort=1900
FirewallRules: [{E6D550E0-AC2A-46ED-9255-24E868F9D04B}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{4B2A7357-FF55-4CB8-B363-F977294B82AB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [TCP Query User{887129DB-E03C-491D-8843-72B13F8C676A}C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe] => (Allow) C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe
FirewallRules: [UDP Query User{D2DC7C77-59C7-4282-9D61-316E741AF736}C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe] => (Allow) C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe
FirewallRules: [{4329C654-BD73-4552-910C-4892B6B0426A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5DA83521-4B29-47AA-9FC7-76050F262FC9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{9C82D168-C2BA-4248-8902-9B0170A05383}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [UDP Query User{CAD18D84-2CC4-4E09-8549-3C31A25BBD59}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [TCP Query User{4FD7E02F-FEAC-42C3-9598-06B35A774BA8}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe
FirewallRules: [UDP Query User{CCB92935-EBEB-461C-8318-99F6926D6441}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe
FirewallRules: [TCP Query User{ED9AFED8-CF80-4DBC-A58B-5C4D323B0CFC}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe
FirewallRules: [UDP Query User{6BED0674-75D7-4D26-B041-CD9C980D7162}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/01/2015 00:45:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MOM.exe, Version: 4.5.0.0, Zeitstempel: 0x53ad0e3f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f38c3
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000002a1c8
ID des fehlerhaften Prozesses: 0x1894
Startzeit der fehlerhaften Anwendung: 0xMOM.exe0
Pfad der fehlerhaften Anwendung: MOM.exe1
Pfad des fehlerhaften Moduls: MOM.exe2
Berichtskennung: MOM.exe3
Vollständiger Name des fehlerhaften Pakets: MOM.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MOM.exe5

Error: (12/01/2015 00:45:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: MOM.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Reflection.TargetInvocationException
Stapel:
  bei System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean)
  bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[])
  bei System.Reflection.RuntimeMethodInfo.Invoke(System.Object, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object[], System.Globalization.CultureInfo)
  bei System.RuntimeType.InvokeMember(System.String, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object, System.Object[], System.Reflection.ParameterModifier[], System.Globalization.CultureInfo, System.String[])
  bei System.Type.InvokeMember(System.String, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object, System.Object[])
  bei ATI.ACE.MOM.EXE.MOM.Main(System.String[])

Error: (12/01/2015 00:43:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Manu)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/01/2015 10:16:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: updater.exe, Version: 2.0.8100.0, Zeitstempel: 0x51da5d04
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f38c3
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000002a1c8
ID des fehlerhaften Prozesses: 0x2488
Startzeit der fehlerhaften Anwendung: 0xupdater.exe0
Pfad der fehlerhaften Anwendung: updater.exe1
Pfad des fehlerhaften Moduls: updater.exe2
Berichtskennung: updater.exe3
Vollständiger Name des fehlerhaften Pakets: updater.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: updater.exe5

Error: (12/01/2015 10:16:59 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: updater.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
  bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
  bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
  bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
  bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
  bei System.Xml.XmlDocument.Load(System.String)
  bei updater.Report.AddFPToResult(updater.Result)
  bei updater.UpgradeItem.DiagnosticDownloadEvent(NotifyMgrArgs)
  bei updater.DownloadMgr.DownloadFile(System.String, System.String)
  bei updater.DownloadMgr.Worker(System.Object)
  bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
  bei System.Threading.ThreadPoolWorkQueue.Dispatch()

Error: (12/01/2015 10:03:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WerFault.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f3ba8
Name des fehlerhaften Moduls: jscript9diag.dll, Version: 11.0.10240.16384, Zeitstempel: 0x559f3fe5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000229d7
ID des fehlerhaften Prozesses: 0x2758
Startzeit der fehlerhaften Anwendung: 0xWerFault.exe0
Pfad der fehlerhaften Anwendung: WerFault.exe1
Pfad des fehlerhaften Moduls: WerFault.exe2
Berichtskennung: WerFault.exe3
Vollständiger Name des fehlerhaften Pakets: WerFault.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WerFault.exe5

Error: (12/01/2015 10:03:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f3c5a
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.10240.16542, Zeitstempel: 0x5604b39a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0013f3ad
ID des fehlerhaften Prozesses: 0x238c
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe0
Pfad der fehlerhaften Anwendung: rundll32.exe1
Pfad des fehlerhaften Moduls: rundll32.exe2
Berichtskennung: rundll32.exe3
Vollständiger Name des fehlerhaften Pakets: rundll32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rundll32.exe5

Error: (11/30/2015 11:43:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f3c5a
Name des fehlerhaften Moduls: Flash.ocx, Version: 19.0.0.245, Zeitstempel: 0x56312a77
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0033268f
ID des fehlerhaften Prozesses: 0x17cc
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe0
Pfad der fehlerhaften Anwendung: rundll32.exe1
Pfad des fehlerhaften Moduls: rundll32.exe2
Berichtskennung: rundll32.exe3
Vollständiger Name des fehlerhaften Pakets: rundll32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rundll32.exe5

Error: (11/30/2015 11:32:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: updater.exe, Version: 2.0.8100.0, Zeitstempel: 0x51da5d04
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f38c3
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000002a1c8
ID des fehlerhaften Prozesses: 0x18c0
Startzeit der fehlerhaften Anwendung: 0xupdater.exe0
Pfad der fehlerhaften Anwendung: updater.exe1
Pfad des fehlerhaften Moduls: updater.exe2
Berichtskennung: updater.exe3
Vollständiger Name des fehlerhaften Pakets: updater.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: updater.exe5

Error: (11/30/2015 11:32:50 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: updater.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
  bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
  bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
  bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
  bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
  bei System.Xml.XmlDocument.Load(System.String)
  bei updater.Report.AddFPToResult(updater.Result)
  bei updater.UpgradeItem.DiagnosticDownloadEvent(NotifyMgrArgs)
  bei updater.DownloadMgr.DownloadFile(System.String, System.String)
  bei updater.DownloadMgr.Worker(System.Object)
  bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
  bei System.Threading.ThreadPoolWorkQueue.Dispatch()


Systemfehler:
=============
Error: (12/01/2015 00:48:03 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (12/01/2015 00:44:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (12/01/2015 00:44:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Freemake Improver erreicht.

Error: (12/01/2015 00:44:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IE Search Set" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (12/01/2015 00:43:32 PM) (Source: DCOM) (EventID: 10010) (User: Manu)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (12/01/2015 00:43:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/01/2015 00:38:22 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (12/01/2015 11:15:35 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (12/01/2015 11:15:35 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (12/01/2015 11:15:34 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.


CodeIntegrity:
===================================
  Date: 2015-11-30 19:55:55.903
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-30 19:55:55.832
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-30 19:55:55.488
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-30 19:55:55.237
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-25 18:16:25.671
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-25 18:16:25.649
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-25 18:16:25.627
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-25 18:16:22.388
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-25 18:16:22.366
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-25 18:16:17.069
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: AMD A10-5757M APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 5578.27 MB
Verfügbarer physikalischer RAM: 3584.51 MB
Summe virtueller Speicher: 6474.27 MB
Verfügbarer virtueller Speicher: 4435.69 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:446.8 GB) (Free:357.94 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5B2447D6)

Partition: GPT.

==================== Ende von Addition.txt ============================
--- --- ---

deeprybka 01.12.2015 18:11
FRST.txt fehlt noch...:)

Manuel476 01.12.2015 18:33
Wo finde ich die diese denn, dass # Zeichen ist nicht iin meiner Suchleiste zu finden?

deeprybka 01.12.2015 18:36
Weil Du Dich nicht an die Anweisungen gehalten hast, befindet sich FRST auch nicht auf dem Desktop sondern hier: C:\Users\Manuel\Downloads

Dort muss es auch eine FRST.txt geben. :)

Manuel476 01.12.2015 21:51
Danke Jürgen!
FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
durchgeführt von Manuel (Administrator) auf MANU (01-12-2015 18:22:11)
Gestartet von C:\Users\Manuel\Downloads
Geladene Profile: Manuel (Verfügbare Profile: Manuel)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\Casio\XW-DJ1\CasioCplApp.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.113\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.113\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.113\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.113\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.113\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.113\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.113\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.113\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.113\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.113\opera.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.15361.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\90c0d56068bef64b4c1b37dfbc69c45d\WindowsUpdateBox.exe
(Microsoft Corporation) C:\$WINDOWS.~BT\Sources\SetupHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16565_none_1162030161f5c19b\TiWorker.exe
(Farbar) C:\Users\Manuel\Downloads\FRST64(1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648 2015-06-12] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-09-16] ()
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2732448 2015-10-15] (Acer)
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2015-09-16] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-18] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-18] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-18] (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Casio Control Panel Autostart.lnk [2015-11-26]
ShortcutTarget: Casio Control Panel Autostart.lnk -> C:\Program Files\Casio\XW-DJ1\CasioCplApp.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2015-11-22]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 0.0.0.1        mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{8d538c83-dc46-4aef-84b9-eff1c3096ba4}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930216073929093&GUID=05B5E2C7-6E6C-AA0A-4F3F-7F47FE4E0B66
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930216073935855&GUID=05B5E2C7-6E6C-AA0A-4F3F-7F47FE4E0B66
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930216073945408&GUID=05B5E2C7-6E6C-AA0A-4F3F-7F47FE4E0B66
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-1273145720-561992726-3298081300-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default
FF SelectedSearchEngine: Bing®
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-12] ()
FF Extension: Outrageous Deal - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\Extensions\{9f151910-c7b7-4060-98b3-333fd4cbc434}.xpi [2015-11-26] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-27]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\!70ACDE8C77C274EF19CEF2F3A8DE5D6270AC.js [2015-11-18]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2015-11-04] (Acer Incorporated)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-10-27] (Digital Wave Ltd.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-04-24] (Freemake) [Datei ist nicht signiert]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [Datei ist nicht signiert]
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2015-11-25] (Lavasoft Limited)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-06-12] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 athr; C:\Windows\System32\drivers\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [42184 2015-06-12] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-01 18:21 - 2015-12-01 18:22 - 02350080 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64(1).exe
2015-12-01 18:17 - 2015-12-01 18:17 - 00016148 _____ C:\WINDOWS\system32\MANU_Manuel_HistoryPrediction.bin
2015-12-01 12:52 - 2015-12-01 12:53 - 00046715 _____ C:\Users\Manuel\Downloads\Addition.txt
2015-12-01 12:50 - 2015-12-01 18:22 - 00017874 _____ C:\Users\Manuel\Downloads\FRST.txt
2015-12-01 12:48 - 2015-12-01 12:49 - 02350080 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64.exe
2015-12-01 12:43 - 2015-12-01 12:43 - 00000000 _____ C:\Users\Manuel\defogger_reenable
2015-12-01 12:41 - 2015-12-01 12:41 - 00050477 _____ C:\Users\Manuel\Downloads\Defogger.exe
2015-11-30 21:14 - 2015-11-30 21:15 - 00280912 _____ C:\WINDOWS\Minidump\113015-26796-01.dmp
2015-11-30 19:52 - 2015-11-30 19:52 - 00166531 _____ C:\Users\Manuel\Downloads\sugr.swf
2015-11-30 16:12 - 2015-12-01 14:16 - 00000000 ____D C:\Users\Manuel\Documents\REAPER Media
2015-11-30 16:09 - 2015-11-30 16:09 - 00000873 _____ C:\Users\Public\Desktop\REAPER (x64).lnk
2015-11-30 16:09 - 2015-11-30 16:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)
2015-11-30 16:09 - 2015-11-30 16:09 - 00000000 ____D C:\Program Files\REAPER (x64)
2015-11-30 16:07 - 2015-11-30 16:08 - 10230168 _____ C:\Users\Manuel\Downloads\reaper51_x64-install.exe
2015-11-28 15:42 - 2015-11-28 15:42 - 00003946 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1448721735
2015-11-28 15:42 - 2015-11-28 15:42 - 00001208 _____ C:\Users\Public\Desktop\Opera.lnk
2015-11-28 15:42 - 2015-11-28 15:42 - 00001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-11-28 15:40 - 2015-11-28 15:40 - 00717296 _____ (Opera Software) C:\Users\Manuel\Downloads\Opera_NI_stable.exe
2015-11-28 14:12 - 2015-11-28 14:13 - 00280912 _____ C:\WINDOWS\Minidump\112815-25437-01.dmp
2015-11-27 21:18 - 2015-11-27 23:37 - 00000000 ____D C:\Users\Manuel\Desktop\b
2015-11-27 19:53 - 2015-11-27 23:36 - 00000000 ____D C:\Users\Manuel\Desktop\november
2015-11-27 17:49 - 2015-11-27 17:49 - 00000782 _____ C:\Users\Manuel\Desktop\JRT.txt
2015-11-27 17:47 - 2015-11-27 17:47 - 00000000 ____D C:\Users\Manuel\Desktop\JRT_NewerVersion
2015-11-27 17:46 - 2015-11-27 17:47 - 01599080 _____ (Malwarebytes) C:\Users\Manuel\Downloads\JRT80.exe
2015-11-27 17:43 - 2015-11-27 17:44 - 01733632 _____ C:\Users\Manuel\Downloads\AdwCleaner_5.022(3).exe
2015-11-27 17:43 - 2015-11-27 17:44 - 01733632 _____ C:\Users\Manuel\Downloads\AdwCleaner_5.022(2).exe
2015-11-27 11:52 - 2015-11-27 11:53 - 01733632 _____ C:\Users\Manuel\Downloads\AdwCleaner_5.022(1).exe
2015-11-27 11:51 - 2015-11-27 11:52 - 00257212 _____ C:\TDSSKiller.3.1.0.6_27.11.2015_11.51.00_log.txt
2015-11-27 11:50 - 2015-11-27 11:50 - 04397752 _____ (Kaspersky Lab ZAO) C:\Users\Manuel\Downloads\tdsskiller.exe
2015-11-27 11:49 - 2015-11-27 11:49 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\AVG
2015-11-27 11:48 - 2015-11-27 11:48 - 00000000 ____D C:\Users\Manuel\AppData\Local\Avg
2015-11-27 11:47 - 2015-11-27 11:49 - 00000000 ____D C:\ProgramData\AVG
2015-11-27 11:14 - 2015-11-27 11:14 - 00000000 ____D C:\Users\Manuel\Desktop\RECORDER
2015-11-27 10:34 - 2015-11-27 12:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2015-11-27 10:19 - 2015-11-27 10:19 - 05090102 _____ C:\Users\Manuel\Downloads\tubemate-youtube-downloader-2-2-6-645-multi-android.apk
2015-11-26 20:29 - 2015-11-26 20:29 - 11959395 _____ C:\Users\Manuel\Downloads\ReaperHandbuch440.pdf
2015-11-26 18:51 - 2015-11-26 18:51 - 01338425 _____ C:\Users\Manuel\Downloads\CASIO_XW-DJ1_Driver_2_26(1).zip
2015-11-26 18:25 - 2015-11-26 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Casio
2015-11-26 18:25 - 2015-11-26 18:25 - 00000000 ____D C:\Program Files\Casio
2015-11-26 18:23 - 2015-11-26 18:23 - 01338425 _____ C:\Users\Manuel\Downloads\CASIO_XW-DJ1_Driver_2_26.zip
2015-11-26 15:05 - 2015-11-26 15:05 - 01733632 _____ C:\Users\Manuel\Downloads\AdwCleaner_5.022.exe
2015-11-26 15:01 - 2015-11-26 15:01 - 00001052 _____ C:\Users\Manuel\Desktop\REAPER.lnk
2015-11-26 15:01 - 2015-11-26 15:01 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REAPER
2015-11-26 15:01 - 2015-11-26 15:01 - 00000000 ____D C:\Program Files (x86)\REAPER
2015-11-26 15:00 - 2015-11-26 15:01 - 01132785 _____ C:\Users\Manuel\Downloads\reaper0999-install.exe
2015-11-26 14:58 - 2015-11-30 16:28 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\REAPER
2015-11-26 14:55 - 2015-11-26 14:55 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2015-11-26 14:46 - 2015-11-26 14:46 - 18397778 _____ C:\Users\Manuel\Downloads\Reaper51.zip
2015-11-26 14:45 - 2015-11-26 14:46 - 01466656 _____ C:\Users\Manuel\Downloads\Reaper - CHIP-Installer.exe
2015-11-26 09:44 - 2015-11-26 09:44 - 03786784 _____ (Synthesia LLC) C:\Users\Manuel\Downloads\Synthesia-10.2-installer.exe
2015-11-26 09:26 - 2015-11-26 09:26 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\PianoBooster
2015-11-26 09:20 - 2015-11-26 09:20 - 06388382 _____ C:\Users\Manuel\Downloads\PianoBoosterInstall-0-6-4.exe
2015-11-26 09:20 - 2015-11-26 09:20 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Piano Booster
2015-11-26 09:20 - 2015-11-26 09:20 - 00000000 ____D C:\Program Files (x86)\Piano Booster
2015-11-26 09:00 - 2015-11-26 09:00 - 00009876 _____ C:\Users\Manuel\Downloads\H._Berlioz_Chor_der_Trinker.mid
2015-11-26 09:00 - 2015-11-26 09:00 - 00002574 _____ C:\Users\Manuel\Downloads\Winter_Wonderland_Klavier.mid
2015-11-26 08:58 - 2015-11-26 08:58 - 00002981 _____ C:\Users\Manuel\Downloads\Weihnachtsmann_Violine_Klavier.mid
2015-11-26 08:58 - 2015-11-26 08:58 - 00002113 _____ C:\Users\Manuel\Downloads\Leise_rieselt_der_Schnee_Gitarre.mid
2015-11-26 08:55 - 2015-11-26 08:55 - 00001540 _____ C:\Users\Manuel\Downloads\Happy_Birthday_Gitarre.mid
2015-11-26 08:50 - 2015-11-26 08:50 - 00006989 _____ C:\Users\Manuel\Downloads\Boogie_Woogie_for_Strings_Violine_Klavier.mid
2015-11-25 21:55 - 2015-11-25 21:55 - 00073652 _____ C:\Users\Manuel\Downloads\schubert_D850_1_format0.mid
2015-11-25 16:16 - 2015-11-25 16:17 - 00001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia.lnk
2015-11-25 16:02 - 2015-11-25 16:17 - 00001974 _____ C:\Users\Public\Desktop\Synthesia.lnk
2015-11-25 16:02 - 2015-11-25 16:16 - 00000000 ____D C:\Program Files (x86)\Synthesia
2015-11-25 16:02 - 2015-11-25 16:02 - 00000000 ____D C:\Users\Manuel\Documents\Synthesia Music
2015-11-25 15:48 - 2015-11-25 15:48 - 00000000 ____D C:\Users\Manuel\Documents\Myriad Documents
2015-11-25 15:47 - 2015-11-25 15:48 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\ACAMPREF
2015-11-25 15:47 - 2015-11-25 15:47 - 00001160 _____ C:\Users\Manuel\Desktop\Melody Assistant.lnk
2015-11-25 15:47 - 2015-11-25 15:47 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Melody Assistant
2015-11-25 15:47 - 2015-11-25 15:47 - 00000000 ____D C:\Program Files (x86)\Melody Assistant
2015-11-25 10:31 - 2015-11-25 14:41 - 00001166 _____ C:\Users\Manuel\Desktop\ASIO4ALL v2 Anleitung.lnk
2015-11-25 10:31 - 2015-11-25 14:41 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2015-11-25 10:31 - 2015-11-25 14:41 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2015-11-25 10:13 - 2015-11-25 10:13 - 00000000 ____D C:\Users\Manuel\Desktop\mulab-6-5-32-win32
2015-11-25 10:10 - 2015-11-25 10:10 - 18461972 _____ C:\Users\Manuel\Desktop\mulab-6-5-32-win32.zip
2015-11-25 10:09 - 2015-11-27 17:48 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Lavasoft
2015-11-25 10:09 - 2015-11-25 22:21 - 00002912 _____ C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
2015-11-25 10:09 - 2015-11-25 22:21 - 00002912 _____ C:\WINDOWS\system32\LavasoftTcpServiceOff.ini
2015-11-25 10:09 - 2015-11-25 10:09 - 00425744 _____ (Lavasoft Limited) C:\WINDOWS\system32\LavasoftTcpService64.dll
2015-11-25 10:09 - 2015-11-25 10:09 - 00345360 _____ (Lavasoft Limited) C:\WINDOWS\SysWOW64\LavasoftTcpService.dll
2015-11-25 10:09 - 2015-11-25 10:09 - 00000000 ____D C:\Users\Manuel\AppData\Local\Lavasoft
2015-11-25 10:09 - 2015-11-25 10:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-11-25 10:08 - 2015-11-27 17:48 - 00000000 ____D C:\ProgramData\Lavasoft
2015-11-25 10:08 - 2015-11-25 10:08 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-11-23 11:37 - 2015-11-30 11:27 - 00305598 _____ C:\Users\Manuel\Documents\Bewerbung_Maler_und_Lackierer.doc2.neu.odt
2015-11-22 18:48 - 2015-11-22 18:48 - 00280912 _____ C:\WINDOWS\Minidump\112215-25625-01.dmp
2015-11-21 18:18 - 2015-11-22 18:50 - 00002024 _____ C:\Users\Manuel\Desktop\MIDI Pianist.lnk
2015-11-21 18:18 - 2015-11-21 18:18 - 00000010 ___SH C:\Users\Manuel\AppData\Roaming\user_database.dat
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\winregistry_001
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\mip
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MIDI Pianist
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Program Files (x86)\MIDI Pianist
2015-11-21 18:13 - 2015-11-25 10:11 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\dlg
2015-11-21 15:39 - 2015-11-21 15:39 - 00039884 _____ C:\mbam.txt
2015-11-21 14:32 - 2015-11-27 17:45 - 00000000 ____D C:\AdwCleaner
2015-11-21 13:44 - 2015-11-21 14:34 - 00513740 _____ C:\TDSSKiller.3.1.0.6_21.11.2015_13.44.40_log.txt
2015-11-21 13:42 - 2015-12-01 18:22 - 00000000 ____D C:\FRST
2015-11-19 17:21 - 2015-11-19 17:21 - 00000000 ____D C:\Users\Manuel\AppData\Local\CEF
2015-11-19 16:39 - 2015-11-19 16:39 - 00003300 _____ C:\WINDOWS\System32\Tasks\{D6F067B6-DC67-4EA0-BCBB-5CF0DD427DBE}
2015-11-19 15:22 - 2015-11-27 18:00 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-19 15:22 - 2015-11-22 18:51 - 00001169 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-19 15:22 - 2015-11-19 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-19 15:22 - 2015-11-19 15:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-19 15:22 - 2015-11-19 15:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-19 15:22 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-11-19 15:22 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-19 15:22 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-19 14:43 - 2015-11-19 14:43 - 00000000 _____ C:\autoexec.bat
2015-11-18 22:37 - 2015-11-19 11:32 - 00003532 _____ C:\WINDOWS\System32\Tasks\Kinafaeheufok
2015-11-18 21:39 - 2015-11-18 21:39 - 00003222 _____ C:\WINDOWS\System32\Tasks\{E49DE93D-3C2D-4E1A-A749-025F78238EEF}
2015-11-18 21:18 - 2015-11-19 14:24 - 00000098 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-11-18 21:07 - 2015-12-01 12:59 - 00001028 _____ C:\WINDOWS\Tasks\qPHwMWksY9eT0WjIbKxar.job
2015-11-18 21:07 - 2015-11-18 21:07 - 00004176 _____ C:\WINDOWS\System32\Tasks\qPHwMWksY9eT0WjIbKxar
2015-11-18 21:06 - 2015-11-21 12:14 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-18 21:05 - 2015-11-18 21:05 - 00003150 _____ C:\WINDOWS\System32\Tasks\gte3014
2015-11-18 21:02 - 2015-09-05 18:58 - 00000856 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-11-18 19:26 - 2015-11-18 19:49 - 00000000 ____D C:\Users\Manuel\Desktop\^piano
2015-11-18 19:05 - 2015-11-18 19:22 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Synthesia
2015-11-18 18:26 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\WINDOWS\SysWOW64\dhRichClient3.dll
2015-11-18 18:26 - 2011-03-25 20:42 - 00338432 _____ C:\WINDOWS\SysWOW64\sqlite36_engine.dll
2015-11-16 19:39 - 2015-11-16 19:45 - 00000000 ____D C:\Users\Manuel\AppData\Local\calibre-cache
2015-11-16 19:38 - 2015-11-22 18:51 - 00000997 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2015-11-16 19:38 - 2015-11-18 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2015-11-16 19:38 - 2015-11-18 21:49 - 00000000 ____D C:\Program Files\Calibre2
2015-11-16 19:38 - 2015-11-16 19:45 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\calibre
2015-11-16 19:38 - 2015-11-16 19:44 - 00000000 ____D C:\Users\Manuel\Documents\Calibre-Bibliothek
2015-11-15 17:52 - 2015-11-18 21:58 - 00000000 ____D C:\ProgramData\eMule
2015-11-11 16:41 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 16:41 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 16:41 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 16:41 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 16:41 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 16:41 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 16:41 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 16:41 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 16:41 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 16:41 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 16:41 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 16:41 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 16:41 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 16:41 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 16:41 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 16:41 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 16:41 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 16:41 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 16:41 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-11 16:41 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 16:41 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 16:41 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 16:41 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 16:41 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 16:41 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 16:41 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 16:41 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 16:41 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 16:41 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 16:41 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 16:41 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 16:41 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 16:41 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 16:41 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 16:41 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 16:41 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 16:41 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 16:41 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 16:41 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 16:41 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 16:41 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 16:41 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 16:41 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 16:41 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 16:41 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 16:41 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 16:41 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 16:41 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 16:41 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 16:41 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 16:41 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 16:41 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-11 16:41 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-07 13:11 - 2015-11-18 20:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-02 11:28 - 2015-11-02 11:28 - 00000383 _____ C:\ftconfig.ini

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-01 18:21 - 2015-04-24 21:30 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{01E50813-C029-43AD-83B0-C8875C1F6992}
2015-12-01 18:20 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-01 18:17 - 2015-08-22 04:46 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-01 14:05 - 2015-05-17 19:31 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-01 14:03 - 2015-05-05 18:33 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\vlc
2015-12-01 13:38 - 2015-05-09 14:44 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-01 13:01 - 2015-04-25 13:51 - 00000000 ____D C:\Users\Manuel\AppData\Local\CrashDumps
2015-12-01 13:00 - 2015-05-17 19:31 - 00001116 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-01 12:59 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-01 12:58 - 2015-08-22 04:05 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-12-01 12:58 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-01 12:53 - 2015-07-10 10:05 - 00000000 ____D C:\Windows
2015-12-01 12:43 - 2015-08-22 03:56 - 00000000 ____D C:\Users\Manuel
2015-12-01 10:48 - 2015-10-10 19:47 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\DVDVideoSoft
2015-12-01 09:22 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-01 09:22 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-30 21:14 - 2015-08-27 08:31 - 00000000 ____D C:\WINDOWS\Minidump
2015-11-30 21:14 - 2015-07-27 18:26 - 664977556 _____ C:\WINDOWS\MEMORY.DMP
2015-11-30 15:24 - 2015-08-22 04:14 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-30 15:24 - 2015-07-10 17:34 - 00772342 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-30 15:24 - 2015-07-10 17:34 - 00154170 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-30 15:24 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2015-11-28 15:42 - 2015-05-05 17:37 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-27 18:04 - 2015-04-25 05:13 - 00000000 ____D C:\Users\Public\OEM
2015-11-27 18:04 - 2015-04-24 21:29 - 00000000 ____D C:\Users\Manuel\AppData\Local\clear.fi
2015-11-27 18:04 - 2014-01-16 16:11 - 00000000 ____D C:\Program Files (x86)\Acer
2015-11-27 18:03 - 2014-01-16 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-11-27 12:42 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-11-27 10:32 - 2015-10-10 19:50 - 00001379 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2015-11-27 10:32 - 2015-10-10 19:50 - 00001318 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-11-27 10:32 - 2015-10-10 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-11-27 10:32 - 2015-10-10 19:49 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-11-26 15:14 - 2014-01-16 15:04 - 00000000 ___HD C:\OEM
2015-11-22 18:52 - 2015-10-13 18:31 - 00001370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-11-22 18:52 - 2015-10-10 22:13 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-22 18:52 - 2015-09-15 11:00 - 00002225 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-11-22 18:52 - 2015-08-22 04:03 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-22 18:52 - 2015-06-04 07:52 - 00001439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-11-22 18:52 - 2015-06-03 21:23 - 00000946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-11-22 18:52 - 2015-02-23 13:27 - 00001978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2015-11-22 18:52 - 2015-02-23 13:17 - 00001939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-11-22 18:52 - 2014-01-16 16:01 - 00002584 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk
2015-11-22 18:51 - 2015-10-22 06:26 - 00002079 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2015-11-22 18:51 - 2015-10-22 06:22 - 00002020 _____ C:\Users\Public\Desktop\abDocs.lnk
2015-11-22 18:51 - 2015-10-21 19:16 - 00001126 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-11-22 18:51 - 2015-10-10 22:13 - 00001116 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-22 18:51 - 2015-07-30 22:55 - 00001995 _____ C:\Users\Public\Desktop\abMedia.lnk
2015-11-22 18:51 - 2015-06-23 21:42 - 00002163 _____ C:\Users\Public\Desktop\Perfect Effects Free 9.lnk
2015-11-22 18:51 - 2015-05-26 13:59 - 00001206 _____ C:\Users\Public\Desktop\ImageBrowser EX.lnk
2015-11-22 18:51 - 2015-05-26 13:56 - 00001211 _____ C:\Users\Public\Desktop\Picture Style Editor.lnk
2015-11-22 18:51 - 2015-05-26 13:56 - 00001081 _____ C:\Users\Public\Desktop\EOS Utility.lnk
2015-11-22 18:51 - 2015-05-26 13:55 - 00001146 _____ C:\Users\Public\Desktop\Digital Photo Professional.lnk
2015-11-22 18:51 - 2015-05-05 18:32 - 00001080 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-11-22 18:51 - 2015-05-05 17:37 - 00000989 _____ C:\Users\Public\Desktop\MP3jam.lnk
2015-11-22 18:51 - 2015-05-05 17:35 - 00001346 _____ C:\Users\Public\Desktop\Freemake Video Downloader.lnk
2015-11-22 18:51 - 2015-04-25 16:09 - 00002636 _____ C:\Users\Public\Desktop\Skype.lnk
2015-11-22 18:51 - 2015-02-23 14:01 - 00001680 _____ C:\Users\Public\Desktop\Online kaufen.lnk
2015-11-22 18:51 - 2015-02-23 13:28 - 00002127 _____ C:\Users\Public\Desktop\Norton Online Backup.lnk
2015-11-22 18:50 - 2015-06-23 21:01 - 00001078 _____ C:\Users\Manuel\Desktop\PhotoFiltre 7.lnk
2015-11-22 18:50 - 2015-05-05 17:37 - 00001019 _____ C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\MP3jam.lnk
2015-11-22 18:50 - 2015-05-03 17:52 - 00001444 _____ C:\Users\Manuel\Desktop\amazon.de.lnk
2015-11-22 18:47 - 2015-07-10 12:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-11-21 17:03 - 2015-04-25 16:09 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Skype
2015-11-21 14:40 - 2015-04-24 20:51 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-11-19 16:22 - 2013-08-22 14:25 - 00000226 _____ C:\WINDOWS\win.ini
2015-11-13 14:54 - 2015-04-30 22:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-13 14:51 - 2015-04-30 22:01 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-12 17:20 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-12 02:47 - 2015-05-03 17:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-12 02:45 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-11 16:46 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-10 18:38 - 2015-05-09 14:44 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-03 19:20 - 2015-10-02 07:41 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 19:20 - 2015-10-02 07:41 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar
2015-11-21 18:18 - 2015-11-21 18:18 - 0000010 ___SH () C:\Users\Manuel\AppData\Roaming\user_database.dat
2015-07-26 15:55 - 2015-07-26 15:55 - 0001520 _____ () C:\Users\Manuel\AppData\Local\recently-used.xbel
2015-08-22 03:53 - 2015-08-22 03:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-11-18 21:18 - 2015-11-19 14:24 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Einige Dateien in TEMP:
====================
C:\Users\Manuel\AppData\Local\Temp\1448109662tmp.exe
C:\Users\Manuel\AppData\Local\Temp\BackupSetup.exe
C:\Users\Manuel\AppData\Local\Temp\beehihdcij.exe
C:\Users\Manuel\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Manuel\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Manuel\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Manuel\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Manuel\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Manuel\AppData\Local\Temp\tu17p84.exe
C:\Users\Manuel\AppData\Local\Temp\Uninstall.exe
C:\Users\Manuel\AppData\Local\Temp\UninstallModule.exe
C:\Users\Manuel\AppData\Local\Temp\ytdieamodc_amodc_inst.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-24 16:21

==================== Ende von FRST.txt ============================
--- --- ---

deeprybka 01.12.2015 21:58
Zitat:
Zitat von Manuel476 (Beitrag 1539888)
ferner wurde aus Sicherheitsgründen mein ebay Konto geschlossen wegen VirenAlarm.
Hast Du dazu mehr Infos?

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Manuel476 01.12.2015 22:06
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 12:43 on 01/12/2015 (Manuel)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

Und

defogger_enable by jpshortstuff (23.02.10.1)
Log created at 12:41 on 01/12/2015 (Manuel)

Parsing file...


-=E.O.F=-

Ich benutze aber auch youtubdonloader der ist glaub ich infiziert, benutze es zu klavier üben.

deeprybka 01.12.2015 22:07
Was genau soll ich jetzt mit dem hier anfangen? :)

Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 12:43 on 01/12/2015 (Manuel)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

Und

defogger_enable by jpshortstuff (23.02.10.1)
Log created at 12:41 on 01/12/2015 (Manuel)

Parsing file...

Manuel476 01.12.2015 22:15
Sorry, ich nin nicht so bewatenndert am pc, ich habe versucht alles was ich finde zu posten, sorre nochmal wenn ich irgendwas falls gemacht hab,sonst hab ich da nicht gefunden, wie soll ich den jetz weiter machen?
Ich bitte um Nachsehen Jürgen :)

deeprybka 01.12.2015 22:17
Was wolltest Du denn genau machen? :)

Hast Du Schritt 1 schon ausgeführt? Da ist ne Anleitung verlinkt die alles genau beschreibt.

Manuel476 01.12.2015 22:33
ALso ich hab F runtergeladen, untersuxht, auf kopieren gedrückt mit strg a und im editor verucht mit # weiter zukommen und mit strg c aber auch nichts passiert und nirgends ein# zu sehen mmmh was mache ich denn falsch?

nur wir vorher auch
FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
durchgeführt von Manuel (Administrator) auf MANU (01-12-2015 22:21:53)
Gestartet von C:\Users\Manuel\Downloads
Geladene Profile: Manuel (Verfügbare Profile: Manuel)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\Casio\XW-DJ1\CasioCplApp.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.15361.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\System32\wimserv.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe
(Farbar) C:\Users\Manuel\Downloads\FRST64(2).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648 2015-06-12] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-09-16] ()
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2732448 2015-10-15] (Acer)
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2015-09-16] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-18] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-18] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-18] (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Casio Control Panel Autostart.lnk [2015-11-26]
ShortcutTarget: Casio Control Panel Autostart.lnk -> C:\Program Files\Casio\XW-DJ1\CasioCplApp.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2015-11-22]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 0.0.0.1        mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{8d538c83-dc46-4aef-84b9-eff1c3096ba4}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930216073929093&GUID=05B5E2C7-6E6C-AA0A-4F3F-7F47FE4E0B66
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930216073935855&GUID=05B5E2C7-6E6C-AA0A-4F3F-7F47FE4E0B66
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930216073945408&GUID=05B5E2C7-6E6C-AA0A-4F3F-7F47FE4E0B66
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-1273145720-561992726-3298081300-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default
FF SelectedSearchEngine: Bing®
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-12] ()
FF Extension: Outrageous Deal - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\Extensions\{9f151910-c7b7-4060-98b3-333fd4cbc434}.xpi [2015-11-26] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-27]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\!70ACDE8C77C274EF19CEF2F3A8DE5D6270AC.js [2015-11-18]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2015-11-04] (Acer Incorporated)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-10-27] (Digital Wave Ltd.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-04-24] (Freemake) [Datei ist nicht signiert]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [Datei ist nicht signiert]
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2015-11-25] (Lavasoft Limited)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-06-12] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 athr; C:\Windows\System32\drivers\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NIWinCDEmu; C:\Windows\System32\drivers\NIWinCDEmu.sys [112408 2015-12-01] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [42184 2015-06-12] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-01 22:21 - 2015-12-01 22:21 - 02350080 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64(2).exe
2015-12-01 22:08 - 2015-12-01 22:10 - 00252846 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_22.08.56_log.txt
2015-12-01 22:08 - 2015-12-01 22:08 - 04398264 _____ (Kaspersky Lab ZAO) C:\Users\Manuel\Downloads\tdsskiller(1).exe
2015-12-01 21:59 - 2015-12-01 22:01 - 00000000 ____D C:\Users\Manuel\Downloads\_nidownload_7fc60d8813c881f07538bc113254dc9524dd2724
2015-12-01 21:59 - 2015-12-01 21:59 - 00043376 _____ C:\Users\Manuel\Downloads\_nidownload_Alicias_Keys.toc
2015-12-01 21:55 - 2015-12-01 21:56 - 14193160 _____ (Native Instruments GmbH) C:\Users\Manuel\Downloads\Alicias_Keys_Downloader(1).exe
2015-12-01 21:54 - 2015-12-01 21:55 - 10669636 _____ C:\Users\Manuel\Downloads\Alicias_Keys_Downloader.zip
2015-12-01 21:43 - 2015-12-01 21:43 - 00112408 _____ C:\WINDOWS\system32\Drivers\NIWinCDEmu.sys
2015-12-01 21:43 - 2015-12-01 21:43 - 00000000 ____D C:\Program Files (x86)\Native Instruments
2015-12-01 21:42 - 2015-12-01 21:43 - 14193160 _____ (Native Instruments GmbH) C:\Users\Manuel\Downloads\Alicias_Keys_Downloader.exe
2015-12-01 21:42 - 2015-12-01 21:43 - 14193160 _____ (Native Instruments GmbH) C:\Users\Manuel\Downloads\Alicias_Keys_Downloader (1).exe
2015-12-01 20:38 - 2015-12-01 20:38 - 00016148 _____ C:\WINDOWS\system32\MANU_Manuel_HistoryPrediction.bin
2015-12-01 18:21 - 2015-12-01 18:22 - 02350080 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64(1).exe
2015-12-01 12:52 - 2015-12-01 12:53 - 00046715 _____ C:\Users\Manuel\Downloads\Addition.txt
2015-12-01 12:50 - 2015-12-01 22:21 - 00017011 _____ C:\Users\Manuel\Downloads\FRST.txt
2015-12-01 12:48 - 2015-12-01 12:49 - 02350080 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64.exe
2015-12-01 12:43 - 2015-12-01 12:43 - 00000000 _____ C:\Users\Manuel\defogger_reenable
2015-12-01 12:41 - 2015-12-01 12:41 - 00050477 _____ C:\Users\Manuel\Downloads\Defogger.exe
2015-11-30 21:14 - 2015-11-30 21:15 - 00280912 _____ C:\WINDOWS\Minidump\113015-26796-01.dmp
2015-11-30 19:52 - 2015-11-30 19:52 - 00166531 _____ C:\Users\Manuel\Downloads\sugr.swf
2015-11-30 16:12 - 2015-12-01 14:16 - 00000000 ____D C:\Users\Manuel\Documents\REAPER Media
2015-11-30 16:09 - 2015-11-30 16:09 - 00000873 _____ C:\Users\Public\Desktop\REAPER (x64).lnk
2015-11-30 16:09 - 2015-11-30 16:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)
2015-11-30 16:09 - 2015-11-30 16:09 - 00000000 ____D C:\Program Files\REAPER (x64)
2015-11-30 16:07 - 2015-11-30 16:08 - 10230168 _____ C:\Users\Manuel\Downloads\reaper51_x64-install.exe
2015-11-28 15:42 - 2015-11-28 15:42 - 00003946 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1448721735
2015-11-28 15:42 - 2015-11-28 15:42 - 00001208 _____ C:\Users\Public\Desktop\Opera.lnk
2015-11-28 15:42 - 2015-11-28 15:42 - 00001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-11-28 15:40 - 2015-11-28 15:40 - 00717296 _____ (Opera Software) C:\Users\Manuel\Downloads\Opera_NI_stable.exe
2015-11-28 14:12 - 2015-11-28 14:13 - 00280912 _____ C:\WINDOWS\Minidump\112815-25437-01.dmp
2015-11-27 21:18 - 2015-11-27 23:37 - 00000000 ____D C:\Users\Manuel\Desktop\b
2015-11-27 19:53 - 2015-11-27 23:36 - 00000000 ____D C:\Users\Manuel\Desktop\november
2015-11-27 17:49 - 2015-11-27 17:49 - 00000782 _____ C:\Users\Manuel\Desktop\JRT.txt
2015-11-27 17:47 - 2015-11-27 17:47 - 00000000 ____D C:\Users\Manuel\Desktop\JRT_NewerVersion
2015-11-27 17:46 - 2015-11-27 17:47 - 01599080 _____ (Malwarebytes) C:\Users\Manuel\Downloads\JRT80.exe
2015-11-27 17:43 - 2015-11-27 17:44 - 01733632 _____ C:\Users\Manuel\Downloads\AdwCleaner_5.022(3).exe
2015-11-27 17:43 - 2015-11-27 17:44 - 01733632 _____ C:\Users\Manuel\Downloads\AdwCleaner_5.022(2).exe
2015-11-27 11:52 - 2015-11-27 11:53 - 01733632 _____ C:\Users\Manuel\Downloads\AdwCleaner_5.022(1).exe
2015-11-27 11:51 - 2015-11-27 11:52 - 00257212 _____ C:\TDSSKiller.3.1.0.6_27.11.2015_11.51.00_log.txt
2015-11-27 11:50 - 2015-11-27 11:50 - 04397752 _____ (Kaspersky Lab ZAO) C:\Users\Manuel\Downloads\tdsskiller.exe
2015-11-27 11:49 - 2015-11-27 11:49 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\AVG
2015-11-27 11:48 - 2015-11-27 11:48 - 00000000 ____D C:\Users\Manuel\AppData\Local\Avg
2015-11-27 11:47 - 2015-11-27 11:49 - 00000000 ____D C:\ProgramData\AVG
2015-11-27 11:14 - 2015-11-27 11:14 - 00000000 ____D C:\Users\Manuel\Desktop\RECORDER
2015-11-27 10:34 - 2015-11-27 12:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2015-11-27 10:19 - 2015-11-27 10:19 - 05090102 _____ C:\Users\Manuel\Downloads\tubemate-youtube-downloader-2-2-6-645-multi-android.apk
2015-11-26 20:29 - 2015-11-26 20:29 - 11959395 _____ C:\Users\Manuel\Downloads\ReaperHandbuch440.pdf
2015-11-26 18:51 - 2015-11-26 18:51 - 01338425 _____ C:\Users\Manuel\Downloads\CASIO_XW-DJ1_Driver_2_26(1).zip
2015-11-26 18:25 - 2015-11-26 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Casio
2015-11-26 18:25 - 2015-11-26 18:25 - 00000000 ____D C:\Program Files\Casio
2015-11-26 18:23 - 2015-11-26 18:23 - 01338425 _____ C:\Users\Manuel\Downloads\CASIO_XW-DJ1_Driver_2_26.zip
2015-11-26 15:05 - 2015-11-26 15:05 - 01733632 _____ C:\Users\Manuel\Downloads\AdwCleaner_5.022.exe
2015-11-26 15:01 - 2015-11-26 15:01 - 00001052 _____ C:\Users\Manuel\Desktop\REAPER.lnk
2015-11-26 15:01 - 2015-11-26 15:01 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REAPER
2015-11-26 15:01 - 2015-11-26 15:01 - 00000000 ____D C:\Program Files (x86)\REAPER
2015-11-26 15:00 - 2015-11-26 15:01 - 01132785 _____ C:\Users\Manuel\Downloads\reaper0999-install.exe
2015-11-26 14:58 - 2015-11-30 16:28 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\REAPER
2015-11-26 14:55 - 2015-11-26 14:55 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2015-11-26 14:46 - 2015-11-26 14:46 - 18397778 _____ C:\Users\Manuel\Downloads\Reaper51.zip
2015-11-26 14:45 - 2015-11-26 14:46 - 01466656 _____ C:\Users\Manuel\Downloads\Reaper - CHIP-Installer.exe
2015-11-26 09:44 - 2015-11-26 09:44 - 03786784 _____ (Synthesia LLC) C:\Users\Manuel\Downloads\Synthesia-10.2-installer.exe
2015-11-26 09:26 - 2015-11-26 09:26 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\PianoBooster
2015-11-26 09:20 - 2015-11-26 09:20 - 06388382 _____ C:\Users\Manuel\Downloads\PianoBoosterInstall-0-6-4.exe
2015-11-26 09:20 - 2015-11-26 09:20 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Piano Booster
2015-11-26 09:20 - 2015-11-26 09:20 - 00000000 ____D C:\Program Files (x86)\Piano Booster
2015-11-26 09:00 - 2015-11-26 09:00 - 00009876 _____ C:\Users\Manuel\Downloads\H._Berlioz_Chor_der_Trinker.mid
2015-11-26 09:00 - 2015-11-26 09:00 - 00002574 _____ C:\Users\Manuel\Downloads\Winter_Wonderland_Klavier.mid
2015-11-26 08:58 - 2015-11-26 08:58 - 00002981 _____ C:\Users\Manuel\Downloads\Weihnachtsmann_Violine_Klavier.mid
2015-11-26 08:58 - 2015-11-26 08:58 - 00002113 _____ C:\Users\Manuel\Downloads\Leise_rieselt_der_Schnee_Gitarre.mid
2015-11-26 08:55 - 2015-11-26 08:55 - 00001540 _____ C:\Users\Manuel\Downloads\Happy_Birthday_Gitarre.mid
2015-11-26 08:50 - 2015-11-26 08:50 - 00006989 _____ C:\Users\Manuel\Downloads\Boogie_Woogie_for_Strings_Violine_Klavier.mid
2015-11-25 21:55 - 2015-11-25 21:55 - 00073652 _____ C:\Users\Manuel\Downloads\schubert_D850_1_format0.mid
2015-11-25 16:16 - 2015-11-25 16:17 - 00001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia.lnk
2015-11-25 16:02 - 2015-11-25 16:17 - 00001974 _____ C:\Users\Public\Desktop\Synthesia.lnk
2015-11-25 16:02 - 2015-11-25 16:16 - 00000000 ____D C:\Program Files (x86)\Synthesia
2015-11-25 16:02 - 2015-11-25 16:02 - 00000000 ____D C:\Users\Manuel\Documents\Synthesia Music
2015-11-25 15:48 - 2015-11-25 15:48 - 00000000 ____D C:\Users\Manuel\Documents\Myriad Documents
2015-11-25 15:47 - 2015-11-25 15:48 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\ACAMPREF
2015-11-25 15:47 - 2015-11-25 15:47 - 00001160 _____ C:\Users\Manuel\Desktop\Melody Assistant.lnk
2015-11-25 15:47 - 2015-11-25 15:47 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Melody Assistant
2015-11-25 15:47 - 2015-11-25 15:47 - 00000000 ____D C:\Program Files (x86)\Melody Assistant
2015-11-25 10:31 - 2015-11-25 14:41 - 00001166 _____ C:\Users\Manuel\Desktop\ASIO4ALL v2 Anleitung.lnk
2015-11-25 10:31 - 2015-11-25 14:41 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2015-11-25 10:31 - 2015-11-25 14:41 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2015-11-25 10:13 - 2015-11-25 10:13 - 00000000 ____D C:\Users\Manuel\Desktop\mulab-6-5-32-win32
2015-11-25 10:10 - 2015-11-25 10:10 - 18461972 _____ C:\Users\Manuel\Desktop\mulab-6-5-32-win32.zip
2015-11-25 10:09 - 2015-11-27 17:48 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Lavasoft
2015-11-25 10:09 - 2015-11-25 22:21 - 00002912 _____ C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
2015-11-25 10:09 - 2015-11-25 22:21 - 00002912 _____ C:\WINDOWS\system32\LavasoftTcpServiceOff.ini
2015-11-25 10:09 - 2015-11-25 10:09 - 00425744 _____ (Lavasoft Limited) C:\WINDOWS\system32\LavasoftTcpService64.dll
2015-11-25 10:09 - 2015-11-25 10:09 - 00345360 _____ (Lavasoft Limited) C:\WINDOWS\SysWOW64\LavasoftTcpService.dll
2015-11-25 10:09 - 2015-11-25 10:09 - 00000000 ____D C:\Users\Manuel\AppData\Local\Lavasoft
2015-11-25 10:09 - 2015-11-25 10:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-11-25 10:08 - 2015-11-27 17:48 - 00000000 ____D C:\ProgramData\Lavasoft
2015-11-25 10:08 - 2015-11-25 10:08 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-11-23 11:37 - 2015-11-30 11:27 - 00305598 _____ C:\Users\Manuel\Documents\Bewerbung_Maler_und_Lackierer.doc2.neu.odt
2015-11-22 18:48 - 2015-11-22 18:48 - 00280912 _____ C:\WINDOWS\Minidump\112215-25625-01.dmp
2015-11-21 18:18 - 2015-11-22 18:50 - 00002024 _____ C:\Users\Manuel\Desktop\MIDI Pianist.lnk
2015-11-21 18:18 - 2015-11-21 18:18 - 00000010 ___SH C:\Users\Manuel\AppData\Roaming\user_database.dat
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\winregistry_001
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\mip
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MIDI Pianist
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Program Files (x86)\MIDI Pianist
2015-11-21 18:13 - 2015-11-25 10:11 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\dlg
2015-11-21 15:39 - 2015-11-21 15:39 - 00039884 _____ C:\mbam.txt
2015-11-21 14:32 - 2015-11-27 17:45 - 00000000 ____D C:\AdwCleaner
2015-11-21 13:44 - 2015-11-21 14:34 - 00513740 _____ C:\TDSSKiller.3.1.0.6_21.11.2015_13.44.40_log.txt
2015-11-21 13:42 - 2015-12-01 22:21 - 00000000 ____D C:\FRST
2015-11-19 17:21 - 2015-11-19 17:21 - 00000000 ____D C:\Users\Manuel\AppData\Local\CEF
2015-11-19 16:39 - 2015-11-19 16:39 - 00003300 _____ C:\WINDOWS\System32\Tasks\{D6F067B6-DC67-4EA0-BCBB-5CF0DD427DBE}
2015-11-19 15:22 - 2015-11-27 18:00 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-19 15:22 - 2015-11-22 18:51 - 00001169 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-19 15:22 - 2015-11-19 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-19 15:22 - 2015-11-19 15:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-19 15:22 - 2015-11-19 15:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-19 15:22 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-11-19 15:22 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-19 15:22 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-19 14:43 - 2015-11-19 14:43 - 00000000 _____ C:\autoexec.bat
2015-11-18 22:37 - 2015-11-19 11:32 - 00003532 _____ C:\WINDOWS\System32\Tasks\Kinafaeheufok
2015-11-18 21:39 - 2015-11-18 21:39 - 00003222 _____ C:\WINDOWS\System32\Tasks\{E49DE93D-3C2D-4E1A-A749-025F78238EEF}
2015-11-18 21:18 - 2015-11-19 14:24 - 00000098 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-11-18 21:07 - 2015-12-01 21:07 - 00001028 _____ C:\WINDOWS\Tasks\qPHwMWksY9eT0WjIbKxar.job
2015-11-18 21:07 - 2015-11-18 21:07 - 00004176 _____ C:\WINDOWS\System32\Tasks\qPHwMWksY9eT0WjIbKxar
2015-11-18 21:06 - 2015-11-21 12:14 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-18 21:05 - 2015-11-18 21:05 - 00003150 _____ C:\WINDOWS\System32\Tasks\gte3014
2015-11-18 21:02 - 2015-09-05 18:58 - 00000856 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-11-18 19:26 - 2015-11-18 19:49 - 00000000 ____D C:\Users\Manuel\Desktop\^piano
2015-11-18 19:05 - 2015-11-18 19:22 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Synthesia
2015-11-18 18:26 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\WINDOWS\SysWOW64\dhRichClient3.dll
2015-11-18 18:26 - 2011-03-25 20:42 - 00338432 _____ C:\WINDOWS\SysWOW64\sqlite36_engine.dll
2015-11-16 19:39 - 2015-11-16 19:45 - 00000000 ____D C:\Users\Manuel\AppData\Local\calibre-cache
2015-11-16 19:38 - 2015-11-22 18:51 - 00000997 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2015-11-16 19:38 - 2015-11-18 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2015-11-16 19:38 - 2015-11-18 21:49 - 00000000 ____D C:\Program Files\Calibre2
2015-11-16 19:38 - 2015-11-16 19:45 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\calibre
2015-11-16 19:38 - 2015-11-16 19:44 - 00000000 ____D C:\Users\Manuel\Documents\Calibre-Bibliothek
2015-11-15 17:52 - 2015-11-18 21:58 - 00000000 ____D C:\ProgramData\eMule
2015-11-11 16:41 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 16:41 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 16:41 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 16:41 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 16:41 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 16:41 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 16:41 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 16:41 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 16:41 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 16:41 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 16:41 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 16:41 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 16:41 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 16:41 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 16:41 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 16:41 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 16:41 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 16:41 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 16:41 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-11 16:41 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 16:41 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 16:41 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 16:41 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 16:41 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 16:41 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 16:41 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 16:41 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 16:41 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 16:41 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 16:41 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 16:41 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 16:41 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 16:41 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 16:41 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 16:41 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 16:41 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 16:41 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 16:41 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 16:41 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 16:41 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 16:41 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 16:41 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 16:41 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 16:41 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 16:41 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 16:41 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 16:41 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 16:41 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 16:41 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 16:41 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 16:41 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 16:41 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-11 16:41 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-07 13:11 - 2015-11-18 20:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-02 11:28 - 2015-11-02 11:28 - 00000383 _____ C:\ftconfig.ini

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-01 22:05 - 2015-05-17 19:31 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-01 21:43 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2015-12-01 21:38 - 2015-05-09 14:44 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-01 18:38 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-01 18:21 - 2015-04-24 21:30 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{01E50813-C029-43AD-83B0-C8875C1F6992}
2015-12-01 18:17 - 2015-08-22 04:46 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-01 14:03 - 2015-05-05 18:33 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\vlc
2015-12-01 13:01 - 2015-04-25 13:51 - 00000000 ____D C:\Users\Manuel\AppData\Local\CrashDumps
2015-12-01 13:00 - 2015-05-17 19:31 - 00001116 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-01 12:59 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-01 12:58 - 2015-08-22 04:05 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-12-01 12:58 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-01 12:53 - 2015-07-10 10:05 - 00000000 ____D C:\Windows
2015-12-01 12:43 - 2015-08-22 03:56 - 00000000 ____D C:\Users\Manuel
2015-12-01 10:48 - 2015-10-10 19:47 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\DVDVideoSoft
2015-12-01 09:22 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-01 09:22 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-30 21:14 - 2015-08-27 08:31 - 00000000 ____D C:\WINDOWS\Minidump
2015-11-30 21:14 - 2015-07-27 18:26 - 664977556 _____ C:\WINDOWS\MEMORY.DMP
2015-11-30 15:24 - 2015-08-22 04:14 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-30 15:24 - 2015-07-10 17:34 - 00772342 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-30 15:24 - 2015-07-10 17:34 - 00154170 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-28 15:42 - 2015-05-05 17:37 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-27 18:04 - 2015-04-25 05:13 - 00000000 ____D C:\Users\Public\OEM
2015-11-27 18:04 - 2015-04-24 21:29 - 00000000 ____D C:\Users\Manuel\AppData\Local\clear.fi
2015-11-27 18:04 - 2014-01-16 16:11 - 00000000 ____D C:\Program Files (x86)\Acer
2015-11-27 18:03 - 2014-01-16 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-11-27 12:42 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-11-27 10:32 - 2015-10-10 19:50 - 00001379 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2015-11-27 10:32 - 2015-10-10 19:50 - 00001318 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-11-27 10:32 - 2015-10-10 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-11-27 10:32 - 2015-10-10 19:49 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-11-26 15:14 - 2014-01-16 15:04 - 00000000 ___HD C:\OEM
2015-11-22 18:52 - 2015-10-13 18:31 - 00001370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-11-22 18:52 - 2015-10-10 22:13 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-22 18:52 - 2015-09-15 11:00 - 00002225 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-11-22 18:52 - 2015-08-22 04:03 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-22 18:52 - 2015-06-04 07:52 - 00001439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-11-22 18:52 - 2015-06-03 21:23 - 00000946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-11-22 18:52 - 2015-02-23 13:27 - 00001978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2015-11-22 18:52 - 2015-02-23 13:17 - 00001939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-11-22 18:52 - 2014-01-16 16:01 - 00002584 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk
2015-11-22 18:51 - 2015-10-22 06:26 - 00002079 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2015-11-22 18:51 - 2015-10-22 06:22 - 00002020 _____ C:\Users\Public\Desktop\abDocs.lnk
2015-11-22 18:51 - 2015-10-21 19:16 - 00001126 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-11-22 18:51 - 2015-10-10 22:13 - 00001116 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-22 18:51 - 2015-07-30 22:55 - 00001995 _____ C:\Users\Public\Desktop\abMedia.lnk
2015-11-22 18:51 - 2015-06-23 21:42 - 00002163 _____ C:\Users\Public\Desktop\Perfect Effects Free 9.lnk
2015-11-22 18:51 - 2015-05-26 13:59 - 00001206 _____ C:\Users\Public\Desktop\ImageBrowser EX.lnk
2015-11-22 18:51 - 2015-05-26 13:56 - 00001211 _____ C:\Users\Public\Desktop\Picture Style Editor.lnk
2015-11-22 18:51 - 2015-05-26 13:56 - 00001081 _____ C:\Users\Public\Desktop\EOS Utility.lnk
2015-11-22 18:51 - 2015-05-26 13:55 - 00001146 _____ C:\Users\Public\Desktop\Digital Photo Professional.lnk
2015-11-22 18:51 - 2015-05-05 18:32 - 00001080 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-11-22 18:51 - 2015-05-05 17:37 - 00000989 _____ C:\Users\Public\Desktop\MP3jam.lnk
2015-11-22 18:51 - 2015-05-05 17:35 - 00001346 _____ C:\Users\Public\Desktop\Freemake Video Downloader.lnk
2015-11-22 18:51 - 2015-04-25 16:09 - 00002636 _____ C:\Users\Public\Desktop\Skype.lnk
2015-11-22 18:51 - 2015-02-23 14:01 - 00001680 _____ C:\Users\Public\Desktop\Online kaufen.lnk
2015-11-22 18:51 - 2015-02-23 13:28 - 00002127 _____ C:\Users\Public\Desktop\Norton Online Backup.lnk
2015-11-22 18:50 - 2015-06-23 21:01 - 00001078 _____ C:\Users\Manuel\Desktop\PhotoFiltre 7.lnk
2015-11-22 18:50 - 2015-05-05 17:37 - 00001019 _____ C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\MP3jam.lnk
2015-11-22 18:50 - 2015-05-03 17:52 - 00001444 _____ C:\Users\Manuel\Desktop\amazon.de.lnk
2015-11-22 18:47 - 2015-07-10 12:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-11-21 17:03 - 2015-04-25 16:09 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Skype
2015-11-21 14:40 - 2015-04-24 20:51 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-11-19 16:22 - 2013-08-22 14:25 - 00000226 _____ C:\WINDOWS\win.ini
2015-11-13 14:54 - 2015-04-30 22:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-13 14:51 - 2015-04-30 22:01 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-12 17:20 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-12 02:47 - 2015-05-03 17:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-12 02:45 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-11 16:46 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-10 18:38 - 2015-05-09 14:44 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-03 19:20 - 2015-10-02 07:41 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 19:20 - 2015-10-02 07:41 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar
2015-11-21 18:18 - 2015-11-21 18:18 - 0000010 ___SH () C:\Users\Manuel\AppData\Roaming\user_database.dat
2015-07-26 15:55 - 2015-07-26 15:55 - 0001520 _____ () C:\Users\Manuel\AppData\Local\recently-used.xbel
2015-08-22 03:53 - 2015-08-22 03:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-11-18 21:18 - 2015-11-19 14:24 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Einige Dateien in TEMP:
====================
C:\Users\Manuel\AppData\Local\Temp\1448109662tmp.exe
C:\Users\Manuel\AppData\Local\Temp\BackupSetup.exe
C:\Users\Manuel\AppData\Local\Temp\beehihdcij.exe
C:\Users\Manuel\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Manuel\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Manuel\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Manuel\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Manuel\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Manuel\AppData\Local\Temp\tu17p84.exe
C:\Users\Manuel\AppData\Local\Temp\Uninstall.exe
C:\Users\Manuel\AppData\Local\Temp\UninstallModule.exe
C:\Users\Manuel\AppData\Local\Temp\ytdieamodc_amodc_inst.exe


code==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-24 16:21

==================== Ende von FRST.txt ============================
--- --- ---

deeprybka 01.12.2015 22:43
Zitat:
Zitat von deeprybka (Beitrag 1540354)
Hast Du dazu mehr Infos?

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
Ich meine das hier...

Manuel476 01.12.2015 22:50
wenn ich dass mache findet er nicchts ausser dss was ich schon gesand habe.

deeprybka 01.12.2015 22:57
Wer findet nichts?

Manuel476 01.12.2015 23:04
FRST downlaod und dann dies gefunden
weiter weip ich nicht, wenn ich strg und c drück passiert weiter nichts , was muss ich denn dann noch machen ?
FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
durchgeführt von Manuel (Administrator) auf MANU (01-12-2015 22:47:42)
Gestartet von C:\Users\Manuel\Downloads
Geladene Profile: Manuel (Verfügbare Profile: Manuel)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\Casio\XW-DJ1\CasioCplApp.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.15361.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\System32\wimserv.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe
(Farbar) C:\Users\Manuel\Downloads\FRST64(2).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648 2015-06-12] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-09-16] ()
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2732448 2015-10-15] (Acer)
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2015-09-16] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-18] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-18] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-18] (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Casio Control Panel Autostart.lnk [2015-11-26]
ShortcutTarget: Casio Control Panel Autostart.lnk -> C:\Program Files\Casio\XW-DJ1\CasioCplApp.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2015-11-22]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 0.0.0.1        mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{8d538c83-dc46-4aef-84b9-eff1c3096ba4}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930216073929093&GUID=05B5E2C7-6E6C-AA0A-4F3F-7F47FE4E0B66
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930216073935855&GUID=05B5E2C7-6E6C-AA0A-4F3F-7F47FE4E0B66
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930216073945408&GUID=05B5E2C7-6E6C-AA0A-4F3F-7F47FE4E0B66
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-1273145720-561992726-3298081300-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default
FF SelectedSearchEngine: Bing®
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-12] ()
FF Extension: Outrageous Deal - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\Extensions\{9f151910-c7b7-4060-98b3-333fd4cbc434}.xpi [2015-11-26] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-27]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\!70ACDE8C77C274EF19CEF2F3A8DE5D6270AC.js [2015-11-18]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2015-11-04] (Acer Incorporated)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-10-27] (Digital Wave Ltd.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-04-24] (Freemake) [Datei ist nicht signiert]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [Datei ist nicht signiert]
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2015-11-25] (Lavasoft Limited)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-06-12] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 athr; C:\Windows\System32\drivers\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NIWinCDEmu; C:\Windows\System32\drivers\NIWinCDEmu.sys [112408 2015-12-01] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [42184 2015-06-12] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-01 22:45 - 2015-12-01 22:45 - 00016148 _____ C:\WINDOWS\system32\MANU_Manuel_HistoryPrediction.bin
2015-12-01 22:21 - 2015-12-01 22:21 - 02350080 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64(2).exe
2015-12-01 22:08 - 2015-12-01 22:10 - 00252846 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_22.08.56_log.txt
2015-12-01 22:08 - 2015-12-01 22:08 - 04398264 _____ (Kaspersky Lab ZAO) C:\Users\Manuel\Downloads\tdsskiller(1).exe
2015-12-01 21:59 - 2015-12-01 22:01 - 00000000 ____D C:\Users\Manuel\Downloads\_nidownload_7fc60d8813c881f07538bc113254dc9524dd2724
2015-12-01 21:59 - 2015-12-01 21:59 - 00043376 _____ C:\Users\Manuel\Downloads\_nidownload_Alicias_Keys.toc
2015-12-01 21:55 - 2015-12-01 21:56 - 14193160 _____ (Native Instruments GmbH) C:\Users\Manuel\Downloads\Alicias_Keys_Downloader(1).exe
2015-12-01 21:54 - 2015-12-01 21:55 - 10669636 _____ C:\Users\Manuel\Downloads\Alicias_Keys_Downloader.zip
2015-12-01 21:43 - 2015-12-01 21:43 - 00112408 _____ C:\WINDOWS\system32\Drivers\NIWinCDEmu.sys
2015-12-01 21:43 - 2015-12-01 21:43 - 00000000 ____D C:\Program Files (x86)\Native Instruments
2015-12-01 21:42 - 2015-12-01 21:43 - 14193160 _____ (Native Instruments GmbH) C:\Users\Manuel\Downloads\Alicias_Keys_Downloader.exe
2015-12-01 21:42 - 2015-12-01 21:43 - 14193160 _____ (Native Instruments GmbH) C:\Users\Manuel\Downloads\Alicias_Keys_Downloader (1).exe
2015-12-01 18:21 - 2015-12-01 18:22 - 02350080 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64(1).exe
2015-12-01 12:52 - 2015-12-01 22:32 - 00046715 _____ C:\Users\Manuel\Downloads\Addition.txt
2015-12-01 12:50 - 2015-12-01 22:47 - 00017011 _____ C:\Users\Manuel\Downloads\FRST.txt
2015-12-01 12:48 - 2015-12-01 12:49 - 02350080 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64.exe
2015-12-01 12:43 - 2015-12-01 12:43 - 00000000 _____ C:\Users\Manuel\defogger_reenable
2015-12-01 12:41 - 2015-12-01 12:41 - 00050477 _____ C:\Users\Manuel\Downloads\Defogger.exe
2015-11-30 21:14 - 2015-11-30 21:15 - 00280912 _____ C:\WINDOWS\Minidump\113015-26796-01.dmp
2015-11-30 19:52 - 2015-11-30 19:52 - 00166531 _____ C:\Users\Manuel\Downloads\sugr.swf
2015-11-30 16:12 - 2015-12-01 14:16 - 00000000 ____D C:\Users\Manuel\Documents\REAPER Media
2015-11-30 16:09 - 2015-11-30 16:09 - 00000873 _____ C:\Users\Public\Desktop\REAPER (x64).lnk
2015-11-30 16:09 - 2015-11-30 16:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)
2015-11-30 16:09 - 2015-11-30 16:09 - 00000000 ____D C:\Program Files\REAPER (x64)
2015-11-30 16:07 - 2015-11-30 16:08 - 10230168 _____ C:\Users\Manuel\Downloads\reaper51_x64-install.exe
2015-11-28 15:42 - 2015-11-28 15:42 - 00003946 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1448721735
2015-11-28 15:42 - 2015-11-28 15:42 - 00001208 _____ C:\Users\Public\Desktop\Opera.lnk
2015-11-28 15:42 - 2015-11-28 15:42 - 00001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-11-28 15:40 - 2015-11-28 15:40 - 00717296 _____ (Opera Software) C:\Users\Manuel\Downloads\Opera_NI_stable.exe
2015-11-28 14:12 - 2015-11-28 14:13 - 00280912 _____ C:\WINDOWS\Minidump\112815-25437-01.dmp
2015-11-27 21:18 - 2015-11-27 23:37 - 00000000 ____D C:\Users\Manuel\Desktop\b
2015-11-27 19:53 - 2015-11-27 23:36 - 00000000 ____D C:\Users\Manuel\Desktop\november
2015-11-27 17:49 - 2015-11-27 17:49 - 00000782 _____ C:\Users\Manuel\Desktop\JRT.txt
2015-11-27 17:47 - 2015-11-27 17:47 - 00000000 ____D C:\Users\Manuel\Desktop\JRT_NewerVersion
2015-11-27 17:46 - 2015-11-27 17:47 - 01599080 _____ (Malwarebytes) C:\Users\Manuel\Downloads\JRT80.exe
2015-11-27 17:43 - 2015-11-27 17:44 - 01733632 _____ C:\Users\Manuel\Downloads\AdwCleaner_5.022(3).exe
2015-11-27 17:43 - 2015-11-27 17:44 - 01733632 _____ C:\Users\Manuel\Downloads\AdwCleaner_5.022(2).exe
2015-11-27 11:52 - 2015-11-27 11:53 - 01733632 _____ C:\Users\Manuel\Downloads\AdwCleaner_5.022(1).exe
2015-11-27 11:51 - 2015-11-27 11:52 - 00257212 _____ C:\TDSSKiller.3.1.0.6_27.11.2015_11.51.00_log.txt
2015-11-27 11:50 - 2015-11-27 11:50 - 04397752 _____ (Kaspersky Lab ZAO) C:\Users\Manuel\Downloads\tdsskiller.exe
2015-11-27 11:49 - 2015-11-27 11:49 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\AVG
2015-11-27 11:48 - 2015-11-27 11:48 - 00000000 ____D C:\Users\Manuel\AppData\Local\Avg
2015-11-27 11:47 - 2015-11-27 11:49 - 00000000 ____D C:\ProgramData\AVG
2015-11-27 11:14 - 2015-11-27 11:14 - 00000000 ____D C:\Users\Manuel\Desktop\RECORDER
2015-11-27 10:34 - 2015-11-27 12:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2015-11-27 10:19 - 2015-11-27 10:19 - 05090102 _____ C:\Users\Manuel\Downloads\tubemate-youtube-downloader-2-2-6-645-multi-android.apk
2015-11-26 20:29 - 2015-11-26 20:29 - 11959395 _____ C:\Users\Manuel\Downloads\ReaperHandbuch440.pdf
2015-11-26 18:51 - 2015-11-26 18:51 - 01338425 _____ C:\Users\Manuel\Downloads\CASIO_XW-DJ1_Driver_2_26(1).zip
2015-11-26 18:25 - 2015-11-26 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Casio
2015-11-26 18:25 - 2015-11-26 18:25 - 00000000 ____D C:\Program Files\Casio
2015-11-26 18:23 - 2015-11-26 18:23 - 01338425 _____ C:\Users\Manuel\Downloads\CASIO_XW-DJ1_Driver_2_26.zip
2015-11-26 15:05 - 2015-11-26 15:05 - 01733632 _____ C:\Users\Manuel\Downloads\AdwCleaner_5.022.exe
2015-11-26 15:01 - 2015-11-26 15:01 - 00001052 _____ C:\Users\Manuel\Desktop\REAPER.lnk
2015-11-26 15:01 - 2015-11-26 15:01 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REAPER
2015-11-26 15:01 - 2015-11-26 15:01 - 00000000 ____D C:\Program Files (x86)\REAPER
2015-11-26 15:00 - 2015-11-26 15:01 - 01132785 _____ C:\Users\Manuel\Downloads\reaper0999-install.exe
2015-11-26 14:58 - 2015-11-30 16:28 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\REAPER
2015-11-26 14:55 - 2015-11-26 14:55 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2015-11-26 14:46 - 2015-11-26 14:46 - 18397778 _____ C:\Users\Manuel\Downloads\Reaper51.zip
2015-11-26 14:45 - 2015-11-26 14:46 - 01466656 _____ C:\Users\Manuel\Downloads\Reaper - CHIP-Installer.exe
2015-11-26 09:44 - 2015-11-26 09:44 - 03786784 _____ (Synthesia LLC) C:\Users\Manuel\Downloads\Synthesia-10.2-installer.exe
2015-11-26 09:26 - 2015-11-26 09:26 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\PianoBooster
2015-11-26 09:20 - 2015-11-26 09:20 - 06388382 _____ C:\Users\Manuel\Downloads\PianoBoosterInstall-0-6-4.exe
2015-11-26 09:20 - 2015-11-26 09:20 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Piano Booster
2015-11-26 09:20 - 2015-11-26 09:20 - 00000000 ____D C:\Program Files (x86)\Piano Booster
2015-11-26 09:00 - 2015-11-26 09:00 - 00009876 _____ C:\Users\Manuel\Downloads\H._Berlioz_Chor_der_Trinker.mid
2015-11-26 09:00 - 2015-11-26 09:00 - 00002574 _____ C:\Users\Manuel\Downloads\Winter_Wonderland_Klavier.mid
2015-11-26 08:58 - 2015-11-26 08:58 - 00002981 _____ C:\Users\Manuel\Downloads\Weihnachtsmann_Violine_Klavier.mid
2015-11-26 08:58 - 2015-11-26 08:58 - 00002113 _____ C:\Users\Manuel\Downloads\Leise_rieselt_der_Schnee_Gitarre.mid
2015-11-26 08:55 - 2015-11-26 08:55 - 00001540 _____ C:\Users\Manuel\Downloads\Happy_Birthday_Gitarre.mid
2015-11-26 08:50 - 2015-11-26 08:50 - 00006989 _____ C:\Users\Manuel\Downloads\Boogie_Woogie_for_Strings_Violine_Klavier.mid
2015-11-25 21:55 - 2015-11-25 21:55 - 00073652 _____ C:\Users\Manuel\Downloads\schubert_D850_1_format0.mid
2015-11-25 16:16 - 2015-11-25 16:17 - 00001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia.lnk
2015-11-25 16:02 - 2015-11-25 16:17 - 00001974 _____ C:\Users\Public\Desktop\Synthesia.lnk
2015-11-25 16:02 - 2015-11-25 16:16 - 00000000 ____D C:\Program Files (x86)\Synthesia
2015-11-25 16:02 - 2015-11-25 16:02 - 00000000 ____D C:\Users\Manuel\Documents\Synthesia Music
2015-11-25 15:48 - 2015-11-25 15:48 - 00000000 ____D C:\Users\Manuel\Documents\Myriad Documents
2015-11-25 15:47 - 2015-11-25 15:48 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\ACAMPREF
2015-11-25 15:47 - 2015-11-25 15:47 - 00001160 _____ C:\Users\Manuel\Desktop\Melody Assistant.lnk
2015-11-25 15:47 - 2015-11-25 15:47 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Melody Assistant
2015-11-25 15:47 - 2015-11-25 15:47 - 00000000 ____D C:\Program Files (x86)\Melody Assistant
2015-11-25 10:31 - 2015-11-25 14:41 - 00001166 _____ C:\Users\Manuel\Desktop\ASIO4ALL v2 Anleitung.lnk
2015-11-25 10:31 - 2015-11-25 14:41 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2015-11-25 10:31 - 2015-11-25 14:41 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2015-11-25 10:13 - 2015-11-25 10:13 - 00000000 ____D C:\Users\Manuel\Desktop\mulab-6-5-32-win32
2015-11-25 10:10 - 2015-11-25 10:10 - 18461972 _____ C:\Users\Manuel\Desktop\mulab-6-5-32-win32.zip
2015-11-25 10:09 - 2015-11-27 17:48 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Lavasoft
2015-11-25 10:09 - 2015-11-25 22:21 - 00002912 _____ C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
2015-11-25 10:09 - 2015-11-25 22:21 - 00002912 _____ C:\WINDOWS\system32\LavasoftTcpServiceOff.ini
2015-11-25 10:09 - 2015-11-25 10:09 - 00425744 _____ (Lavasoft Limited) C:\WINDOWS\system32\LavasoftTcpService64.dll
2015-11-25 10:09 - 2015-11-25 10:09 - 00345360 _____ (Lavasoft Limited) C:\WINDOWS\SysWOW64\LavasoftTcpService.dll
2015-11-25 10:09 - 2015-11-25 10:09 - 00000000 ____D C:\Users\Manuel\AppData\Local\Lavasoft
2015-11-25 10:09 - 2015-11-25 10:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-11-25 10:08 - 2015-11-27 17:48 - 00000000 ____D C:\ProgramData\Lavasoft
2015-11-25 10:08 - 2015-11-25 10:08 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-11-23 11:37 - 2015-11-30 11:27 - 00305598 _____ C:\Users\Manuel\Documents\Bewerbung_Maler_und_Lackierer.doc2.neu.odt
2015-11-22 18:48 - 2015-11-22 18:48 - 00280912 _____ C:\WINDOWS\Minidump\112215-25625-01.dmp
2015-11-21 18:18 - 2015-11-22 18:50 - 00002024 _____ C:\Users\Manuel\Desktop\MIDI Pianist.lnk
2015-11-21 18:18 - 2015-11-21 18:18 - 00000010 ___SH C:\Users\Manuel\AppData\Roaming\user_database.dat
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\winregistry_001
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\mip
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MIDI Pianist
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Program Files (x86)\MIDI Pianist
2015-11-21 18:13 - 2015-11-25 10:11 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\dlg
2015-11-21 15:39 - 2015-11-21 15:39 - 00039884 _____ C:\mbam.txt
2015-11-21 14:32 - 2015-11-27 17:45 - 00000000 ____D C:\AdwCleaner
2015-11-21 13:44 - 2015-11-21 14:34 - 00513740 _____ C:\TDSSKiller.3.1.0.6_21.11.2015_13.44.40_log.txt
2015-11-21 13:42 - 2015-12-01 22:47 - 00000000 ____D C:\FRST
2015-11-19 17:21 - 2015-11-19 17:21 - 00000000 ____D C:\Users\Manuel\AppData\Local\CEF
2015-11-19 16:39 - 2015-11-19 16:39 - 00003300 _____ C:\WINDOWS\System32\Tasks\{D6F067B6-DC67-4EA0-BCBB-5CF0DD427DBE}
2015-11-19 15:22 - 2015-11-27 18:00 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-19 15:22 - 2015-11-22 18:51 - 00001169 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-19 15:22 - 2015-11-19 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-19 15:22 - 2015-11-19 15:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-19 15:22 - 2015-11-19 15:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-19 15:22 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-11-19 15:22 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-19 15:22 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-19 14:43 - 2015-11-19 14:43 - 00000000 _____ C:\autoexec.bat
2015-11-18 22:37 - 2015-11-19 11:32 - 00003532 _____ C:\WINDOWS\System32\Tasks\Kinafaeheufok
2015-11-18 21:39 - 2015-11-18 21:39 - 00003222 _____ C:\WINDOWS\System32\Tasks\{E49DE93D-3C2D-4E1A-A749-025F78238EEF}
2015-11-18 21:18 - 2015-11-19 14:24 - 00000098 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-11-18 21:07 - 2015-12-01 21:07 - 00001028 _____ C:\WINDOWS\Tasks\qPHwMWksY9eT0WjIbKxar.job
2015-11-18 21:07 - 2015-11-18 21:07 - 00004176 _____ C:\WINDOWS\System32\Tasks\qPHwMWksY9eT0WjIbKxar
2015-11-18 21:06 - 2015-11-21 12:14 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-18 21:05 - 2015-11-18 21:05 - 00003150 _____ C:\WINDOWS\System32\Tasks\gte3014
2015-11-18 21:02 - 2015-09-05 18:58 - 00000856 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-11-18 19:26 - 2015-11-18 19:49 - 00000000 ____D C:\Users\Manuel\Desktop\^piano
2015-11-18 19:05 - 2015-11-18 19:22 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Synthesia
2015-11-18 18:26 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\WINDOWS\SysWOW64\dhRichClient3.dll
2015-11-18 18:26 - 2011-03-25 20:42 - 00338432 _____ C:\WINDOWS\SysWOW64\sqlite36_engine.dll
2015-11-16 19:39 - 2015-11-16 19:45 - 00000000 ____D C:\Users\Manuel\AppData\Local\calibre-cache
2015-11-16 19:38 - 2015-11-22 18:51 - 00000997 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2015-11-16 19:38 - 2015-11-18 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2015-11-16 19:38 - 2015-11-18 21:49 - 00000000 ____D C:\Program Files\Calibre2
2015-11-16 19:38 - 2015-11-16 19:45 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\calibre
2015-11-16 19:38 - 2015-11-16 19:44 - 00000000 ____D C:\Users\Manuel\Documents\Calibre-Bibliothek
2015-11-15 17:52 - 2015-11-18 21:58 - 00000000 ____D C:\ProgramData\eMule
2015-11-11 16:41 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 16:41 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 16:41 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 16:41 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 16:41 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 16:41 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 16:41 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 16:41 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 16:41 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 16:41 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 16:41 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 16:41 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 16:41 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 16:41 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 16:41 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 16:41 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 16:41 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 16:41 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 16:41 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-11 16:41 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 16:41 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 16:41 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 16:41 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 16:41 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 16:41 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 16:41 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 16:41 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 16:41 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 16:41 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 16:41 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 16:41 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 16:41 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 16:41 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 16:41 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 16:41 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 16:41 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 16:41 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 16:41 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 16:41 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 16:41 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 16:41 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 16:41 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 16:41 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 16:41 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 16:41 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 16:41 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 16:41 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 16:41 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 16:41 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 16:41 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 16:41 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 16:41 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-11 16:41 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-07 13:11 - 2015-11-18 20:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-02 11:28 - 2015-11-02 11:28 - 00000383 _____ C:\ftconfig.ini

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-01 22:38 - 2015-05-09 14:44 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-01 22:05 - 2015-05-17 19:31 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-01 21:43 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2015-12-01 18:44 - 2015-08-22 04:46 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-01 18:38 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-01 18:21 - 2015-04-24 21:30 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{01E50813-C029-43AD-83B0-C8875C1F6992}
2015-12-01 14:03 - 2015-05-05 18:33 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\vlc
2015-12-01 13:01 - 2015-04-25 13:51 - 00000000 ____D C:\Users\Manuel\AppData\Local\CrashDumps
2015-12-01 13:00 - 2015-05-17 19:31 - 00001116 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-01 12:59 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-01 12:58 - 2015-08-22 04:05 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-12-01 12:58 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-01 12:53 - 2015-07-10 10:05 - 00000000 ____D C:\Windows
2015-12-01 12:43 - 2015-08-22 03:56 - 00000000 ____D C:\Users\Manuel
2015-12-01 10:48 - 2015-10-10 19:47 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\DVDVideoSoft
2015-12-01 09:22 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-01 09:22 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-30 21:14 - 2015-08-27 08:31 - 00000000 ____D C:\WINDOWS\Minidump
2015-11-30 21:14 - 2015-07-27 18:26 - 664977556 _____ C:\WINDOWS\MEMORY.DMP
2015-11-30 15:24 - 2015-08-22 04:14 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-30 15:24 - 2015-07-10 17:34 - 00772342 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-30 15:24 - 2015-07-10 17:34 - 00154170 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-28 15:42 - 2015-05-05 17:37 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-27 18:04 - 2015-04-25 05:13 - 00000000 ____D C:\Users\Public\OEM
2015-11-27 18:04 - 2015-04-24 21:29 - 00000000 ____D C:\Users\Manuel\AppData\Local\clear.fi
2015-11-27 18:04 - 2014-01-16 16:11 - 00000000 ____D C:\Program Files (x86)\Acer
2015-11-27 18:03 - 2014-01-16 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-11-27 12:42 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-11-27 10:32 - 2015-10-10 19:50 - 00001379 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2015-11-27 10:32 - 2015-10-10 19:50 - 00001318 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-11-27 10:32 - 2015-10-10 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-11-27 10:32 - 2015-10-10 19:49 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-11-26 15:14 - 2014-01-16 15:04 - 00000000 ___HD C:\OEM
2015-11-22 18:52 - 2015-10-13 18:31 - 00001370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-11-22 18:52 - 2015-10-10 22:13 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-22 18:52 - 2015-09-15 11:00 - 00002225 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-11-22 18:52 - 2015-08-22 04:03 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-22 18:52 - 2015-06-04 07:52 - 00001439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-11-22 18:52 - 2015-06-03 21:23 - 00000946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-11-22 18:52 - 2015-02-23 13:27 - 00001978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2015-11-22 18:52 - 2015-02-23 13:17 - 00001939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-11-22 18:52 - 2014-01-16 16:01 - 00002584 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk
2015-11-22 18:51 - 2015-10-22 06:26 - 00002079 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2015-11-22 18:51 - 2015-10-22 06:22 - 00002020 _____ C:\Users\Public\Desktop\abDocs.lnk
2015-11-22 18:51 - 2015-10-21 19:16 - 00001126 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-11-22 18:51 - 2015-10-10 22:13 - 00001116 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-22 18:51 - 2015-07-30 22:55 - 00001995 _____ C:\Users\Public\Desktop\abMedia.lnk
2015-11-22 18:51 - 2015-06-23 21:42 - 00002163 _____ C:\Users\Public\Desktop\Perfect Effects Free 9.lnk
2015-11-22 18:51 - 2015-05-26 13:59 - 00001206 _____ C:\Users\Public\Desktop\ImageBrowser EX.lnk
2015-11-22 18:51 - 2015-05-26 13:56 - 00001211 _____ C:\Users\Public\Desktop\Picture Style Editor.lnk
2015-11-22 18:51 - 2015-05-26 13:56 - 00001081 _____ C:\Users\Public\Desktop\EOS Utility.lnk
2015-11-22 18:51 - 2015-05-26 13:55 - 00001146 _____ C:\Users\Public\Desktop\Digital Photo Professional.lnk
2015-11-22 18:51 - 2015-05-05 18:32 - 00001080 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-11-22 18:51 - 2015-05-05 17:37 - 00000989 _____ C:\Users\Public\Desktop\MP3jam.lnk
2015-11-22 18:51 - 2015-05-05 17:35 - 00001346 _____ C:\Users\Public\Desktop\Freemake Video Downloader.lnk
2015-11-22 18:51 - 2015-04-25 16:09 - 00002636 _____ C:\Users\Public\Desktop\Skype.lnk
2015-11-22 18:51 - 2015-02-23 14:01 - 00001680 _____ C:\Users\Public\Desktop\Online kaufen.lnk
2015-11-22 18:51 - 2015-02-23 13:28 - 00002127 _____ C:\Users\Public\Desktop\Norton Online Backup.lnk
2015-11-22 18:50 - 2015-06-23 21:01 - 00001078 _____ C:\Users\Manuel\Desktop\PhotoFiltre 7.lnk
2015-11-22 18:50 - 2015-05-05 17:37 - 00001019 _____ C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\MP3jam.lnk
2015-11-22 18:50 - 2015-05-03 17:52 - 00001444 _____ C:\Users\Manuel\Desktop\amazon.de.lnk
2015-11-22 18:47 - 2015-07-10 12:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-11-21 17:03 - 2015-04-25 16:09 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Skype
2015-11-21 14:40 - 2015-04-24 20:51 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-11-19 16:22 - 2013-08-22 14:25 - 00000226 _____ C:\WINDOWS\win.ini
2015-11-13 14:54 - 2015-04-30 22:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-13 14:51 - 2015-04-30 22:01 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-12 17:20 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-12 02:47 - 2015-05-03 17:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-12 02:45 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-11 16:46 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-10 18:38 - 2015-05-09 14:44 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-03 19:20 - 2015-10-02 07:41 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 19:20 - 2015-10-02 07:41 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar
2015-11-21 18:18 - 2015-11-21 18:18 - 0000010 ___SH () C:\Users\Manuel\AppData\Roaming\user_database.dat
2015-07-26 15:55 - 2015-07-26 15:55 - 0001520 _____ () C:\Users\Manuel\AppData\Local\recently-used.xbel
2015-08-22 03:53 - 2015-08-22 03:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-11-18 21:18 - 2015-11-19 14:24 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Einige Dateien in TEMP:
====================
C:\Users\Manuel\AppData\Local\Temp\1448109662tmp.exe
C:\Users\Manuel\AppData\Local\Temp\BackupSetup.exe
C:\Users\Manuel\AppData\Local\Temp\beehihdcij.exe
C:\Users\Manuel\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Manuel\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Manuel\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Manuel\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Manuel\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Manuel\AppData\Local\Temp\tu17p84.exe
C:\Users\Manuel\AppData\Local\Temp\Uninstall.exe
C:\Users\Manuel\AppData\Local\Temp\UninstallModule.exe
C:\Users\Manuel\AppData\Local\Temp\ytdieamodc_amodc_inst.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-24 16:21

==================== Ende von FRST.txt ============================
--- --- ---

deeprybka 01.12.2015 23:21
Ich habe Dir doch einen Schritt gepostet, bei dem Du TDSSKiller ausführen sollst. :)

Manuel476 01.12.2015 23:29
Im TDSS nichts gefunden

deeprybka 01.12.2015 23:30
Du sollst aber auch das Log von TDSS-Killer posten. Wo Du das findest, steht ja in der Anweisung.

Manuel476 02.12.2015 08:33
Wenn ich den tssdkiller durchlaufen lassen hab, kann ich den Bericht nicht Kopieren, auswählen dass er blau wird schon aber nicht mit c oder sonstendwie speichern oder kopieren?°!
FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
durchgeführt von Manuel (Administrator) auf MANU (02-12-2015 08:18:51)
Gestartet von C:\Users\Manuel\Downloads
Geladene Profile: Manuel (Verfügbare Profile: Manuel)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\Casio\XW-DJ1\CasioCplApp.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(TODO: <Company name>) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Microsoft Corporation) C:\Windows\System32\wimserv.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.113\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.113\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.113\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.113\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.113\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.113\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.113\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.113\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.113\opera.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.15361.0_x64__8wekyb3d8bbwe\Video.UI.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Opera Software) C:\Program Files (x86)\Opera\33.0.1990.113\opera.exe
(Farbar) C:\Users\Manuel\Downloads\FRST64 (2).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648 2015-06-12] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-09-16] ()
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2732448 2015-10-15] (Acer)
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2015-09-16] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-18] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-18] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-03-18] (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Casio Control Panel Autostart.lnk [2015-11-26]
ShortcutTarget: Casio Control Panel Autostart.lnk -> C:\Program Files\Casio\XW-DJ1\CasioCplApp.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2015-11-22]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 0.0.0.1        mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{8d538c83-dc46-4aef-84b9-eff1c3096ba4}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930216073929093&GUID=05B5E2C7-6E6C-AA0A-4F3F-7F47FE4E0B66
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930216073935855&GUID=05B5E2C7-6E6C-AA0A-4F3F-7F47FE4E0B66
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930216073945408&GUID=05B5E2C7-6E6C-AA0A-4F3F-7F47FE4E0B66
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-1273145720-561992726-3298081300-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default
FF SelectedSearchEngine: Bing®
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-12] ()
FF Extension: Outrageous Deal - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\Extensions\{9f151910-c7b7-4060-98b3-333fd4cbc434}.xpi [2015-11-26] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-27]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\!70ACDE8C77C274EF19CEF2F3A8DE5D6270AC.js [2015-11-18]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2015-11-04] (Acer Incorporated)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-10-27] (Digital Wave Ltd.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-04-24] (Freemake) [Datei ist nicht signiert]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: <Company name>) [Datei ist nicht signiert]
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2015-11-25] (Lavasoft Limited)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-06-12] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 athr; C:\Windows\System32\drivers\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NIWinCDEmu; C:\Windows\System32\drivers\NIWinCDEmu.sys [112408 2015-12-01] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [42184 2015-06-12] (Synaptics Incorporated)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-02 08:18 - 2015-12-02 08:18 - 02350080 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64 (2).exe
2015-12-02 08:15 - 2015-12-02 08:15 - 02350080 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64 (1).exe
2015-12-02 08:09 - 2015-12-02 08:11 - 00252826 _____ C:\TDSSKiller.3.1.0.7_02.12.2015_08.09.53_log.txt
2015-12-02 08:09 - 2015-12-02 08:09 - 00000560 _____ C:\TDSSKiller.3.1.0.7_02.12.2015_08.09.44_log.txt
2015-12-02 08:04 - 2015-12-02 08:06 - 00058744 _____ C:\Users\Manuel\Downloads\Addition.txt
2015-12-02 08:03 - 2015-12-02 08:18 - 00017529 _____ C:\Users\Manuel\Downloads\FRST.txt
2015-12-02 08:01 - 2015-12-02 08:03 - 02350080 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64.exe
2015-12-02 07:49 - 2015-12-02 07:49 - 00016148 _____ C:\WINDOWS\system32\MANU_Manuel_HistoryPrediction.bin
2015-12-01 23:43 - 2015-12-01 23:49 - 00252680 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_23.43.03_log.txt
2015-12-01 23:42 - 2015-12-01 23:43 - 04398264 _____ (Kaspersky Lab ZAO) C:\Users\Manuel\Downloads\tdsskiller.exe
2015-12-01 23:26 - 2015-12-01 23:28 - 00252680 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_23.26.38_log.txt
2015-12-01 23:25 - 2015-12-01 23:25 - 00246848 ____N (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\39683098.sys
2015-12-01 23:25 - 2015-12-01 23:25 - 00048382 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_23.25.21_log.txt
2015-12-01 22:08 - 2015-12-01 22:10 - 00252846 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_22.08.56_log.txt
2015-12-01 21:43 - 2015-12-01 21:43 - 00112408 _____ C:\WINDOWS\system32\Drivers\NIWinCDEmu.sys
2015-12-01 21:43 - 2015-12-01 21:43 - 00000000 ____D C:\Program Files (x86)\Native Instruments
2015-12-01 12:43 - 2015-12-01 12:43 - 00000000 _____ C:\Users\Manuel\defogger_reenable
2015-11-30 21:14 - 2015-11-30 21:15 - 00280912 _____ C:\WINDOWS\Minidump\113015-26796-01.dmp
2015-11-30 16:12 - 2015-12-01 14:16 - 00000000 ____D C:\Users\Manuel\Documents\REAPER Media
2015-11-30 16:09 - 2015-11-30 16:09 - 00000873 _____ C:\Users\Public\Desktop\REAPER (x64).lnk
2015-11-30 16:09 - 2015-11-30 16:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)
2015-11-30 16:09 - 2015-11-30 16:09 - 00000000 ____D C:\Program Files\REAPER (x64)
2015-11-28 15:42 - 2015-11-28 15:42 - 00003946 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1448721735
2015-11-28 15:42 - 2015-11-28 15:42 - 00001208 _____ C:\Users\Public\Desktop\Opera.lnk
2015-11-28 15:42 - 2015-11-28 15:42 - 00001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-11-28 14:12 - 2015-11-28 14:13 - 00280912 _____ C:\WINDOWS\Minidump\112815-25437-01.dmp
2015-11-27 21:18 - 2015-11-27 23:37 - 00000000 ____D C:\Users\Manuel\Desktop\b
2015-11-27 19:53 - 2015-11-27 23:36 - 00000000 ____D C:\Users\Manuel\Desktop\november
2015-11-27 17:47 - 2015-11-27 17:47 - 00000000 ____D C:\Users\Manuel\Desktop\JRT_NewerVersion
2015-11-27 11:51 - 2015-11-27 11:52 - 00257212 _____ C:\TDSSKiller.3.1.0.6_27.11.2015_11.51.00_log.txt
2015-11-27 11:49 - 2015-11-27 11:49 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\AVG
2015-11-27 11:48 - 2015-11-27 11:48 - 00000000 ____D C:\Users\Manuel\AppData\Local\Avg
2015-11-27 11:47 - 2015-11-27 11:49 - 00000000 ____D C:\ProgramData\AVG
2015-11-27 11:14 - 2015-11-27 11:14 - 00000000 ____D C:\Users\Manuel\Desktop\RECORDER
2015-11-27 10:34 - 2015-11-27 12:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2015-11-26 18:25 - 2015-11-26 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Casio
2015-11-26 18:25 - 2015-11-26 18:25 - 00000000 ____D C:\Program Files\Casio
2015-11-26 15:01 - 2015-11-26 15:01 - 00001052 _____ C:\Users\Manuel\Desktop\REAPER.lnk
2015-11-26 15:01 - 2015-11-26 15:01 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REAPER
2015-11-26 15:01 - 2015-11-26 15:01 - 00000000 ____D C:\Program Files (x86)\REAPER
2015-11-26 14:58 - 2015-11-30 16:28 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\REAPER
2015-11-26 14:55 - 2015-11-26 14:55 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2015-11-26 09:26 - 2015-11-26 09:26 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\PianoBooster
2015-11-26 09:20 - 2015-11-26 09:20 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Piano Booster
2015-11-26 09:20 - 2015-11-26 09:20 - 00000000 ____D C:\Program Files (x86)\Piano Booster
2015-11-25 16:16 - 2015-11-25 16:17 - 00001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia.lnk
2015-11-25 16:02 - 2015-11-25 16:17 - 00001974 _____ C:\Users\Public\Desktop\Synthesia.lnk
2015-11-25 16:02 - 2015-11-25 16:16 - 00000000 ____D C:\Program Files (x86)\Synthesia
2015-11-25 16:02 - 2015-11-25 16:02 - 00000000 ____D C:\Users\Manuel\Documents\Synthesia Music
2015-11-25 15:48 - 2015-11-25 15:48 - 00000000 ____D C:\Users\Manuel\Documents\Myriad Documents
2015-11-25 15:47 - 2015-11-25 15:48 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\ACAMPREF
2015-11-25 15:47 - 2015-11-25 15:47 - 00001160 _____ C:\Users\Manuel\Desktop\Melody Assistant.lnk
2015-11-25 15:47 - 2015-11-25 15:47 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Melody Assistant
2015-11-25 15:47 - 2015-11-25 15:47 - 00000000 ____D C:\Program Files (x86)\Melody Assistant
2015-11-25 10:31 - 2015-11-25 14:41 - 00001166 _____ C:\Users\Manuel\Desktop\ASIO4ALL v2 Anleitung.lnk
2015-11-25 10:31 - 2015-11-25 14:41 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2015-11-25 10:31 - 2015-11-25 14:41 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2015-11-25 10:13 - 2015-11-25 10:13 - 00000000 ____D C:\Users\Manuel\Desktop\mulab-6-5-32-win32
2015-11-25 10:10 - 2015-11-25 10:10 - 18461972 _____ C:\Users\Manuel\Desktop\mulab-6-5-32-win32.zip
2015-11-25 10:09 - 2015-11-27 17:48 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Lavasoft
2015-11-25 10:09 - 2015-11-25 22:21 - 00002912 _____ C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
2015-11-25 10:09 - 2015-11-25 22:21 - 00002912 _____ C:\WINDOWS\system32\LavasoftTcpServiceOff.ini
2015-11-25 10:09 - 2015-11-25 10:09 - 00425744 _____ (Lavasoft Limited) C:\WINDOWS\system32\LavasoftTcpService64.dll
2015-11-25 10:09 - 2015-11-25 10:09 - 00345360 _____ (Lavasoft Limited) C:\WINDOWS\SysWOW64\LavasoftTcpService.dll
2015-11-25 10:09 - 2015-11-25 10:09 - 00000000 ____D C:\Users\Manuel\AppData\Local\Lavasoft
2015-11-25 10:09 - 2015-11-25 10:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-11-25 10:08 - 2015-11-27 17:48 - 00000000 ____D C:\ProgramData\Lavasoft
2015-11-25 10:08 - 2015-11-25 10:08 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-11-23 11:37 - 2015-11-30 11:27 - 00305598 _____ C:\Users\Manuel\Documents\Bewerbung_Maler_und_Lackierer.doc2.neu.odt
2015-11-22 18:48 - 2015-11-22 18:48 - 00280912 _____ C:\WINDOWS\Minidump\112215-25625-01.dmp
2015-11-21 18:18 - 2015-11-22 18:50 - 00002024 _____ C:\Users\Manuel\Desktop\MIDI Pianist.lnk
2015-11-21 18:18 - 2015-11-21 18:18 - 00000010 ___SH C:\Users\Manuel\AppData\Roaming\user_database.dat
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\winregistry_001
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\mip
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MIDI Pianist
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Program Files (x86)\MIDI Pianist
2015-11-21 18:13 - 2015-11-25 10:11 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\dlg
2015-11-21 15:39 - 2015-11-21 15:39 - 00039884 _____ C:\mbam.txt
2015-11-21 14:32 - 2015-11-27 17:45 - 00000000 ____D C:\AdwCleaner
2015-11-21 13:44 - 2015-11-21 14:34 - 00513740 _____ C:\TDSSKiller.3.1.0.6_21.11.2015_13.44.40_log.txt
2015-11-21 13:42 - 2015-12-02 08:18 - 00000000 ____D C:\FRST
2015-11-19 17:21 - 2015-11-19 17:21 - 00000000 ____D C:\Users\Manuel\AppData\Local\CEF
2015-11-19 16:39 - 2015-11-19 16:39 - 00003300 _____ C:\WINDOWS\System32\Tasks\{D6F067B6-DC67-4EA0-BCBB-5CF0DD427DBE}
2015-11-19 15:22 - 2015-11-27 18:00 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-19 15:22 - 2015-11-22 18:51 - 00001169 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-19 15:22 - 2015-11-19 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-19 15:22 - 2015-11-19 15:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-19 15:22 - 2015-11-19 15:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-19 15:22 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-11-19 15:22 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-19 15:22 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-19 14:43 - 2015-11-19 14:43 - 00000000 _____ C:\autoexec.bat
2015-11-18 22:37 - 2015-11-19 11:32 - 00003532 _____ C:\WINDOWS\System32\Tasks\Kinafaeheufok
2015-11-18 21:39 - 2015-11-18 21:39 - 00003222 _____ C:\WINDOWS\System32\Tasks\{E49DE93D-3C2D-4E1A-A749-025F78238EEF}
2015-11-18 21:18 - 2015-11-19 14:24 - 00000098 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-11-18 21:07 - 2015-12-02 07:46 - 00001028 _____ C:\WINDOWS\Tasks\qPHwMWksY9eT0WjIbKxar.job
2015-11-18 21:07 - 2015-11-18 21:07 - 00004176 _____ C:\WINDOWS\System32\Tasks\qPHwMWksY9eT0WjIbKxar
2015-11-18 21:06 - 2015-11-21 12:14 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-18 21:05 - 2015-11-18 21:05 - 00003150 _____ C:\WINDOWS\System32\Tasks\gte3014
2015-11-18 21:02 - 2015-09-05 18:58 - 00000856 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-11-18 19:26 - 2015-11-18 19:49 - 00000000 ____D C:\Users\Manuel\Desktop\^piano
2015-11-18 19:05 - 2015-11-18 19:22 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Synthesia
2015-11-18 18:26 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\WINDOWS\SysWOW64\dhRichClient3.dll
2015-11-18 18:26 - 2011-03-25 20:42 - 00338432 _____ C:\WINDOWS\SysWOW64\sqlite36_engine.dll
2015-11-16 19:39 - 2015-11-16 19:45 - 00000000 ____D C:\Users\Manuel\AppData\Local\calibre-cache
2015-11-16 19:38 - 2015-11-22 18:51 - 00000997 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2015-11-16 19:38 - 2015-11-18 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2015-11-16 19:38 - 2015-11-18 21:49 - 00000000 ____D C:\Program Files\Calibre2
2015-11-16 19:38 - 2015-11-16 19:45 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\calibre
2015-11-16 19:38 - 2015-11-16 19:44 - 00000000 ____D C:\Users\Manuel\Documents\Calibre-Bibliothek
2015-11-15 17:52 - 2015-11-18 21:58 - 00000000 ____D C:\ProgramData\eMule
2015-11-11 16:41 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 16:41 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 16:41 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 16:41 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 16:41 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 16:41 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 16:41 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 16:41 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 16:41 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 16:41 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 16:41 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 16:41 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 16:41 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 16:41 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 16:41 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 16:41 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 16:41 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 16:41 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 16:41 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-11 16:41 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 16:41 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 16:41 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 16:41 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 16:41 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 16:41 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 16:41 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 16:41 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 16:41 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 16:41 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 16:41 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 16:41 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 16:41 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 16:41 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 16:41 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 16:41 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 16:41 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 16:41 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 16:41 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 16:41 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 16:41 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 16:41 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 16:41 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 16:41 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 16:41 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 16:41 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 16:41 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 16:41 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 16:41 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 16:41 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 16:41 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 16:41 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 16:41 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-11 16:41 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-07 13:11 - 2015-11-18 20:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-02 11:28 - 2015-11-02 11:28 - 00000383 _____ C:\ftconfig.ini

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-02 08:05 - 2015-07-10 10:05 - 00000000 ____D C:\Windows
2015-12-02 08:05 - 2015-05-17 19:31 - 00001120 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-02 08:02 - 2015-05-05 18:33 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\vlc
2015-12-02 07:38 - 2015-05-09 14:44 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-02 07:02 - 2015-04-24 21:30 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{01E50813-C029-43AD-83B0-C8875C1F6992}
2015-12-02 00:06 - 2015-10-10 19:47 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\DVDVideoSoft
2015-12-01 23:26 - 2015-04-25 13:51 - 00000000 ____D C:\Users\Manuel\AppData\Local\CrashDumps
2015-12-01 21:43 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2015-12-01 18:44 - 2015-08-22 04:46 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-01 18:38 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-01 13:00 - 2015-05-17 19:31 - 00001116 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-01 12:59 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-01 12:58 - 2015-08-22 04:05 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-12-01 12:58 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-01 12:43 - 2015-08-22 03:56 - 00000000 ____D C:\Users\Manuel
2015-12-01 09:22 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-01 09:22 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-30 21:14 - 2015-08-27 08:31 - 00000000 ____D C:\WINDOWS\Minidump
2015-11-30 21:14 - 2015-07-27 18:26 - 664977556 _____ C:\WINDOWS\MEMORY.DMP
2015-11-30 15:24 - 2015-08-22 04:14 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-30 15:24 - 2015-07-10 17:34 - 00772342 _____ C:\WINDOWS\system32\perfh007.dat
2015-11-30 15:24 - 2015-07-10 17:34 - 00154170 _____ C:\WINDOWS\system32\perfc007.dat
2015-11-28 15:42 - 2015-05-05 17:37 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-27 18:04 - 2015-04-25 05:13 - 00000000 ____D C:\Users\Public\OEM
2015-11-27 18:04 - 2015-04-24 21:29 - 00000000 ____D C:\Users\Manuel\AppData\Local\clear.fi
2015-11-27 18:04 - 2014-01-16 16:11 - 00000000 ____D C:\Program Files (x86)\Acer
2015-11-27 18:03 - 2014-01-16 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-11-27 12:42 - 2015-07-10 12:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-11-27 10:32 - 2015-10-10 19:50 - 00001379 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2015-11-27 10:32 - 2015-10-10 19:50 - 00001318 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-11-27 10:32 - 2015-10-10 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-11-27 10:32 - 2015-10-10 19:49 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-11-26 15:14 - 2014-01-16 15:04 - 00000000 ___HD C:\OEM
2015-11-22 18:52 - 2015-10-13 18:31 - 00001370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-11-22 18:52 - 2015-10-10 22:13 - 00001122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-22 18:52 - 2015-09-15 11:00 - 00002225 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-11-22 18:52 - 2015-08-22 04:03 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-11-22 18:52 - 2015-06-04 07:52 - 00001439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-11-22 18:52 - 2015-06-03 21:23 - 00000946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-11-22 18:52 - 2015-02-23 13:27 - 00001978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2015-11-22 18:52 - 2015-02-23 13:17 - 00001939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-11-22 18:52 - 2014-01-16 16:01 - 00002584 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk
2015-11-22 18:51 - 2015-10-22 06:26 - 00002079 _____ C:\Users\Public\Desktop\Acer Portal.lnk
2015-11-22 18:51 - 2015-10-22 06:22 - 00002020 _____ C:\Users\Public\Desktop\abDocs.lnk
2015-11-22 18:51 - 2015-10-21 19:16 - 00001126 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-11-22 18:51 - 2015-10-10 22:13 - 00001116 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-22 18:51 - 2015-07-30 22:55 - 00001995 _____ C:\Users\Public\Desktop\abMedia.lnk
2015-11-22 18:51 - 2015-06-23 21:42 - 00002163 _____ C:\Users\Public\Desktop\Perfect Effects Free 9.lnk
2015-11-22 18:51 - 2015-05-26 13:59 - 00001206 _____ C:\Users\Public\Desktop\ImageBrowser EX.lnk
2015-11-22 18:51 - 2015-05-26 13:56 - 00001211 _____ C:\Users\Public\Desktop\Picture Style Editor.lnk
2015-11-22 18:51 - 2015-05-26 13:56 - 00001081 _____ C:\Users\Public\Desktop\EOS Utility.lnk
2015-11-22 18:51 - 2015-05-26 13:55 - 00001146 _____ C:\Users\Public\Desktop\Digital Photo Professional.lnk
2015-11-22 18:51 - 2015-05-05 18:32 - 00001080 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-11-22 18:51 - 2015-05-05 17:37 - 00000989 _____ C:\Users\Public\Desktop\MP3jam.lnk
2015-11-22 18:51 - 2015-05-05 17:35 - 00001346 _____ C:\Users\Public\Desktop\Freemake Video Downloader.lnk
2015-11-22 18:51 - 2015-04-25 16:09 - 00002636 _____ C:\Users\Public\Desktop\Skype.lnk
2015-11-22 18:51 - 2015-02-23 14:01 - 00001680 _____ C:\Users\Public\Desktop\Online kaufen.lnk
2015-11-22 18:51 - 2015-02-23 13:28 - 00002127 _____ C:\Users\Public\Desktop\Norton Online Backup.lnk
2015-11-22 18:50 - 2015-06-23 21:01 - 00001078 _____ C:\Users\Manuel\Desktop\PhotoFiltre 7.lnk
2015-11-22 18:50 - 2015-05-05 17:37 - 00001019 _____ C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\MP3jam.lnk
2015-11-22 18:50 - 2015-05-03 17:52 - 00001444 _____ C:\Users\Manuel\Desktop\amazon.de.lnk
2015-11-22 18:47 - 2015-07-10 12:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-11-21 17:03 - 2015-04-25 16:09 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Skype
2015-11-21 14:40 - 2015-04-24 20:51 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-11-19 16:22 - 2013-08-22 14:25 - 00000226 _____ C:\WINDOWS\win.ini
2015-11-13 14:54 - 2015-04-30 22:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-13 14:51 - 2015-04-30 22:01 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-12 17:20 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-12 02:47 - 2015-05-03 17:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-12 02:45 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-11 16:46 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-10 18:38 - 2015-05-09 14:44 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-03 19:20 - 2015-10-02 07:41 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 19:20 - 2015-10-02 07:41 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar
2015-11-21 18:18 - 2015-11-21 18:18 - 0000010 ___SH () C:\Users\Manuel\AppData\Roaming\user_database.dat
2015-07-26 15:55 - 2015-07-26 15:55 - 0001520 _____ () C:\Users\Manuel\AppData\Local\recently-used.xbel
2015-08-22 03:53 - 2015-08-22 03:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-11-18 21:18 - 2015-11-19 14:24 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Einige Dateien in TEMP:
====================
C:\Users\Manuel\AppData\Local\Temp\1448109662tmp.exe
C:\Users\Manuel\AppData\Local\Temp\BackupSetup.exe
C:\Users\Manuel\AppData\Local\Temp\beehihdcij.exe
C:\Users\Manuel\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Manuel\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Manuel\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Manuel\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Manuel\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Manuel\AppData\Local\Temp\tu17p84.exe
C:\Users\Manuel\AppData\Local\Temp\Uninstall.exe
C:\Users\Manuel\AppData\Local\Temp\UninstallModule.exe
C:\Users\Manuel\AppData\Local\Temp\ytdieamodc_amodc_inst.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-24 16:21

==================== Ende von FRST.txt ============================
--- --- ---FRST Additions Logfile:
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:01-12-2015
durchgeführt von Manuel (2015-12-02 08:19:36)
Gestartet von C:\Users\Manuel\Downloads
Windows 10 Home (X64) (2015-08-22 03:26:08)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1273145720-561992726-3298081300-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1273145720-561992726-3298081300-503 - Limited - Disabled)
Gast (S-1-5-21-1273145720-561992726-3298081300-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1273145720-561992726-3298081300-1003 - Limited - Enabled)
Manuel (S-1-5-21-1273145720-561992726-3298081300-1001 - Administrator - Enabled) => C:\Users\Manuel

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.08.2005 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2000 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2002.1 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.08.2006 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.103.2020.202 - Alps Electric)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{1B906F85-EA56-5379-F10B-1BA6530240DC}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.2 - AppEx Networks)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.12.2002.0 - Acer Incorporated)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
calibre 64bit (HKLM\...\{A80512D3-A72D-4DAF-B7DF-3804F9FAB1CE}) (Version: 2.44.1 - Kovid Goyal)
Canon iP4300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300) (Version:  - )
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.0.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.0.0 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.2.8 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.14.0.0 - Canon Inc.)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.0.4.1027 - DVDVideoSoft Ltd.)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.4 - Ellora Assets Corporation)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Melody Assistant (HKLM-x32\...\Melody Assistant) (Version: 7.6.3i - Myriad SARL)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
MIDI Pianist  1.30 (HKLM-x32\...\{2669B2D8-3420-4930-AA5A-D70C0726D46F}) (Version:  - Guenther Goerg)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MP3jam 1.1.1.11 (HKLM-x32\...\MP3jam_is1) (Version: 1.1.1.11 - MP3jam)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{276FD4A2-030F-8A24-7DFE-9B1384131BCD}) (Version: 1.00.0000 - Ihr Firmenname)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 33.0.1990.113 (HKLM-x32\...\Opera 33.0.1990.113) (Version: 33.0.1990.113 - Opera Software)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Perfect Effects Free 9 (HKLM-x32\...\Perfect Effects Free 9) (Version: 9.5.0 - on1)
PhotoFiltre 7 (HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\PhotoFiltre 7) (Version:  - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.10.0 - Synaptics Incorporated)
Synthesia (HKLM-x32\...\Synthesia) (Version: 10.2 - Synthesia LLC)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.32 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.353 - TuneUp Software) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Web Companion (HKLM-x32\...\{dad73a7c-3d7f-4194-89d9-92714902acbb}) (Version: 2.1.1199.2443 - Lavasoft)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.1.1739 - 1&1 Mail & Media GmbH)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
XW-DJ1 v2.26.0 (HKLM-x32\...\XW-DJ1 v2.26.0) (Version: 2.26.0 - Casio)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1273145720-561992726-3298081300-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Manuel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

21-11-2015 14:57:24 JRT Pre-Junkware Removal
21-11-2015 15:45:17 JRT Pre-Junkware Removal
27-11-2015 12:45:08 AVG PC TuneUp 2015 wird entfernt
27-11-2015 17:47:32 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2015-09-05 18:58 - 00000856 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.1        mssplus.mcafee.com

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0583DAA9-8CCD-4611-847D-229A256D908D} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {0EB7BC5A-6A35-4529-B30B-8E6255C4F704} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-10] (Adobe Systems Incorporated)
Task: {1044DF59-7DF2-49DE-806C-F242CE7B4B58} - System32\Tasks\{D6F067B6-DC67-4EA0-BCBB-5CF0DD427DBE} => pcalua.exe -a "C:\Program Files (x86)\OLBPre\updater\updater.exe" -c -uninstall="MyPC Backup "
Task: {18188656-F548-43A4-BEF7-0892D9B112EC} - System32\Tasks\{E49DE93D-3C2D-4E1A-A749-025F78238EEF} => pcalua.exe -a "C:\Program Files\WNEn\WWE_uninstall.exe"
Task: {1EBF23DF-21FC-4DD8-B731-817F8B77EE58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {1F30D7A3-F649-4211-9326-A685814F8AF0} - System32\Tasks\gte3014 => C:\PROGRA~2\FAST-S~1\gte3014.exe <==== ACHTUNG
Task: {29D1A7C4-8C65-49DF-AF57-6492251C2E27} - \Start Driver Reviver Schedule -> Keine Datei <==== ACHTUNG
Task: {36C6E7DD-4572-422D-A9A1-D345574869D6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {3BD8A3C6-9448-456D-924A-F36F112B9582} - \Form Bus -> Keine Datei <==== ACHTUNG
Task: {3FE981C1-B198-4003-AA79-5C42D0C6E090} - System32\Tasks\Kinafaeheufok => C:\ProgramData\Kinafaeheufok\1.0.6.1\imeibauk.exe
Task: {4FDC8387-931E-439D-B2CC-5C374F3FED8C} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-10-15] (Acer)
Task: {51B4A8C0-A606-4CA5-9A68-7FE931D5FFE6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {711B438A-7FA4-418A-A5C7-58D79E27A7CE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {77AE1EF2-3FC9-4126-8A73-E69DBE956A86} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated)
Task: {8CB1EEEB-F046-4445-9B67-ED3EB58CC2F2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {955D0AAF-8ADF-428C-8D3A-67B003C6F6A9} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-11-04] (Acer Incorporated)
Task: {9D0C96A7-64B7-40D4-96CD-D5C28A91391E} - System32\Tasks\Opera scheduled Autoupdate 1448721735 => C:\Program Files (x86)\Opera\launcher.exe [2015-11-16] (Opera Software)
Task: {9D1B6A36-A029-4B78-A226-A78B1E354BC6} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate)
Task: {9DF2F485-CE47-4201-9809-14EB8207E70A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {A69CB606-0D34-4F3E-B7F4-2F05B9F76B07} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {AB467F6A-1B52-42C7-BF58-0690CB40EF27} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {AE6CA2EE-3ADB-43F5-98B0-6D75686607BB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {B705F2AC-B464-4E95-8CFE-E51EE2C53D08} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-13] (Microsoft Corporation)
Task: {CD2B74C1-B603-42A2-A6F4-8744262795F2} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
Task: {CEE41AE5-AB08-4134-9C32-C05C715C3C93} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CF4654BB-0740-4BC8-877C-D68E7137BEE3} - System32\Tasks\Dolby Selector => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {DA0CE66D-8A3C-42D1-BE38-9FA352195A2A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {DAFE209B-C28F-490E-82C4-87125500905A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {DB43CDAD-1D7A-49E7-85A6-B117A6662845} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {E48832EA-24FA-4EB2-B6C3-28740C5C7D92} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {E63F2B99-274B-4014-A1A9-E989BBFA6B28} - System32\Tasks\qPHwMWksY9eT0WjIbKxar => C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar.exe <==== ACHTUNG
Task: {EDEF0AE6-833E-44B5-B124-BB4510DB0639} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {F4B3E856-1B33-43DD-B604-16F4F3117964} - \Start Driver Reviver Update -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\qPHwMWksY9eT0WjIbKxar.job => C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar.exe <==== ACHTUNG

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-10 12:00 - 2015-07-10 12:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-08-22 04:40 - 2015-08-22 04:40 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-21 21:09 - 2015-08-21 21:09 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-10-01 20:24 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 20:24 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-02-23 13:29 - 2013-07-30 18:11 - 00110152 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-10-01 20:23 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-10-01 20:24 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-01 20:23 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-01 20:23 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 20:24 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-11-26 18:25 - 2014-12-10 17:35 - 00323584 _____ () C:\Program Files\Casio\XW-DJ1\CasioCplApp.exe
2015-05-26 13:59 - 2015-02-10 14:08 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2015-11-21 14:58 - 2015-11-21 14:58 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2015-11-21 14:58 - 2015-11-21 14:58 - 11526656 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-11-21 14:58 - 2015-11-21 14:58 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-08-22 20:28 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-10-10 19:49 - 2015-10-27 20:15 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-10-10 19:49 - 2015-10-27 20:15 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-10-10 19:49 - 2015-10-27 20:15 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-10-10 19:49 - 2015-10-27 20:15 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-10-10 19:49 - 2015-10-27 20:15 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-10-10 19:49 - 2015-10-27 20:15 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-10-15 10:56 - 2015-10-15 10:56 - 00201568 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2015-10-15 10:56 - 2015-10-15 10:56 - 00118112 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2015-11-26 18:25 - 2014-12-10 17:35 - 00196608 _____ () C:\Program Files\Casio\XW-DJ1\casioxwdj1api.dll
2015-05-26 13:59 - 2015-02-18 13:11 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2015-07-28 15:33 - 2015-07-28 15:33 - 00201568 _____ () C:\Program Files (x86)\Acer\abMedia\curllib.dll
2015-07-28 15:36 - 2015-07-28 15:36 - 00653112 _____ () C:\Program Files (x86)\Acer\abMedia\sqlite3.dll
2015-07-28 15:36 - 2015-07-28 15:36 - 00640352 _____ () C:\Program Files (x86)\Acer\abMedia\tag.dll
2015-07-28 15:34 - 2015-07-28 15:34 - 00118112 _____ () C:\Program Files (x86)\Acer\abMedia\OpenLDAP.dll
2015-11-26 15:14 - 2015-11-26 15:14 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-11-04 14:07 - 2015-11-04 14:07 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2015-11-04 14:01 - 2015-11-04 14:01 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2015-11-28 15:42 - 2015-11-16 15:31 - 60741752 _____ () C:\Program Files (x86)\Opera\33.0.1990.113\opera.dll
2015-02-23 13:29 - 2013-07-30 18:11 - 00088648 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-11-28 15:42 - 2015-11-16 15:31 - 01919608 _____ () C:\Program Files (x86)\Opera\33.0.1990.113\libglesv2.dll
2015-11-28 15:42 - 2015-11-16 15:31 - 00081528 _____ () C:\Program Files (x86)\Opera\33.0.1990.113\libegl.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00143296 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 02631616 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00554944 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00041920 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00039872 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 12001728 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 01264064 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00086464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2015-04-13 14:56 - 2015-04-13 14:56 - 00070675 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 02158528 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00114112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00245184 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00089536 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libvdr_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00055744 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00072128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00593344 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00771520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00131520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00052672 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\librar_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00145856 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 01566656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00332736 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00069568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00048576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00242112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00108992 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00096704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00091584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00032192 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libtta_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00084928 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libwav_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00034752 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libcaf_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 00961472 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsid_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00137152 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2015-04-13 14:57 - 2015-04-13 14:57 - 01303488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00046528 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00261056 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00304576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 01291200 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00754624 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00344512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00052160 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00456128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00035776 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00157632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 01549248 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00356288 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00031680 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00363456 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2015-04-13 15:00 - 2015-04-13 15:00 - 00121792 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 13522368 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00772544 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00038848 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00702400 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00125376 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00064448 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00027584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00030656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00027584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00029120 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00037312 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2015-04-13 14:58 - 2015-04-13 14:58 - 00024000 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00022976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00022464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 01504704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00041408 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libadjust_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00026048 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libantiflicker_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libmotionblur_plugin.dll
2015-04-13 14:59 - 2015-04-13 14:59 - 00026048 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libgaussianblur_plugin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1273145720-561992726-3298081300-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Manuel\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Fotogalerie-Hintergrundbild.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{3C91E43C-2F3B-488F-B927-79BDE08FFE46}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{FB4F2C30-F7EF-4D02-B146-9DD40930C9DF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{44B08DA1-B9F4-44D9-AF38-59BB8FD79547}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{5ADA1914-E9E0-4155-AE4D-1CE70DE11AA7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7F2C0592-4451-4A03-A63D-782668F6E868}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0CD5F393-7DC8-4FBD-8CF4-0CF5E472E1A3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3CD89CEB-9AB7-4D45-B8FE-441FD86468A1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{027F6AD4-BADA-4A00-8ED3-B1B9F620A73A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{3CC5D384-DE4E-4A6F-B517-0FA83A563D33}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{54E5EC12-7730-447F-B0CF-58F99411340C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{60D27AC3-4C34-4F8A-838B-C65ABC0A374F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{989EE3D5-D5AE-456E-AEE6-CCD6E3339443}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{59975B08-6428-460A-B33F-FC3518CB26C8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{ECE2B27C-57C5-4F28-8CEE-BD30883B8FC0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CE4A058D-5763-415E-9908-77C90EDEA8CD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{36C9CF3D-D297-47BC-9673-8A3F2E4DB7EE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{8F1DE802-D847-4253-9317-02BA5FDD1AD4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{ED3E4370-5A57-498C-B383-CC0FBFF2B571}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{9A886F88-FFB5-4C39-BB45-657A9A317E54}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{10962F37-9BF2-4030-AD47-05FF9B3BC135}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{66E3D7ED-0B30-441D-AD61-3C4DAE82D85C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{9D07CA7C-3832-480E-96EB-FDDCE51DF2C5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{F402FD03-8938-4B89-9814-7E0BE2C4964A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{43C31AA2-A188-4931-85A4-80DE8558C461}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F751B177-0B59-46C0-B378-D127FCF67393}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{65BCBAF9-613D-4FCF-9159-7E1894477D2C}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{BAB6188B-70A1-46B7-AAAC-CC17A0037049}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{25EA8523-99EA-4160-9CC6-C6AC0FC70FA7}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{3002CEB4-0180-4633-AD68-9D0D1A2F857C}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{502E2D48-C599-436A-89EC-1AC7890CEF1E}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{0C61735D-2E4F-42BD-A6AF-34168991A9A6}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{EA4BB18B-DF91-41D8-8C6F-23B4A8D6A1E8}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{72C7FCF0-AE51-4DDC-93A8-7F9D1E0FC9E3}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{22517AD3-B5AC-4DF5-BD42-771B5D3DB22C}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{B63C3024-2751-4470-8F44-D6C3C682E6EA}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{D07F9650-EAF0-40D0-9B4F-B9BF26A5390D}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{31AB3515-7EA3-4C0F-BA6D-F709FC49863F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{B95B132A-2E53-4833-99D9-0B7D9C47F2E1}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{64D7479C-3C3C-4D42-A27B-E15F15E7B548}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{4876EEAD-F807-48A3-B931-B99EFEB302D7}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{5CB0FC13-3A83-4815-BA48-A7C9130D4D88}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{01BF0553-00FB-40A1-A10D-071382132B35}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FBE49B43-8402-4BAB-A26F-AB80964B8523}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{BAD26974-E6DB-473E-8DB7-1D75F7BAE82F}] => (Allow) LPort=2869
FirewallRules: [{C1C89701-7265-4208-A7B4-1C15652609AF}] => (Allow) LPort=1900
FirewallRules: [{E6D550E0-AC2A-46ED-9255-24E868F9D04B}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{4B2A7357-FF55-4CB8-B363-F977294B82AB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [TCP Query User{887129DB-E03C-491D-8843-72B13F8C676A}C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe] => (Allow) C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe
FirewallRules: [UDP Query User{D2DC7C77-59C7-4282-9D61-316E741AF736}C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe] => (Allow) C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe
FirewallRules: [{4329C654-BD73-4552-910C-4892B6B0426A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5DA83521-4B29-47AA-9FC7-76050F262FC9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{9C82D168-C2BA-4248-8902-9B0170A05383}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [UDP Query User{CAD18D84-2CC4-4E09-8549-3C31A25BBD59}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [TCP Query User{4FD7E02F-FEAC-42C3-9598-06B35A774BA8}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe
FirewallRules: [UDP Query User{CCB92935-EBEB-461C-8318-99F6926D6441}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe
FirewallRules: [TCP Query User{ED9AFED8-CF80-4DBC-A58B-5C4D323B0CFC}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe
FirewallRules: [UDP Query User{6BED0674-75D7-4D26-B041-CD9C980D7162}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/01/2015 11:25:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: tdsskiller(2).exe, Version: 3.1.0.7, Zeitstempel: 0x565b53f9
Name des fehlerhaften Moduls: tdsskiller(2).exe, Version: 3.1.0.7, Zeitstempel: 0x565b53f9
Ausnahmecode: 0x40000015
Fehleroffset: 0x00142b8c
ID des fehlerhaften Prozesses: 0x50
Startzeit der fehlerhaften Anwendung: 0xtdsskiller(2).exe0
Pfad der fehlerhaften Anwendung: tdsskiller(2).exe1
Pfad des fehlerhaften Moduls: tdsskiller(2).exe2
Berichtskennung: tdsskiller(2).exe3
Vollständiger Name des fehlerhaften Pakets: tdsskiller(2).exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: tdsskiller(2).exe5

Error: (12/01/2015 01:00:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MOM.exe, Version: 4.5.0.0, Zeitstempel: 0x53ad0e3f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f38c3
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000002a1c8
ID des fehlerhaften Prozesses: 0x193c
Startzeit der fehlerhaften Anwendung: 0xMOM.exe0
Pfad der fehlerhaften Anwendung: MOM.exe1
Pfad des fehlerhaften Moduls: MOM.exe2
Berichtskennung: MOM.exe3
Vollständiger Name des fehlerhaften Pakets: MOM.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MOM.exe5

Error: (12/01/2015 01:00:47 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: MOM.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Reflection.TargetInvocationException
Stapel:
  bei System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean)
  bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[])
  bei System.Reflection.RuntimeMethodInfo.Invoke(System.Object, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object[], System.Globalization.CultureInfo)
  bei System.RuntimeType.InvokeMember(System.String, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object, System.Object[], System.Reflection.ParameterModifier[], System.Globalization.CultureInfo, System.String[])
  bei System.Type.InvokeMember(System.String, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object, System.Object[])
  bei ATI.ACE.MOM.EXE.MOM.Main(System.String[])

Error: (12/01/2015 00:45:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MOM.exe, Version: 4.5.0.0, Zeitstempel: 0x53ad0e3f
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f38c3
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000002a1c8
ID des fehlerhaften Prozesses: 0x1894
Startzeit der fehlerhaften Anwendung: 0xMOM.exe0
Pfad der fehlerhaften Anwendung: MOM.exe1
Pfad des fehlerhaften Moduls: MOM.exe2
Berichtskennung: MOM.exe3
Vollständiger Name des fehlerhaften Pakets: MOM.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MOM.exe5

Error: (12/01/2015 00:45:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: MOM.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Reflection.TargetInvocationException
Stapel:
  bei System.RuntimeMethodHandle.InvokeMethod(System.Object, System.Object[], System.Signature, Boolean)
  bei System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(System.Object, System.Object[], System.Object[])
  bei System.Reflection.RuntimeMethodInfo.Invoke(System.Object, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object[], System.Globalization.CultureInfo)
  bei System.RuntimeType.InvokeMember(System.String, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object, System.Object[], System.Reflection.ParameterModifier[], System.Globalization.CultureInfo, System.String[])
  bei System.Type.InvokeMember(System.String, System.Reflection.BindingFlags, System.Reflection.Binder, System.Object, System.Object[])
  bei ATI.ACE.MOM.EXE.MOM.Main(System.String[])

Error: (12/01/2015 00:43:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Manu)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (12/01/2015 10:16:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: updater.exe, Version: 2.0.8100.0, Zeitstempel: 0x51da5d04
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.10240.16384, Zeitstempel: 0x559f38c3
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000002a1c8
ID des fehlerhaften Prozesses: 0x2488
Startzeit der fehlerhaften Anwendung: 0xupdater.exe0
Pfad der fehlerhaften Anwendung: updater.exe1
Pfad des fehlerhaften Moduls: updater.exe2
Berichtskennung: updater.exe3
Vollständiger Name des fehlerhaften Pakets: updater.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: updater.exe5

Error: (12/01/2015 10:16:59 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: updater.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
  bei System.Xml.XmlTextReaderImpl.Throw(System.Exception)
  bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
  bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
  bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
  bei System.Xml.XmlDocument.Load(System.String)
  bei updater.Report.AddFPToResult(updater.Result)
  bei updater.UpgradeItem.DiagnosticDownloadEvent(NotifyMgrArgs)
  bei updater.DownloadMgr.DownloadFile(System.String, System.String)
  bei updater.DownloadMgr.Worker(System.Object)
  bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
  bei System.Threading.ThreadPoolWorkQueue.Dispatch()

Error: (12/01/2015 10:03:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WerFault.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f3ba8
Name des fehlerhaften Moduls: jscript9diag.dll, Version: 11.0.10240.16384, Zeitstempel: 0x559f3fe5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000229d7
ID des fehlerhaften Prozesses: 0x2758
Startzeit der fehlerhaften Anwendung: 0xWerFault.exe0
Pfad der fehlerhaften Anwendung: WerFault.exe1
Pfad des fehlerhaften Moduls: WerFault.exe2
Berichtskennung: WerFault.exe3
Vollständiger Name des fehlerhaften Pakets: WerFault.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WerFault.exe5

Error: (12/01/2015 10:03:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f3c5a
Name des fehlerhaften Moduls: jscript9.dll, Version: 11.0.10240.16542, Zeitstempel: 0x5604b39a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0013f3ad
ID des fehlerhaften Prozesses: 0x238c
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe0
Pfad der fehlerhaften Anwendung: rundll32.exe1
Pfad des fehlerhaften Moduls: rundll32.exe2
Berichtskennung: rundll32.exe3
Vollständiger Name des fehlerhaften Pakets: rundll32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: rundll32.exe5


Systemfehler:
=============
Error: (12/02/2015 06:29:31 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (12/01/2015 06:17:40 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (12/01/2015 01:19:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200d fehlgeschlagen: Upgrade auf Windows 10 Home, Version 1511, 10586

Error: (12/01/2015 01:03:03 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (12/01/2015 00:59:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IE Search Set" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (12/01/2015 00:58:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/01/2015 00:48:03 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (12/01/2015 00:44:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (12/01/2015 00:44:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Freemake Improver erreicht.

Error: (12/01/2015 00:44:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IE Search Set" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


CodeIntegrity:
===================================
  Date: 2015-11-30 19:55:55.903
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-30 19:55:55.832
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-30 19:55:55.488
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-30 19:55:55.237
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-25 18:16:25.671
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-25 18:16:25.649
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-25 18:16:25.627
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-25 18:16:22.388
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-25 18:16:22.366
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-25 18:16:17.069
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: AMD A10-5757M APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 5578.27 MB
Verfügbarer physikalischer RAM: 3181.45 MB
Summe virtueller Speicher: 6474.27 MB
Verfügbarer virtueller Speicher: 2579.27 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:446.8 GB) (Free:355.6 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5B2447D6)

Partition: GPT.

==================== Ende von Addition.txt ============================
--- --- ---

deeprybka 02.12.2015 09:19
Zitat:
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Es steht doch hier wo Du die Logdatei findest...

Manuel476 02.12.2015 11:38
08:25:03.0942 0x279c TDSS rootkit removing tool 3.1.0.7 Nov 29 2015 22:37:04
08:25:03.0943 0x279c UEFI system
08:25:08.0580 0x279c ============================================================
08:25:08.0580 0x279c Current date / time: 2015/12/02 08:25:08.0580
08:25:08.0580 0x279c SystemInfo:
08:25:08.0580 0x279c
08:25:08.0580 0x279c OS Version: 10.0.10240 ServicePack: 0.0
08:25:08.0580 0x279c Product type: Workstation
08:25:08.0580 0x279c ComputerName: MANU
08:25:08.0580 0x279c UserName: Manuel
08:25:08.0580 0x279c Windows directory: C:\WINDOWS
08:25:08.0580 0x279c System windows directory: C:\WINDOWS
08:25:08.0580 0x279c Running under WOW64
08:25:08.0581 0x279c Processor architecture: Intel x64
08:25:08.0581 0x279c Number of processors: 4
08:25:08.0581 0x279c Page size: 0x1000
08:25:08.0581 0x279c Boot type: Normal boot
08:25:08.0581 0x279c ============================================================
08:25:09.0911 0x279c System UUID: {8CB43703-B46C-0F1F-7993-59ACF38B3A10}
08:25:10.0575 0x279c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:25:10.0592 0x279c ============================================================
08:25:10.0592 0x279c \Device\Harddisk0\DR0:
08:25:10.0592 0x279c GPT partitions:
08:25:10.0593 0x279c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {44097A82-1BFF-44B2-A7A9-CD5A063D2A87}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000
08:25:10.0593 0x279c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {8CEE9139-7327-4118-9A37-EE2F68D22557}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x96000
08:25:10.0593 0x279c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A3F8F626-EDBC-4086-84BC-CB61F7E5BD2D}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
08:25:10.0593 0x279c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {FA82E9F9-949A-4247-8FD1-BC6072AF4122}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x37D9B800
08:25:10.0593 0x279c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {DB9E5FC8-F984-4A35-B902-EB18B426A94D}, Name: Basic data partition, StartLBA 0x37F9E000, BlocksNum 0x23E8000
08:25:10.0593 0x279c MBR partitions:
08:25:10.0593 0x279c ============================================================
08:25:10.0636 0x279c C: <-> \Device\Harddisk0\DR0\Partition4
08:25:10.0636 0x279c ============================================================
08:25:10.0636 0x279c Initialize success
08:25:10.0636 0x279c ============================================================
08:25:22.0105 0x2648 ============================================================
08:25:22.0105 0x2648 Scan started
08:25:22.0105 0x2648 Mode: Manual; SigCheck; TDLFS;
08:25:22.0105 0x2648 ============================================================
08:25:22.0105 0x2648 KSN ping started
08:25:24.0427 0x2648 KSN ping finished: true
08:25:26.0483 0x2648 ================ Scan system memory ========================
08:25:26.0483 0x2648 System memory - ok
08:25:26.0485 0x2648 ================ Scan services =============================
08:25:26.0698 0x2648 [ 22CE801AD25C51E2553F41A076BB0CB2, 0520216417F1619FB642734EC937C59D5E79A24306C1E9B793C82FAE077851E6 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
08:25:26.0786 0x2648 1394ohci - ok
08:25:26.0815 0x2648 [ 2C49A2441EBB24C6ACFB524C1459115F, 0ABACB6F21C41C0297994E61F1BFABB3905AF6B569D0446FE8E174EB9225B8EF ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
08:25:26.0837 0x2648 3ware - ok
08:25:26.0892 0x2648 [ B87D3D07FE6F15328C6860D542F0E2BD, 46CF069EDD7DBFB4DB800BABA3081DAB363DD2CFD724AFF5916D3419F62A3574 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
08:25:26.0931 0x2648 ACPI - ok
08:25:26.0952 0x2648 [ 1E3C4EDBB7F3F668B7205E351010BB79, A3CA12F72836C4F77B671264828B370B9EBA9CD71110E2C0514994760B6B12FF ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
08:25:26.0973 0x2648 acpiex - ok
08:25:26.0992 0x2648 [ 13B1C26AEDCB40082CDD97506F968129, 883442206B4C60AA493E84CC3037B6C1568441E1F43D2B1FCBFD8D87D135D511 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
08:25:27.0011 0x2648 acpipagr - ok
08:25:27.0053 0x2648 [ B3D64FF927D611721DA73A61BF3A18B3, 96B51AFDC3078B5088AAF66F0CF3E07D2FCBBC84A19D309A25DF0A5C6CECB958 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
08:25:27.0079 0x2648 AcpiPmi - ok
08:25:27.0099 0x2648 [ 19F793B2203D94AC1F8AEDB08B494E2E, DC98CCF9935E1F1C32FA88575A9A678B74916EFF48E39A64CF1FF92232F64A52 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
08:25:27.0132 0x2648 acpitime - ok
08:25:27.0388 0x2648 [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:25:27.0421 0x2648 AdobeFlashPlayerUpdateSvc - ok
08:25:27.0514 0x2648 [ 2A24E10C1A1DE0E0035E353EED494A1C, CBBFA86578BE74CAADDCA923D65E3BFFC57BC17B887936ADE5C6952530546A22 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
08:25:27.0573 0x2648 ADP80XX - ok
08:25:27.0624 0x2648 [ A3D96563BF46FC8A0E5756B796127D14, BAD3C30714F6514D2AF725077A79FF671CC022E415786E1666C0B7C24CE3670A ] AFD C:\WINDOWS\system32\drivers\afd.sys
08:25:27.0664 0x2648 AFD - ok
08:25:27.0689 0x2648 [ EF09D07626820F7F89519514C17FE768, C3EC1DC163CD5946270ED876CD414889BBF2C586A8AF5DC7825FA5D77001E827 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
08:25:27.0705 0x2648 agp440 - ok
08:25:27.0732 0x2648 [ 8A289EF0721F95267BF2404BABEE146D, E263D258F03DF3BB405D49AE7230C37E7EB8F392FDEE48059C7C1E3709520D35 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
08:25:27.0769 0x2648 ahcache - ok
08:25:27.0804 0x2648 [ C301499987AF909258774AE9DC5778BB, 3ED539C999847116AE9DB9C8C5A34AB09703BAE3018E1EAF6DBC779BB6736F32 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
08:25:27.0821 0x2648 AJRouter - ok
08:25:27.0857 0x2648 [ DD69535D379F9E40AD0D6002887AAA99, 579DD18CE2B264B4058C6069B8AEE6FD9FE6A882B7DA19E300DFE40B37A4E5BE ] ALG C:\WINDOWS\System32\alg.exe
08:25:27.0882 0x2648 ALG - ok
08:25:27.0912 0x2648 [ 6DD5B6F43B389A058FA92C2C955F1296, 66575E05E91D88B1ED9BD2817A667DA91279B480106B6F97A82BB1DD7B731052 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
08:25:27.0936 0x2648 AMD External Events Utility - ok
08:25:28.0023 0x2648 [ 17DBF2825FFA6D66B1B3C55665721884, AE6369796BB1D586F76AF90F68CD34242F7FD586E8C2183474D154F384881511 ] AMD FUEL Service C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
08:25:28.0060 0x2648 AMD FUEL Service - detected UnsignedFile.Multi.Generic ( 1 )
08:25:30.0421 0x2648 Detect skipped due to KSN trusted
08:25:30.0421 0x2648 AMD FUEL Service - ok
08:25:30.0444 0x2648 [ 6763084E8322A4876D1613854640F914, 89EEEB47517A9964FA799821E5E45BDD6009EBDC628D6DADE6A7F03DE7CDA6CD ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
08:25:30.0485 0x2648 AmdK8 - ok
08:25:30.0517 0x2648 amdkmdag - ok
08:25:30.0585 0x2648 [ 8653B22467365AC4853566B2E20C36DE, AB2896370C6EBFDAE4195E3A25F40E440B709280A472ACCB4F8912E59D4C5DC6 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
08:25:30.0632 0x2648 amdkmdap - ok
08:25:30.0663 0x2648 [ 8A375CB3B6D1A56A2AEEE72A5F1D0926, 03D6EA77B141675B719E66DA09D1DACC7137B19F9918C303DD6870B3F36ADEBB ] amdkmpfd C:\WINDOWS\system32\drivers\amdkmpfd.sys
08:25:30.0682 0x2648 amdkmpfd - ok
08:25:30.0730 0x2648 [ DE29D8AB57AD67D4940CAB4A48B3E230, 4E92AFCD9107573DAB8E65AC6318E4B8851DCCBE17E135DFF8CF5733210B52E6 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
08:25:30.0754 0x2648 AmdPPM - ok
08:25:30.0771 0x2648 [ 4C1F9BBAF5CCD76D4642F3B92B97B454, 514CCAA8B586B1019658BE101046386EB727AD48D7913AEF9A168763E91F0DE5 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
08:25:30.0800 0x2648 amdsata - ok
08:25:30.0833 0x2648 [ F8195C1A15955180DD663E7FF4C2F6DD, F3C0C6B38FB9478217EE25EBDBDF7A18F01B97655BC38373E70E71171705D5E9 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
08:25:30.0872 0x2648 amdsbs - ok
08:25:30.0886 0x2648 [ DD2F5BBCFAC4D8E48DB1A95A7EEBFF08, 619E3106072C6F785144D785C4AFB4C607CAF7ED29AAA4A1411BE262E62B7ADE ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
08:25:30.0902 0x2648 amdxata - ok
08:25:30.0923 0x2648 [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
08:25:30.0933 0x2648 AODDriver4.3 - ok
08:25:30.0967 0x2648 [ 46AAF119090573A80D603745582229ED, 8D7C4AED66DD32A104965DC23D17C0815CD1BE2E3D52375C1A63863664EE174F ] AppID C:\WINDOWS\system32\drivers\appid.sys
08:25:30.0995 0x2648 AppID - ok
08:25:31.0034 0x2648 [ 24315B385F515D6D5476757EAFD62633, CE645397BF43CC54B864A0E4FCB86F76C10B9C2D2482E85DBBE15EF7BF045F17 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
08:25:31.0068 0x2648 AppIDSvc - ok
08:25:31.0089 0x2648 [ 2CE396457D5C18F034D243EC7E159010, DDF588A568DF5EAE058DF315535BD746760363E2242EF8C705F8DCBA2D5DA4A7 ] Appinfo C:\WINDOWS\System32\appinfo.dll
08:25:31.0118 0x2648 Appinfo - ok
08:25:31.0161 0x2648 [ A8AC0B8ED134888731D1A1BCEF930FA1, 917D2C99CB28C5F20BA386148B6A93541AEF900A9A99D310D732B501322945E5 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
08:25:31.0213 0x2648 AppReadiness - ok
08:25:31.0339 0x2648 [ 43BE4036BC793A48BB0021B0FFF943CF, 233102A2B0D4B0527C6C2894EA5D14D556AD4C00BCFFC4E2B171F8B9DD200BAA ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
08:25:31.0470 0x2648 AppXSvc - ok
08:25:31.0521 0x2648 [ FE62EDC3C804974E6CECB471E1E80EF6, D2C293645BECF1153D94DA41632DBE5852DCA32124B01F047AB5E6887742DA41 ] APXACC C:\WINDOWS\system32\DRIVERS\appexDrv.sys
08:25:31.0538 0x2648 APXACC - ok
08:25:31.0583 0x2648 [ 0756EECAC010BE449D07502DF27E7701, 6A895CA80050D021DB5E130102F626027339A22673B7C15C51A375C0401F03D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
08:25:31.0610 0x2648 arcsas - ok
08:25:31.0623 0x2648 [ A5792F971EFE86B7F56EE7299ED1082B, 82DCD15E2C9D8A3EA663941C9CE73020FEEF2F91354D0BB51E8A142AA1E30217 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
08:25:31.0647 0x2648 AsyncMac - ok
08:25:31.0656 0x2648 [ 8921DF6060DB5C7700AA48CB12E9EA08, 8F18841B454CDE4926C50B23F818D00ECE0AE884DB198E396445CB44CB39B2C4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
08:25:31.0671 0x2648 atapi - ok
08:25:31.0835 0x2648 [ 37B33DDE5490A2DF56DFB46580356E3F, 40FE378C9010B06FD7ADE30F76F916D5BDBB26525CF3D11D5780E2247B6099D8 ] athr C:\WINDOWS\System32\drivers\athwbx.sys
08:25:32.0069 0x2648 athr - ok
08:25:32.0101 0x2648 [ 0966FD5BAB1F9BE200875E9EED0A0A13, F4BE70C0581B51ED6DAE6412A5FF74AE310BF88DE89C5A5E5880BEED543B01D7 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
08:25:32.0122 0x2648 AtiHDAudioService - ok
08:25:32.0190 0x2648 [ 240FF83DD79546B26F187FAB20F83864, C4DC0159016B4A4630357131E614814C068D07BEA94AAF6393E882A78C9FCA1E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
08:25:32.0235 0x2648 AudioEndpointBuilder - ok
08:25:32.0298 0x2648 [ 6300722E8527EC54D426FD00EE5196B2, 71376BE797E8F3E2E671167DA400239D5289DE7EE56CF29564C98715B9DB1D09 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
08:25:32.0370 0x2648 Audiosrv - ok
08:25:32.0438 0x2648 [ 2F7F80543129210CA75995D0DCA488E8, 353E598FF26FA363C02A2B44BA8D7D1ED97B8AC8C69F1B5C5D521BD0D5D5AB94 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
08:25:32.0485 0x2648 AxInstSV - ok
08:25:32.0566 0x2648 [ 00D64E82900E4EC9062805ED87C2D75A, 577110F9A7C6C2C4CF86FFF4F60E23F61623ED325FC950033900A5102754A677 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
08:25:32.0607 0x2648 b06bdrv - ok
08:25:32.0649 0x2648 [ 5164A66EC1565711A7B4CF2F143B4979, DA29F0FB63F3EB2BF92D51FEB4BB7D2B964553D2F634556325953927464CB3A5 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
08:25:32.0668 0x2648 BasicDisplay - ok
08:25:32.0683 0x2648 [ F4C58BBF2972BD84C73F6A14CA35AC4E, B7A226EB861B63ACF4BF9B5A331ACA6FFC9B787DCCAA7697EEFC4F634508A6D5 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
08:25:32.0701 0x2648 BasicRender - ok
08:25:32.0719 0x2648 [ 25349D0B334E528667980948ED107D89, 70EF9D3B8DCAC6E9720C6F3EBC77392FADC182A6925F9024FE30A21321E0137F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
08:25:32.0729 0x2648 bcmfn2 - ok
08:25:32.0789 0x2648 [ DF78B56EEE6004DEE8CE57763128075E, 5758CAF4B0182F3F2E2508B3BB58B0271F2689808D09675B2753FE373D1D77D2 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
08:25:32.0853 0x2648 BDESVC - ok
08:25:32.0891 0x2648 [ 1E8A9267F8886803AAE02982FC1B5BC4, 655DF84E037BD6E582A6BA89737A4388956219171AF7253D126E54A23F16BE59 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
08:25:32.0927 0x2648 Beep - ok
08:25:32.0990 0x2648 [ 7FAFFFC4C59F5010D6E7CEA152076B92, 945FD6C04E109D4E5A4164BAA9A8120EC85AB809555AAD83E61B9F179F976FD7 ] BFE C:\WINDOWS\System32\bfe.dll
08:25:33.0048 0x2648 BFE - ok
08:25:33.0154 0x2648 [ BD60F5633F6BD617D9ECCA3FFDC0D37E, 2F0DECAEB7096CD628387263381E123C883F483BD87F7F2BA6DEFBB5A184BAA3 ] BITS C:\WINDOWS\System32\qmgr.dll
08:25:33.0258 0x2648 BITS - ok
08:25:33.0296 0x2648 [ C9FD65687EF89715999C582D3E568812, 42BA59A78A47C510CB2AFDC6C6080B33F9F611F84FEE5262DFF16D7633C50EB1 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
08:25:33.0319 0x2648 bowser - ok
08:25:33.0361 0x2648 [ 3A4A543F135DE9A06ABA9DF982D79DD7, ABA165435C27BE15D7EBD3E7D023E295CB7AE2A099DF9E253C78EC45EADD75EA ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
08:25:33.0408 0x2648 BrokerInfrastructure - ok
08:25:33.0452 0x2648 [ 2AAD720B32904B97EDD8C3211344F79E, 41B1AEA5FAA48033B2581E18D68EFC986C3D65B383847E250C054CE3133A893C ] Browser C:\WINDOWS\System32\browser.dll
08:25:33.0494 0x2648 Browser - ok
08:25:33.0531 0x2648 [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS C:\WINDOWS\System32\drivers\btath_bus.sys
08:25:33.0547 0x2648 BTATH_BUS - ok
08:25:33.0607 0x2648 [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
08:25:33.0647 0x2648 BtFilter - ok
08:25:33.0693 0x2648 [ F8DD3B0EAC1EF1D087AE47E5819540AC, 866C951B52E3202AC89552AEA72A45123367199335578F03815E2ED55DA2FDAE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
08:25:33.0711 0x2648 BthAvrcpTg - ok
08:25:33.0754 0x2648 [ 74C9D52F3F594529465E18B2BFF80487, F1ECD8B730AD8B90673735FD6D2D9F6F0754F8BAB7135B16A41128145D5F9377 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
08:25:33.0793 0x2648 BthEnum - ok
08:25:33.0838 0x2648 [ 647E2A425AD43637EAA01096A58B7089, 8F76D024FEBCBA1AC54363133DE1E0DD5B9D696E5E688EFEBC3B79F7F1B9C568 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
08:25:33.0872 0x2648 BthHFEnum - ok
08:25:33.0892 0x2648 [ B95040CAD3434D9EE003065363A0FAFF, D441E0676EA1AE1ABC305732024311CA59715E6763B3D7ADB728DEEFC403E182 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
08:25:33.0925 0x2648 bthhfhid - ok
08:25:33.0988 0x2648 [ F334BF7B0737CEB3B6822631EAD55A87, 4E5AEB1F8E109BA01A5D1CDE2E3C677FF07F2AFE8B195CB5F82AA28816D2060E ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
08:25:34.0025 0x2648 BthHFSrv - ok
08:25:34.0058 0x2648 [ 986F756D10B5A2B3971A03BD6308B94F, BEDEFD7470155621365439858B35239D4474487873431E67B01A4B7D56E7CE76 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
08:25:34.0087 0x2648 BthLEEnum - ok
08:25:34.0101 0x2648 [ 29AEE352AED4FCD2191436D263D75347, 3D21262EA26BF423BFA4A9146E53F8B036B2A1157DBE91A11C5603AF7A670B6F ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
08:25:34.0121 0x2648 BTHMODEM - ok
08:25:34.0164 0x2648 [ 38C97371F058E889F730BF35530732F4, 7CD16DF9C51D40CF80392E6DF444D6F5546B0E8B6A6DAC6DFD70BB45E014FA27 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
08:25:34.0186 0x2648 BthPan - ok
08:25:34.0259 0x2648 [ FCC211B0F46D831506D0D76539203899, A2609658AE36EB0FE4CFAA00684986193FEACED7BA8D869A9DF8D03312E53169 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
08:25:34.0324 0x2648 BTHPORT - ok
08:25:34.0368 0x2648 [ 26DD0127A05B333E36316E6EA9A6AAE2, A2DC4483FF5639EE8DD315AB2989865CA6A6992C578FD7F7D31698A015355941 ] bthserv C:\WINDOWS\system32\bthserv.dll
08:25:34.0388 0x2648 bthserv - ok
08:25:34.0436 0x2648 [ 5866AE46EEF644E6DE5C95942AE419D7, 0726C0845D2BA4247AB26ACF05006F6FA96015158CD49795801BB906DA80C007 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
08:25:34.0459 0x2648 BTHUSB - ok
08:25:34.0485 0x2648 [ 854AF190F55E6D70EC65A85798F896E2, 6D39F9131BE93F934502BA1DB109E7AD35D3987B636F7B32F9C34823DF25746B ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
08:25:34.0504 0x2648 buttonconverter - ok
08:25:34.0525 0x2648 [ A10A1E05A943B10ECE5D57D131B7404D, 71BB816B6841001A4305DF1814926B639265E91895CA5D06284B0970E40CE386 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
08:25:34.0584 0x2648 CapImg - ok
08:25:34.0790 0x2648 [ 455880C3D06D13DBCD9841B948B888D0, 4A342DB557DDEB2FD15B71FBBBAB72C10A51B7FCAD69DBF596962A1ACFFCC0C2 ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
08:25:34.0915 0x2648 CCDMonitorService - ok
08:25:35.0048 0x2648 [ A5C16A0BE89EE409732178BEB62F7EA7, D4B993F63CFD9B487BD53B532AB9435084B4C752F2731E189FA1420D516A4E95 ] ccSet_NARA C:\WINDOWS\system32\drivers\NARAx64\0405000.009\ccSetx64.sys
08:25:35.0069 0x2648 ccSet_NARA - ok
08:25:35.0084 0x2648 [ F2829DC6D292DCAC5029893BB2E9FEE3, AF2A25722D3BE37BABD1F6668786AAF39E9D6CA18CE8E845E63266E218C64526 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
08:25:35.0112 0x2648 cdfs - ok
08:25:35.0156 0x2648 [ F3A9E38AE23AD4015764AF89E4AE3519, 57ED6AC834177E128720FEC5B5793F35C7C36474E2D787F182B6730933222CC9 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
08:25:35.0205 0x2648 CDPSvc - ok
08:25:35.0244 0x2648 [ CA160E02F35A61C6F5C681FB4669C519, E6BC66156EE226F16804C4FDC8A60EB15CE6212EAFB9FB841FAC899979E140E2 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
08:25:35.0285 0x2648 cdrom - ok
08:25:35.0317 0x2648 [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
08:25:35.0372 0x2648 CertPropSvc - ok
08:25:35.0395 0x2648 [ 60D7D304DF75DFF6A46CF633F583B592, 4141D8D1C6FE829C02053DA91AC6B0628BDEB3322CAAD4AD958190F9D173340E ] circlass C:\WINDOWS\System32\drivers\circlass.sys
08:25:35.0430 0x2648 circlass - ok
08:25:35.0459 0x2648 [ FF9D4BCE19E5D36CB3A845A3286DA6C3, A0E2C38D629359EEC6F8EEC6F92A3E571AEF018BAF259F395DC497ED4827460B ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
08:25:35.0510 0x2648 CLFS - ok
08:25:35.0597 0x2648 [ 5C4648673693724C8D4A1A92E1AA06E6, 5D548241715687BFA52E40B867EF73CB45D01B7F9A9B7F00B92BF2B4C97BE1D0 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
08:25:35.0644 0x2648 ClipSVC - ok
08:25:35.0681 0x2648 [ 8EBA63416EC166EBA6EF6D34A505D8C8, 5EB0236ABEA2277B71D9F009DA71934C618606B20BBEC07B8595195E40C12A2B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
08:25:35.0697 0x2648 CmBatt - ok
08:25:35.0735 0x2648 [ 3B64DA873CEA5BEC42570BFF1054A014, 3649B25855CB9BE5BA3B3FEE4221575381FB2D488B8B050B5DD0088386AA0F7B ] CNG C:\WINDOWS\system32\Drivers\cng.sys
08:25:35.0773 0x2648 CNG - ok
08:25:35.0795 0x2648 [ 5EEA0856000F81B3D709BC81B3AA1EF2, C04E4E31D3FC38102BA410D312F58AF848920EE37004A5C306D79229C9B6079A ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
08:25:35.0809 0x2648 cnghwassist - ok
08:25:35.0838 0x2648 [ 81F2B52C47B8AD32CC4FF967FC8D73DA, 13D84B4096E0F9AB9D04F6CD9E9C0DE4B6DF6F11D63C797266D719FD2429A655 ] CompFilter64 C:\WINDOWS\System32\drivers\lvbflt64.sys
08:25:35.0848 0x2648 CompFilter64 - ok
08:25:35.0930 0x2648 [ 74CD3BF688E2B408227FE012A2F2D8ED, CC01AC79CEB9DC94FA5675D66F048928C9968B8944E34F5482A73C14B70EE8A8 ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys
08:25:35.0962 0x2648 CompositeBus - ok
08:25:35.0971 0x2648 COMSysApp - ok
08:25:36.0129 0x2648 [ D38774D1D383A2CDB9A4F64B7206913B, 6CDDC46D1D431342F00CA537FC327B23B8AA4D513CEEEE61F3E19C77975DF9C8 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
08:25:36.0175 0x2648 condrv - ok
08:25:36.0237 0x2648 [ 8AFDD74F2DC5BAD9B2215FB19DB65240, A2BDDA4C77C63D3D8E9F1D397D7B41EC1BF093A6399C14D311D4D230B5F1E093 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
08:25:36.0295 0x2648 CoreMessagingRegistrar - ok
08:25:36.0348 0x2648 [ 35DB06AACD8AD5999161DA71FF0E16F0, 22AD27811AAD14666ACEF4115447B0CFAA70D1E73923059FB2A9B4C3CBE500A6 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
08:25:36.0378 0x2648 CryptSvc - ok
08:25:36.0415 0x2648 [ F038EAF73AAB72A4A89185A5A7B9FD75, 8213A60B3BEAFC1C554C5D049DFE3C6E44CEFE639EDD6A335AC18A9DAEDA2D4B ] dam C:\WINDOWS\system32\drivers\dam.sys
08:25:36.0443 0x2648 dam - ok
08:25:36.0523 0x2648 [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
08:25:36.0595 0x2648 DcomLaunch - ok
08:25:36.0638 0x2648 [ 0605AB12BF1856DF21AB708F28EA91CF, 3A6A7F8F84044DC1EA490A007E6DBC52203BA237ECF1B845961D9BB95E9BF8C8 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
08:25:36.0673 0x2648 DcpSvc - ok
08:25:36.0733 0x2648 [ BABB7BB5AD3CECFF466E6080F43CFC58, 1B8FF66557EC4C749156ED6DACC4D61D5DC4E25DD58F6DB3713C356214B80FDA ] defragsvc C:\WINDOWS\System32\defragsvc.dll
08:25:36.0792 0x2648 defragsvc - ok
08:25:36.0824 0x2648 [ 63C9464B165D31ACC46B6B089AB36B41, DE38DE4E6331D07630B63224F8014C27368C29791EDB58CC5DAE7CBACD37160A ] DeviceAssociationService C:\WINDOWS\system32\das.dll
08:25:36.0869 0x2648 DeviceAssociationService - ok
08:25:36.0913 0x2648 [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
08:25:36.0945 0x2648 DeviceInstall - ok
08:25:36.0968 0x2648 [ CF3895DD260ADE05BC91D8FBE0A82907, D7D8A29E873BE5C3832C9264F0165F6CD50D42ED0E04B0FCF07F054793092334 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
08:25:36.0985 0x2648 DevQueryBroker - ok
08:25:37.0034 0x2648 [ 25435407D97419627F4B10653433BF2B, 5429B0DB7C5302E9A6AF92C046637183D4147D4A206963ABEA3A611214D6AB04 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
08:25:37.0073 0x2648 Dfsc - ok
08:25:37.0108 0x2648 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
08:25:37.0129 0x2648 dg_ssudbus - ok
08:25:37.0188 0x2648 [ E59C209F1F633C1AEAF151B2CA46BBAA, 6A4DA927418B56A228CC8D9DFA3351B2B53A9328F5C56C10F0C7B19974B2ED89 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
08:25:37.0243 0x2648 Dhcp - ok
08:25:37.0316 0x2648 [ 95AA7877FD4161BFBC8493F9279B1901, F6B7DF75D763A89901BD12454BEF92D161B392F721B8568505073929D9F419BD ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
08:25:37.0346 0x2648 diagnosticshub.standardcollector.service - ok
08:25:37.0452 0x2648 [ 58395E37ED838B93A56F1D089C2F53CF, 57D167B58DF5B33F7E2A98E1B8B33C8F076D34CA032D22F050AE6F83A48DC8E6 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
08:25:37.0530 0x2648 DiagTrack - ok
08:25:37.0669 0x2648 [ 0D83543D6823F99BE3B30D3B4CD92BAA, 1AF75395598F0F9DAA4F6B9E74AB58E857F2C615A2B09B25B740D05FAD9EF381 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
08:25:37.0705 0x2648 DigitalWave.Update.Service - ok
08:25:37.0770 0x2648 [ FDCD449AE9E75D7690593D16ADAF4DB4, 3366C4BDB031EB525F85850E903C46802A2AC762C0772C6F6E543DDA4AF1E9D5 ] disk C:\WINDOWS\system32\drivers\disk.sys
08:25:37.0802 0x2648 disk - ok
08:25:37.0833 0x2648 [ 43A1B8B43CA4E213E0FD920F2FD6BCBA, 839C6047FD6EA951538209C30C9D8AE68F9B47A58DA151D071C03408250B0ECD ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
08:25:37.0866 0x2648 DmEnrollmentSvc - ok
08:25:37.0886 0x2648 [ F10A8F6D036CEDD14A5471782C52F041, E0DA3C4F76DBBEAED549375E57819F8825B33A118F7674D417D294054863F648 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
08:25:37.0905 0x2648 dmvsc - ok
08:25:37.0945 0x2648 [ 7228733177F673B4D51BD1AA082D47C1, DBE155CDCFAA7C32407A207F637F252FA0CE30F1DE7E7DBEC42DB37FADB5BFA7 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
08:25:37.0979 0x2648 dmwappushservice - ok
08:25:38.0034 0x2648 [ 592E41B3C11CA12203D3708AD8FC3D37, 6C69D5D603FBF038C069EDDCE29F7C6A60CAAE58B985AB218E1497F2BA934D42 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
08:25:38.0080 0x2648 Dnscache - ok
08:25:38.0115 0x2648 [ 6184C7A2F12625C108AEFD3A43429967, 689153F319BB1013FF60F71317E8380A6945EEE8141EDBDD6B185A966E23BB93 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
08:25:38.0149 0x2648 dot3svc - ok
08:25:38.0168 0x2648 [ A616D8297C1BEA690BBC796736A7A78D, 9365470F4609606410AD79D98E1E77D815DC7C5AA924FB639FCF713EE8EDEA76 ] DPS C:\WINDOWS\system32\dps.dll
08:25:38.0194 0x2648 DPS - ok
08:25:38.0221 0x2648 [ 45771610FF181434073B5A0A00F20F8D, 6A17DB09AA6D021F000F7315317235E1FCF41FD58EA7DF81A7C9F5A6DE999984 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
08:25:38.0235 0x2648 drmkaud - ok
08:25:38.0258 0x2648 [ 00D9A948FB7344C62CEBED88E50EE39A, EF33FE7FB34DE571F3956C1F7AC8EFAA25BFD9F3AFA3ECD25DD34C5890873245 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
08:25:38.0287 0x2648 DsmSvc - ok
08:25:38.0326 0x2648 [ D920A8B070A9BA5C9DEFC3BA7C3883B5, 8EA05CDE58930EB16B4B502561AF2DB5229658FDC1948A9A8F249A7402C21398 ] DsSvc C:\WINDOWS\System32\DsSvc.dll
08:25:38.0352 0x2648 DsSvc - ok
08:25:38.0439 0x2648 [ 89C9C3745F270EF93988DA57BC6AA62B, 947886F3121919427BDCB123C6FC28E29CA73D427E92025E1BEAA743D27306D3 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
08:25:38.0532 0x2648 DXGKrnl - ok
08:25:38.0562 0x2648 [ 6E36BDBB46DF7F865D0DD30663AE3891, 98967B01EA450AD4D5FE8085F710359C022D783B839A51BD4A266718156B01EB ] Eaphost C:\WINDOWS\System32\eapsvc.dll
08:25:38.0587 0x2648 Eaphost - ok
08:25:38.0773 0x2648 [ 3070013B01EDA42C7EB67D731340C396, C083CA05650750876E70CB6AB51D5C047C06098C2ED86B083A74C97830247BFC ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
08:25:38.0922 0x2648 ebdrv - ok
08:25:38.0968 0x2648 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] EFS C:\WINDOWS\System32\lsass.exe
08:25:38.0986 0x2648 EFS - ok
08:25:39.0009 0x2648 [ 59EE187E333EE9914DD9BEA5F4E0D85D, E34BB8075E38FC6AEC056323C6E3B5B4E7041EE6F4D51699B706DEEA18BDB911 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
08:25:39.0026 0x2648 EhStorClass - ok
08:25:39.0049 0x2648 [ 9297F1CC486F24BDFD2874156AC5430F, 1AF8689ADE4E658FC9418F7886B6C19F7D005EAB2AEF9B0E14FC81C61A74CECF ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
08:25:39.0066 0x2648 EhStorTcgDrv - ok
08:25:39.0104 0x2648 [ 9E8FF6B95FD420FA9E40BE548E5C8D92, 8825B81418335D03CFAADB792C1466023C459BE489ACACBD6686FFB544F22D30 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
08:25:39.0145 0x2648 embeddedmode - ok
08:25:39.0176 0x2648 [ DC2F91EAE9A28FA8C6610A9B7701B70D, 480DB509BF944AAC3617594F1245B4603069DE39186BC1FA7EDB8E0536B05E79 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
08:25:39.0222 0x2648 EntAppSvc - ok
08:25:39.0322 0x2648 [ B5B5FC68BFB3F01267E54B236660E610, 103F90343B207AFB9151CDA71E70884FEB56E8596754D2AB8B3F46C045642F10 ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
08:25:39.0359 0x2648 ePowerSvc - ok
08:25:39.0381 0x2648 [ F7FCCA6300485EF60CEA6D991D6C8C78, 24080D80CF1FD678DF4C9CAE70F65F8D9232F5F6A6F2B73A77B5E3C91E6505F3 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
08:25:39.0402 0x2648 ErrDev - ok
08:25:39.0481 0x2648 [ 2093F65AA84478E28C8E9D05BC413845, 086D4E0D4B993F4041AA8A9DCBEEDB53BD05B88E2BEFB218837FB10FACDF4233 ] EventSystem C:\WINDOWS\system32\es.dll
08:25:39.0559 0x2648 EventSystem - ok
08:25:39.0619 0x2648 [ DCCDC3F35F0618692117DF90800A4284, B636B2A39AE89A9C2CDE17EC52DA669DA8AA9E2B04CA5CA19926DA8009655244 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
08:25:39.0668 0x2648 exfat - ok
08:25:39.0698 0x2648 [ 5A1C6AFFF6946C5C21A27AE05084C0D1, 558CB87E596E85182F6976F215EE0E35F57BF901409A2805E6A3C29D8984B048 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
08:25:39.0724 0x2648 fastfat - ok
08:25:39.0794 0x2648 [ 046FC9CF53A91E2FBA498CA7B0C3B028, BCFB06DF53065706DD6287E8C47BF5047F8A1E33981E1881E6ED7510337F5BC8 ] Fax C:\WINDOWS\system32\fxssvc.exe
08:25:39.0851 0x2648 Fax - ok
08:25:39.0891 0x2648 [ 4E4B7D935DBF522B2F23D3573596181D, 9D0EC9F65920EE0FFFB2D49C58E4D5151C8CEEB7AA82543D226E4B84EEE4B3F0 ] fcvsc C:\WINDOWS\System32\drivers\fcvsc.sys
08:25:39.0910 0x2648 fcvsc - ok
08:25:39.0935 0x2648 [ 583EB1C7690E361213BBD0472155128B, 5F5871490A6DAC4A824F4428941AC86FBFA9AA349B99B5D9544E5D62EB459FA8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
08:25:39.0953 0x2648 fdc - ok
08:25:39.0992 0x2648 [ 94B1A46EDD335F0C54C7BDAFC43348E6, 58073D58D0BE7389C2A4736AFE108835E5AE9C9950FF630644F585C99B964043 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
08:25:40.0035 0x2648 fdPHost - ok
08:25:40.0072 0x2648 [ BC855BB7DFE06F27F78E0EB2A8CCB70D, D16C3DAB99C16B077BA5DA5E9E0646B0B9237B00ABAE867D9F81A2D072D583B1 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
08:25:40.0116 0x2648 FDResPub - ok
08:25:40.0148 0x2648 [ F1125F20D56F28DDCD1A6F3E81EB4F5F, A6620ECCB15FAA70E4A43ADA4CE82CF97D708B6FA07F3FAED276359E7F92FD0F ] fhsvc C:\WINDOWS\system32\fhsvc.dll
08:25:40.0199 0x2648 fhsvc - ok
08:25:40.0231 0x2648 [ CDFD81CACE0E11596A3BB61EC4CF6467, 569FA86A215B054131AA9AFEECFEE7FD7143DCFFE275B84196004AEA538B2476 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
08:25:40.0264 0x2648 FileCrypt - ok
08:25:40.0306 0x2648 [ 3F02FEDAE894CBF4BAADDF8C8E1D53A8, DA32ABB1CDA867B8456C46F8581FA7F3A8D8B89D9F6E7422F51941D5FFA15B13 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
08:25:40.0335 0x2648 FileInfo - ok
08:25:40.0358 0x2648 [ 2824933386E30DE5BA089DF539CE19A3, 7B33E514576C68B444AE99CBA1360EBFAE8A46EEE5C01F4EE4CF471A712AB148 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
08:25:40.0400 0x2648 Filetrace - ok
08:25:40.0433 0x2648 [ 6A598249640F8BEDD79EC73917E1664F, A675238EA19E6632CDEB4EEFF7CF509EAAEF76AD8DFD247664E5607555D9CEE1 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
08:25:40.0469 0x2648 flpydisk - ok
08:25:40.0511 0x2648 [ 44B6A6832134DF651E887E941478CA35, FCF4EB726D00F5A17DD66C81CFDA49427281C94CF9CA2008397D591AEA61AE05 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
08:25:40.0548 0x2648 FltMgr - ok
08:25:40.0658 0x2648 [ C197284A9D565A38497733AF2BDFA111, C6615AF0D366C2DD6D431B073901EED02D49AA3F252230735DBB52A90BCFA833 ] FontCache C:\WINDOWS\system32\FntCache.dll
08:25:40.0763 0x2648 FontCache - ok
08:25:40.0886 0x2648 [ 109AACC7FB0170535F71491F673AFD38, 212B6761ABBAC29993DA0A47C3DDE8074EA9E5A8FFA8FF6EAB95AC69D8FDD5A0 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:25:40.0913 0x2648 FontCache3.0.0.0 - ok
08:25:41.0014 0x2648 [ 5359C07F50FE7D66098546C07908C218, A3CC58A6017333CE388794B53295FB6EDF1C709B25CD735763A205DA4C6AA33F ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
08:25:41.0033 0x2648 Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
08:25:43.0377 0x2648 Detect skipped due to KSN trusted
08:25:43.0377 0x2648 Freemake Improver - ok
08:25:43.0456 0x2648 [ 3F3B9E8CECD5604BC7746EF3A852EB67, 51AF62A9563379266C0C873E82F55427900032DFD7AC3EBDCDF77F8F8DE91A5D ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
08:25:43.0486 0x2648 FsDepends - ok
08:25:43.0504 0x2648 [ A60583221C7BB7CEC35C63285A297BE1, 3C842FBEAD1FA2BD8D37B2B0E8EDF77F4F50508C56FB25DFA81DE9679090D51D ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:25:43.0530 0x2648 Fs_Rec - ok
08:25:43.0587 0x2648 [ 58013A50225174EEF1410E37795D7908, F8E557CA4110ABB203192DEAF59D91A5FEF2A5EA394637276DAB7F4D2E7BFA39 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
08:25:43.0627 0x2648 fvevol - ok
08:25:43.0666 0x2648 [ 0DAAE3EFCE00133AB3E383A36C47CDAF, 9145665F4F0575F951803AAFAA1A7DC0FAA35430CAE7D90E902074D60D6F4C62 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
08:25:43.0683 0x2648 gagp30kx - ok
08:25:43.0735 0x2648 [ 61ABC13A9A44E6D6793BAC4F35045025, 44B58E98CC0F87B79FAD0D1CA04447F9401E2467C238CB07295A53EE72771633 ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
08:25:43.0766 0x2648 GamesAppIntegrationService - detected UnsignedFile.Multi.Generic ( 1 )
08:25:46.0098 0x2648 Detect skipped due to KSN trusted
08:25:46.0098 0x2648 GamesAppIntegrationService - ok
08:25:46.0173 0x2648 [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
08:25:46.0201 0x2648 GamesAppService - ok
08:25:46.0238 0x2648 [ F59155B95D01C08F9ED774B626B504A1, EF0FCF35AD9CD5E5D695F0C064244D2B327E7FB10FD7CBB0586253EC75562918 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
08:25:46.0257 0x2648 gencounter - ok
08:25:46.0274 0x2648 [ AE24452F55C6F1784CBD7489D0CDDB02, 4E13C51CBF30A8662B1180AC74E968CFC428B6EA7931F09357E7D120063D4823 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
08:25:46.0295 0x2648 genericusbfn - ok
08:25:46.0342 0x2648 [ 96F0D3A583A91B634EE2AC2507356EDC, 43D2575F33D28F61C13D2DCF358BFA9DCEAE276C83152DBE7AE2020A66929CD9 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
08:25:46.0367 0x2648 GPIOClx0101 - ok
08:25:46.0471 0x2648 [ E50CE978F571B900D9A7E2F1C5BCC070, EA14873A5F1B700D7CDBE55B9D214DC457262866A90D80B3E8325A8EB7932CE7 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
08:25:46.0575 0x2648 gpsvc - ok
08:25:46.0594 0x2648 [ BA2455D93BD57989A04FE4094AA6F941, B579FB367C063EA30C034381148410D49D38E183A5A4D51D2334A81DAEE95CEC ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
08:25:46.0617 0x2648 GpuEnergyDrv - ok
08:25:46.0708 0x2648 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:25:46.0730 0x2648 gupdate - ok
08:25:46.0745 0x2648 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:25:46.0765 0x2648 gupdatem - ok
08:25:46.0803 0x2648 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:25:46.0827 0x2648 gusvc - ok
08:25:46.0877 0x2648 [ C277A49F8A8295840DEBC9240B75A282, 8B2BA0E6A8300323765D95ECD843105B0FC4B80B85EE2220E677C4E9A760C9D8 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
08:25:46.0913 0x2648 HDAudBus - ok
08:25:46.0929 0x2648 [ D5A57EF4822A0388352FFF9F5CD53495, 509F365386859157E9078821FAA56D2A3C0BA296CA129E0D42453428A14687A5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
08:25:46.0945 0x2648 HidBatt - ok
08:25:46.0965 0x2648 [ 39575B53EB80C77FF2A3F1449D00B7F5, 37E66B38BACE00AFEF7093F990A234399D8451A9D2C2C8CBECAB69C664E63EA6 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
08:25:46.0986 0x2648 HidBth - ok
08:25:47.0012 0x2648 [ 35C3B602664116E737FF729F9A7156AD, 7A3C5CAD716E819CC53405971F3ACD135BCF023EC2228C1095E2116BCC384E62 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
08:25:47.0031 0x2648 hidi2c - ok
08:25:47.0041 0x2648 [ C4ABE526BBF2A18E8AF70177FBAD9C6E, 4DA06B563A08AC15D949F4599F73F172B3BFCB5D23B34240D1E2114438A11929 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
08:25:47.0057 0x2648 hidinterrupt - ok
08:25:47.0095 0x2648 [ 348416C7D7EB05BC3099FE2F2B27985C, F30E8682E9DD731A1AD7328FB8A48A2BB7D6E52780AE1FDE839D26E84B4FA7B5 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
08:25:47.0125 0x2648 HidIr - ok
08:25:47.0167 0x2648 [ 5576DF399CF2D3B63608F7F282151249, 04939E79B8B8035547CE6FFE9001252CA810BAD46D8DB75FF5C13EB10EEB5C57 ] hidserv C:\WINDOWS\system32\hidserv.dll
08:25:47.0199 0x2648 hidserv - ok
08:25:47.0222 0x2648 [ 01F732724AF6EFE69886DA95A4E51820, E048A480F9396418BDE9659596E7EDA5FF97D3CE029D186048609B47575BEAE1 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
08:25:47.0252 0x2648 HidUsb - ok
08:25:47.0291 0x2648 [ 7433A8D28EE11A661C7A45AF28BA7987, 8A73DB423924E84CD3629BF6C7298CD093D2437B73B3F4520D39330923DDA2D6 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
08:25:47.0322 0x2648 HomeGroupListener - ok
08:25:47.0383 0x2648 [ 3FDBFBE5AE639996EB8D482C16BA7EA9, 7E48304818AABB4C5B0CB7FD32D96D6F90F4180AB0F668A2FE653A7097A40673 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
08:25:47.0453 0x2648 HomeGroupProvider - ok
08:25:47.0491 0x2648 [ 3844CE7DD23530CAD59D8CABA57CCB05, A44BB60686A0E98FF370D9DED5B32C3F34F0352ACFA3B3052BA4023922B53DB7 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
08:25:47.0511 0x2648 HpSAMD - ok
08:25:47.0597 0x2648 [ CA6EADBB8731CA27BDA4037BF290AC14, 31EC9397D55D4EEC416AD722134E2D6B5D14E46D2150CB94889C4BFDAACBF421 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
08:25:47.0656 0x2648 HTTP - ok
08:25:47.0675 0x2648 [ 8841D927EB1F7FFC8B1805BC0CF190ED, B063E686380EEF582CF736E33751812F0041C593C7F30EE97D13DEDC9B246AB5 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
08:25:47.0690 0x2648 hwpolicy - ok
08:25:47.0710 0x2648 [ 53436C3835E80F4421652A67F44D6313, 8731091945A839713348DF3060A4C96033874E2B3DC7E099BEEC8C65B07F98CF ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
08:25:47.0726 0x2648 hyperkbd - ok
08:25:47.0748 0x2648 [ B2DC6C2F313EBB967B556B4E73A75451, B1816A0AE15705F0325F167EA76166779607D6086EC36A4A960E3BA47B4EBC4B ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
08:25:47.0765 0x2648 HyperVideo - ok
08:25:47.0782 0x2648 [ D4CDEE4A62BDFFF6E8558A9552148EA7, 55306786CB45082AE374937EBA256FF9CD640BB2E8C19DC6C704489D4743F5CC ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
08:25:47.0805 0x2648 i8042prt - ok
08:25:47.0827 0x2648 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
08:25:47.0853 0x2648 iaLPSSi_GPIO - ok
08:25:47.0873 0x2648 [ F1DF87463AC308047B089E9F0456B4C8, DFFF3C63D3124C2B879B888104042406FE326D4E7C8C1881A269BD4287B9CD33 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
08:25:47.0888 0x2648 iaLPSSi_I2C - ok
08:25:47.0948 0x2648 [ 9FDD4763A115D04F565C38183DE4646F, A8B0653E7C5F5B3CB2A1B642F502269FB1BB1E35DBB1CBABDBDADF92C9815727 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
08:25:47.0989 0x2648 iaStorAV - ok
08:25:48.0023 0x2648 [ 4E69EE8F8E5DA036535D433C544AF9E2, 2ADE9B97CE1C19FF984D8BB99CF31415872C2D9628864BD78C0E44D21CC94EE3 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
08:25:48.0053 0x2648 iaStorV - ok
08:25:48.0086 0x2648 [ 15C59DF20F74A0C2C764B991FED7F4A5, 6E9804775E815F32A4D73C346E627D64A3096525E78FAE3B6E43CFECAE270428 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
08:25:48.0131 0x2648 ibbus - ok
08:25:48.0162 0x2648 [ 88E6A429944544346EC3AE1FD7D24BCC, B6B8D51E5491C91D2FCDC77C1D82A5168B0C860252208E1B4612D8D5C19401AD ] icssvc C:\WINDOWS\System32\tetheringservice.dll
08:25:48.0189 0x2648 icssvc - ok
08:25:48.0195 0x2648 IEEtwCollectorService - ok
08:25:48.0268 0x2648 [ 6F9C31435DD3E3D3BC247212EA144EBF, 05C4A0BD4BABD27783CEFEE6108C1A05911A212189233F09AF1A56BDC60F60F8 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
08:25:48.0336 0x2648 IKEEXT - ok
08:25:48.0529 0x2648 [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
08:25:48.0690 0x2648 IntcAzAudAddService - ok
08:25:48.0777 0x2648 [ 498759139F71142888CF7EFA1ABE18C8, 9CD0CD748B143F947B4DEDE39344A8C284717CC8AC97E25827EB73CF10831419 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
08:25:48.0800 0x2648 intelide - ok
08:25:48.0837 0x2648 [ DC270DDCDDC2EF65D484A65CC5166222, A88BEAD819ABEFE28B6F9A10586ADCB0EE2A5ED9273F176E9313750609C7892F ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
08:25:48.0865 0x2648 intelpep - ok
08:25:48.0901 0x2648 [ B4D9C777762B1F7356958B9C0AA93BEB, F11B07FE939A107AB4EED4857854DF269C2D86A80C8507C8B1E95F7805975EDB ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
08:25:48.0922 0x2648 intelppm - ok
08:25:48.0941 0x2648 [ 22BD83268B80A8C89AAC0BDF46E4EB5D, E7DC0C2E4104B51EA545BA8D0CFF11FD6A15BFD8EE16E546E8FC220853402CB3 ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys
08:25:48.0960 0x2648 IoQos - ok
08:25:48.0978 0x2648 [ A49E47A6E1429123F46A7CA9C05AEFC1, FFD68CA46DFAA4954FD76145808E2C74BDC34FFD6979BB3FB6A3EE4DC33CDC78 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:25:49.0002 0x2648 IpFilterDriver - ok
08:25:49.0079 0x2648 [ 8FBA61B7CB44F136226BE3B346FC6D19, 2190A523AC948B18C2C7B6DC96ABB654DAB471AD5E5E13F79899416E91777AED ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
08:25:49.0151 0x2648 iphlpsvc - ok
08:25:49.0168 0x2648 [ E0C276985AF968CE295B8E09C121321F, 07B54165E80D4254C29A6CF00CC634E70F190EF0EB8EEF73EC14F38B841087A5 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
08:25:49.0189 0x2648 IPMIDRV - ok
08:25:49.0215 0x2648 [ 5D3744E6FDEC1A6FB3FA9B1DD4AF0694, 209BE9FC25C8BF8CE058B7E993B6A902B881380DADC69F5208733077DA7F4382 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
08:25:49.0239 0x2648 IPNAT - ok
08:25:49.0270 0x2648 [ B18202D72C0EF4B53CEC6F59E3E1B955, 6DA244E6485372C16CF0B38838DC90B48079A85F5D22B0F2F197C8DA37F0A293 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
08:25:49.0292 0x2648 IRENUM - ok
08:25:49.0329 0x2648 [ CD04CBCCCB4C0E4BB06B98E0F45C888A, 106B3E823C188BD14328F2BEA28559D2F637C270064B2FD214522FAC4E616F4C ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
08:25:49.0354 0x2648 isapnp - ok
08:25:49.0391 0x2648 [ 5D90E942C94B20E0F321015C0ABF3EEA, 4110551B172D4A5524DD857D7CB65FAF2594310BE7883D5641BC0DF5EF49C82C ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
08:25:49.0423 0x2648 iScsiPrt - ok
08:25:49.0443 0x2648 [ 4192DFE6CA143C0AD8AF42C51A82BECA, 31FB3A261D0D5241CC87EF7DFF8BFC1A1EACE8CEC42138918EC5958DAEE100CD ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
08:25:49.0459 0x2648 kbdclass - ok
08:25:49.0476 0x2648 [ B63C0DB341DCB46CF7AA259333A737DD, F1B43BA68707F3F99CD31AB2035F5E86CD967AE4E5393928C69861785E960872 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
08:25:49.0494 0x2648 kbdhid - ok
08:25:49.0507 0x2648 [ 53C79A7FABDAAFD11EAB31963FB2CED7, 357418645DDCEFA5546AE78EDCAE86D50928710CA7A3F65F01CF721AADA36623 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
08:25:49.0525 0x2648 kdnic - ok
08:25:49.0542 0x2648 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] KeyIso C:\WINDOWS\system32\lsass.exe
08:25:49.0561 0x2648 KeyIso - ok
08:25:49.0605 0x2648 [ 1E99B26BDB9B9C9BC775ED4543558560, 890870A6737B4910735D1B23F714AA73FCCD1C131D135FACBA6909F06D31B3FF ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
08:25:49.0624 0x2648 KSecDD - ok
08:25:49.0635 0x2648 [ 6198A79011C67497B324798B3D4272CE, C587F7D86837550D07918F6AACF26BF65EBAF7FF57475DC9196B4D011E83AE47 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
08:25:49.0655 0x2648 KSecPkg - ok
08:25:49.0673 0x2648 [ 503597D9B72DBD9998F722F12A51ACFC, 9B3585282191163AA70243BAD921ED8725A98454E0D3879E0F671E0E4F56AB4F ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
08:25:49.0691 0x2648 ksthunk - ok
08:25:49.0743 0x2648 [ ED5AE20C27F27F293C6C61AEC9881054, 4D5BE394D129BD559B0A9D237F3F59CB3D24C15ABDD97AE2E64931D6B9D14FF1 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
08:25:49.0779 0x2648 KtmRm - ok
08:25:49.0815 0x2648 [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C C:\WINDOWS\System32\drivers\L1C63x64.sys
08:25:49.0827 0x2648 L1C - ok
08:25:49.0880 0x2648 [ C529DA0AD5A21878E318801B024AF8E7, A14E8ADCA33C37B1D256CB4926A19F56D2D19B94EDF314A4ED34A8B5AB62CA5A ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
08:25:49.0918 0x2648 LanmanServer - ok
08:25:49.0967 0x2648 [ D6D9F4CAFD3F1A7E30AD02E508552CD2, F0D225E5951CFE1D8349F634CC91BDD5B3F9DCF6233CCB965E99BFEAFE642265 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
08:25:50.0002 0x2648 LanmanWorkstation - ok
08:25:50.0141 0x2648 [ 8FB6D64CB42E660C4534D38013D64A03, 11A6A914E8588DDFDE32D12A858BA8A31783B5DDB42C9E7FD0F237D57A437976 ] LavasoftTcpService C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
08:25:50.0242 0x2648 LavasoftTcpService - ok
08:25:50.0295 0x2648 [ 24881F16D2829764681F5FAE7B86D7D3, 290348CFAF3165847E4B53965D22E9D417EE20FFD23293B5C1855C57E6328599 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
08:25:50.0314 0x2648 lfsvc - ok
08:25:50.0327 0x2648 [ 6ED675774BDC3735AB6DA12D29F825CF, 4317C7CF491F4E806975E7A973CFF11CFEE9E94730DDABCC67C3D693691DDDE5 ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
08:25:50.0345 0x2648 LicenseManager - ok
08:25:50.0366 0x2648 [ DB789F57CE94C827FBFF709CA5ABD29E, 4CA4DD079A63649C36F76A31C4081F11F5CF6574AC573B63EF930DB19B1D1C95 ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
08:25:50.0388 0x2648 lltdio - ok
08:25:50.0421 0x2648 [ FECBC6C4981772E5D0F517B34A5496EE, 15DB097BFB221B91E580E5CD1DD6B34A9A2C78A1A6FCE4162A855BB4AFE673E9 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
08:25:50.0456 0x2648 lltdsvc - ok
08:25:50.0495 0x2648 [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver C:\WINDOWS\System32\drivers\LMDriver.sys
08:25:50.0509 0x2648 LMDriver - ok
08:25:50.0548 0x2648 [ 24C87BDC66AB192FEB273BEE5FD5AA38, BFAAE1F2450DEBD1A14877C046C6EBA91014DB0B5D0FB95EC14CB714B773B3C0 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
08:25:50.0579 0x2648 lmhosts - ok
08:25:50.0639 0x2648 [ FFDF8F07A900659CF927A273942926F8, BE27505B77404F18A0C1E57645211CC2D6CC83DEA60352A68B837E0E2D1847B5 ] LMSvc C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
08:25:50.0675 0x2648 LMSvc - ok
08:25:50.0718 0x2648 [ 3BB39166E446D456C277C17DFEA3DAC6, 1A08E1D017BBCE91E508D876835FA7AD2DA0859A8CFE8F8F31B4F12B48E2573D ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
08:25:50.0737 0x2648 LSI_SAS - ok
08:25:50.0748 0x2648 [ 25CF625E46307A5D6674C8DFA1A289AA, 1D00EB70B6B0157013A7C15EF194F51B8596612066EF31B337D8134D6BD0BBBE ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
08:25:50.0766 0x2648 LSI_SAS2i - ok
08:25:50.0783 0x2648 [ 722C52B12EA4C198D56994934C9DDAB6, 5F4AB818251C770821BAF41C19B1C483A31CCC28EB96F2084D4092E33EAF906B ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
08:25:50.0801 0x2648 LSI_SAS3i - ok
08:25:50.0816 0x2648 [ 3371FF1D5D745C3306C6A2C4E99C25A9, DD6F0099001501BAEDDF8411FBCD930BD6472662D209199249203CB2FDAA23FB ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
08:25:50.0833 0x2648 LSI_SSS - ok
08:25:50.0888 0x2648 [ E2EEF074F5260378F9AAFBCD592319A3, DC56674A08FA03FA7AF7DD8B3CC55D8324D1CB51546092A990A935FF9AB48A3C ] LSM C:\WINDOWS\System32\lsm.dll
08:25:50.0944 0x2648 LSM - ok
08:25:50.0962 0x2648 [ C692B9C0352315417CF49FFA664957A3, C2D4F9A936B809889F7C51FE48214A1923175913A6C5D0B72D3BA469214B5174 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
08:25:50.0993 0x2648 luafv - ok
08:25:51.0031 0x2648 [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] LVRS64 C:\WINDOWS\system32\DRIVERS\lvrs64.sys
08:25:51.0050 0x2648 LVRS64 - ok
08:25:51.0261 0x2648 [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64 C:\WINDOWS\system32\DRIVERS\lvuvc64.sys
08:25:51.0429 0x2648 LVUVC64 - ok
08:25:51.0477 0x2648 [ 6A4C75FD28F60062FEA3DF3B15D956C0, 4FC58F3320D33BDACCF759A50C623A3E58E4320749E6691B397DF0C8EAAA8A6F ] MapsBroker C:\WINDOWS\System32\moshost.dll
08:25:51.0499 0x2648 MapsBroker - ok
08:25:51.0532 0x2648 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
08:25:51.0542 0x2648 MBAMProtector - ok
08:25:51.0621 0x2648 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
08:25:51.0668 0x2648 MBAMService - ok
08:25:51.0692 0x2648 [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
08:25:51.0702 0x2648 MBAMWebAccessControl - ok
08:25:51.0743 0x2648 [ B2ED9A7A5587A128A0EFD0DBE7662E95, 63070AAFD44E3CD2A4B262DF27222B103455A4D8C2E45914502BFA03D84D32C9 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
08:25:51.0761 0x2648 megasas - ok
08:25:51.0797 0x2648 [ 083F71488E6780A67290273180256EA5, 5F43CE66F5A48850BABB70F4D219FDD002F9BC2B2F0E58E66FE2C492AA335E50 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
08:25:51.0834 0x2648 megasr - ok
08:25:51.0870 0x2648 [ 5907A10D46747A2B6DBFD6A198254DC2, 6C283E9DC75C7ABFD270D6FABBF4F54628A1786E7CE2F603BF664CBB9E4FE583 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
08:25:51.0911 0x2648 mlx4_bus - ok
08:25:51.0951 0x2648 [ 91ED6F0EDF4158D63C52194F17D4F42E, ACF543978E253650C167C6C370699AEA7340EBCECF7CAB904CBDD334D1BD6928 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
08:25:51.0976 0x2648 MMCSS - ok
08:25:51.0998 0x2648 [ 2C4CC9F6ADBED5A6D131FDB97A78FF68, 04DC76E3F0959C0A9B00DF2133B075194FB7DCBD76832B9D25B0E37223D300DC ] Modem C:\WINDOWS\system32\drivers\modem.sys
08:25:52.0035 0x2648 Modem - ok
08:25:52.0061 0x2648 [ D8DB13529C8AD6FBAF8E2F382024374F, 13025035C479E2EF76EDCB90D83BE65B4ADD9F7000AD31FEAD628D5DDFE69158 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
08:25:52.0090 0x2648 monitor - ok
08:25:52.0133 0x2648 [ 2DAAF1EE1C30F2FCF59851A64ADA0422, 08CD801E63E2862DE058CD732C3DB3D87B1A2898732365440E3F8919932E96FC ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
08:25:52.0161 0x2648 mouclass - ok
08:25:52.0178 0x2648 [ D30FE074503283829ED194BCAE6239C3, A3A127381ECC798417D01F6B8A1894EED7D71989047BC4D1D74D0E7C8394AD65 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
08:25:52.0208 0x2648 mouhid - ok
08:25:52.0257 0x2648 [ D5EC9413527B286CFEEB0294C53ABB95, B094C611F5A7E33D2F8667B2A4D6260E1D57BD135867F984EE5B674C7EE72B95 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
08:25:52.0329 0x2648 mountmgr - ok
08:25:52.0367 0x2648 [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:25:52.0394 0x2648 MozillaMaintenance - ok
08:25:52.0418 0x2648 [ 989A1BBD9C49B107B4A47D06E6827A69, 62D90B22AE13AC84324DFD5FEBA595813AD07469B7FEC41380CE223D93020CCA ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
08:25:52.0451 0x2648 mpsdrv - ok
08:25:52.0540 0x2648 [ A0DBB9386BEA8DA1A159C2A2E07081A3, 9D3F26005A76A72F9512F040D45C16124D17F8C8DA45C51FFAF74F066357D0A4 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
08:25:52.0752 0x2648 MpsSvc - ok
08:25:52.0818 0x2648 [ C1E74DD1D84861D8F12FF8BC0BA11975, 5912A0455C840F5C8AD6383823C9C7DE6FF8B5CAF1B72EA181864999891EAF30 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
08:25:52.0848 0x2648 MRxDAV - ok
08:25:52.0913 0x2648 [ 1DF2C5FD2710A13B07E663A12F0E0EEA, 8EBCA9269F52A5CF602F5DE2B0C2AB2BFD82F415465DBB74C73D43F321D9FD46 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:25:52.0968 0x2648 mrxsmb - ok
08:25:52.0993 0x2648 [ 185932B1149BD707F8A13174CDAB365B, BC26CB10DD6E81A94477564444E91F76D47E685E897BD77B9C1393F0D31AB718 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
08:25:53.0042 0x2648 mrxsmb10 - ok
08:25:53.0056 0x2648 [ 99E24D4DBACBC569833B9A67710D65E7, 93BC765E7B6E19E83AFF783DE8080A80A1D69A406B496F1E36C47AE6E86AFB76 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
08:25:53.0083 0x2648 mrxsmb20 - ok
08:25:53.0105 0x2648 [ 6F8BE4FB6262012E61BBADB5444628DC, E87489207AA48106C08E4BADDD8D66D14BC9DD6AD2A4CDD880BA655932CDDE60 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
08:25:53.0130 0x2648 MsBridge - ok
08:25:53.0179 0x2648 [ 283BDF3602F442336DAF242BDD07FB98, 185F046B6AA24FFD1567F00AA70357C82002FF627E329CEF9B926645A6DDB172 ] MSDTC C:\WINDOWS\System32\msdtc.exe
08:25:53.0220 0x2648 MSDTC - ok
08:25:53.0256 0x2648 [ 7C55F1751CAC199680D4489D1EE46544, 967EC8137D321F6139C3382D19A338FD97A3023EB654747AC57C2008BE4AF677 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
08:25:53.0302 0x2648 Msfs - ok
08:25:53.0335 0x2648 [ 988588C16A53C2581488C15FF18934BF, F021FD31163CB5C7012CF96EF642C5E551708C835039075268F4CBED002D441D ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
08:25:53.0362 0x2648 msgpiowin32 - ok
08:25:53.0388 0x2648 [ 09622DBC24D0178F15DB8461BB6970DF, C0B3F9B2219AAF87E417EE9FF54C64B8AD9944E101EA79B5DC81D99E8C2ECF30 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
08:25:53.0415 0x2648 mshidkmdf - ok
08:25:53.0433 0x2648 [ 34BB07495C0159BE4189841E16F3BC2F, 264B5735D9A68C85BEDE363D4C0AE1FCC381B39EA884B4BAEE185EB8A873184A ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
08:25:53.0461 0x2648 mshidumdf - ok
08:25:53.0481 0x2648 [ 7BF3F0DA362C053918F5F2EC43CE39E2, AA773FA3F83C0C572160D3D0286A697DC628FF4F3655EF21D01C6D1B7BE5DF1C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
08:25:53.0506 0x2648 msisadrv - ok
08:25:53.0550 0x2648 [ 669DA2006C0B9D882D2014617E1E88F5, 090F558818806CAEF6C81D369F8BFFE4A8240295EF37CAA7102A18F4CD20D868 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
08:25:53.0593 0x2648 MSiSCSI - ok
08:25:53.0602 0x2648 msiserver - ok
08:25:53.0626 0x2648 [ B2D0FD21FE67D6434769CC6F7A7883CA, B2368BD72952C6EE6DAF1AA006DF575A3019E4721BEFB108D3DF1B9E07B2BC5D ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:25:53.0643 0x2648 MSKSSRV - ok
08:25:53.0685 0x2648 [ FB3801F176376286A3F8F20FFB8CDC53, EEF89081665B9BBA93AE9F5912C40C1698E8BA8DBBCCC3BBE0BAB5A86B7E05D4 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
08:25:53.0710 0x2648 MsLldp - ok
08:25:53.0733 0x2648 [ 8CBDF0E7A6CD824352F37A682A33DF7E, 4567FF4C73648FF26EA68EAE2B524B767099789086C158875C97768C77B81359 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:25:53.0750 0x2648 MSPCLOCK - ok
08:25:53.0757 0x2648 [ 33E5B6261D69ACD4948A5C64B9D8F29F, 1D32340640312372E52E59AFB5DB872E6F9DFE3AC16B56F9D928AE230DA02B8A ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
08:25:53.0775 0x2648 MSPQM - ok
08:25:53.0836 0x2648 [ 557DF8C0DBBBF518AC395C6EB1B179AE, B294B5A7882C0C60D91FB853FC87505B6E7638D25E360FDAE002AEBB714ED471 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
08:25:53.0870 0x2648 MsRPC - ok
08:25:53.0890 0x2648 [ 0A29AFA668F5DD50482A98ECE70C77A7, 4C1F23B062361D97B1C8D864AB227E5F398F774A99B5E60A1149A4F78D5BEC20 ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
08:25:53.0905 0x2648 mssmbios - ok
08:25:53.0918 0x2648 [ 30CE30877FD5BFADE74FA27D7829BF89, B5EA1F8C91E75722DB1E3E2172C8607FEDBF35BDC4141258A3E6D29D8B0E193B ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
08:25:53.0935 0x2648 MSTEE - ok
08:25:53.0954 0x2648 [ 13D88C0B8A2FA001CD72D454955A6974, 19DD5C8BBD07B64F355737436BF702FFC209D84A8855D2224D3377E233D4BB34 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
08:25:53.0971 0x2648 MTConfig - ok
08:25:53.0982 0x2648 [ 00C7F0F06A0A48B9CDB6B3AC3BE288F0, BF469A2DDF495ACB9FEE9063C6680C95BCC8686682C9EDAE6D1893D4058E8AA6 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
08:25:54.0000 0x2648 Mup - ok
08:25:54.0028 0x2648 [ 8E237527CA260C71D39ED4081BDF3419, CA52DD174C756A404B1FAD3F2A70E50085C2820BF12369259F61DA649101A179 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
08:25:54.0044 0x2648 mvumis - ok
08:25:54.0107 0x2648 [ 48D0587A8302FD3302CFE6F59F7345B0, 26D48AF3F7FF4867E179347CD635055DEA9A751C6C61CE2C391A7F74FC0DC1DE ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
08:25:54.0151 0x2648 NativeWifiP - ok
08:25:54.0243 0x2648 [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
08:25:54.0302 0x2648 NAUpdate - ok
08:25:54.0357 0x2648 [ 11BE8117653C542D264788A700AC5BFE, 87EAAC2DF62BB26619DA72950F5EE41DCA1DBDF93F098647F9D200D588F14003 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
08:25:54.0401 0x2648 NcaSvc - ok
08:25:54.0442 0x2648 [ 286C6276B2BA86F29A0F687D05466277, AC8551536F37717A0ACE4A260F5696D1276F7AC62F669E8F12AA158DD86F71A5 ] NcbService C:\WINDOWS\System32\ncbservice.dll
08:25:54.0492 0x2648 NcbService - ok
08:25:54.0512 0x2648 [ C55DA734ED2A831E0BACAAFA01CEB7FF, 9D989B03D07BBAD287B317D238691664B0694331D6A69B7A1AA3D8AB7D1323FC ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
08:25:54.0566 0x2648 NcdAutoSetup - ok
08:25:54.0611 0x2648 [ CF8296427834CF8BBB3EE1444C17362D, 6EFBE1F015DFFA0704C66DF5C88089DD5771E1542018E4AE98389CFF3D0B2309 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
08:25:54.0639 0x2648 ndfltr - ok
08:25:54.0728 0x2648 [ 616F40B897DA651221F86A1741E9609B, 22D66029726313D92FC8E074BCC51C1E1560CB5FE36DCB735E7E063EA53E299A ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
08:25:54.0790 0x2648 NDIS - ok
08:25:54.0836 0x2648 [ A0719D1EBA971DFC5DF5F7CC010385F8, A982487D3A74E66F3C29AAA5B46CE9A0969F07F267DDEFE58C58573573AB0024 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
08:25:54.0856 0x2648 NdisCap - ok
08:25:54.0872 0x2648 [ 0C557932CCCC65AEB37326DD36504527, C0AF3066DEE4BCC32DB30CCC16B7A91442A8383BB36C7C4E3CC0A5EFE0FAAA9B ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
08:25:54.0899 0x2648 NdisImPlatform - ok
08:25:54.0912 0x2648 [ 56F9345D1945826135FBAB7589592B1F, 6BC2A5900076B917823C7392C582A2648D0C8000F2F65D309D5B48E36D4FB4D6 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:25:54.0933 0x2648 NdisTapi - ok
08:25:54.0973 0x2648 [ AADFC340939D99E5D756E713E1D452EB, EFEFDBB2188DE82C2C5E67929861B269FD4C127D34D1DE6D0596ABC33E2C2B51 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
08:25:54.0995 0x2648 Ndisuio - ok
08:25:55.0013 0x2648 [ 312DFD787D99D3BF1427B0388BC04F71, C082CA1F332AD57FF2100748518D3D7B3D0F1B042F69BD7401C44B77AFE97462 ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
08:25:55.0033 0x2648 NdisVirtualBus - ok
08:25:55.0060 0x2648 [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] NdisWan

Manuel476 02.12.2015 11:39
C:\WINDOWS\System32\drivers\ndiswan.sys
08:25:55.0095 0x2648 NdisWan - ok
08:25:55.0114 0x2648 [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:25:55.0143 0x2648 ndiswanlegacy - ok
08:25:55.0165 0x2648 [ 6E98F16983C4AE8703FF9F90AB4B31DD, BB8BD5DB4B5FB31F3A257747C27CBEFA4B7837EC5C0CF3D4F408E626E4003F4C ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
08:25:55.0188 0x2648 ndproxy - ok
08:25:55.0208 0x2648 [ F1B7CC77F412C8D45B2DDCF76EDA4F9D, 25F2AA76E675D9BCC0B1FD47AFEC6DF2D0B47E7B1C8AF6FB27C1ED2FB902961A ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
08:25:55.0230 0x2648 Ndu - ok
08:25:55.0251 0x2648 [ 824FDC990A3F79069BE468A132EB6888, D09F7A9EC04E37DA504CE54EEC25C312B407B6A8B214CBB074BEB50DE420F52A ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
08:25:55.0267 0x2648 NetBIOS - ok
08:25:55.0298 0x2648 [ F0D791348AD254360CC3C3E501CCB745, E4CAB4D3C2CD3169731283B00DEBFE26438BB66A3F0D78BDB68E876A14FC7070 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
08:25:55.0342 0x2648 NetBT - ok
08:25:55.0357 0x2648 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] Netlogon C:\WINDOWS\system32\lsass.exe
08:25:55.0375 0x2648 Netlogon - ok
08:25:55.0410 0x2648 [ 7C8A7380CBE45DFD3DF118D8601499A7, C137280B7696F8CF4258BDC8B241C66BB3AA5708C5410D85255E46C7E8284826 ] Netman C:\WINDOWS\System32\netman.dll
08:25:55.0446 0x2648 Netman - ok
08:25:55.0495 0x2648 [ BBE9D72EFC7BD66B28309C3607683DBA, FC372EFBC650CE0BDB117858D840A1FB361947B1C67D1DD16BABA95D0286856A ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
08:25:55.0545 0x2648 netprofm - ok
08:25:55.0579 0x2648 [ 5D046D71B18BEFB2E4D164C3DEEDD672, 536834D020889973854830919B23DF22CC1B27236AFAEDEBDF42D432CE48FCDE ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
08:25:55.0608 0x2648 NetSetupSvc - ok
08:25:55.0668 0x2648 [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:25:55.0697 0x2648 NetTcpPortSharing - ok
08:25:55.0744 0x2648 [ 46E862DA2CF8F351375EF537276B69B5, AC0FE0977E56380849DCE668AC0F5AF183AAB115ED84ADD964E390CC0BEDF6D3 ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
08:25:55.0779 0x2648 netvsc - ok
08:25:55.0845 0x2648 [ 88CE4AC85F36B6347C1D820FA373B998, E10B5DF8883928A2062FC6180DE4CF0DE33C68622C2E3E4E1AFC56A0682F8E75 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
08:25:55.0896 0x2648 NgcCtnrSvc - ok
08:25:55.0912 0x2648 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] NgcSvc C:\WINDOWS\system32\lsass.exe
08:25:55.0930 0x2648 NgcSvc - ok
08:25:55.0979 0x2648 [ EEECC4C67144A39BA5B9B6E351932606, C3CB9042D00559893EA37969898840D3D437703E6B13BCF21253AB40F6071446 ] NIWinCDEmu C:\WINDOWS\System32\drivers\NIWinCDEmu.sys
08:25:55.0991 0x2648 NIWinCDEmu - ok
08:25:56.0037 0x2648 [ EA1C2DAB8A63712B94897A58557B086C, 98DD7E5C84F3CDF2DAA89484892D6B439F5D14297B5243436925BEEAA0C02EE1 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
08:25:56.0087 0x2648 NlaSvc - ok
08:25:56.0272 0x2648 [ 4CA6E1F6A83D74A86850726475DC4462, 9BF8D917141A5736E72A9F51F827D24393509896E866F43FFB079F5BF8EF3F81 ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
08:25:56.0426 0x2648 NOBU - ok
08:25:56.0466 0x2648 [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf C:\WINDOWS\system32\drivers\npf.sys
08:25:56.0474 0x2648 npf - ok
08:25:56.0497 0x2648 [ 41557BE174E9EC6AC703A8A4ADBC6650, 8CF6DF3FDC3C7C44B32851538A67BF86A54AB6444A424D7A20B7A9A94B4158D8 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
08:25:56.0517 0x2648 Npfs - ok
08:25:56.0530 0x2648 [ AC3F70FCFBCE97AA2F12BA43EE13B86E, D0AC50FB022C0F3031531CEE210D47FC3244C6FB55FAAD4AAB04081F0A21DAE4 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
08:25:56.0547 0x2648 npsvctrig - ok
08:25:56.0591 0x2648 [ 0AF4872D3D6FD3A030E836DAC2B3EF2D, 03EE7B6FAFC0BB5C26793BC5FF8BD1019AC96B3104688009C1E062C3F4F34D6D ] nsi C:\WINDOWS\system32\nsisvc.dll
08:25:56.0625 0x2648 nsi - ok
08:25:56.0666 0x2648 [ 66A98C407085B8920DF1E6D722F1ADB8, 3FE307E4A9E41B08E0453507E50D6D0C67FA6F4245A863D90181463C749C83B5 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
08:25:56.0697 0x2648 nsiproxy - ok
08:25:56.0840 0x2648 [ 466EC5659C02ED53DBD47DC1BC2B8086, 1F35DE75386F7D029C01D67B09D5E5157141C6892858885C11972CE73D6078AC ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
08:25:56.0935 0x2648 NTFS - ok
08:25:56.0964 0x2648 [ 383E546EF4982262A0EF6CC2B6E9D525, 3C6C90B62E8EB094E6928C388E5081A3F73DF87B0F34F716B72EA7B6EF71FBB7 ] Null C:\WINDOWS\system32\drivers\Null.sys
08:25:56.0981 0x2648 Null - ok
08:25:57.0003 0x2648 [ 466F875F1D4C6ABB46AF28007009237C, 26F5A5579737A7CF2267F79DDE5A551149C682D5FD24663B53FCEC5AA6B448CE ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
08:25:57.0023 0x2648 nvraid - ok
08:25:57.0040 0x2648 [ 76F19EAE7A52CBAF7B8EC428BE6E0DA0, CF1E55D92FA32744A20AB75D466A3E05E6FACF4694F9265C41F5C27C1E7243DC ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
08:25:57.0062 0x2648 nvstor - ok
08:25:57.0086 0x2648 [ 0D0CB77D74B38E0EC62341C19E469D8D, A05D3CC67FEEB2FD219BFAA34BF98CB3F3718042124AF28F0E9FDFB9F132DD76 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
08:25:57.0105 0x2648 nv_agp - ok
08:25:57.0148 0x2648 [ EA3FFE8617B9FCA1620AD9876E92F4F1, 68D5143CA71D10A2BB44E29B3C76580596669D0624076BCF6CCBA7AF3140538E ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
08:25:57.0186 0x2648 OneSyncSvc - ok
08:25:57.0289 0x2648 [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
08:25:57.0324 0x2648 p2pimsvc - ok
08:25:57.0358 0x2648 [ 3612CE3432E0A2BE0081E6B488ACF84C, F1A641735FD374CA293FB98FADA2C41E2033B17FECCA3B6D225D0E591AFFF413 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
08:25:57.0399 0x2648 p2psvc - ok
08:25:57.0424 0x2648 [ 38F1AE32339731F6E5A7281AE8042545, 308954518C45D29FC199525F0CC7FE4EA805322EC0B871DDDCBEEC15355514C8 ] Parport C:\WINDOWS\System32\drivers\parport.sys
08:25:57.0445 0x2648 Parport - ok
08:25:57.0482 0x2648 [ 707889D2F95AAE8C9DD254D8767AD908, BE7BD94728D7629F8B7567523FFB42B8979941CEA2EA03E11BFCD51CF119FC27 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
08:25:57.0512 0x2648 partmgr - ok
08:25:57.0547 0x2648 [ A09B0D8F9F0FC17EBCE6481AC9FD5CDF, 8E8D68992D98CF3DBC4B70C7902B3EC28A1E2DA8D4DB38F0AD9D52B1A5A1D40F ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
08:25:57.0583 0x2648 PcaSvc - ok
08:25:57.0638 0x2648 [ 2834089EA4E550FF3B96E61FB4AA34ED, D25DAB47F9778675E984E0738D2014024C2758D52D7E071167A12FF466B7898E ] pci C:\WINDOWS\system32\drivers\pci.sys
08:25:57.0676 0x2648 pci - ok
08:25:57.0698 0x2648 [ 3D587E4295B11B8480F7ACB09A89D718, 8C3BD62B3451E1B2E7197EDAE381785406DF86C03BEEC486602C642FDD37DBC1 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
08:25:57.0714 0x2648 pciide - ok
08:25:57.0763 0x2648 [ B8F07002B5F1DA23CFF979C2806B09F3, AD5C589A02BB8185AA070420BF30E78BC8BE3C6F9B0F66319A8CA05B70A5ED32 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
08:25:57.0794 0x2648 pcmcia - ok
08:25:57.0812 0x2648 [ FF588077D0C6AC2EA3FCBF1903CE08D0, 64BE1646FB6D8CC902B6F386255F7C0420E3C334E14DECD527DD541B43A1DCD6 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
08:25:57.0840 0x2648 pcw - ok
08:25:57.0866 0x2648 [ 70469C8AC4AD367295E70CFDD81B754C, 3EC6FD742C7C60363939E5343477810D751D91D32A2F24285976C08A7C4477AB ] pdc C:\WINDOWS\system32\drivers\pdc.sys
08:25:57.0886 0x2648 pdc - ok
08:25:57.0958 0x2648 [ 688F47C342E1BBC87A48AB71D316233E, CE99AB67C7E7A11AC69C2F4513AEBDACA385BA7F8CC49BE6313CE04ED404A0E7 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
08:25:58.0039 0x2648 PEAUTH - ok
08:25:58.0065 0x2648 [ 189265498945593D5256CFF7FEBB9665, 9CB88CC3C726BFE6EDCE8D9E4544306AACD3FB9E969E3A438D9FD533F25C1281 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
08:25:58.0085 0x2648 percsas2i - ok
08:25:58.0126 0x2648 [ 9B86965114F6831A5130EFE6657B17D9, 4C5B657DB9A9F96BFD3EAFA756ED60D911EB58857C439F5FA6E495A473ED1145 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
08:25:58.0145 0x2648 percsas3i - ok
08:25:58.0290 0x2648 [ 8A5A52C855FB5BFEF019AE9938AEA8AE, 77CB8A09B209DB5895319BA9D073A67148926E22C47836343050DFC178AFAEEE ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
08:25:58.0324 0x2648 PerfHost - ok
08:25:58.0369 0x2648 [ 839BD56425530973FF3F6F7C0057CD22, 9BADF39BC4628409CFCD5F1300C6040C49B2ED72D0FA389C6BB042E5B17E1A40 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
08:25:58.0404 0x2648 PimIndexMaintenanceSvc - ok
08:25:58.0521 0x2648 [ 82FDEC2A262728F62F2111A84CC04B16, A1FCE38D4F55F10BB9B3BFB7D9E3EF7C27D499D9C8882218C8A9A73487798188 ] pla C:\WINDOWS\system32\pla.dll
08:25:58.0626 0x2648 pla - ok
08:25:58.0672 0x2648 [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
08:25:58.0705 0x2648 PlugPlay - ok
08:25:58.0729 0x2648 [ F1E9C35A8DFD4D64382CFB9019A950F9, 24E0381C6909F9876D6DC4697DC6405FE18DF91531891B2CCA6DB0191B9C6DF4 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
08:25:58.0748 0x2648 PNRPAutoReg - ok
08:25:58.0776 0x2648 [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
08:25:58.0811 0x2648 PNRPsvc - ok
08:25:58.0856 0x2648 [ 62C0BD179961132EF2C5B952210C11F5, 2473FBB3619D0DDA229D4BEC30CEFE7497C27ED3844A5B7655F6F2D328FEAF61 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
08:25:58.0908 0x2648 PolicyAgent - ok
08:25:58.0931 0x2648 [ 6390391EDFC43DD11CE9E6AADCAC20EA, C8BC222FFBB9E47489D16BB5248E0E2E594011C46CFF71F5DBCC4D5CC6788098 ] Power C:\WINDOWS\system32\umpo.dll
08:25:58.0954 0x2648 Power - ok
08:25:58.0990 0x2648 [ 1433EB7908E5E1E20FFD50E4126C3484, 34D81680C8F2F2C5892FC0E0A6DFCBB241AFF493267A1FE182ED28AE9F712456 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
08:25:59.0015 0x2648 PptpMiniport - ok
08:25:59.0203 0x2648 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
08:25:59.0394 0x2648 PrintNotify - ok
08:25:59.0447 0x2648 [ 22DE54C3974E4FD98F61D095C22C59B7, 64E78D6DEC4A28ABB0A23F2CF078459D81796EC79235AE45976ABB4F72B1D1E6 ] Processor C:\WINDOWS\System32\drivers\processr.sys
08:25:59.0468 0x2648 Processor - ok
08:25:59.0509 0x2648 [ 27D0B024BB356C6BEB1214B61E47DE02, 8CBDD62E243CC652F2197AE83DEDD21D91D2792558A6D7D1CC680B37607DEF4B ] ProfSvc C:\WINDOWS\system32\profsvc.dll
08:25:59.0546 0x2648 ProfSvc - ok
08:25:59.0573 0x2648 [ EDD52C352CBAAAD13FD7BD5DCEA309B3, EC7D294B23FD5C309E5C4C455896937B85DC615E1B36C9F8F3BDC90E75EBF9CF ] Psched C:\WINDOWS\system32\drivers\pacer.sys
08:25:59.0593 0x2648 Psched - ok
08:25:59.0646 0x2648 [ DD3FF2053356D11C785999BBC633F3E0, E9A5B7C657F4523E5DEF7AEE7ECFCC94E911FC65F1D491BEF01239F357B8D8E0 ] QWAVE C:\WINDOWS\system32\qwave.dll
08:25:59.0687 0x2648 QWAVE - ok
08:25:59.0729 0x2648 [ 51590F442C6E5D43244BA30DDB0CE79D, 9C7FD0A19753C13FD4A27EBFD60703A2414D5A2F6F451F0B32769C8D7C953980 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
08:25:59.0760 0x2648 QWAVEdrv - ok
08:25:59.0791 0x2648 [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim C:\WINDOWS\System32\drivers\RadioShim.sys
08:25:59.0804 0x2648 RadioShim - ok
08:25:59.0841 0x2648 [ E951E70019865B06126AF850BCCA2026, C590DE38C7603149AFA0271D57EEBAF956F18F50584FCF04BC2C8D8CEC5C5932 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:25:59.0875 0x2648 RasAcd - ok
08:25:59.0916 0x2648 [ 0BF8607133AE264BC3C41A5BAA5FFB7B, 9A4F6AC6013AB5C2A99BCFC2CCF161DD225DE8D85D61579655ADBF04A4383A61 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
08:25:59.0960 0x2648 RasAgileVpn - ok
08:26:00.0008 0x2648 [ FE0976379F9E7DB6F7945FCEB88C7E29, BA331CE55C02E86478714DA87FAC547B50D53BC7D02BCA5A64D484DED44BFAA5 ] RasAuto C:\WINDOWS\System32\rasauto.dll
08:26:00.0055 0x2648 RasAuto - ok
08:26:00.0084 0x2648 [ CA60F6C03611AF1710BC903ED9F566FB, B5C9E8BAC631738761E11168AB68EB1ECC5EC96BF9A8248B9127DCF744CA4691 ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
08:26:00.0123 0x2648 Rasl2tp - ok
08:26:00.0165 0x2648 [ 586A17C10D417D889F1FF7D8636E2F34, EEDA4EE8D2BC5C8C7756AB79F1F19AF8B1C4057996748FAE4E3F37844DB0EB33 ] RasMan C:\WINDOWS\System32\rasmans.dll
08:26:00.0221 0x2648 RasMan - ok
08:26:00.0246 0x2648 [ E5FA41160F5A3D78D8F7765E5C5F6BB0, 31BA423FFFC3206717DC34B482149421EE28B27A4A3BA2DC78C3B3A9EE0C1365 ] RasPppoe C:\WINDOWS\System32\drivers\raspppoe.sys
08:26:00.0270 0x2648 RasPppoe - ok
08:26:00.0288 0x2648 [ DF0834AE921E633E05D1FDC55C318957, 851A00961224DACBEF9DA427122F6B4B73BB99849D5ECB55DBBD311B2EA84C33 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
08:26:00.0311 0x2648 RasSstp - ok
08:26:00.0345 0x2648 [ FC9B7AC6E2B837EF7CD6C64F7068D41D, 9B0DD842033E82BC7EE80416A62B084BF5200923EB7A6C80415BB28004E9B5E3 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:26:00.0384 0x2648 rdbss - ok
08:26:00.0405 0x2648 [ FB7375657F8A5932C35EAA45E9B4B416, 99594708BFD6DC9F8CECBF092058D4D0D4F1BC3204E86F9FDAD5207ED5ECF194 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
08:26:00.0423 0x2648 rdpbus - ok
08:26:00.0449 0x2648 [ A32AED8C644734B283A7C9D08D76064D, A12F67C57E43B6A2FE6449EA3822B1108FE70C66AF9911798777F85D760E384C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
08:26:00.0474 0x2648 RDPDR - ok
08:26:00.0515 0x2648 [ 37CC7E41243EFBB4FBC0510E5CA32A02, 634E2F81D61F937F30E5ECE01FB581E090C6DA073EF7B1A3F6083ECAF363CB46 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
08:26:00.0531 0x2648 RdpVideoMiniport - ok
08:26:00.0589 0x2648 [ DAF957B25A35757E9D814611FAE8FE3B, 5244A427B2DEB5349B9F336A4A39A6834A6E8118A8EDA00738C6CE09F2452C24 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
08:26:00.0628 0x2648 rdyboost - ok
08:26:00.0701 0x2648 [ 2C72E029C153D25325CA182A669E4ADE, 5CE0E04A6B53A1F11E8159DFD1E59F2AE6631E3B5BD27BAAEC4A35BC02A55722 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
08:26:00.0752 0x2648 ReFSv1 - ok
08:26:00.0828 0x2648 [ BABEE4A896D005BD0D205F1C932DA25E, 269FDF65BE3A226FA2A5CA25085366E32ADAD30A020484FE844962E8C61CB1D2 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
08:26:00.0880 0x2648 RemoteAccess - ok
08:26:00.0931 0x2648 [ 066062967A77867BDCF665960EFDAD32, 68143DBDFA7C68786C22F5CC4E80200255C663A844069C080E7816F423ABB1F4 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
08:26:00.0977 0x2648 RemoteRegistry - ok
08:26:01.0034 0x2648 [ DF84555A734BA2BDA55BCCCC47095ADD, 639814A7F5B758792FE6D84E3FF312F9CE9DACB21B93EA43394DC7A04526CB81 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
08:26:01.0105 0x2648 RetailDemo - ok
08:26:01.0127 0x2648 [ 67E83C0C9A2B5ACEE9EF690E6B7E9189, 63D2A73B2031B52C66EF0455393BF05C55F9F7B0B9E48C54A39E547D46E090F6 ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
08:26:01.0151 0x2648 RFCOMM - ok
08:26:01.0200 0x2648 [ 6451FE42C35FDE3862D99579444F4A8F, BD56A1120AACF6143E6EB739E12BEE86DF142F1159865608BDF1BBE54B66AFCE ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
08:26:01.0234 0x2648 RpcEptMapper - ok
08:26:01.0270 0x2648 [ F24131EAD1D0B73463052BB042A37B6C, 43B5772310B200DF1914C8E4D10401A0BCE9082BDEAC34736AFB2920B39D7956 ] RpcLocator C:\WINDOWS\system32\locator.exe
08:26:01.0289 0x2648 RpcLocator - ok
08:26:01.0338 0x2648 [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] RpcSs C:\WINDOWS\system32\rpcss.dll
08:26:01.0402 0x2648 RpcSs - ok
08:26:01.0447 0x2648 [ DC66C1D262D64E30A30B68E9F21AC74B, A5ED3D31BCD68DBC00A956787517ACA167C86F5FFDAF7C9A85505FA2B705C6CB ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
08:26:01.0489 0x2648 rspndr - ok
08:26:01.0513 0x2648 [ 88F7703F2A4677C828124AE2110D3EBC, 529F6A5815806F2EA2235802BD28AF8D7A40E7799356BD3EC337C9E71B6B53E6 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
08:26:01.0543 0x2648 s3cap - ok
08:26:01.0571 0x2648 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] SamSs C:\WINDOWS\system32\lsass.exe
08:26:01.0601 0x2648 SamSs - ok
08:26:01.0646 0x2648 [ B467E932FE4E16E201DC7E56870CB559, 6FCE9A2DFC5D222BBEA4AA271A17B830FCF8EAE44B07BEE5FF34AE50CABCBB6A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
08:26:01.0676 0x2648 sbp2port - ok
08:26:01.0731 0x2648 [ 3E115C63649402D321D396F8D606C9B0, F4BA7FE0E89D563A57B6865E4CF1334998987D11A0D70FF7491726A507B40DF4 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
08:26:01.0784 0x2648 SCardSvr - ok
08:26:01.0808 0x2648 [ 67EFFD3D1BB6D2B67DF7F8FDCB1A51FC, DE41539FAC730F5CFF6C8754ECFF1253AFDC1C86743AE71B61D716B7A84E85FD ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
08:26:01.0841 0x2648 ScDeviceEnum - ok
08:26:01.0894 0x2648 [ 31DDA0716EC265CA57DAF9D2295FD76F, E6F39C1B3CF81918277DB8C6E3DF9A82812E1C9063DEB1FB85FE433DC9A16CBA ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
08:26:01.0937 0x2648 scfilter - ok
08:26:02.0028 0x2648 [ 1BFAC03B6422E878EFCDA934BF4C4823, 0BA537A4B9E8020E6B709A44F1382DB3B41CEF631B847201F812152FEB303CD3 ] Schedule C:\WINDOWS\system32\schedsvc.dll
08:26:02.0151 0x2648 Schedule - ok
08:26:02.0203 0x2648 [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
08:26:02.0255 0x2648 SCPolicySvc - ok
08:26:02.0290 0x2648 [ 004C66464D8FE76D5DA78BE6777D61AF, 58B5C436798EEBBE7081D54B55B70DEB15331856802CD45E3FF8BDE794F06A27 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
08:26:02.0315 0x2648 sdbus - ok
08:26:02.0359 0x2648 [ A906C527B838A4922611C63EBD250F91, 6BB0054A9C2408138BDF49D834FF99B5B9764E7747ABC15016F54FBA1D28394F ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
08:26:02.0396 0x2648 SDRSVC - ok
08:26:02.0440 0x2648 [ F4BF50A7D16A97A887BFA0F193693C42, EEBF5AAC149C72F490BAC954B25BB6882B10FC38F93CA4F4829A06702B1ECEF9 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
08:26:02.0470 0x2648 sdstor - ok
08:26:02.0481 0x2648 SearchProtectionService - ok
08:26:02.0498 0x2648 [ 648A299839E8F48A946C41DE270D28F5, EEC9A5FCBE3FF78FB5E0452FF1932A8B0C7399688041E22555703CB1977A4428 ] seclogon C:\WINDOWS\system32\seclogon.dll
08:26:02.0534 0x2648 seclogon - ok
08:26:02.0563 0x2648 [ 29452A9DA3E3482F0C2963312F979053, E1782D36C336C4B4C261AD665C1E9051905AA86020E08FC94069972AF4C4DB4B ] SENS C:\WINDOWS\System32\sens.dll
08:26:02.0604 0x2648 SENS - ok
08:26:02.0625 0x1d08 Object required for P2P: [ 6300722E8527EC54D426FD00EE5196B2 ] Audiosrv
08:26:02.0686 0x2648 [ 919BA7E3054E4F1D61A3524ADCE6A970, 3C382673DF5AF2F38A5AE4A268F5856B0CC9E65D52213DE6D2C06E252753B73C ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
08:26:02.0761 0x2648 SensorDataService - ok
08:26:02.0812 0x2648 [ 01C2EEA7870FE26A4A6CCBA5421CC7E5, 9E643AB6BCBECE4F2A5FD4C96547A4E3F2BDFEFC5FE24B802467718EC69929F8 ] SensorService C:\WINDOWS\system32\SensorService.dll
08:26:02.0842 0x2648 SensorService - ok
08:26:02.0868 0x2648 [ D2FEE824B4AA0BE377F1353E5F915BF4, 00D754C62F3482BBD0EA72C896139C39D15192B2D9FCC7B755D1FB9DF9FCFD9B ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
08:26:02.0895 0x2648 SensrSvc - ok
08:26:02.0916 0x2648 [ 9DB0BBE3ABE1F49651AE51EC5BCABE58, 0B46C1F231F41766AB73EE7E9834D3CDACA602D12E702D9277E28B47417D9CA4 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
08:26:02.0933 0x2648 SerCx - ok
08:26:02.0974 0x2648 [ C4AF79C37334D995D95C22C14FDBF7FD, 4D4985921261909F2123467A22EDB102B490710F60AB935624435E5BB808A0E9 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
08:26:03.0005 0x2648 SerCx2 - ok
08:26:03.0027 0x2648 [ FC541A272F47BE03E67A9FCB87FA8C3E, 730A3616FD67E9F2832442144B2655A8EF78B9AFCB204113E73E257256491354 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
08:26:03.0046 0x2648 Serenum - ok
08:26:03.0087 0x2648 [ 2A5F5F95FCA123DCBF53B5F603B64789, DE5C9E1D88B2C180B137DA7839F3EF6C936A171ABA49F89C10EE9C73A2226F3F ] Serial C:\WINDOWS\System32\drivers\serial.sys
08:26:03.0122 0x2648 Serial - ok
08:26:03.0143 0x2648 [ C8738887228B7BFA3B1A906816A8BB12, 328283569201791891D5E9FB3028DB5B9FD93A7BEFC00C7DEBC2CC5731DE64D5 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
08:26:03.0163 0x2648 sermouse - ok
08:26:03.0214 0x2648 [ B1CB58853153397DFFA2D13A81451D09, CC9B3B064711E9B5CB38DC1C84DC410033939848BD31BB0D12F990E8154F357E ] SessionEnv C:\WINDOWS\system32\sessenv.dll
08:26:03.0265 0x2648 SessionEnv - ok
08:26:03.0282 0x2648 [ 67832B68752CDF7FDE56949E4A2E70BF, A72320EA8575A751DF86A1EE7969AD9D548D6185F2520197262E11B79FF8222B ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
08:26:03.0300 0x2648 sfloppy - ok
08:26:03.0365 0x2648 [ F10E5536E1C753E01CF19FA4F466CE90, C9897F22B176D84CA233F864078895E3DAD4DAD090FACBB01BD6E59EE337B47C ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
08:26:03.0419 0x2648 SharedAccess - ok
08:26:03.0505 0x2648 [ 4AC12D495B3CB4275F74C68A7A017561, DC53EBD606ECCD8BCF6D618C0EB58B03F5C20F09E0F0AEDE9B8082D6B208B19A ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
08:26:03.0572 0x2648 ShellHWDetection - ok
08:26:03.0617 0x2648 [ ED058030296CF9B79C8D48BF43724323, 01DC7C2590DF48116CD1A126F207FE5DE439A53286BAE3736E22EE3D1CA80BE3 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
08:26:03.0632 0x2648 SiSRaid2 - ok
08:26:03.0655 0x2648 [ 633D3D1581E9DCCD5A2D8F039104C9A5, C44B5097016C2AEC8B41F77425FE44413562F9DCF0C0C11CA69D8178970B4706 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
08:26:03.0674 0x2648 SiSRaid4 - ok
08:26:03.0711 0x2648 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
08:26:03.0734 0x2648 SkypeUpdate - ok
08:26:03.0762 0x2648 [ 95068B5B640DBE9EDB83EE74B3823B4A, 4F34BCFFEAE1CC7D3C02A0E8D5FCE207A397451DBF32A56612507C2C01109EFF ] SmbDrv C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys
08:26:03.0773 0x2648 SmbDrv - ok
08:26:03.0818 0x2648 [ 35B8FC714C2E7F07F7DC7C64452153F8, 6D45EB01B5F972ED0E5520E771F007FFEE892054FABDB3DD00D3E9915D3A0A31 ] smphost C:\WINDOWS\System32\smphost.dll
08:26:03.0861 0x2648 smphost - ok
08:26:03.0929 0x2648 [ DE3A5C27EC842A113F68A2705FF63B00, B134EF63708A892B673B539F544F7980FF72838D822E8E4CCDDB359B22CB8805 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
08:26:03.0996 0x2648 SmsRouter - ok
08:26:04.0041 0x2648 [ CD1056818A6FCEF4D32BD1D6E34070D5, F5BFB61ACB220A73B0DC4487B049F52E9F9FA2D4188C001E7A5838D47CEA6343 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
08:26:04.0072 0x2648 SNMPTRAP - ok
08:26:04.0131 0x2648 [ 187B4AD4446C59F8FCC4A10F473EE3D1, 0AAD961B3D7B3484DC89CB86F3EC96CEBFABB7224A5BFB48083DE8F1805EA7B4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
08:26:04.0167 0x2648 spaceport - ok
08:26:04.0193 0x2648 [ 2799FCA215919FDC9A87C5FCAB530828, BDE968BF26693AA4D70AB669896BCA49C6F533EA226386B35B0EA589A55227B5 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
08:26:04.0211 0x2648 SpbCx - ok
08:26:04.0255 0x2648 [ 58C17D92AD61EC7A98B05F4FAD0D205A, B881134A1BD9194145A9D18BDB34D57E2C167F06C2A9368459D0C33E6E0D6501 ] Spooler C:\WINDOWS\System32\spoolsv.exe
08:26:04.0316 0x2648 Spooler - ok
08:26:04.0577 0x2648 [ 5C31E109943E67CFC801810C00AB63EE, 9A80D7CDA1135EBCE10E753986A59CFA3D8D49F9B0BE38FDF99880B1DD88C41D ] sppsvc C:\WINDOWS\system32\sppsvc.exe
08:26:04.0856 0x2648 sppsvc - ok
08:26:04.0893 0x2648 [ AA1F23501511EFE9CF9771F6B20E8D45, E786852D9877CCFD35444F8FC694467132F868D87A8C344FD1016FFDE74695A5 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
08:26:04.0931 0x2648 srv - ok
08:26:04.0970 0x2648 [ F5B169EDF9D5E3C7200D89D30E065D13, 12BAF3A3CB76F0900FA53681C9AD16F40308F493BA22C0F60E1E268D0D6AF825 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
08:26:05.0021 0x2648 srv2 - ok
08:26:05.0037 0x2648 [ 2E142E027F0AA698BA4DCE49CBDB43CD, A21027BBBC75A55A8B302D028113A0683016E4C72790A8C561DDB1AE7FDB4289 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
08:26:05.0062 0x1d08 Object send P2P result: true
08:26:05.0066 0x2648 srvnet - ok
08:26:05.0129 0x2648 [ BF71B3FB5B7557CB740CDB09C5FB50D9, D6F9E65FDC9C4ADAFE82D94F71A1F5960DB3BEEBF4FE5B2D087515C4FAA5F287 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
08:26:05.0182 0x2648 SSDPSRV - ok
08:26:05.0223 0x2648 [ EF1BC04215C201ADA3F7F5A2F034EA21, E1A7A0FA2032B9E7D3951100E74C04D93CD848C88D23D57FBA0BFA2816B29C61 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
08:26:05.0255 0x2648 SstpSvc - ok
08:26:05.0288 0x2648 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
08:26:05.0303 0x2648 ssudmdm - ok
08:26:05.0422 0x2648 [ 78760751FBCB900F6F68CA1700DAE2DC, 356914797056B11745E18ECD033B8DC801C3C3DD6C5127FCD430A02C4FDD34A9 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
08:26:05.0579 0x2648 StateRepository - ok
08:26:05.0617 0x2648 [ DDE064A4298FD1FBF804D3ED691E7EDB, B0D117B1FC0DA2CB76F5F63699E2F108930B6C6721AC443111D48215ED624278 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
08:26:05.0632 0x2648 stexstor - ok
08:26:05.0706 0x2648 [ 60F04DF1AB55D6D4BDA02052DD20537E, 52996EDF2C06968DADC9BDF24E4039929B81643493C7193B8CC4A6BD1A3AE761 ] stisvc C:\WINDOWS\System32\wiaservc.dll
08:26:05.0759 0x2648 stisvc - ok
08:26:05.0781 0x2648 [ 32C95F44108C3E7DB58F773346E3C9D0, F852D8ECA06080EA6DE1A90509071965A750D9CFC9627F0D4DB8ECC57133B0B5 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
08:26:05.0801 0x2648 storahci - ok
08:26:05.0821 0x2648 [ 8883C8CE4942A99B84E1CC6EFA19738E, 60C1CDA4382F8EE70D810DBB1BCAF5F389433563FF23EEB84859612F396D8CE6 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
08:26:05.0837 0x2648 storflt - ok
08:26:05.0878 0x2648 [ AE7B7E1E95BFB9340B1956C98CA52C81, 3E0214A0C486C1CD05D9BC57E58A998A3CEADDC1D24AE2A75098F56B37069160 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
08:26:05.0908 0x2648 stornvme - ok
08:26:05.0930 0x2648 [ 63513EF3121689B3A59BD217618A2E42, DE9B89732801DEC60BD116D58CFB427F7E37F093BE8A9F6E0CAC729B5346B314 ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
08:26:05.0949 0x2648 storqosflt - ok
08:26:05.0997 0x2648 [ CC96FF061C772340F2ED89ABBA567ADC, 028CD44405B7FAFC7BF331DD729E44E0594A63386F48CF39D7725A58B3DE22D6 ] StorSvc C:\WINDOWS\system32\storsvc.dll
08:26:06.0036 0x2648 StorSvc - ok
08:26:06.0057 0x2648 [ 000F5CFCEF0F06DC8FD1D2F568E48AE4, C1FE485E57A1B912CE79556E0EFF03CC11362E7966D250E3AA4962DCCB8F8EE6 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
08:26:06.0073 0x2648 storufs - ok
08:26:06.0092 0x2648 [ 7415087F9006D6818F85F3CBD79B1A50, C768EBB2263375D285D689FEEF546147D42D7376977424A4D6FD655CC78EA7CD ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
08:26:06.0108 0x2648 storvsc - ok
08:26:06.0139 0x2648 [ E49858EA5865A015EB78B7F7C1C07DE2, 1ADBBAC2D2E2E3C40AB0BDDE068001E76A8DAB79C54F06479F7A4567DAD7A7A8 ] svsvc C:\WINDOWS\system32\svsvc.dll
08:26:06.0165 0x2648 svsvc - ok
08:26:06.0275 0x2648 [ 802278EE4ACCE9EA1F1481DF20EB1667, E78F0DA2CA0B2C2DF3B7E3B2A22C03380FE649813EE6EB31067C5FB6727DB7BD ] swenum C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys
08:26:06.0302 0x2648 swenum - ok
08:26:06.0348 0x2648 [ 313D2C0DBA0B23A8302254FD317D2EC8, 20B98D6F33FEC7ACBCEED9757A3FEAD837FA7BA378BA25575A33EA45E076FC6B ] swprv C:\WINDOWS\System32\swprv.dll
08:26:06.0402 0x2648 swprv - ok
08:26:06.0446 0x2648 [ 12D0CB1DCAE6725B6CA54CC2038C4C8C, 7D224298E440B8C5FDD99A52485A6245DE5109C9A02E65AD38F1EC6DBF4AEEF2 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
08:26:06.0478 0x2648 Synth3dVsc - ok
08:26:06.0542 0x2648 [ 1C3F9491A1880C43F95A6F675736BF85, 15B47D3583400B8F8A10483B0E0B0228723F8E95750FADE0CACA64BAB48D8C97 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
08:26:06.0573 0x2648 SynTP - ok
08:26:06.0692 0x2648 [ E1415A51EFD0FB87649954C76BEE32D9, F65B35DE88351CEA4A0DD9CC76EB50EE777F323C4D15EEFCA43321CA4C525FBC ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
08:26:06.0728 0x2648 SynTPEnhService - ok
08:26:06.0829 0x2648 [ D5B31B2F14848015C211F1D674A82F3A, 58C18254C817693DB727090D1CC518032B3A67C5B3FC7F2F8CE4613A33790CFA ] SysMain C:\WINDOWS\system32\sysmain.dll
08:26:06.0911 0x2648 SysMain - ok
08:26:06.0960 0x2648 [ D5AAA188C70146977CFEE8D128599F3F, 9ABC30982E552EAF41FE84397EEEE5A3187444062C662D7CF35A03E3B274AFB8 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
08:26:06.0999 0x2648 SystemEventsBroker - ok
08:26:07.0040 0x2648 [ 95875059929EF91B55EA612D7967DD3D, 5F734209C8C9725376F7C146ED84999CC6D019C4C10B1795F53E72BE8853E2DD ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
08:26:07.0078 0x2648 TabletInputService - ok
08:26:07.0119 0x2648 [ FE33F417DFD9847CB571D3C7EE5FA7E3, B3C7BE7998B9B093DD969A2588EE8CEBD9771331A63D4B1D86A188317B5EE71C ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
08:26:07.0153 0x2648 TapiSrv - ok
08:26:07.0272 0x2648 [ 7EBD20284AC9BF9F0A020B86769BB074, 26D8CC9C1EE069BB617973BA7CBCFC36BAF1EABF975F395077547F930197A56A ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
08:26:07.0383 0x2648 Tcpip - ok
08:26:07.0494 0x2648 [ 7EBD20284AC9BF9F0A020B86769BB074, 26D8CC9C1EE069BB617973BA7CBCFC36BAF1EABF975F395077547F930197A56A ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
08:26:07.0605 0x2648 Tcpip6 - ok
08:26:07.0637 0x2648 [ D378A1AF58AFA84BB6AC753F2C1BE9F4, 8BBA623193D51E6A8DD0627FA08C93B918EF1BA2EEBA46CDBB86FE6A1007FDEE ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
08:26:07.0660 0x2648 tcpipreg - ok
08:26:07.0692 0x2648 [ D42AC03ACF9CA67693D1D9BB4D2A0BC8, D39D5180F3CDB23B4551A8C98F3C92A960B4CC9FA48E0FE11A6D89B0C247783F ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
08:26:07.0714 0x2648 tdx - ok
08:26:07.0753 0x2648 [ CCDBD2817C10A4F631280CBB3AE44FFB, A022DEF4D3CF75F41FA26275347F4BA38A513AD32FF18385C2E756DECB61D404 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
08:26:07.0768 0x2648 terminpt - ok
08:26:07.0834 0x2648 [ A0608264209A836821D6AB8C67B108AB, 7912C75F72BCAB7426A2E00C597C8D94C185B5DD31BD6C4BE5D56FECD5B0D9EA ] TermService C:\WINDOWS\System32\termsrv.dll
08:26:07.0909 0x2648 TermService - ok
08:26:07.0927 0x2648 [ 261830B1E3650E4471E1F98850B929B7, D281B8A93315E64C7AF5002E5BFBE6AFF8B35FD6AA747AE07D7AA96F4AFAA613 ] Themes C:\WINDOWS\system32\themeservice.dll
08:26:07.0961 0x2648 Themes - ok
08:26:08.0004 0x2648 [ 8D23F0819A00C547814409B734DD3747, 0E1B25A53C84486F8A57F309F3C016114F90F5AF5E576889BD230931F38594A5 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
08:26:08.0051 0x2648 tiledatamodelsvc - ok
08:26:08.0072 0x2648 [ 354DAA630928CD4DA2BC84A0DA4ADA9D, AFAE4948EA4F899267DC52DF9A06450FC3E77083B563E541581DA90685C7E98C ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
08:26:08.0098 0x2648 TimeBroker - ok
08:26:08.0131 0x2648 [ F4AEDABC8F3A9D632F8206D0C7F8CA09, 6E76749CD4B857B4D930267E3CF448AF4D14FAC851873C5E71572E62CAD2FA36 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
08:26:08.0152 0x2648 TPM - ok
08:26:08.0178 0x2648 [ 2D0338A3009075FCCB119CB7F3280F82, F42F3B8DA0F8B2C99892E66CDEF471A1CD30A30CF437ADFF464A2C786A6B87A6 ] TrkWks C:\WINDOWS\System32\trkwks.dll
08:26:08.0205 0x2648 TrkWks - ok
08:26:08.0291 0x2648 [ 62D6A900C5DFF2ECF131384E5A5C85AB, 1AF1FB868C59DFF452E3351EE5070B2C746DE606B9E2F1834CE2256F41ABE7A9 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
08:26:08.0333 0x2648 TrustedInstaller - ok
08:26:08.0369 0x2648 [ 676C801CAA61AADD0C918CC536A74B78, DB5DEC9445272E46D32DC2A9A99A9AE45729E424E61C679ECFD973AA88457BE6 ] TsUsbFlt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
08:26:08.0391 0x2648 TsUsbFlt - ok
08:26:08.0412 0x2648 [ 2BB6CC0DD1CEE86330743B56FA9FE91F, EE71E3DEECA7599947AB09E8967FE8066348D82B4C17D8CBE800FCDE9CF4989D ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
08:26:08.0433 0x2648 TsUsbGD - ok
08:26:08.0475 0x2648 [ 14B46248612DF1B1A695040FFFBCFAFC, 8C373A3C416FC9AB3872A187E64AC7A6E69FF605BD8784E8F2B1C28C293A0495 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
08:26:08.0504 0x2648 tunnel - ok
08:26:08.0525 0x2648 [ D0BE5EA1652D55029C9A898FB8ACFCE0, 80C4BC30B967C79B3457F43EB9B530CA2571C6158958879AC55E5A81F71CFF15 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
08:26:08.0543 0x2648 uagp35 - ok
08:26:08.0569 0x2648 [ 13C15E4B238895FE4731DB1D612EEB5F, 211E4B05AA09F7FBE2487C3241A98D1F970FEE5B9B1BAED2788B57233BFC4104 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
08:26:08.0594 0x2648 UASPStor - ok
08:26:08.0636 0x2648 [ BEBB8B55C5F99B69EEE39A9D7BADB21E, 08A094EA38AB58CC70108A3BDFDD3251897DC4B13FDDAD54C1B063137836EF34 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
08:26:08.0668 0x2648 UcmCx0101 - ok
08:26:08.0704 0x2648 [ DE3EDAF609D00EA2E54986E6459796A6, 61A9AB51869F38300CC5CC5D302B962FB966F54CBB2E393954F36372B3A479FE ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
08:26:08.0723 0x2648 UcmUcsi - ok
08:26:08.0775 0x2648 [ FB1C1D8B96A482F3581338D6752E1D6C, 0FFAEE3E088614B3483C459513BB9D78EB76B574696FD877A3CDF6A11378F46C ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
08:26:08.0815 0x2648 Ucx01000 - ok
08:26:08.0839 0x2648 [ 4E1543ACE2F6E2846713E5123D9D4159, 1A6AFC525A80D1F19B14CDAD38790DF7293911C4D0E8301161D92201B934C3D4 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
08:26:08.0857 0x2648 UdeCx - ok
08:26:08.0903 0x2648 [ CDCA9CC1D8293E75218D8FF85F2337A4, 173086C08DDC7625E026E425F1E2B5D6C795771BEAE9BFF6093E3592FBEBD323 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
08:26:08.0943 0x2648 udfs - ok
08:26:08.0967 0x2648 [ BC683E19307C533C7161DB7A58051347, 5553BE3421986FDD9992EBFD883CDA151F7166C01BBFA3E9183A3C93E41D79B6 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
08:26:08.0982 0x2648 UEFI - ok
08:26:09.0020 0x2648 [ D14B42C26DE402F316D49667D15446F0, 61CC9FF03EF78631C800EFD8D587975CB94D53DB80E6F60BD13BA52EC5690D3D ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
08:26:09.0054 0x2648 Ufx01000 - ok
08:26:09.0083 0x2648 [ 192470BE4321791FBB25F379D0141D6F, AD120F8F98BD99014471CE60630B5FEE7555AB261C98B7D9819FE23C386655F7 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
08:26:09.0113 0x2648 UfxChipidea - ok
08:26:09.0137 0x2648 [ F7BD838E84E6B286DBCE068EFB8C0800, A55188C8F8BDC739A7ED7D29CDCB2A17468BBB158E13D804963B31ED73449520 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
08:26:09.0170 0x2648 ufxsynopsys - ok
08:26:09.0220 0x2648 [ C844E39B900FFA46CA8DD2BBA670A077, 0CB6232BCE47C59821DF25D6ED33E85C3E32DDAB101AA8A2C22B5401E73F5D5B ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
08:26:09.0264 0x2648 UI0Detect - ok
08:26:09.0287 0x2648 [ A25842AC180F0E8B02380ECB8ADA1AF5, AF22E7559C5EF8DC22A2B9E27FFFFF075B1D1B68A8307266BD9473E0FAF36BEF ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
08:26:09.0308 0x2648 uliagpkx - ok
08:26:09.0331 0x2648 [ 21088F43172525C7E02D335A3327F46C, B04AD471A7DFE83AB557DB4540616B7DF4A1904F8BDDCB920D449FCEE6F36FD5 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
08:26:09.0354 0x2648 umbus - ok
08:26:09.0368 0x2648 [ 294A291B5D48FE8F38DD94B7272442C5, 66C9139636760C92C1E04FCF440C432FF6C5A94E1577CAFE1D61FCF2D30472ED ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
08:26:09.0385 0x2648 UmPass - ok
08:26:09.0438 0x2648 [ 3427889AECC3B6912A0A01D095E32B98, 322AE14B74295ACFC124719BBEF8809201150A184E262EC55E26D2B45787BF9D ] UmRdpService C:\WINDOWS\System32\umrdp.dll
08:26:09.0494 0x2648 UmRdpService - ok
08:26:09.0584 0x2648 [ 0D5C9E27E93AAEA3E30A1E59A7AC3DFF, 31A203DA03877E6B887930990C5BB53402F0DFFB22A6F8FC5A34EF0B99CD8A7E ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
08:26:09.0670 0x2648 UnistoreSvc - ok
08:26:09.0719 0x2648 [ BD693208673F40BA21AA70B69F1D439C, E324947C2DD34386A83B09E73668F1CCED127AC91194B8BF7EC4C8E36CF8203E ] upnphost C:\WINDOWS\System32\upnphost.dll
08:26:09.0764 0x2648 upnphost - ok
08:26:09.0799 0x2648 [ A7A52EDDC3FAF183D6AC4774690ADF13, 630A0331F2EFA2DC7EFDACD08D8DF5C85BFDA30FF1525050FF54E069AFA45F6C ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
08:26:09.0818 0x2648 UrsChipidea - ok
08:26:09.0841 0x2648 [ 2EEA0897DD9E30E958B508D557F0B5E4, BE051A3AA5DFF56310FAB67AD19AC0443A3580542886EF3554EBE18F1323596F ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
08:26:09.0869 0x2648 UrsCx01000 - ok
08:26:09.0883 0x2648 [ DC54D775A3A61E4CDE871B4E38A1459A, CC996A9D293201BBD285E7B629B12EE88574702B8AC7BB4149439D6A25A07F7E ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
08:26:09.0898 0x2648 UrsSynopsys - ok
08:26:09.0921 0x2648 [ 1DC6166DB6C4FEFE87D9B9105044E5BE, D19B867C0E900B596B4180390A6E4F2ECCBDF8FBD49561C23DBA7D460B8F44A9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
08:26:09.0945 0x2648 usbaudio - ok
08:26:09.0961 0x2648 [ 18B63A0980F4AA1E6D7879B253980E37, 05F96DBE0A3DE2A685DEEBA8B6838A47AEB7CE2EBE8EB6BAD67B36DCF7E73589 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
08:26:09.0984 0x2648 usbccgp - ok
08:26:10.0041 0x2648 [ 1C60A1A3C8E1E819E16F12BAEB1C83F8, E255BD173DBF091C5EA07381862E23C1FD761489EC396E312974FBC124E1F33A ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
08:26:10.0078 0x2648 usbcir - ok
08:26:10.0151 0x2648 [ 9A3E39F85DC6E3B9F792F1095ACFF788, 66B8E137A5232E9F717907CFD49FE624AE101F4DE14E2960849DABF7A877E87A ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
08:26:10.0172 0x2648 usbehci - ok
08:26:10.0203 0x2648 [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter C:\WINDOWS\system32\DRIVERS\usbfilter.sys
08:26:10.0220 0x2648 usbfilter - ok
08:26:10.0277 0x2648 [ 0A368247A900656CC0678117DFC3A87C, 9BEAD14DA067439D913F609955E95CFA0B88ED4F1BC60B473E00F9D9CBC01B9C ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
08:26:10.0317 0x2648 usbhub - ok
08:26:10.0366 0x2648 [ C08449092043601887A1743350888635, 5CD916649D2CD8823B89C9E7459AD76AA8E54D70B6D9F40AD4A41144E22ACBE0 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
08:26:10.0401 0x2648 USBHUB3 - ok
08:26:10.0460 0x2648 [ 72EA850B59F40C25A4FEDDA5FE84EFEB, FB4801AA1FB72FC1C41024916368823E88D53E338640E3BEA865B0F0E7B8EE91 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
08:26:10.0492 0x2648 usbohci - ok
08:26:10.0516 0x2648 [ 47B2B2DE152E25546944049CA1170BB1, DDA0A806D3108B2475AB13F584EA8CE6F0932C5E394C2C3FA691DFAB8A2BCAC0 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
08:26:10.0547 0x2648 usbprint - ok
08:26:10.0586 0x2648 [ 1F72E1A7E1858B7B3FF81522FCEBDE95, 4FAD243DA73C45CD5CA5E50F824F30EF0DC777D83957FD21FF43D8C89EC15AAC ] usbser C:\WINDOWS\System32\drivers\usbser.sys
08:26:10.0607 0x2648 usbser - ok
08:26:10.0635 0x2648 [ CD35467670DF1E6FBF36DA308F0C872B, E1F4F9B1EBD476394CBD0C934842AEE2502B030D97351B0A1E751FF23B011B57 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
08:26:10.0655 0x2648 USBSTOR - ok
08:26:10.0686 0x2648 [ DFA92EA105DD1073B43FB210EEB03DD4, D940432458F0A04F5013B48197CEA0412C8A909C50605AA21DD08271C90E2FE3 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
08:26:10.0704 0x2648 usbuhci - ok
08:26:10.0756 0x2648 [ B1484D4BBC6B7B424F1CD1554B0AFB84, C9432978603360182AAA983248FFA97576B3C59BE5DA45473DFA17E2940479C8 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
08:26:10.0803 0x2648 usbvideo - ok
08:26:10.0852 0x2648 [ C67A03F54A1EA683F4880A481EE5FF6C, 346185B378577FF14EFAD01ECB7DFC9AFC0D50F16DF081C3BA99AEFF710A0EE9 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
08:26:10.0883 0x2648 USBXHCI - ok
08:26:10.0954 0x2648 [ 32212C0FE0556915E763C29DEB6D267E, C5BC9DA3AB0C41604E8F3D01AFC2C25351FF5D3967E766DD0CDB4C0239ED6312 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
08:26:11.0046 0x2648 UserDataSvc - ok
08:26:11.0113 0x2648 [ 19DB66E644058AA880AE20144FA40839, 3622EBD3E203C436000947666E7CDF9B075951CC1929241CCCDB123F55F93E46 ] UserManager C:\WINDOWS\System32\usermgr.dll
08:26:11.0171 0x2648 UserManager - ok
08:26:11.0218 0x2648 [ 0CFEA30C0217EE74FF853B2B0CC0BE6D, 1F0856D2D94F46D7B24B7EE18ED868C9EFAE972039D35D1FAA9058A12CF40493 ] UsoSvc C:\WINDOWS\system32\usocore.dll
08:26:11.0254 0x2648 UsoSvc - ok
08:26:11.0268 0x2648 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] VaultSvc C:\WINDOWS\system32\lsass.exe
08:26:11.0285 0x2648 VaultSvc - ok
08:26:11.0303 0x2648 [ 26223003DDFB347B5CF3EC0B56DB066B, 78848BE1334C05F28FA431B08225EAE8345B2C66E7D677F9936892FC941EA961 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
08:26:11.0319 0x2648 vdrvroot - ok
08:26:11.0375 0x2648 [ 0C3F4E7684C1D72E85A98689E65A98A1, F7928D3EFC1A83125887ADA5F8E008022B58F0DBA8A711B4D60975D8CE82B595 ] vds C:\WINDOWS\System32\vds.exe
08:26:11.0435 0x2648 vds - ok
08:26:11.0471 0x2648 [ A417284BC6B5C2EEF63F2C5154473530, 55146660CDDD829630C216038E6500CFAC906E67C82881047B665BFEEB286D10 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
08:26:11.0511 0x2648 VerifierExt - ok
08:26:11.0576 0x2648 [ 4C39C05A72EB14C0567501C7E087E564, D3DC122B7E4A5BD345517FE3A9E9E58CD3C78887F9F327AB782BADCAD0F8F2EB ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
08:26:11.0616 0x2648 vhdmp - ok
08:26:11.0635 0x2648 [ C42206A15078596FDE8E89BB629DE342, B95F9EC2413ADE658A7CE4A9BB57A0E125C29205C24BBB120153DACAF4CF9482 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
08:26:11.0652 0x2648 vhf - ok
08:26:11.0678 0x2648 [ 248D9F911A5C94CF8477125DD0C3A291, 418C7285184BCC9DE4E56175960585867A5DB21FEF761C49FF6F1AF1C07D8088 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
08:26:11.0696 0x2648 vmbus - ok
08:26:11.0711 0x2648 [ 3E98DD4E0CBD6B4F9CBD0E9E0EDF541E, 2B5CF364F4D1D3359FBEA8BB2E72A1FCE1277E8D893977B751D9AC10A27DF018 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
08:26:11.0728 0x2648 VMBusHID - ok
08:26:11.0783 0x2648 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
08:26:11.0839 0x2648 vmicguestinterface - ok
08:26:11.0861 0x2648 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
08:26:11.0904 0x2648 vmicheartbeat - ok
08:26:11.0926 0x2648 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
08:26:11.0968 0x2648 vmickvpexchange - ok
08:26:12.0010 0x2648 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
08:26:12.0085 0x2648 vmicrdv - ok
08:26:12.0108 0x2648 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
08:26:12.0154 0x2648 vmicshutdown - ok
08:26:12.0175 0x2648 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
08:26:12.0219 0x2648 vmictimesync - ok
08:26:12.0250 0x2648 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll
08:26:12.0293 0x2648 vmicvmsession - ok
08:26:12.0315 0x2648 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
08:26:12.0357 0x2648 vmicvss - ok
08:26:12.0377 0x2648 [ 91F165C5D71D9DCB18D4661CF10D1084, 1D55C1FF0F5D860E6DB60EEFE303C0797C98BB0B053ECC255F9B316872288818 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
08:26:12.0395 0x2648 volmgr - ok
08:26:12.0452 0x2648 [ 17042748AC05862A0283D32575220080, A85B480CB969CB7678545D2A9EE99CBD2ADFF210FA016A43E092D0711FBB633D ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
08:26:12.0480 0x2648 volmgrx - ok
08:26:12.0500 0x2648 [ 823A237D871CD652C6BFD47BECB6810A, 99310521451CB54C29A5DEA54C3A666F95E2A1FF0979D5F9792885A161E90C65 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
08:26:12.0528 0x2648 volsnap - ok
08:26:12.0561 0x2648 [ 78727FA284C2095EED660D71CD3C9AEF, 323F0BD5A624DF77973F28C7CF31EC6B3A525496EBF063666623A62B1DB0EA65 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
08:26:12.0579 0x2648 vpci - ok
08:26:12.0604 0x2648 [ 2415961D561E02F5E46B7C1C687A6788, 68A54B9595A0D15D410D5F1656B6EBE3B913A4BA5F71C658C9B99420E6ED327A ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
08:26:12.0624 0x2648 vsmraid - ok
08:26:12.0708 0x2648 [ 16419CBDB04DB9FF298169AA93413822, 743AD26F08AF5EFF5DD353E75C3D659B10C3FEC2FEDABB76387B87721B5B98F8 ] VSS C:\WINDOWS\system32\vssvc.exe
08:26:12.0805 0x2648 VSS - ok
08:26:12.0843 0x2648 [ 6AE9A843AE979F2DCCA5A25C07C7A5F8, 3CEC26DE2EEC97929A0FBBD87FF75F8DC387C0988B2047074C8F069ACBEF2587 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
08:26:12.0871 0x2648 VSTXRAID - ok
08:26:12.0904 0x2648 [ BD232C761C59FA8D8EF626CA630E2D2E, E494EFDCE8F6343F49F33F1F03DCD5DEC9CB6F349B1AD302B4D3333B5F6BD8E5 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
08:26:12.0922 0x2648 vwifibus - ok
08:26:12.0943 0x2648 [ 3039687AB65CEE26CF478C1F42FFCD7D, 40E140C6F94B6203767A1493DF8CAE6BA1FB67FBD0C13789444F72410D0E6FF1 ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
08:26:12.0966 0x2648 vwififlt - ok
08:26:12.0979 0x2648 [ 37C868DDE3103130B00AD1313DAB5ACB, BF9C30817A3502F5C0673FD462B18FE1BF37963B29DF09D84B66BDCBF8ECBA81 ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
08:26:13.0003 0x2648 vwifimp - ok
08:26:13.0045 0x2648 [ EC9B6544C569E8D7FAB91772BD7D23F2, 06CC5F21E9A9DD35099CB3E44C3E2BF2F944CE5B71284E6A85E1B681F12BD31B ] W32Time C:\WINDOWS\system32\w32time.dll
08:26:13.0097 0x2648 W32Time - ok
08:26:13.0136 0x2648 [ FC40A7527D39F06D032A6553D22E4BF6, F572FCB5EB3DE16FD6222A5B6A43C81E3A1F838890667D9F0453F82FFCA772FF ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
08:26:13.0167 0x2648 WacomPen - ok
08:26:13.0222 0x2648 [ 2CFE8CBE358CC4D5715E010E3B13559F, 54E9BFCE202FA123EB261C226094054950429AAFA304AA714F461B003E070BD9 ] WalletService C:\WINDOWS\system32\WalletService.dll
08:26:13.0268 0x2648 WalletService - ok
08:26:13.0292 0x2648 [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:26:13.0319 0x2648 wanarp - ok
08:26:13.0328 0x2648 [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:26:13.0352 0x2648 wanarpv6 - ok
08:26:13.0441 0x2648 [ CF9EF65FA66B0F4982FD1FACAB3009B6, 681C1CD5DCAF87EF436B907534E98B0AB4F66BD62E46B8977A7880B854766A27 ] wbengine C:\WINDOWS\system32\wbengine.exe
08:26:13.0541 0x2648 wbengine - ok
08:26:13.0584 0x2648 [ 8F2B0ED6FCA72B34BEEA37E32D0EE106, A86C641A13FDF056B7BA13641551582199DDB08E9490003C74D999518B097C00 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
08:26:13.0636 0x2648 WbioSrvc - ok
08:26:13.0685 0x2648 [ A40484AC27EE08DBE7F8DA5E1F6651ED, E3259694450C4F1DEC5E0EA5E23BF3A51F1819374DF47FECF70282AFD46114A1 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
08:26:13.0775 0x2648 Wcmsvc - ok
08:26:13.0809 0x2648 [ 8E7FD07D2C82ACBCA52C4100C20F6542, FB2CD88557ABB5EBE6555CD4E41BF4BDC6FE6BCF26288338F2FB034B966FCBD3 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
08:26:13.0853 0x2648 wcncsvc - ok
08:26:13.0877 0x2648 [ 9C776ED423CD03F8ABD54C2557E34416, 282C1208977070EC0280D5ABA0E03A847AEAEE31F35CDAA3C7A02D8477614EB1 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
08:26:13.0897 0x2648 WcsPlugInService - ok
08:26:13.0933 0x2648 [ C8BA574B3BA6AE88741AC86B1FE3C1DC, B2422CDE3A6A27B52D270D24298FF69D91D389C68456EC1805BA30AA59BAB839 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
08:26:13.0952 0x2648 WdBoot - ok
08:26:13.0996 0x2648 [ 927AD29D7F91B9A0C5294932374DA15E, ABB2722EF4153771D15683B5CE603D2B7D8A585357F64A3DC26114F37BE2906E ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
08:26:14.0041 0x2648 Wdf01000 - ok
08:26:14.0067 0x2648 [ C5BB7C612B4C852836BEA39593BA5F46, 1E2B123F34500C2A8E983AAAF7F14E409B88DC396A655F19F3E7F15D0C51A762 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
08:26:14.0094 0x2648 WdFilter - ok
08:26:14.0129 0x2648 [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
08:26:14.0175 0x2648 WdiServiceHost - ok
08:26:14.0183 0x2648 [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
08:26:14.0220 0x2648 WdiSystemHost - ok
08:26:14.0272 0x2648 [ 9B2039C5673EEBF1D4E34ABC0AFB88C7, BBC85546BD86B9027426DAF148194CFE992B80FF89311B28BE0BD82C88630E8C ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
08:26:14.0325 0x2648 wdiwifi - ok
08:26:14.0363 0x2648 [ BD193A7BD34B2E829FAF56306FEE3B09, ADD746D198E21242CEFA01840952B792074EFC473113CD3E7F1ABBA6A4E26AF6 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
08:26:14.0390 0x2648 WdNisDrv - ok
08:26:14.0430 0x2648 WdNisSvc - ok
08:26:14.0505 0x2648 [ 6A3B5013D5C7840E8CABD63DD021C112, 371CCEEAC7816CFE79ACA8A218CDA16469D9567CB63CC9D18C55FF047011EF25 ] WebClient C:\WINDOWS\System32\webclnt.dll
08:26:14.0561 0x2648 WebClient - ok
08:26:14.0601 0x2648 [ EED4043BC3C2D00067411730EE118354, 5E268DA4DB78C06D8F181E9408B4769F8A12C38DA52C1E986EE0CEE1101E9485 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
08:26:14.0634 0x2648 Wecsvc - ok
08:26:14.0652 0x2648 [ 6ECD7A49AFC6533821BEEA1876CEB21D, 2E972245F56F589EF1AB9DABB9214B9DE6E290878735476323A3357D8CDFC71F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
08:26:14.0677 0x2648 WEPHOSTSVC - ok
08:26:14.0703 0x2648 [ 09B434867028AF4895A87959EA668686, 26A7DB82E42DCBF3A77092D58AC6392754FD7C538B9EAAEFA88E9AF81DFE8E96 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
08:26:14.0747 0x2648 wercplsupport - ok
08:26:14.0767 0x2648 [ DE4E417B867841EE55114E588098B8D5, 878708C93FC1D919E2B9E1C5F94A0EAFC5F28BDAA58D3F29DEEDC8EC3F72D9ED ] WerSvc C:\WINDOWS\System32\WerSvc.dll
08:26:14.0801 0x2648 WerSvc - ok
08:26:14.0808 0x2648 wfpcapture - ok
08:26:14.0828 0x2648 [ DBF5255B759212E5217A2748567A0B5C, 5E81A9289EC39702179038B686A35FADF9974651E74222F3354B4CBE919887B0 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
08:26:14.0849 0x2648 WFPLWFS - ok
08:26:14.0870 0x2648 [ 4CD8826BB8320741842A9E53E48AF2BC, 97B22D9DCD0FD31D3A801946173369B0E70B1850576682C8A8180874A61CAD1A ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
08:26:14.0892 0x2648 WiaRpc - ok
08:26:14.0934 0x2648 [ 4375BCBA419D19695CF566082CEF27D3, 6F86FA14B41A03F2BA51B8702F3D59B85FD488405601FA177495E4B7C576850D ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
08:26:14.0956 0x2648 WIMMount - ok
08:26:14.0963 0x2648 WinDefend - ok
08:26:15.0004 0x2648 [ 037BC6DE5F58D4A74A5BB0C12DCECDCA, 92921A2615A41C434BADEB33594DABC166FC9418FBD311A3B2022410B14BFDAC ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
08:26:15.0035 0x2648 WindowsTrustedRT - ok
08:26:15.0053 0x2648 [ 70BCD70BD53F2FE660ED94B025A043EB, B23B96DCAB30C62CB1651B3A2292155AEE8217CE3120574F5158D5E7DA09DE56 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
08:26:15.0068 0x2648 WindowsTrustedRTProxy - ok
08:26:15.0147 0x2648 [ 8921ECEC2C7D1B1333D77325C60D3AEA, 67C6B6A92B34D99165B5591D0730322C31E967E599BA44924249BF5AD505C132 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
08:26:15.0213 0x2648 WinHttpAutoProxySvc - ok
08:26:15.0235 0x2648 [ 7792AE5403BF8975B6460DFC3428D129, D88F77E973D58C2CA629CC9249877A34ABF31CA1DC2A570666921A8A0DC8DEC7 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
08:26:15.0251 0x2648 WinMad - ok
08:26:15.0321 0x2648 [ 73B5230F03DC7002A70F11EA1B0BAA37, DFE8BBE52B58589686E402ACED51021E298A491F907EBA5689DF9DAFC3002BA5 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
08:26:15.0367 0x2648 Winmgmt - ok
08:26:15.0512 0x2648 [ 2FE85D6AFF90F56A78743CC93B9CA684, B515765C4EE64E7EC16BD6AF037C084CCA6E81180AEF59E18F260406ABE6DF58 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
08:26:15.0668 0x2648 WinRM - ok
08:26:15.0726 0x2648 [ 811F30EB6EE8318C4171CB95AE30B9BD, 765F6BEA3D35D523B5D7ED7356EC0C97A48066A5C4D77C1E6EDAC6F220153385 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
08:26:15.0757 0x2648 WINUSB - ok
08:26:15.0778 0x2648 [ DF00381AB8665D48DE3FF794BC6760AB, 749AC7048601061A34BFF507B574AF028FC662C0A98692E7331E667D105EC09D ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
08:26:15.0794 0x2648 WinVerbs - ok
08:26:15.0900 0x2648 [ 3C096082A9232B7CEE4653B9C9031769, CFD4C7D0874097ED70735FD99206F21C12749B7956C4B5D4287F160EC6A21DCC ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
08:26:16.0036 0x2648 WlanSvc - ok
08:26:16.0135 0x2648 [ 0968D575D9108497A6DC37749D4A6C4F, 8BFEDBE642DA0FD8AC1E60180C192527F3D36E43089090A7BB6D8B27AB6E4F7F ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
08:26:16.0264 0x2648 wlidsvc - ok
08:26:16.0294 0x2648 [ 623ED8E10DFEEAB7AE2CD11A0451DB79, 7DDE15F22FD24556D4765F6CFD0F8E2F27370A89A962919646DE2613B33D43D6 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
08:26:16.0310 0x2648 WmiAcpi - ok
08:26:16.0363 0x2648 [ B2BB87531C4127ED4120E9BF5566827F, 1DDC0F00F215D77D3698F81B56D4488F384E9D017267840EDFA4846742B99B6A ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
08:26:16.0407 0x2648 wmiApSrv - ok
08:26:16.0448 0x2648 WMPNetworkSvc - ok
08:26:16.0492 0x2648 [ 78CA1FF6FE37EEFAFF99DD1C956AF60A, 883C7890C83BAB3B846A0C969D7B67031BD2EF65FA58A0620DD0CD1655C5B2C5 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
08:26:16.0515 0x2648 Wof - ok
08:26:16.0613 0x2648 [ C7503A49364DB2AF7A7DE177B233081F, 85DC6D8B5631E51FCF395A884F58571A96C8C55C38CA9ABEBD9C75BABAD21E38 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
08:26:16.0726 0x2648 workfolderssvc - ok
08:26:16.0750 0x2648 [ 388F2A3C771B8BEE76FD1AAF9614D08E, C064EC6136CC20C4EE19C86E91CA071974933BB52C9EF8521DF4AFD060FED4A2 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
08:26:16.0768 0x2648 wpcfltr - ok
08:26:16.0802 0x2648 [ A6FCFE1F691B4A4D266F5D487FADB9FE, 2135D0C13C1295A2F76885E380CD72CB71CEB8E0D9F1C183A35935B27737D423 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
08:26:16.0845 0x2648 WPDBusEnum - ok
08:26:16.0884 0x2648 [ 37DCE976B3935380F2F6E39ABB6BF40D, B14E875F6D6503DF0DB6D9D2363316073AEEF394D830EA2270A0DCDA56E1CEC4 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
08:26:16.0910 0x2648 WpdUpFltr - ok
08:26:16.0935 0x2648 [ 80F0154FD4293E562D54E97811E03499, EDE920F7F95EFBE542FE3CE066B6F7CDE3B9A37DDF3411DC86EACE9EEF294C1D ] WpnService C:\WINDOWS\system32\WpnService.dll
08:26:16.0970 0x2648 WpnService - ok
08:26:17.0006 0x2648 [ 3CD22DD5A790CF7C24D65455E565EA83, 49DB06DF6F38940E7F8691C16586A78BB20E702FD48A34E50987C06B08BDF4DB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
08:26:17.0030 0x2648 ws2ifsl - ok
08:26:17.0056 0x2648 [ EBA916109A176714E6A7BD152387F13C, 7B38B1708B83271ADA8D1CEC7F5F0A75C7F2572185C0961EFC749D5DF16A03F0 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
08:26:17.0089 0x2648 wscsvc - ok
08:26:17.0096 0x2648 WSearch - ok
08:26:17.0269 0x2648 [ 9EB85802AB625970E05879D15DE56335, B7DCE5E1924A5CEE76CC07FF3B8CEDBBD0DDBB4C4ED0A3BFB8D1ABCAD7C0AA23 ] WSService C:\WINDOWS\System32\WSService.dll
08:26:17.0423 0x2648 WSService - ok
08:26:17.0647 0x2648 [ B70FF53144AC4B3C7D98BFB7D7C239BD, 996F6253F24C6D734B777988CDE03CD3A32FFBAD6D7A198F1C590B762CD8DC0E ] wuauserv C:\WINDOWS\system32\wuaueng.dll
08:26:17.0778 0x2648 wuauserv - ok
08:26:17.0799 0x2648 [ 835F60262E7E310080EA05F6752BF248, 3010B731DF3D52B56EA16FD29B66F5D3AB9412E49CA4C547BAAECA3225C5DC40 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
08:26:17.0822 0x2648 WudfPf - ok
08:26:17.0864 0x2648 [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
08:26:17.0892 0x2648 WUDFRd - ok
08:26:17.0929 0x2648 [ 44CF3130AEC8914705487C4AEF756A19, 30B09E32DEC02141F9B99ED012E441056C1663A72E4130EF4221ECC0ED87BF4B ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
08:26:17.0954 0x2648 wudfsvc - ok
08:26:17.0968 0x2648 [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
08:26:17.0996 0x2648 WUDFWpdFs - ok
08:26:18.0008 0x2648 [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
08:26:18.0037 0x2648 WUDFWpdMtp - ok
08:26:18.0092 0x2648 [ D23F211E1AA0787EFEC373D172D4A1C2, 6CCAB272D121C9946B2CF6B19F50E09946F0187713D54BFBD371B5C017367204 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
08:26:18.0173 0x2648 WwanSvc - ok
08:26:18.0265 0x2648 [ 9BDC2AFCEF4CF1C630D728DE1DBD495A, 5CE19974380CCEC46C181315B349E9A7CE757E19118EC5978A2293D63268BA66 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
08:26:18.0337 0x2648 XblAuthManager - ok
08:26:18.0396 0x2648 [ 3EDB6162310EA223890C2DF44C68358B, 12053291809CA9C38A30EA4B2DE7115F535531F0925220C63B0312979F9CC707 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
08:26:18.0475 0x2648 XblGameSave - ok
08:26:18.0504 0x2648 [ 30021D1E0407B71E8D5D4F8DAE4E656A, EE2E366A1CC033C068176C7E9F876FFA0EF86A15A482B6964E170DE863CFF542 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
08:26:18.0532 0x2648 xboxgip - ok
08:26:18.0589 0x2648 [ 729B70C81F207541BC6A4ABAE3A8D594, 31F9BC41169D28B397C0D988C367C32FA9A95289E68AB8F38061DA478752A765 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
08:26:18.0662 0x2648 XboxNetApiSvc - ok
08:26:18.0687 0x2648 [ 6851673B90D8CB332439E0339F81A6B6, 4E95F1A63E6DD58BB5BD6FC1D9784837D5E6F5BCF870C7ECC92DCA1AF20B6A4C ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
08:26:18.0704 0x2648 xinputhid - ok
08:26:18.0708 0x2648 ================ Scan global ===============================
08:26:18.0779 0x2648 [ C6BC6E49A7F76AA2BBA58CD08196755F, D02B6B285899E966D19323566A4780D51303D00E66674D7FF4B61991430A69A6 ] C:\WINDOWS\system32\basesrv.dll
08:26:18.0832 0x2648 [ 70EC9717DC3A1CDF79C703A145E0E5B7, D5ABF42063DFF799FD4099D8A347256CC79B89582B987B3DEE240AFA5BA421BE ] C:\WINDOWS\system32\winsrv.dll
08:26:18.0884 0x2648 [ F435AFA375ACBAEE44324DD464EDCC11, 815DE470439AE5D96348BEBF971A14FBDCA1D36F31CA0D25F69E5F41817D43D5 ] C:\WINDOWS\system32\sxssrv.dll
08:26:18.0929 0x2648 [ BB3D8E1C108F7244613FF3993291A922, 1642AF23F200D46F54239C3BA743F1D5ADDC6A32D5F6481264D0C1D7F3E9D533 ] C:\WINDOWS\system32\services.exe
08:26:18.0952 0x2648 [ Global ] - ok
08:26:18.0954 0x2648 ================ Scan MBR ==================================
08:26:18.0966 0x2648 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
08:26:19.0095 0x2648 \Device\Harddisk0\DR0 - ok
08:26:19.0096 0x2648 ================ Scan VBR ==================================
08:26:19.0130 0x2648 [ 503FD52676B2A3B1EDB38A264C7912CC ] \Device\Harddisk0\DR0\Partition1
08:26:19.0147 0x2648 \Device\Harddisk0\DR0\Partition1 - ok
08:26:19.0169 0x2648 [ FE6760C6F8CFBE6A3FC9EBEDC0B530D8 ] \Device\Harddisk0\DR0\Partition2
08:26:19.0183 0x2648 \Device\Harddisk0\DR0\Partition2 - ok
08:26:19.0198 0x2648 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
08:26:19.0199 0x2648 \Device\Harddisk0\DR0\Partition3 - ok
08:26:19.0218 0x2648 [ BCAA6D77E23F220B602ED70D515C2CD0 ] \Device\Harddisk0\DR0\Partition4
08:26:19.0231 0x2648 \Device\Harddisk0\DR0\Partition4 - ok
08:26:19.0269 0x2648 [ ED43EB2FC7F9D6BD7BE5536FA683B9FA ] \Device\Harddisk0\DR0\Partition5
08:26:19.0290 0x2648 \Device\Harddisk0\DR0\Partition5 - ok
08:26:19.0291 0x2648 ================ Scan generic autorun ======================
08:26:19.0901 0x2648 [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
08:26:20.0356 0x2648 RtHDVCpl - ok
08:26:20.0589 0x2648 [ 31821EC63BDEDE18E64C11F7248B32AB, 6982AE866F8EC7943FDB3E4B77B03542A2E3E07F080B8D806C4ED903DE3368CE ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
08:26:20.0652 0x2648 RtHDVBg_Dolby - ok
08:26:20.0708 0x2648 Apoint - ok
08:26:20.0709 0x2648 SynTPEnh - ok
08:26:20.0840 0x2648 [ EA4F9B19B3614349C79CC97DCA4C23A8, EC330F2E4F002FE450CDC1FC84AC0122C21C7912A483A99143450822004795E3 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
08:26:20.0882 0x2648 StartCCC - ok
08:26:20.0951 0x2648 [ C91635CC2BF215F9D7A5A7FC2E385D1D, A77AC38D3ACF7C199C0C8A3DB5EF9610FF0E8ED68D6F5E08C75771D5A3659EEB ] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
08:26:20.0972 0x2648 abDocsDllLoader - ok
08:26:21.0341 0x2648 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
08:26:21.0603 0x2648 OneDriveSetup - ok
08:26:21.0952 0x2648 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
08:26:22.0216 0x2648 OneDriveSetup - ok
08:26:22.0471 0x2648 [ 48D4923490B6D4728D1C57DEE94462E3, 3FA6BCFF94E33F854709056594025C6965AF5BFF025CA78B722251BBA62F08A2 ] C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
08:26:22.0582 0x2648 AcerPortal - ok
08:26:22.0736 0x2648 [ 9F2ECA252720B25E8FEC1CAB2984B98D, 476EE2929901CD43F15869B763376393AA0942A3B934532055E037C6DCE3CD2D ] C:\Users\Manuel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
08:26:22.0774 0x2648 OneDrive - ok
08:26:22.0793 0x2648 Skype - ok
08:26:22.0808 0x2648 Web Companion - ok
08:26:22.0810 0x2648 Waiting for KSN requests completion. In queue: 230
08:26:23.0810 0x2648 Waiting for KSN requests completion. In queue: 230
08:26:24.0811 0x2648 Waiting for KSN requests completion. In queue: 230
08:26:25.0200 0x17dc Object required for P2P: [ 7EBD20284AC9BF9F0A020B86769BB074 ] Tcpip
08:26:25.0812 0x2648 Waiting for KSN requests completion. In queue: 144
08:26:26.0813 0x2648 Waiting for KSN requests completion. In queue: 144
08:26:27.0659 0x17dc Object send P2P result: true
08:26:27.0661 0x17dc Object required for P2P: [ 7EBD20284AC9BF9F0A020B86769BB074 ] Tcpip6
08:26:27.0813 0x2648 Waiting for KSN requests completion. In queue: 143
08:26:28.0813 0x2648 Waiting for KSN requests completion. In queue: 143
08:26:29.0814 0x2648 Waiting for KSN requests completion. In queue: 143
08:26:30.0128 0x17dc Object send P2P result: true
08:26:30.0170 0x17dc Object required for P2P: [ 0968D575D9108497A6DC37749D4A6C4F ] wlidsvc
08:26:30.0814 0x2648 Waiting for KSN requests completion. In queue: 32
08:26:31.0814 0x2648 Waiting for KSN requests completion. In queue: 32
08:26:32.0643 0x17dc Object send P2P result: true
08:26:32.0843 0x2648 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x61100 ( enabled : updated )
08:26:32.0852 0x2648 Win FW state via NFP2: enabled ( trusted )
08:26:35.0224 0x2648 ============================================================
08:26:35.0224 0x2648 Scan finished
08:26:35.0224 0x2648 ============================================================
08:26:35.0243 0x244c Detected object count: 0
08:26:35.0243 0x244c Actual detected object count: 0
08:29:47.0974 0x15d0 Deinitialize success

deeprybka 02.12.2015 18:53
Gut gemacht. :)

Bitte Adwcleaner neu laden und nach Anweisung ausführen:

Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 2

http://deeprybka.trojaner-board.de/m...mbamlogo4a.pnghttp://deeprybka.trojaner-board.de/m...mbamlogo4b.png
  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Gehe zurück zum Armaturenbrett und klicke auf "Jetzt scannen".
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben und poste mir das Log.

Manuel476 02.12.2015 21:35
AdwCleaner Logfile:
Code:
# AdwCleaner v5.023 - Bericht erstellt am 02/12/2015 um 21:28:44
# Aktualisiert am 30/11/2015 von Xplode
# Datenbank : 2015-11-30.1 [Server]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : Manuel - MANU
# Gestartet von : C:\Users\Manuel\Downloads\AdwCleaner_5.023.exe
# Option : Löschen
# Unterstützung : Forum - ToolsLib

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****

[-] Datei Gelöscht : C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\tstamptoken

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: TCP/IP Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C5].txt - [973 Bytes] ##########
--- --- ---

deeprybka 02.12.2015 23:34
OK. Und noch Malwarebytes bitte...

Manuel476 03.12.2015 11:19
Ich war glaub ich zu voreilig, nach dem bereinigen, dass Programm geschlossen und nun finde ich keinen Bericht, wie soll ich weiter verfahren und vielen Dank für die guten Nerven mit mir!

deeprybka 03.12.2015 22:19
Kein Problem...

Malwarebytes Anti-Malware Logfile finden - Anleitungen

Manuel476 04.12.2015 11:00
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 02.12.2015
Suchlaufzeit: 21:38
Protokolldatei:
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.02.05
Rootkit-Datenbank: v2015.11.26.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Manuel

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 388447
Abgelaufene Zeit: 47 Min., 39 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 1
PUP.Optional.EasyDriverPro, C:\Users\Manuel\AppData\Local\Temp\is-HUGS2.tmp\EasyDriverPro.exe, In Quarantäne, [aba250505f2cad89bac469e4bd4340c0],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Und dieses noch:

Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 02.12.2015
Suchlaufzeit: 21:38
Protokolldatei:
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.02.05
Rootkit-Datenbank: v2015.11.26.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Manuel

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 388447
Abgelaufene Zeit: 47 Min., 39 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 1
PUP.Optional.EasyDriverPro, C:\Users\Manuel\AppData\Local\Temp\is-HUGS2.tmp\EasyDriverPro.exe, In Quarantäne, [aba250505f2cad89bac469e4bd4340c0],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Und dieses :

Malwarebytes Anti-Malware
www.malwarebytes.org


Error, 04.12.2015 06:17, SYSTEM, MANU, Protection, IsLicensed, 13,
Protection, 04.12.2015 06:17, SYSTEM, MANU, Protection, Malware Protection, Stopping,
Protection, 04.12.2015 06:17, SYSTEM, MANU, Protection, Malware Protection, Stopped,

(end)

deeprybka 04.12.2015 11:01
OK, dann noch einen Kontrollscan:

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Manuel476 04.12.2015 18:47
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b8a305b59bd3fd4abc1f3346b7425cbe
# end=init
# utc_time=2015-12-04 02:19:45
# local_time=2015-12-04 03:19:45 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 27044
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b8a305b59bd3fd4abc1f3346b7425cbe
# end=updated
# utc_time=2015-12-04 02:22:59
# local_time=2015-12-04 03:22:59 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=b8a305b59bd3fd4abc1f3346b7425cbe
# engine=27044
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-04 05:19:37
# local_time=2015-12-04 06:19:37 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 30704 3142247 0 0
# scanned=356112
# found=135
# cleaned=135
# scan_time=10597
sh=FC5F6D4BE8DB5CB75A39E9942A9289E4E3EAB763 ft=1 fh=1e64fde6bc886de3 vn="Variante von MSIL/StartPage.BI Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ods.exe.vir"
sh=6BE0CB83D2A56A3BC4F7F802131F9358DC4EC012 ft=0 fh=0000000000000000 vn="VBS/TrojanDownloader.Agent.NSW Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\task.vbs.vir"
sh=34B73971C4A79AB5C1722D23F95393A1D5017023 ft=1 fh=fcf2f12d9c53e3dc vn="Variante von Win64/SBWatchman.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ShopperPro\spbiu.exe.vir"
sh=6C436668B9C0B8A1230BAD440FD037ACC1489E1D ft=1 fh=a9d9ed7d9bb022e5 vn="Variante von Win64/SBWatchman.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\Common Files\ShopperPro\spbiw.sys.vir"
sh=A1C7950DDF7C24DCC704FE8085ACD2B914EC3570 ft=1 fh=cfc245c20f3a4a2e vn="Variante von MSIL/WebBar.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\WebBar\wbsvc.exe.vir"
sh=83BA16CEF8E2C683E260F1CF6993BB9C9F1AB201 ft=1 fh=6ce382800a196606 vn="Variante von MSIL/WebBar.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\WebBar\2.0.5749.22382\wb.exe.vir"
sh=C2250850C762FE24739907305DA11AE61C314769 ft=1 fh=2675aadff9d90db2 vn="Variante von Win32/Adware.ConvertAd.ACO Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\6827952B-1447876903-9E4F-BBAE-0EB800B541B2\hnsyE0EA.tmp.vir"
sh=F753E14F4617EB4BCD115CA3976FEB58017237A4 ft=1 fh=200419955817dffc vn="Variante von Win32/Adware.AdService.AU Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\6827952B-1447876903-9E4F-BBAE-0EB800B541B2\jnsoC9B6.tmp.vir"
sh=AE14BE22C864A401C69D90A021C16C4F52D8B4B4 ft=1 fh=bc313e9e80f2d120 vn="Variante von Win32/Adware.ConvertAd.YU Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\6827952B-1447876903-9E4F-BBAE-0EB800B541B2\knse7944.tmp.vir"
sh=69888A0AE25E3DC3F5AB6784A9AF70FC7199D12E ft=1 fh=457dc75eb179c55e vn="Variante von Win32/Adware.ConvertAd.ACY Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\6827952B-1447876903-9E4F-BBAE-0EB800B541B2\rnsy95A2.exe.vir"
sh=FA34D5B3B25B99F8FF0CC0BE7ED3951FEE1E2268 ft=1 fh=6eff28bedc423936 vn="Variante von Win32/Adware.ConvertAd.YU Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\6827952B-1447876903-9E4F-BBAE-0EB800B541B2\vnsa72FE.tmp.vir"
sh=2AC8EF4DF202466E0C0C4BE9C107D1C953C7FF04 ft=1 fh=d65645c18a1f02ca vn="Variante von Win32/Adware.ConvertAd.ACX Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\6827952B-1447877269-9E4F-BBAE-0EB800B541B2\vnss7F4.tmp.vir"
sh=9D58EDD72AB97076916D3FE1B06EA804C75FF923 ft=1 fh=69b77a999f66147c vn="Variante von Win32/BrowseFox.BZ evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\65ad47d7-2e27-4a5c-b238-26643fdaeb98\Updater.exe.vir"
sh=D5820513651D4FECEB8EAD2B70648DA3D60A3B9D ft=1 fh=8203b0acf6b19312 vn="Mehrere Bedrohungen (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DailyPcClean Support\DailyPCClean.exe.vir"
sh=C8A7D98642B93D3FA831A7CA8CC89351B17FC8FB ft=1 fh=918f3c9888df6b59 vn="Variante von Win32/Adware.EoRezo.BD Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DailyPcClean Support\predm.exe.vir"
sh=15A0D7D4A8E23956A43FF44FD58A0A0148B1DF5D ft=1 fh=987231428ab8d72e vn="Variante von Win32/Packed.Komodia.E verdächtige Datei (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Fast-Search\ACDLL.dll.vir"
sh=4BD0436652C4F8F5D1EED8C0EBAB9E0A0498B6CE ft=1 fh=12e09f08dd40b325 vn="Variante von Win64/Packed.Komodia.F verdächtige Datei (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Fast-Search\ACDLL64.dll.vir"
sh=0FF297E448DA0C106E698B13B9518646E0A534F6 ft=1 fh=c7726a97a93a509c vn="Variante von Win64/Packed.Komodia.D verdächtige Datei (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Fast-Search\ACDLL64.exe.vir"
sh=453099AC0A7BABB6C2787B28B62589503CA89C4D ft=1 fh=98007112b08cb092 vn="Variante von Win32/Packed.Komodia.E verdächtige Datei (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Fast-Search\acengine.dll.vir"
sh=A2C85835558C93A6AC275B4666CD5DE1B6F4D321 ft=1 fh=18be31f1a5e1a55f vn="Variante von Win32/Packed.Komodia.E verdächtige Datei (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Fast-Search\acengine.exe.vir"
sh=284065DBC8A4A4C45E88F60C65C18BD5248AFC6E ft=1 fh=6808cd5fc7e16db0 vn="Variante von Win64/Packed.Komodia.E verdächtige Datei (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Fast-Search\acengine64.dll.vir"
sh=F8432CA7DEB9FEAC0DFC62DBF08FF978E45A7CA9 ft=1 fh=33b97e93485bdb9d vn="Variante von Win32/Packed.Komodia.E verdächtige Datei (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Fast-Search\acenginecert.dll.vir"
sh=CF9FFBF76E7EBC62D4201447B31C766B86BEA629 ft=1 fh=d9c5579b3920b7a3 vn="Variante von Win32/FastSearch.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Fast-Search\acwfp.sys.vir"
sh=1E293A2F44604A2CAA4C93ED251E56EC6F6B25DC ft=1 fh=ceb87b2312e6e4f2 vn="Variante von Win32/FastSearch.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Fast-Search\acwfp64.sys.vir"
sh=EE5BCDA7E914942A99E054CC7DADF48ABB5B7C4D ft=1 fh=56f89b6ed1a10ea6 vn="NSIS/TrojanDownloader.Adload.BJ Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Fast-Search\gte3014.exe.vir"
sh=493C7AD985797FB2740956C3CE6A18E9A2830C18 ft=1 fh=d5b3b3a8d8b5ad65 vn="Variante von Win32/Packed.Komodia.F verdächtige Datei (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Fast-Search\lengine.exe.vir"
sh=DB5BFF3F27CD94BA75E48DA950FD49A961DE0931 ft=1 fh=9395a7ad8edcf2a9 vn="Variante von Win64/Packed.Komodia.D verdächtige Datei (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Fast-Search\lengine64.exe.vir"
sh=DD4605E26B48B7C231DBEBA5E8FAA91F33D21B2B ft=1 fh=bb1ffd2794ad6ec5 vn="Win32/AlteredSoftware.F evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\globalupdate.exe.vir"
sh=DD4605E26B48B7C231DBEBA5E8FAA91F33D21B2B ft=1 fh=bb1ffd2794ad6ec5 vn="Win32/AlteredSoftware.F evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdate.exe.vir"
sh=08976B0143D7A77694D2B3014053542C42F4774E ft=1 fh=67450ef68c8fc670 vn="Win32/AlteredSoftware.H evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateBroker.exe.vir"
sh=DD4605E26B48B7C231DBEBA5E8FAA91F33D21B2B ft=1 fh=bb1ffd2794ad6ec5 vn="Win32/AlteredSoftware.F evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateCrashHandler.exe.vir"
sh=FE3BD67B77BB38A3110091D17DE69012FAAD4FA6 ft=1 fh=67450ef6f68fd149 vn="Win32/AlteredSoftware.H evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\globalupdateOnDemand.exe.vir"
sh=3C0D9D3A966B1954FEAEAD3BE6358A2AB42385C4 ft=1 fh=c71c001178de99b1 vn="Variante von Win32/AlteredSoftware.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll.vir"
sh=82D74638B2FA71775B510F3C36D7138593EFDA47 ft=1 fh=e858233d4598588e vn="Variante von Win32/AlteredSoftware.J evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll.vir"
sh=7B023A2C73FBCB281999C13780C0561E366CE3EF ft=1 fh=c71c00119a74eb7c vn="Variante von Win32/AlteredSoftware.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll.vir"
sh=BD08E733D803A193E4FA4118A6D52BCD0FC98F81 ft=1 fh=c71c0011371aa7ff vn="Variante von Win32/AlteredSoftware.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll.vir"
sh=9AE1636DE7E3CB630B3A2C11E41C76BF0B716CCD ft=1 fh=c71c0011864645d3 vn="Variante von Win32/AlteredSoftware.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll.vir"
sh=6F24D6777B62FD9DD642ED2A2E1765AAB3699CCC ft=1 fh=c71c00117e115391 vn="Variante von Win32/AdWare.EoRezo.AU Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\gmsd_de_005010152\gamesdesktop_widget.exe.vir"
sh=86EB0FC6861CB81144983FA36C6F750D2BB36EC8 ft=1 fh=3fa6aa077dd51f06 vn="Variante von Win32/AdWare.EoRezo.AU Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\gmsd_de_005010152\gmsd_de_005010152.exe.vir"
sh=2F469319B6B7400BD8598255F0E1E4B8937EACA9 ft=1 fh=c046992d802788aa vn="Variante von Win32/Adware.EoRezo.BD Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\gmsd_de_005010152\predm.exe.vir"
sh=190FE8088073B9277754714A9D2067B463245DE6 ft=1 fh=bd7fc65e11f7a043 vn="Variante von Win32/Toptools.D evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\InstallHelper.exe.vir"
sh=7DBACAF85661237E207415ABF20F22E415E3F31A ft=1 fh=3cab6ecff28dd7c8 vn="Variante von Win32/Toptools.D evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\ScreenSnapshot.exe.vir"
sh=F76BD492C2BE6B3993EDBCCE104BD4AD3299DA04 ft=1 fh=b88de4f988e2633e vn="Variante von Win32/Adware.SpeedingUpMyPC.AE Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Super Optimizer\SuperOptimizer.exe.vir"
sh=915170DE95E5B5BDDEF121DC3786A5947FD0EB13 ft=1 fh=e1d114e3e5b9ce2f vn="Variante von Win32/Adware.SpeedingUpMyPC.AD Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Super Optimizer\SupOptGuard.exe.vir"
sh=FA6D17177D7735BA2B3ECC419A2C948228C985A2 ft=1 fh=d622c00b211e1ed7 vn="Variante von Win32/OptimizerPro.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Super Optimizer\SupOptHelper.dll.vir"
sh=940696A87199E8AB5A18E8C0B40E8F531AEC018D ft=1 fh=7b6799c82bec9d78 vn="Variante von Win32/Adware.SpeedingUpMyPC.AC Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Super Optimizer\SupOptLauncher.exe.vir"
sh=4354B3A5F242DF2E19D85E39BA96EC903EDEA5E5 ft=1 fh=f0e0e00bcad3b199 vn="Variante von Win32/Adware.SpeedingUpMyPC.AE Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Super Optimizer\SupOptReminder.exe.vir"
sh=DC9971FA8D63AE31A4544560F4EB5B7A42DE938F ft=1 fh=82e9d6e85e1f6de6 vn="Variante von Win32/Adware.SpeedingUpMyPC.AL Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Super Optimizer\SupOptSchedule.exe.vir"
sh=119AE3B8A8F5B8FF28AEDD8359D1286567E42433 ft=1 fh=c13b20213d657638 vn="Variante von Win32/Adware.SpeedingUpMyPC.AG Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Super Optimizer\SupOptSmartScan.exe.vir"
sh=11BF673D17A092671E2E8FE844516FA2408DF5AB ft=1 fh=84fa5d1c87e0ed15 vn="Variante von Win32/Adware.SpeedingUpMyPC.AG Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Super Optimizer\SupOptStart.exe.vir"
sh=4C34AEC7B16204872F4B5FFDD8E6DE46C93B7CD4 ft=1 fh=0600ec73a77033d5 vn="Variante von Win32/Adware.SpeedingUpMyPC.AQ Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Super Optimizer\SupOptUninstaller.exe.vir"
sh=4E865F75B552C978A6CFBC264FD8FFBFB7B305BC ft=1 fh=61e2493adad2e886 vn="Variante von Win32/Adware.Vitruvian.F Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SwiftSearch_1.10.0.25\Service\swsesrvc.exe.vir"
sh=B7F514A82B07032E16129083140F25D89398FD74 ft=1 fh=96c6141ca6afed26 vn="Variante von MSIL/Adware.Vitruvian.A Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SwiftSearch_1.10.0.25\Update\SwiftSearchAutoUpdateClient.exe.vir"
sh=62CE66E2F9C9F7E723D60274B9A5D11C2C068CD7 ft=1 fh=fce2b8c04801995b vn="Variante von Win32/SpeedBit.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\YTDownloader\YTDUninstall.exe.vir"
sh=03C1E619CB1DE9A78C6F972ED6EA94CFC216001C ft=1 fh=bc06547af2c337a6 vn="Variante von Win32/BrowseFox.AU evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\65ad47d7-2e27-4a5c-b238-26643fdaeb98\PluginContainer.exe.vir"
sh=BFA3646DE5561058FCAD375BD3D34D3EF8F34AA1 ft=1 fh=616c14ff31db9f37 vn="Variante von Win32/BrowseFox.BZ evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\65ad47d7-2e27-4a5c-b238-26643fdaeb98\plugins\10\Plugin.exe.vir"
sh=AA3F2BEC6330E5DFFCC7BD03A70EA705B16C725B ft=1 fh=4ca375c7a3efd453 vn="Variante von Win32/BrowseFox.BZ evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\65ad47d7-2e27-4a5c-b238-26643fdaeb98\plugins\12\Plugin.exe.vir"
sh=C67E861C7DC7C32F55AD0A60BD99EB6811F147D0 ft=1 fh=d47e1c80e6d3e9d4 vn="Variante von Win32/BrowseFox.CE evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\65ad47d7-2e27-4a5c-b238-26643fdaeb98\plugins\12\resources\plugin.dll.vir"
sh=088F61A45DE9D81C9218147847BCE66EB8D082F1 ft=1 fh=47ae0205bc67f7de vn="Variante von Win32/BrowseFox.BZ evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\65ad47d7-2e27-4a5c-b238-26643fdaeb98\plugins\2\Plugin.exe.vir"
sh=24C63C2F267FB9443BF006F590E781A7E68C4CA6 ft=1 fh=85c44b03ecbc595f vn="Variante von Win32/BrowseFox.BZ evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\65ad47d7-2e27-4a5c-b238-26643fdaeb98\plugins\3\Plugin.exe.vir"
sh=4CFB357EA0C356A95C6AACEB4C7A0EC35516253D ft=1 fh=b9e06303a5e55baf vn="Variante von Win32/BrowseFox.BZ evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\65ad47d7-2e27-4a5c-b238-26643fdaeb98\plugins\7\Plugin.exe.vir"
sh=6D1BB993BF076E1E068EC3ADF9D39358EADDA886 ft=1 fh=1205b1ae328486b4 vn="Variante von Win32/BrowseFox.CF evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\65ad47d7-2e27-4a5c-b238-26643fdaeb98\plugins\7\resources\38.0.5.dll.vir"
sh=63C4F2217B630D5DD00684EC9762E5C0295F11DE ft=1 fh=1c6994c9a6998448 vn="Variante von Win32/BrowseFox.CF evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\65ad47d7-2e27-4a5c-b238-26643fdaeb98\plugins\7\resources\39.0.0.dll.vir"
sh=5746E45C94900318E5B41F0A1DCD238D2549E1F5 ft=1 fh=d82eb1796be079b2 vn="Variante von Win32/BrowseFox.CF evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\65ad47d7-2e27-4a5c-b238-26643fdaeb98\plugins\7\resources\40.0.0.dll.vir"
sh=BA8124EDE7ADD336DAF1A7CC480B8FE6840DB0DA ft=1 fh=bc44c1a8a8d2987f vn="Variante von Win32/BrowseFox.BZ evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\65ad47d7-2e27-4a5c-b238-26643fdaeb98\plugins\8\Plugin.exe.vir"
sh=BB9E611890ADD2DC0832BDFC39D49E028D000236 ft=1 fh=4ecc6ff1deeb4336 vn="Variante von MSIL/Adware.PullUpdate.L.gen Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\Browser\prompt.exe.vir"
sh=D86DEB0A91E14790086D742623747B683EADF9E9 ft=1 fh=e78e2e8b02c8d9cf vn="Variante von Win32/Adware.CouponMarvel.R.gen Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\ProgramData\Service7609\Service7609.exe.vir"
sh=42E8FE0A5B546A7E84EC900D21B9C14F70B7C0B7 ft=1 fh=985d7e7327729162 vn="Variante von Win32/Adware.ConvertAd.ACA.gen Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Manuel\AppData\Local\6827952B-1447880573-9E4F-BBAE-0EB800B541B2\3485.tmp.vir"
sh=42E8FE0A5B546A7E84EC900D21B9C14F70B7C0B7 ft=1 fh=985d7e7327729162 vn="Variante von Win32/Adware.ConvertAd.ACA.gen Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Manuel\AppData\Local\6827952B-1447880573-9E4F-BBAE-0EB800B541B2\7233.tmp.vir"
sh=E2A1C0486FD371B58BE0CA88A2D77C738A4B4F0A ft=1 fh=c71c00113e53bd9c vn="Variante von Win32/Adware.ConvertAd.PD Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Manuel\AppData\Local\6827952B-1447880573-9E4F-BBAE-0EB800B541B2\onsy9298.tmp.vir"
sh=69888A0AE25E3DC3F5AB6784A9AF70FC7199D12E ft=1 fh=457dc75eb179c55e vn="Variante von Win32/Adware.ConvertAd.ACY Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Manuel\AppData\Local\6827952B-1447880573-9E4F-BBAE-0EB800B541B2\rnsy9297.exe.vir"
sh=16A5EEE70F760809ADA5ADCECA56E3970423B8BB ft=1 fh=c71c0011535b3e4a vn="Variante von Win32/Adware.ConvertAd.ACK Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Manuel\AppData\Local\6827952B-1447880573-9E4F-BBAE-0EB800B541B2\snsy9296.tmp.vir"
sh=36BD4070AA2C4D2F5B7EE41D0BBD49417209D930 ft=1 fh=c71c0011f9d074ff vn="Variante von Win32/Adware.ConvertAd.ABO Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Manuel\AppData\Local\6827952B-1448113562-9E4F-BBAE-0EB800B541B2\qnsm2892.tmp.vir"
sh=F69612A85E6BFAA90CD2F822F8B6A7C01BA8AE87 ft=1 fh=c499b9b0b2d426ff vn="Variante von Win32/Goobzo.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Manuel\AppData\Local\DeskBar\dblaunch.exe.vir"
sh=248ED25FE33BF8B39DC9FDEE3E269F6AC9F58EC2 ft=1 fh=9357669267aa30d9 vn="Variante von MSIL/Goobzo.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Manuel\AppData\Local\DeskBar\2.7.5.1765\DeskBar.exe.vir"
sh=D3D974214776624B1071CF607D4C94A9D3AA662E ft=1 fh=b98d83b2def4d7ce vn="Variante von Win32/Adware.EoRezo.AJ Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Manuel\AppData\Local\gmsd_de_005010152\upgmsd_de_005010152.exe.vir"
sh=A55E54E5A5E4A2D329A000D4BAD64B87E20E0EB3 ft=1 fh=babc611b549c9952 vn="Mehrere Bedrohungen (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Manuel\AppData\Local\gmsd_de_005010152\Download\myoffergroup_de.exe.vir"
sh=6142578CD21CF27FD3C1B3A4F0626DE9FC6DF275 ft=1 fh=a0b7e9a9340cf144 vn="Variante von Win32/PriceGong.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Manuel\AppData\Local\SmartWeb\SmartWebApp.exe.vir"
sh=AA2BA9D6607589A3C93D1C760E3512EC8E61F968 ft=1 fh=f770637cdb111250 vn="Win32/PriceGong.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Manuel\AppData\Local\SmartWeb\SmartWebHelper.exe.vir"
sh=080016256C564232771ED8D6EFFC94ECAECAD316 ft=1 fh=bfc1d533ef10baf8 vn="Variante von Win32/PriceGong.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Manuel\AppData\Local\SmartWeb\swhk.dll.vir"
sh=32BE00C9B8BD83BF621E433EC87DE21B08F82098 ft=1 fh=a4fbdca8e8e73dc7 vn="Variante von Win32/PriceGong.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Manuel\AppData\Local\SmartWeb\__u.exe.vir"
sh=1CFAB80FCEAD07CBD6D888AC98426195424266E1 ft=0 fh=0000000000000000 vn="VBS/TrojanDownloader.Agent.NSW Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Manuel\AppData\Local\Temp\task.vbs.vir"
sh=A2690E49E815CD7AD56DB4D2FB74EFBE59E49395 ft=1 fh=719d75498d7bf806 vn="Variante von Win32/ELEX.FK evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Manuel\AppData\Roaming\istartpageing\Uninstall.exe.vir"
sh=11270AD764DE76ED2778AA39C6ADA0137F194715 ft=1 fh=fe07bc873bff4d71 vn="Win32/BrowseFox.CC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Manuel\AppData\Roaming\RPEng\5E7BF31FF4B14D2380B6E026EB9A1226\setup.exe.vir"
sh=FEA20920B0036C211331D290EB8BF4F5F16EBAB0 ft=1 fh=1c420a88d3c75076 vn="Win32/BrowseFox.CC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Manuel\AppData\Roaming\RPEng\DB3DE698CA1B4A7B9B05A24CEE2D4413\setup.exe.vir"
sh=12EB0AF500FEF297E77346508080D2794112E72B ft=1 fh=a6caf9f715c69e75 vn="Variante von Win32/RiskWare.Astori.C Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Manuel\AppData\Roaming\SpeedMon\speedmon.exe.vir"
sh=284065DBC8A4A4C45E88F60C65C18BD5248AFC6E ft=1 fh=6808cd5fc7e16db0 vn="Variante von Win64/Packed.Komodia.E verdächtige Datei (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\WINDOWS\SysNative\acengine64.dll.vir"
sh=1E293A2F44604A2CAA4C93ED251E56EC6F6B25DC ft=1 fh=ceb87b2312e6e4f2 vn="Variante von Win32/FastSearch.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\WINDOWS\SysNative\drivers\acwfp64.sys.vir"
sh=453099AC0A7BABB6C2787B28B62589503CA89C4D ft=1 fh=98007112b08cb092 vn="Variante von Win32/Packed.Komodia.E verdächtige Datei (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\WINDOWS\SysWOW64\acengine.dll.vir"
sh=985B701D6F7A86E52CFD0FFAAF917A7079EBC121 ft=1 fh=465e3f46c8264c01 vn="Variante von Win32/Verti.S evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Microsoft\Windows\INetCache\IE\E9BZA47U\1446844660_cbsetup[1].pkg"
sh=7E56721B1F3C32BEE4E6143FD0A1CAC652EB088D ft=1 fh=ef7dadf7b81ca0f7 vn="Win32/Amonetize.MB evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Microsoft\Windows\INetCache\IE\E9BZA47U\Bundle_YTDownloader[1].exe"
sh=504FB0C9D4BCDB5A26A80F08F92D5E4169243B15 ft=1 fh=c7900a4dec9db414 vn="Variante von Win32/Adware.ConvertAd.ABO Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Microsoft\Windows\INetCache\IE\JRVNCQK6\cuIiJGQ2[1]"
sh=27067F07FF851C4DFE931D284CAA8D0443A4A30C ft=1 fh=b4cf3f5571b20b28 vn="Variante von Win32/Adware.ConvertAd.ACA.gen Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Microsoft\Windows\INetCache\IE\JRVNCQK6\lZYLxJDt5[1]"
sh=90E53E50CDFC7C6931B14A10504B250466143476 ft=1 fh=f2b98cd82991a8e1 vn="Mehrere Bedrohungen (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Microsoft\Windows\INetCache\IE\JRVNCQK6\offer_7948[1].exe"
sh=4A8DFE9790209B4EB4247F6D986AD49691A012F4 ft=1 fh=ea11139a619e3959 vn="Win32/Verti.L evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Microsoft\Windows\INetCache\IE\JRVNCQK6\RapidMediaConverterSetup[1].exe"
sh=435B996D0CE53A287962416183D475F85B48C21D ft=1 fh=584a01bc15156631 vn="Variante von MSIL/Adware.Imali.C Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Microsoft\Windows\INetCache\IE\JRVNCQK6\SilentInstaller_dotnet4[1].exe"
sh=3705670AF8CD8741D870A62B421EC5696A97BEFC ft=1 fh=097437150c7024d4 vn="Variante von Win32/PriceGong.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Microsoft\Windows\INetCache\IE\JRVNCQK6\SmartWebInstaller[2].exe"
sh=0FE62FAFB2F615ED5A0C44937D907D129B03E9AC ft=1 fh=bfe068f720b8cac8 vn="Variante von Win32/Amonetize.ET evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Microsoft\Windows\INetCache\IE\L3WTTJTP\Bundle[1].exe"
sh=9F650F399F426203134E0ED53BF37F438E8230BD ft=1 fh=2ea14636b02cec86 vn="Variante von MSIL/Adware.Imali.C Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Microsoft\Windows\INetCache\IE\L3WTTJTP\FinalInstaller_dotnet4[1].exe"
sh=E7F2C48FF6A3D3AD598CD206FC2BBD37F03C8EF3 ft=1 fh=40354226a12cbc67 vn="Variante von Win32/Adware.Imali.E Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Microsoft\Windows\INetCache\IE\L3WTTJTP\prepreinstaller_win[1].exe"
sh=E5A8FA6169C7195369F39DC49676AAC100D24807 ft=1 fh=6a4bfd5fd08dd2fa vn="Variante von Win32/Adware.Imali.E Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Microsoft\Windows\INetCache\IE\L3WTTJTP\setup_362[1].exe"
sh=55211CD3AC08A1AC7AF048915B3794883D41C845 ft=1 fh=c6af81cc096e9c55 vn="Variante von MSIL/WebBar.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Microsoft\Windows\INetCache\IE\L3WTTJTP\Web_Bar_Setup_is2[1].exe"
sh=A2C6421AECF422CB45976E00396ED15AD30C583F ft=1 fh=e8fa94d7bdec1ece vn="Variante von Win32/Adware.EoRezo.BD Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Microsoft\Windows\INetCache\IE\Q08V2KM2\setup_gmsd_de[1].exe"
sh=CB7EE27E4B81ECB2117F6EA8D8F531DA0A6161E8 ft=1 fh=8adc3d3112045fc7 vn="Mehrere Bedrohungen (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Microsoft\Windows\INetCache\IE\Q08V2KM2\swse-setup-1.10.0.25[1].exe"
sh=7BEBA22FD82013B1E783CB9010E6CC090C7D3211 ft=1 fh=8a4438234043e8d6 vn="MSIL/MyPCBackup.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\BackupSetup.exe"
sh=43439FAA7659C2B3C058920B88662B1BE3A40B0E ft=1 fh=e43679f47264cfb1 vn="Variante von Win32/Adware.EoRezo.BD Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\nsa4E29.tmp"
sh=42E8FE0A5B546A7E84EC900D21B9C14F70B7C0B7 ft=1 fh=985d7e7327729162 vn="Variante von Win32/Adware.ConvertAd.ACA.gen Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\nsb913C.tmp"
sh=42E8FE0A5B546A7E84EC900D21B9C14F70B7C0B7 ft=1 fh=985d7e7327729162 vn="Variante von Win32/Adware.ConvertAd.ACA.gen Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\nshA429.tmp"
sh=43439FAA7659C2B3C058920B88662B1BE3A40B0E ft=1 fh=e43679f47264cfb1 vn="Variante von Win32/Adware.EoRezo.BD Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\nsi921.tmp"
sh=43439FAA7659C2B3C058920B88662B1BE3A40B0E ft=1 fh=e43679f47264cfb1 vn="Variante von Win32/Adware.EoRezo.BD Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\nslDB97.tmp"
sh=43439FAA7659C2B3C058920B88662B1BE3A40B0E ft=1 fh=e43679f47264cfb1 vn="Variante von Win32/Adware.EoRezo.BD Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\nsm1297.tmp"
sh=DA5144AB7755AED57F3164040CA0E1293C9A7B82 ft=1 fh=6273cb63055079ab vn="Variante von Win32/Adware.EoRezo.BD Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\nso2EC5.tmp"
sh=A2C6421AECF422CB45976E00396ED15AD30C583F ft=1 fh=e8fa94d7bdec1ece vn="Variante von Win32/Adware.EoRezo.BD Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\nsu4936.tmp"
sh=DA5144AB7755AED57F3164040CA0E1293C9A7B82 ft=1 fh=6273cb63055079ab vn="Variante von Win32/Adware.EoRezo.BD Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\nsv8CA1.tmp"
sh=09F41FCF5FBDE5D8325B0CE423A93F12D3235B42 ft=1 fh=118f8ff7a6faa7de vn="Variante von Win32/SpeedBit.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\tu17p84.exe"
sh=8F5659630351945FF5F0CF3434394688727021B1 ft=1 fh=e43679f4ef670966 vn="Variante von Win32/Adware.EoRezo.BD Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\81447880227\1QVdFL1BTSQ==1.exe"
sh=C63CEC5E4B00AB0C3926C726DD3A3C86B29FEAC1 ft=1 fh=05239139e436fa8f vn="Variante von Win32/Adware.ConvertAd.YU Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\81447880227\1QVdFL1BTSQ==2.exe"
sh=8DDFC8B455E7332921BCF33A451F11BE371D5ACB ft=1 fh=68e299d34329ac97 vn="Variante von MSIL/Amonetize.AC.gen evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\81447880227\1QVdFL1BTSQ==5.exe"
sh=ED14011AB36160F331F3EEA438123098646A74BD ft=1 fh=2554ecc335c3987c vn="Variante von Win32/Clonium.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\ClaraDwl\e3303319-c48b-4f82-b0c9-dc3dacf1d8f1.exe"
sh=5B5EA2F5CEC496F99D245A68C884C09F5849E037 ft=1 fh=038fab3ea954bf64 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\DMR\dmr_72.exe"
sh=2AC8EF4DF202466E0C0C4BE9C107D1C953C7FF04 ft=1 fh=d65645c18a1f02ca vn="Variante von Win32/Adware.ConvertAd.ACX Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\adv_64.exe"
sh=35FAFB84026E16225484C1E798CF6882ECBBDB1C ft=1 fh=9e6f1b40b7fc4f04 vn="Variante von Win32/SpeedBit.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\Install_16234\ins_ytd.exe"
sh=35FAFB84026E16225484C1E798CF6882ECBBDB1C ft=1 fh=9e6f1b40b7fc4f04 vn="Variante von Win32/SpeedBit.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\Install_27566\ins_ytd.exe"
sh=35FAFB84026E16225484C1E798CF6882ECBBDB1C ft=1 fh=9e6f1b40b7fc4f04 vn="Variante von Win32/SpeedBit.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\Install_2828\ins_ytd.exe"
sh=35FAFB84026E16225484C1E798CF6882ECBBDB1C ft=1 fh=9e6f1b40b7fc4f04 vn="Variante von Win32/SpeedBit.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\Install_379\ins_ytd.exe"
sh=35FAFB84026E16225484C1E798CF6882ECBBDB1C ft=1 fh=9e6f1b40b7fc4f04 vn="Variante von Win32/SpeedBit.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\Install_4005\ins_ytd.exe"
sh=56CD50D9B5448BF8810CF0A83CE8D1CC7759C3D6 ft=1 fh=bd3a0c25188cd517 vn="Variante von Generik.CAZLMES Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\is-089C7.tmp\ytdkietut_tutdk_inst.exe"
sh=404FF38C652D49CC837A43C2B345D8B2FA21AF4E ft=1 fh=9776102dea5d23ff vn="Variante von Win32/Adware.AdInstaller.E Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\is-58P14.tmp\SuperGreat_soft_partner.exe"
sh=71CDA9F1051633CCD93D1E9DF637582887690D2D ft=1 fh=c71c0011d9fb1ebe vn="Variante von Win32/AdWare.EoRezo.AU Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\is-BR3UP.tmp\gamesdesktop_widget.exe"
sh=5C58ECEA5738ED40307F922737E9CD46D421A189 ft=1 fh=87ee0ca201b9906b vn="Variante von Win32/Adware.EoRezo.AJ Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\is-BR3UP.tmp\upgmsd_de_005010150.exe"
sh=56CD50D9B5448BF8810CF0A83CE8D1CC7759C3D6 ft=1 fh=bd3a0c25188cd517 vn="Variante von Generik.CAZLMES Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\is-PVNC0.tmp\ytdkietut_tutdk_inst.exe"
sh=47F3AE9C3347AF8C117763F1D403011D6756F2DA ft=1 fh=c71c0011671a9ce3 vn="Variante von Win32/SBWatchman.E evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\nsu944E.tmp\setup.exe"
sh=B938F3C9E507D8EB6788095BBE0015E1E62F296A ft=1 fh=c71c0011f6671c26 vn="Variante von Win32/SpeedBit.K evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\nsuC49C.tmp\AccDownload.dll"
sh=C195AD6EB16378F31074A065CF02D102F8FCE2B3 ft=1 fh=c71c00118bd3be03 vn="Variante von Win32/ShopperPro.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\Users\Manuel\AppData\Local\Temp\nsuC49C.tmp\jsdrv.exe"
sh=42E8FE0A5B546A7E84EC900D21B9C14F70B7C0B7 ft=1 fh=985d7e7327729162 vn="Variante von Win32/Adware.ConvertAd.ACA.gen Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows.old\WINDOWS\Temp\F9D.tmp"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b8a305b59bd3fd4abc1f3346b7425cbe
# end=init
# utc_time=2015-12-04 05:39:45
# local_time=2015-12-04 06:39:45 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT

deeprybka 04.12.2015 23:11
Naja, mit Anweisungen lesen hast es wohl nicht so. Was gibts denn jetzt noch für Probleme?

Manuel476 05.12.2015 16:30
Ne ich glaub nicht ;)
Glaub das alles in Ordnung ist.
Vielen Dank!

deeprybka 05.12.2015 16:31
Bitte nochmal frische Logs:

Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Manuel476 05.12.2015 17:45
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-12-2015
durchgeführt von Manuel (2015-12-05 17:42:27)
Gestartet von C:\Users\Manuel\Downloads
Windows 10 Home (X64) (2015-12-04 05:35:20)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1273145720-561992726-3298081300-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1273145720-561992726-3298081300-503 - Limited - Disabled)
Gast (S-1-5-21-1273145720-561992726-3298081300-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1273145720-561992726-3298081300-1003 - Limited - Enabled)
Manuel (S-1-5-21-1273145720-561992726-3298081300-1001 - Administrator - Enabled) => C:\Users\Manuel

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2002.1 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Acer Incorporated)
Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.00.3007 - Acer Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.103.2020.202 - Alps Electric)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{1B906F85-EA56-5379-F10B-1BA6530240DC}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.2 - AppEx Networks)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
calibre 64bit (HKLM\...\{A80512D3-A72D-4DAF-B7DF-3804F9FAB1CE}) (Version: 2.44.1 - Kovid Goyal)
Canon iP4300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300) (Version: - )
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.0.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.0.0 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.2.8 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.14.0.0 - Canon Inc.)
ClipGrab 3.5.5 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version: - Philipp Schmieder Medien)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.3.2.2 - Dolby Laboratories Inc)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.4 - Ellora Assets Corporation)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.73 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Acer Incorporated)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Melody Assistant (HKLM-x32\...\Melody Assistant) (Version: 7.6.3i - Myriad SARL)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
MIDI Pianist 1.30 (HKLM-x32\...\{2669B2D8-3420-4930-AA5A-D70C0726D46F}) (Version: - Guenther Goerg)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Norton Online Backup (HKLM-x32\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.8.0.44 - Symantec Corporation)
Norton Online Backup (x32 Version: 4.5.0.9 - Symantec Corporation) Hidden
OEM Application Profile (HKLM-x32\...\{276FD4A2-030F-8A24-7DFE-9B1384131BCD}) (Version: 1.00.0000 - Ihr Firmenname)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 33.0.1990.113 (HKLM-x32\...\Opera 33.0.1990.113) (Version: 33.0.1990.113 - Opera Software)
Perfect Effects Free 9 (HKLM-x32\...\Perfect Effects Free 9) (Version: 9.5.0 - on1)
PhotoFiltre 7 (HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\PhotoFiltre 7) (Version: - )
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version: - )
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.10.0 - Synaptics Incorporated)
Synthesia (HKLM-x32\...\Synthesia) (Version: 10.2 - Synthesia LLC)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.353 - TuneUp Software) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Web Companion (HKLM-x32\...\{dad73a7c-3d7f-4194-89d9-92714902acbb}) (Version: 2.1.1199.2443 - Lavasoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
XW-DJ1 v2.26.0 (HKLM-x32\...\XW-DJ1 v2.26.0) (Version: 2.26.0 - Casio)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1273145720-561992726-3298081300-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Manuel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\FileCoAuth.exe (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

05-12-2015 06:43:35 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2015-09-05 18:58 - 00000856 ____A C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.1 mssplus.mcafee.com

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0583DAA9-8CCD-4611-847D-229A256D908D} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {0EB7BC5A-6A35-4529-B30B-8E6255C4F704} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-10] (Adobe Systems Incorporated)
Task: {1044DF59-7DF2-49DE-806C-F242CE7B4B58} - System32\Tasks\{D6F067B6-DC67-4EA0-BCBB-5CF0DD427DBE} => pcalua.exe -a "C:\Program Files (x86)\OLBPre\updater\updater.exe" -c -uninstall="MyPC Backup "
Task: {18188656-F548-43A4-BEF7-0892D9B112EC} - System32\Tasks\{E49DE93D-3C2D-4E1A-A749-025F78238EEF} => pcalua.exe -a "C:\Program Files\WNEn\WWE_uninstall.exe"
Task: {1EBF23DF-21FC-4DD8-B731-817F8B77EE58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {1F30D7A3-F649-4211-9326-A685814F8AF0} - System32\Tasks\gte3014 => C:\PROGRA~2\FAST-S~1\gte3014.exe <==== ACHTUNG
Task: {29D1A7C4-8C65-49DF-AF57-6492251C2E27} - \Start Driver Reviver Schedule -> Keine Datei <==== ACHTUNG
Task: {36C6E7DD-4572-422D-A9A1-D345574869D6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {3BD8A3C6-9448-456D-924A-F36F112B9582} - \Form Bus -> Keine Datei <==== ACHTUNG
Task: {3FE981C1-B198-4003-AA79-5C42D0C6E090} - System32\Tasks\Kinafaeheufok => C:\ProgramData\Kinafaeheufok\1.0.6.1\imeibauk.exe
Task: {51B4A8C0-A606-4CA5-9A68-7FE931D5FFE6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {711B438A-7FA4-418A-A5C7-58D79E27A7CE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {77AE1EF2-3FC9-4126-8A73-E69DBE956A86} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated)
Task: {784FED1A-E1BE-4025-9189-74AF98C450CE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-13] (Microsoft Corporation)
Task: {8CB1EEEB-F046-4445-9B67-ED3EB58CC2F2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {955D0AAF-8ADF-428C-8D3A-67B003C6F6A9} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {9D0C96A7-64B7-40D4-96CD-D5C28A91391E} - System32\Tasks\Opera scheduled Autoupdate 1448721735 => C:\Program Files (x86)\Opera\launcher.exe [2015-11-16] (Opera Software)
Task: {9D1B6A36-A029-4B78-A226-A78B1E354BC6} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate)
Task: {9DF2F485-CE47-4201-9809-14EB8207E70A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {A69CB606-0D34-4F3E-B7F4-2F05B9F76B07} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {AB467F6A-1B52-42C7-BF58-0690CB40EF27} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {AE6CA2EE-3ADB-43F5-98B0-6D75686607BB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {CD2B74C1-B603-42A2-A6F4-8744262795F2} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated)
Task: {CEE41AE5-AB08-4134-9C32-C05C715C3C93} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CF4654BB-0740-4BC8-877C-D68E7137BEE3} - System32\Tasks\Dolby Selector => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {DA0CE66D-8A3C-42D1-BE38-9FA352195A2A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {DAFE209B-C28F-490E-82C4-87125500905A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {DB43CDAD-1D7A-49E7-85A6-B117A6662845} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe [2013-08-07] (Symantec Corporation)
Task: {E48832EA-24FA-4EB2-B6C3-28740C5C7D92} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {E63F2B99-274B-4014-A1A9-E989BBFA6B28} - System32\Tasks\qPHwMWksY9eT0WjIbKxar => C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar.exe <==== ACHTUNG
Task: {EDEF0AE6-833E-44B5-B124-BB4510DB0639} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {F4B3E856-1B33-43DD-B604-16F4F3117964} - \Start Driver Reviver Update -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\qPHwMWksY9eT0WjIbKxar.job => C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar.exe <==== ACHTUNG

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-08-21 22:09 - 2015-08-21 22:09 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-10-30 08:17 - 2015-10-30 08:17 - 02652784 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-30 08:17 - 2015-10-30 08:17 - 02652784 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-02-23 13:29 - 2013-07-30 18:11 - 00110152 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-12-04 09:45 - 2015-12-04 09:45 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-10-30 08:17 - 2015-10-30 08:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-10-30 08:17 - 2015-10-30 08:17 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-30 08:18 - 2015-10-30 19:44 - 08005632 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-30 08:18 - 2015-10-30 19:44 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-30 08:18 - 2015-10-30 19:44 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-30 08:18 - 2015-10-30 19:44 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-26 18:25 - 2014-12-10 17:35 - 00323584 _____ () C:\Program Files\Casio\XW-DJ1\CasioCplApp.exe
2015-05-26 13:59 - 2015-02-10 14:08 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2015-08-21 22:09 - 2015-08-21 22:09 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-12-02 23:05 - 2015-11-24 19:12 - 01971528 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\libglesv2.dll
2015-12-02 23:05 - 2015-11-24 19:12 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\libegl.dll
2015-12-02 23:05 - 2015-11-24 19:13 - 28864328 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.73\PepperFlash\pepflashplayer.dll
2015-12-04 09:45 - 2015-12-04 09:45 - 00152064 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2015-12-04 09:45 - 2015-12-04 09:45 - 18906624 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-11-26 18:25 - 2014-12-10 17:35 - 00196608 _____ () C:\Program Files\Casio\XW-DJ1\casioxwdj1api.dll
2015-05-26 13:59 - 2015-02-18 13:11 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1273145720-561992726-3298081300-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Manuel\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Fotogalerie-Hintergrundbild.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{ABC17DEB-AFF0-4233-AF53-6FDD0E9181F2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{6BED0674-75D7-4D26-B041-CD9C980D7162}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe
FirewallRules: [TCP Query User{ED9AFED8-CF80-4DBC-A58B-5C4D323B0CFC}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe
FirewallRules: [UDP Query User{CCB92935-EBEB-461C-8318-99F6926D6441}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe
FirewallRules: [TCP Query User{4FD7E02F-FEAC-42C3-9598-06B35A774BA8}C:\windows\syswow64\rundll32.exe] => (Block) C:\windows\syswow64\rundll32.exe
FirewallRules: [UDP Query User{CAD18D84-2CC4-4E09-8549-3C31A25BBD59}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [TCP Query User{9C82D168-C2BA-4248-8902-9B0170A05383}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe
FirewallRules: [UDP Query User{D2DC7C77-59C7-4282-9D61-316E741AF736}C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe] => (Allow) C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe
FirewallRules: [TCP Query User{887129DB-E03C-491D-8843-72B13F8C676A}C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe] => (Allow) C:\program files\onone software\perfect effects free 9\perfect effects free 9.exe
FirewallRules: [{4B2A7357-FF55-4CB8-B363-F977294B82AB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{E6D550E0-AC2A-46ED-9255-24E868F9D04B}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{C1C89701-7265-4208-A7B4-1C15652609AF}] => (Allow) LPort=1900
FirewallRules: [{BAD26974-E6DB-473E-8DB7-1D75F7BAE82F}] => (Allow) LPort=2869
FirewallRules: [{FBE49B43-8402-4BAB-A26F-AB80964B8523}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{4876EEAD-F807-48A3-B931-B99EFEB302D7}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{64D7479C-3C3C-4D42-A27B-E15F15E7B548}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{B95B132A-2E53-4833-99D9-0B7D9C47F2E1}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{31AB3515-7EA3-4C0F-BA6D-F709FC49863F}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{D07F9650-EAF0-40D0-9B4F-B9BF26A5390D}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{B63C3024-2751-4470-8F44-D6C3C682E6EA}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{22517AD3-B5AC-4DF5-BD42-771B5D3DB22C}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{72C7FCF0-AE51-4DDC-93A8-7F9D1E0FC9E3}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{EA4BB18B-DF91-41D8-8C6F-23B4A8D6A1E8}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{0C61735D-2E4F-42BD-A6AF-34168991A9A6}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{502E2D48-C599-436A-89EC-1AC7890CEF1E}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{3002CEB4-0180-4633-AD68-9D0D1A2F857C}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{25EA8523-99EA-4160-9CC6-C6AC0FC70FA7}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{BAB6188B-70A1-46B7-AAAC-CC17A0037049}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{65BCBAF9-613D-4FCF-9159-7E1894477D2C}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{F751B177-0B59-46C0-B378-D127FCF67393}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{43C31AA2-A188-4931-85A4-80DE8558C461}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F402FD03-8938-4B89-9814-7E0BE2C4964A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{9D07CA7C-3832-480E-96EB-FDDCE51DF2C5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{66E3D7ED-0B30-441D-AD61-3C4DAE82D85C}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{10962F37-9BF2-4030-AD47-05FF9B3BC135}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{9A886F88-FFB5-4C39-BB45-657A9A317E54}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{ED3E4370-5A57-498C-B383-CC0FBFF2B571}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{8F1DE802-D847-4253-9317-02BA5FDD1AD4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{36C9CF3D-D297-47BC-9673-8A3F2E4DB7EE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{CE4A058D-5763-415E-9908-77C90EDEA8CD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{ECE2B27C-57C5-4F28-8CEE-BD30883B8FC0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{59975B08-6428-460A-B33F-FC3518CB26C8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{989EE3D5-D5AE-456E-AEE6-CCD6E3339443}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{60D27AC3-4C34-4F8A-838B-C65ABC0A374F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{54E5EC12-7730-447F-B0CF-58F99411340C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3CC5D384-DE4E-4A6F-B517-0FA83A563D33}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{027F6AD4-BADA-4A00-8ED3-B1B9F620A73A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{3CD89CEB-9AB7-4D45-B8FE-441FD86468A1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0CD5F393-7DC8-4FBD-8CF4-0CF5E472E1A3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{7F2C0592-4451-4A03-A63D-782668F6E868}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{5ADA1914-E9E0-4155-AE4D-1CE70DE11AA7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{44B08DA1-B9F4-44D9-AF38-59BB8FD79547}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{FB4F2C30-F7EF-4D02-B146-9DD40930C9DF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3C91E43C-2F3B-488F-B927-79BDE08FFE46}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/05/2015 06:43:58 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (12/04/2015 07:14:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/04/2015 07:14:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/04/2015 06:42:03 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/04/2015 06:40:30 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/04/2015 06:39:39 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/04/2015 06:39:37 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/04/2015 06:39:34 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/04/2015 06:34:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (12/04/2015 03:19:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.


Systemfehler:
=============
Error: (12/05/2015 03:17:41 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (12/05/2015 03:10:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/05/2015 02:38:16 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (12/05/2015 02:13:33 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/05/2015 12:15:35 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (12/05/2015 06:32:24 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (12/04/2015 09:44:46 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (12/04/2015 07:24:15 PM) (Source: DCOM) (EventID: 10016) (User: Manu)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}ManuManuelS-1-5-21-1273145720-561992726-3298081300-1001LocalHost (unter Verwendung von LRPC)Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157

Error: (12/04/2015 07:13:04 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (12/04/2015 07:08:09 PM) (Source: DCOM) (EventID: 10010) (User: Manu)
Description: {0002DF02-0000-0000-C000-000000000046}


CodeIntegrity:
===================================
Date: 2015-12-05 12:15:41.476
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-12-05 07:02:50.873
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-12-05 07:02:50.816
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-12-05 07:02:50.735
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-12-05 07:02:50.157
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-12-05 07:02:49.047
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-12-05 07:02:48.916
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-12-05 07:02:48.626
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-12-05 07:02:48.575
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-12-05 07:02:48.362
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: AMD A10-5757M APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 69%
Installierter physikalischer RAM: 5578.27 MB
Verfügbarer physikalischer RAM: 1725.25 MB
Summe virtueller Speicher: 7178.27 MB
Verfügbarer virtueller Speicher: 1473.48 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:446.8 GB) (Free:358.54 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5B2447D6)

Partition: GPT.

==================== Ende von Addition.txt ============================
FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
durchgeführt von Manuel (Administrator) auf MANU (05-12-2015 17:40:30)
Gestartet von C:\Users\Manuel\Downloads
Geladene Profile: Manuel (Verfügbare Profile: Manuel)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\Casio\XW-DJ1\CasioCplApp.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Farbar) C:\Users\Manuel\Downloads\FRST64 (3).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648 2015-06-12] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Casio Control Panel Autostart.lnk [2015-11-26]
ShortcutTarget: Casio Control Panel Autostart.lnk -> C:\Program Files\Casio\XW-DJ1\CasioCplApp.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2015-11-22]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 0.0.0.1        mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{8d538c83-dc46-4aef-84b9-eff1c3096ba4}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930216073929093&GUID=05B5E2C7-6E6C-AA0A-4F3F-7F47FE4E0B66
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930216073945408&GUID=05B5E2C7-6E6C-AA0A-4F3F-7F47FE4E0B66
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-1273145720-561992726-3298081300-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default
FF SelectedSearchEngine: Bing®
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Extension: Outrageous Deal - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\Extensions\{9f151910-c7b7-4060-98b3-333fd4cbc434}.xpi [2015-11-26] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-27]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\!70ACDE8C77C274EF19CEF2F3A8DE5D6270AC.js [2015-11-18]

Chrome:
=======
CHR NewTab: Default -> "chrome-extension://akhmefomaihbclfehodbdmoaeoodjjdo/newtab/newtab-hp.html"
CHR Profile: C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-02]
CHR Extension: (Easy Screenshot) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\akhmefomaihbclfehodbdmoaeoodjjdo [2015-12-04]
CHR Extension: (Google Docs) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-02]
CHR Extension: (Google Drive) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-02]
CHR Extension: (YouTube) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-02]
CHR Extension: (Google Search) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-02]
CHR Extension: (Google Sheets) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-02]
CHR Extension: (SiteAdvisor) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-12-02]
CHR Extension: (Google Docs Offline) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-02]
CHR Extension: (Gmail) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-04-24] (Freemake) [Datei ist nicht signiert]
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2015-11-25] (Lavasoft Limited)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-06-12] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [42184 2015-06-12] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-05 17:38 - 2015-12-05 17:39 - 02369024 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64 (3).exe
2015-12-05 17:38 - 2015-12-05 17:38 - 02369024 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64 (4).exe
2015-12-05 13:28 - 2015-12-05 13:28 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-04 09:09 - 2015-12-04 09:09 - 00002395 _____ C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-04 09:07 - 2015-12-04 09:07 - 00000000 ____D C:\ProgramData\ATI
2015-12-04 09:05 - 2015-12-04 09:05 - 00000000 ____D C:\Users\Manuel\AppData\Local\ActiveSync
2015-12-04 09:02 - 2015-12-04 09:02 - 00000020 ___SH C:\Users\Manuel\ntuser.ini
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-12-04 06:24 - 2015-12-04 19:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-04 06:13 - 2015-12-04 06:13 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2015-12-04 06:08 - 2015-12-04 06:15 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-12-04 06:06 - 2015-12-04 19:09 - 00000000 ____D C:\Users\Manuel
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Vorlagen
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Startmenü
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Netzwerkumgebung
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Lokale Einstellungen
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Eigene Dateien
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Druckumgebung
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Documents\Eigene Videos
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Documents\Eigene Musik
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Documents\Eigene Bilder
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\AppData\Local\Verlauf
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\AppData\Local\Anwendungsdaten
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Anwendungsdaten
2015-12-04 06:02 - 2015-12-04 06:09 - 00000000 ____D C:\ProgramData\AMD
2015-12-04 06:02 - 2015-12-04 06:02 - 00646947 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2015-12-04 06:02 - 2015-12-04 06:02 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-12-04 06:02 - 2015-12-04 06:02 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-12-04 06:02 - 2015-12-04 06:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-12-04 06:02 - 2015-12-04 06:02 - 00000000 ____D C:\Program Files\Common Files\Atheros
2015-12-04 06:02 - 2015-12-04 06:02 - 00000000 ____D C:\Program Files\ATI Technologies
2015-12-04 06:01 - 2015-12-04 06:09 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-04 06:01 - 2015-12-04 06:09 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_AMDASF_01011.Wdf
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____D C:\Program Files\Synaptics
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____D C:\Program Files\Realtek
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____D C:\Program Files\AMD
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2015-12-04 06:00 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-12-04 05:57 - 2015-12-04 06:16 - 00218048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-04 05:56 - 2015-12-04 12:00 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-04 05:51 - 2015-12-04 05:51 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 22394880 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 13376512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 13017088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 12120064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 03670832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 02918808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-04 05:51 - 2015-12-04 05:51 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-04 05:51 - 2015-12-04 05:51 - 02587136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 02064384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 01998848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 01707008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 01212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-12-04 05:51 - 2015-12-04 05:51 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-12-04 05:51 - 2015-12-04 05:51 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00000000 ____D C:\Windows.old
2015-12-04 05:49 - 2015-12-04 05:49 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-04 05:45 - 2015-12-04 05:45 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-12-04 05:45 - 2015-12-04 05:45 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-04 05:45 - 2015-12-04 05:45 - 00000000 ____D C:\Program Files\MSBuild
2015-12-04 05:45 - 2015-12-04 05:45 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-04 05:45 - 2015-12-04 05:45 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-04 05:44 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-12-04 05:44 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-12-04 05:44 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-12-04 05:44 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-04 05:44 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-04 05:44 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-03 21:48 - 2015-12-03 21:48 - 14193160 _____ (Native Instruments GmbH) C:\Users\Manuel\Downloads\Alicias_Keys_Downloader (2).exe
2015-12-03 21:27 - 2015-12-03 21:27 - 14193160 _____ (Native Instruments GmbH) C:\Users\Manuel\Downloads\Alicias_Keys_Downloader (1).exe
2015-12-03 21:26 - 2015-12-03 21:51 - 00000000 ____D C:\Users\Manuel\Downloads\_nidownload_7fc60d8813c881f07538bc113254dc9524dd2724
2015-12-03 21:26 - 2015-12-03 21:48 - 00043376 _____ C:\Users\Manuel\Downloads\_nidownload_Alicias_Keys.toc
2015-12-03 21:25 - 2015-12-03 21:25 - 14193160 _____ (Native Instruments GmbH) C:\Users\Manuel\Downloads\Alicias_Keys_Downloader.exe
2015-12-03 21:05 - 2015-12-04 06:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClipGrab
2015-12-03 21:05 - 2015-12-03 21:05 - 00001040 _____ C:\Users\Public\Desktop\ClipGrab.lnk
2015-12-03 21:05 - 2015-12-03 21:05 - 00000000 ____D C:\Program Files (x86)\ClipGrab
2015-12-03 21:03 - 2015-12-03 21:04 - 22178792 _____ (Philipp Schmieder Medien ) C:\Users\Manuel\Downloads\clipgrab-3.5.5.exe
2015-12-02 23:05 - 2015-12-04 06:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-02 23:05 - 2015-12-02 23:05 - 00002288 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-02 23:03 - 2015-12-02 23:04 - 00929872 _____ (Google Inc.) C:\Users\Manuel\Downloads\ChromeSetup.exe
2015-12-02 22:49 - 2015-12-02 22:49 - 00000000 ____D C:\Users\Manuel\AppData\Local\AOP SDK
2015-12-02 21:09 - 2015-12-02 21:10 - 01736704 _____ C:\Users\Manuel\Downloads\AdwCleaner_5.023.exe
2015-12-02 08:25 - 2015-12-02 08:29 - 00253582 _____ C:\TDSSKiller.3.1.0.7_02.12.2015_08.25.03_log.txt
2015-12-02 08:23 - 2015-12-02 08:24 - 00252680 _____ C:\TDSSKiller.3.1.0.7_02.12.2015_08.23.06_log.txt
2015-12-02 08:18 - 2015-12-02 08:18 - 02350080 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64 (2).exe
2015-12-02 08:15 - 2015-12-02 08:15 - 02350080 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64 (1).exe
2015-12-02 08:09 - 2015-12-02 08:11 - 00252826 _____ C:\TDSSKiller.3.1.0.7_02.12.2015_08.09.53_log.txt
2015-12-02 08:09 - 2015-12-02 08:09 - 00000560 _____ C:\TDSSKiller.3.1.0.7_02.12.2015_08.09.44_log.txt
2015-12-02 08:04 - 2015-12-02 08:20 - 00058743 _____ C:\Users\Manuel\Downloads\Addition.txt
2015-12-02 08:03 - 2015-12-05 17:41 - 00015820 _____ C:\Users\Manuel\Downloads\FRST.txt
2015-12-02 08:01 - 2015-12-02 08:03 - 02350080 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64.exe
2015-12-01 23:43 - 2015-12-01 23:49 - 00252680 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_23.43.03_log.txt
2015-12-01 23:42 - 2015-12-01 23:43 - 04398264 _____ (Kaspersky Lab ZAO) C:\Users\Manuel\Downloads\tdsskiller.exe
2015-12-01 23:26 - 2015-12-01 23:28 - 00252680 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_23.26.38_log.txt
2015-12-01 23:25 - 2015-12-01 23:25 - 00048382 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_23.25.21_log.txt
2015-12-01 22:08 - 2015-12-01 22:10 - 00252846 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_22.08.56_log.txt
2015-12-01 21:43 - 2015-12-01 21:43 - 00000000 ____D C:\Program Files (x86)\Native Instruments
2015-12-01 12:43 - 2015-12-01 12:43 - 00000000 _____ C:\Users\Manuel\defogger_reenable
2015-11-30 16:12 - 2015-12-01 14:16 - 00000000 ____D C:\Users\Manuel\Documents\REAPER Media
2015-11-30 16:09 - 2015-12-04 06:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)
2015-11-30 16:09 - 2015-11-30 16:09 - 00000873 _____ C:\Users\Public\Desktop\REAPER (x64).lnk
2015-11-30 16:09 - 2015-11-30 16:09 - 00000000 ____D C:\Program Files\REAPER (x64)
2015-11-28 15:42 - 2015-12-04 06:24 - 00003294 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1448721735
2015-11-28 15:42 - 2015-11-28 15:42 - 00001208 _____ C:\Users\Public\Desktop\Opera.lnk
2015-11-28 15:42 - 2015-11-28 15:42 - 00001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-11-27 21:18 - 2015-11-27 23:37 - 00000000 ____D C:\Users\Manuel\Desktop\b
2015-11-27 19:53 - 2015-11-27 23:36 - 00000000 ____D C:\Users\Manuel\Desktop\november
2015-11-27 17:47 - 2015-11-27 17:47 - 00000000 ____D C:\Users\Manuel\Desktop\JRT_NewerVersion
2015-11-27 11:51 - 2015-11-27 11:52 - 00257212 _____ C:\TDSSKiller.3.1.0.6_27.11.2015_11.51.00_log.txt
2015-11-27 11:49 - 2015-11-27 11:49 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\AVG
2015-11-27 11:48 - 2015-11-27 11:48 - 00000000 ____D C:\Users\Manuel\AppData\Local\Avg
2015-11-27 11:47 - 2015-11-27 11:49 - 00000000 ____D C:\ProgramData\AVG
2015-11-27 11:14 - 2015-11-27 11:14 - 00000000 ____D C:\Users\Manuel\Desktop\RECORDER
2015-11-27 10:34 - 2015-11-27 12:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2015-11-26 18:25 - 2015-12-04 06:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Casio
2015-11-26 18:25 - 2015-11-26 18:25 - 00000000 ____D C:\Program Files\Casio
2015-11-26 15:01 - 2015-12-04 06:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REAPER
2015-11-26 15:01 - 2015-11-26 15:01 - 00001052 _____ C:\Users\Manuel\Desktop\REAPER.lnk
2015-11-26 15:01 - 2015-11-26 15:01 - 00000000 ____D C:\Program Files (x86)\REAPER
2015-11-26 14:58 - 2015-11-30 16:28 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\REAPER
2015-11-26 14:55 - 2015-11-26 14:55 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2015-11-26 09:26 - 2015-11-26 09:26 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\PianoBooster
2015-11-26 09:20 - 2015-12-04 06:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Piano Booster
2015-11-26 09:20 - 2015-11-26 09:20 - 00000000 ____D C:\Program Files (x86)\Piano Booster
2015-11-25 16:16 - 2015-11-25 16:17 - 00001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia.lnk
2015-11-25 16:02 - 2015-11-25 16:17 - 00001974 _____ C:\Users\Public\Desktop\Synthesia.lnk
2015-11-25 16:02 - 2015-11-25 16:16 - 00000000 ____D C:\Program Files (x86)\Synthesia
2015-11-25 16:02 - 2015-11-25 16:02 - 00000000 ____D C:\Users\Manuel\Documents\Synthesia Music
2015-11-25 15:48 - 2015-11-25 15:48 - 00000000 ____D C:\Users\Manuel\Documents\Myriad Documents
2015-11-25 15:47 - 2015-12-04 06:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Melody Assistant
2015-11-25 15:47 - 2015-11-25 15:48 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\ACAMPREF
2015-11-25 15:47 - 2015-11-25 15:47 - 00001160 _____ C:\Users\Manuel\Desktop\Melody Assistant.lnk
2015-11-25 15:47 - 2015-11-25 15:47 - 00000000 ____D C:\Program Files (x86)\Melody Assistant
2015-11-25 10:31 - 2015-12-04 06:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2015-11-25 10:31 - 2015-11-25 14:41 - 00001166 _____ C:\Users\Manuel\Desktop\ASIO4ALL v2 Anleitung.lnk
2015-11-25 10:31 - 2015-11-25 14:41 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2015-11-25 10:09 - 2015-12-04 19:09 - 00002912 _____ C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
2015-11-25 10:09 - 2015-12-04 19:09 - 00002912 _____ C:\WINDOWS\system32\LavasoftTcpServiceOff.ini
2015-11-25 10:09 - 2015-12-04 06:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-11-25 10:09 - 2015-11-27 17:48 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Lavasoft
2015-11-25 10:09 - 2015-11-25 10:09 - 00425744 _____ (Lavasoft Limited) C:\WINDOWS\system32\LavasoftTcpService64.dll
2015-11-25 10:09 - 2015-11-25 10:09 - 00345360 _____ (Lavasoft Limited) C:\WINDOWS\SysWOW64\LavasoftTcpService.dll
2015-11-25 10:09 - 2015-11-25 10:09 - 00000000 ____D C:\Users\Manuel\AppData\Local\Lavasoft
2015-11-25 10:08 - 2015-11-27 17:48 - 00000000 ____D C:\ProgramData\Lavasoft
2015-11-25 10:08 - 2015-11-25 10:08 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-11-23 11:37 - 2015-11-30 11:27 - 00305598 _____ C:\Users\Manuel\Documents\Bewerbung_Maler_und_Lackierer.doc2.neu.odt
2015-11-21 18:18 - 2015-12-04 06:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MIDI Pianist
2015-11-21 18:18 - 2015-11-22 18:50 - 00002024 _____ C:\Users\Manuel\Desktop\MIDI Pianist.lnk
2015-11-21 18:18 - 2015-11-21 18:18 - 00000010 ___SH C:\Users\Manuel\AppData\Roaming\user_database.dat
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\winregistry_001
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\mip
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Program Files (x86)\MIDI Pianist
2015-11-21 18:13 - 2015-11-25 10:11 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\dlg
2015-11-21 15:39 - 2015-11-21 15:39 - 00039884 _____ C:\mbam.txt
2015-11-21 14:32 - 2015-12-02 21:28 - 00000000 ____D C:\AdwCleaner
2015-11-21 13:44 - 2015-11-21 14:34 - 00513740 _____ C:\TDSSKiller.3.1.0.6_21.11.2015_13.44.40_log.txt
2015-11-21 13:42 - 2015-12-05 17:40 - 00000000 ____D C:\FRST
2015-11-19 17:21 - 2015-11-19 17:21 - 00000000 ____D C:\Users\Manuel\AppData\Local\CEF
2015-11-19 16:39 - 2015-12-04 06:24 - 00002302 _____ C:\WINDOWS\System32\Tasks\{D6F067B6-DC67-4EA0-BCBB-5CF0DD427DBE}
2015-11-19 15:22 - 2015-12-04 10:56 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-19 15:22 - 2015-12-04 06:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-19 15:22 - 2015-11-22 18:51 - 00001169 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-19 15:22 - 2015-11-19 15:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-19 15:22 - 2015-11-19 15:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-19 15:22 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-11-19 15:22 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-19 15:22 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-19 14:43 - 2015-11-19 14:43 - 00000000 _____ C:\autoexec.bat
2015-11-18 22:37 - 2015-12-04 06:24 - 00002604 _____ C:\WINDOWS\System32\Tasks\Kinafaeheufok
2015-11-18 21:39 - 2015-12-04 06:24 - 00002224 _____ C:\WINDOWS\System32\Tasks\{E49DE93D-3C2D-4E1A-A749-025F78238EEF}
2015-11-18 21:07 - 2015-12-04 21:07 - 00001028 _____ C:\WINDOWS\Tasks\qPHwMWksY9eT0WjIbKxar.job
2015-11-18 21:07 - 2015-12-04 06:24 - 00003640 _____ C:\WINDOWS\System32\Tasks\qPHwMWksY9eT0WjIbKxar
2015-11-18 21:06 - 2015-11-21 12:14 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-18 21:05 - 2015-12-04 06:24 - 00002222 _____ C:\WINDOWS\System32\Tasks\gte3014
2015-11-18 21:02 - 2015-09-05 18:58 - 00000856 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-11-18 19:26 - 2015-11-18 19:49 - 00000000 ____D C:\Users\Manuel\Desktop\^piano
2015-11-18 19:05 - 2015-11-18 19:22 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Synthesia
2015-11-18 18:26 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\WINDOWS\SysWOW64\dhRichClient3.dll
2015-11-18 18:26 - 2011-03-25 20:42 - 00338432 _____ C:\WINDOWS\SysWOW64\sqlite36_engine.dll
2015-11-16 19:39 - 2015-11-16 19:45 - 00000000 ____D C:\Users\Manuel\AppData\Local\calibre-cache
2015-11-16 19:38 - 2015-12-04 06:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2015-11-16 19:38 - 2015-11-22 18:51 - 00000997 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2015-11-16 19:38 - 2015-11-18 21:49 - 00000000 ____D C:\Program Files\Calibre2
2015-11-16 19:38 - 2015-11-16 19:45 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\calibre
2015-11-16 19:38 - 2015-11-16 19:44 - 00000000 ____D C:\Users\Manuel\Documents\Calibre-Bibliothek
2015-11-15 17:52 - 2015-11-18 21:58 - 00000000 ____D C:\ProgramData\eMule
2015-11-07 13:11 - 2015-12-02 22:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-05 17:38 - 2015-05-09 14:44 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-05 12:44 - 2015-04-24 21:30 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{01E50813-C029-43AD-83B0-C8875C1F6992}
2015-12-05 12:19 - 2015-10-30 19:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-05 12:19 - 2015-10-30 19:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-05 12:19 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2015-12-05 12:19 - 2015-08-22 04:14 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-05 12:16 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-05 06:45 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-05 06:37 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-05 06:37 - 2015-04-24 21:27 - 00000000 ____D C:\Users\Manuel\AppData\Local\Packages
2015-12-05 06:35 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-12-04 19:08 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-04 19:08 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2015-12-04 19:08 - 2015-08-22 04:05 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-12-04 14:59 - 2015-05-05 18:33 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\vlc
2015-12-04 09:21 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-04 09:09 - 2015-08-22 05:54 - 00000000 ___RD C:\Users\Manuel\OneDrive
2015-12-04 09:06 - 2015-05-17 19:31 - 00004186 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 09:06 - 2015-05-17 19:31 - 00003954 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-04 09:06 - 2015-05-17 19:31 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-04 09:06 - 2015-05-17 19:31 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-04 09:04 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-12-04 09:04 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-04 09:03 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-04 09:03 - 2015-04-24 20:51 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-04 06:36 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-04 06:34 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT
2015-12-04 06:34 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-04 06:34 - 2015-08-22 03:11 - 00019053 _____ C:\WINDOWS\diagwrn.xml
2015-12-04 06:34 - 2015-08-22 03:11 - 00019053 _____ C:\WINDOWS\diagerr.xml
2015-12-04 06:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration
2015-12-04 06:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-04 06:25 - 2015-08-22 04:19 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-12-04 06:25 - 2015-02-23 13:28 - 00002736 _____ C:\WINDOWS\System32\Tasks\Norton Online Backup ARA
2015-12-04 06:24 - 2015-07-20 12:48 - 00002564 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2015-12-04 06:24 - 2015-05-09 14:44 - 00003098 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-04 06:24 - 2015-04-24 21:33 - 00002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1273145720-561992726-3298081300-1001
2015-12-04 06:24 - 2015-02-23 13:25 - 00002248 _____ C:\WINDOWS\System32\Tasks\Power Management
2015-12-04 06:24 - 2015-02-23 13:10 - 00002032 _____ C:\WINDOWS\System32\Tasks\Dolby Selector
2015-12-04 06:24 - 2015-02-23 12:32 - 00002876 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1273145720-561992726-3298081300-500
2015-12-04 06:24 - 2014-01-16 16:11 - 00003752 _____ C:\WINDOWS\System32\Tasks\ALUAgent
2015-12-04 06:24 - 2014-01-16 16:11 - 00002780 _____ C:\WINDOWS\System32\Tasks\ALU
2015-12-04 06:24 - 2014-01-16 16:11 - 00002238 _____ C:\WINDOWS\System32\Tasks\Launch Manager
2015-12-04 06:23 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-04 06:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help
2015-12-04 06:15 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-04 06:15 - 2015-10-21 19:16 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-12-04 06:15 - 2015-10-13 18:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-12-04 06:15 - 2015-10-13 18:31 - 00000000 ____D C:\WINDOWS\de
2015-12-04 06:15 - 2015-08-12 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-04 06:15 - 2015-07-29 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP4300
2015-12-04 06:15 - 2015-06-23 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
2015-12-04 06:15 - 2015-05-05 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-12-04 06:15 - 2015-05-05 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-12-04 06:15 - 2015-04-25 15:41 - 00000000 ____D C:\Program Files\Common Files\logishrd
2015-12-04 06:15 - 2015-02-23 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
2015-12-04 06:15 - 2015-02-23 13:12 - 00000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e
2015-12-04 06:15 - 2015-02-23 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2015-12-04 06:15 - 2014-01-16 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-12-04 06:15 - 2014-01-16 16:01 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-04 06:13 - 2015-07-10 10:05 - 00000000 ____D C:\Users\Default.migrated
2015-12-04 06:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-12-04 06:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-04 06:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-04 06:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-12-04 06:11 - 2015-06-23 21:41 - 00000000 ____D C:\WINDOWS\SysWOW64\spool
2015-12-04 06:11 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-12-04 06:11 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-12-04 06:09 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-04 06:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-04 06:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\InputMethod
2015-12-04 06:09 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-12-04 06:09 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-04 06:09 - 2015-09-26 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-04 06:09 - 2015-07-29 08:00 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2015-12-04 06:09 - 2015-06-23 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software
2015-12-04 06:09 - 2015-05-26 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-12-04 06:09 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-12-04 06:05 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-04 06:01 - 2015-08-22 03:52 - 00000000 ____D C:\AMD
2015-12-04 05:57 - 2015-10-30 19:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-12-04 05:56 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-04 05:51 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-04 05:51 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-04 05:51 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-04 05:51 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-04 05:51 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-04 05:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-12-04 05:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-12-04 05:30 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-02 23:43 - 2015-05-17 19:31 - 00000000 ____D C:\Users\Manuel\AppData\Local\Google
2015-12-02 23:04 - 2015-05-17 19:31 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-02 23:00 - 2015-04-25 13:51 - 00000000 ____D C:\Users\Manuel\AppData\Local\CrashDumps
2015-12-02 22:50 - 2014-01-16 16:01 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2015-12-02 22:49 - 2015-06-13 10:43 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\WildTangent
2015-12-02 22:49 - 2014-01-16 16:01 - 00000000 ____D C:\ProgramData\WildTangent
2015-12-02 22:48 - 2015-04-24 21:29 - 00000000 ____D C:\Users\Manuel\AppData\Local\clear.fi
2015-12-02 22:48 - 2014-01-16 16:11 - 00000000 ____D C:\Program Files (x86)\Acer
2015-12-02 13:15 - 2014-01-16 15:04 - 00000000 ___HD C:\OEM
2015-12-02 12:38 - 2015-10-10 19:47 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\DVDVideoSoft
2015-11-30 21:14 - 2015-07-27 18:26 - 664977556 _____ C:\WINDOWS\MEMORY.DMP
2015-11-28 15:42 - 2015-05-05 17:37 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-27 18:04 - 2015-04-25 05:13 - 00000000 ____D C:\Users\Public\OEM
2015-11-22 18:52 - 2015-10-13 18:31 - 00001370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-11-22 18:52 - 2015-09-15 11:00 - 00002225 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-11-22 18:52 - 2015-06-04 07:52 - 00001439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-11-22 18:52 - 2015-06-03 21:23 - 00000946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-11-22 18:52 - 2015-02-23 13:27 - 00001978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2015-11-22 18:52 - 2015-02-23 13:17 - 00001939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-11-22 18:51 - 2015-10-21 19:16 - 00001126 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-11-22 18:51 - 2015-07-30 22:55 - 00001995 _____ C:\Users\Public\Desktop\abMedia.lnk
2015-11-22 18:51 - 2015-06-23 21:42 - 00002163 _____ C:\Users\Public\Desktop\Perfect Effects Free 9.lnk
2015-11-22 18:51 - 2015-05-26 13:59 - 00001206 _____ C:\Users\Public\Desktop\ImageBrowser EX.lnk
2015-11-22 18:51 - 2015-05-26 13:56 - 00001211 _____ C:\Users\Public\Desktop\Picture Style Editor.lnk
2015-11-22 18:51 - 2015-05-26 13:56 - 00001081 _____ C:\Users\Public\Desktop\EOS Utility.lnk
2015-11-22 18:51 - 2015-05-26 13:55 - 00001146 _____ C:\Users\Public\Desktop\Digital Photo Professional.lnk
2015-11-22 18:51 - 2015-05-05 18:32 - 00001080 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-11-22 18:51 - 2015-05-05 17:35 - 00001346 _____ C:\Users\Public\Desktop\Freemake Video Downloader.lnk
2015-11-22 18:51 - 2015-04-25 16:09 - 00002636 _____ C:\Users\Public\Desktop\Skype.lnk
2015-11-22 18:51 - 2015-02-23 14:01 - 00001680 _____ C:\Users\Public\Desktop\Online kaufen.lnk
2015-11-22 18:51 - 2015-02-23 13:28 - 00002127 _____ C:\Users\Public\Desktop\Norton Online Backup.lnk
2015-11-22 18:50 - 2015-06-23 21:01 - 00001078 _____ C:\Users\Manuel\Desktop\PhotoFiltre 7.lnk
2015-11-22 18:50 - 2015-05-03 17:52 - 00001444 _____ C:\Users\Manuel\Desktop\amazon.de.lnk
2015-11-21 17:03 - 2015-04-25 16:09 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Skype
2015-11-19 16:22 - 2013-08-22 14:25 - 00000226 _____ C:\WINDOWS\win.ini
2015-11-13 14:54 - 2015-04-30 22:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-13 14:51 - 2015-04-30 22:01 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar
2015-11-21 18:18 - 2015-11-21 18:18 - 0000010 ___SH () C:\Users\Manuel\AppData\Roaming\user_database.dat
2015-07-26 15:55 - 2015-07-26 15:55 - 0001520 _____ () C:\Users\Manuel\AppData\Local\recently-used.xbel
2015-12-04 06:02 - 2015-12-04 06:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-04 05:56

==================== Ende von FRST.txt ============================
--- --- ---

deeprybka 06.12.2015 17:37
Hi,

Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn4.PNG

Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w8.png + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
CloseProcesses:
C:\PROGRA~2\FAST-S~1
Task: {1F30D7A3-F649-4211-9326-A685814F8AF0} - System32\Tasks\gte3014 => C:\PROGRA~2\FAST-S~1\gte3014.exe
Task: {29D1A7C4-8C65-49DF-AF57-6492251C2E27} - \Start Driver Reviver Schedule -> Keine Datei
Task: {36C6E7DD-4572-422D-A9A1-D345574869D6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei
Task: {3BD8A3C6-9448-456D-924A-F36F112B9582} - \Form Bus -> Keine Datei
C:\ProgramData\Kinafaeheufok
Task: {3FE981C1-B198-4003-AA79-5C42D0C6E090} - System32\Tasks\Kinafaeheufok => C:\ProgramData\Kinafaeheufok\1.0.6.1\imeibauk.exe
Task: {51B4A8C0-A606-4CA5-9A68-7FE931D5FFE6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei
Task: {711B438A-7FA4-418A-A5C7-58D79E27A7CE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei
Task: {9DF2F485-CE47-4201-9809-14EB8207E70A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei
Task: {A69CB606-0D34-4F3E-B7F4-2F05B9F76B07} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei
Task: {AB467F6A-1B52-42C7-BF58-0690CB40EF27} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei
Task: {AE6CA2EE-3ADB-43F5-98B0-6D75686607BB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei
Task: {CEE41AE5-AB08-4134-9C32-C05C715C3C93} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei
Task: {DAFE209B-C28F-490E-82C4-87125500905A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei
Task: {E48832EA-24FA-4EB2-B6C3-28740C5C7D92} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei
Task: {E63F2B99-274B-4014-A1A9-E989BBFA6B28} - System32\Tasks\qPHwMWksY9eT0WjIbKxar => C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar.exe
Task: {EDEF0AE6-833E-44B5-B124-BB4510DB0639} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei
Task: {F4B3E856-1B33-43DD-B604-16F4F3117964} - \Start Driver Reviver Update -> Keine Datei
C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar.exe
Task: C:\WINDOWS\Tasks\qPHwMWksY9eT0WjIbKxar.job => C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar.exe
FF Extension: Outrageous Deal - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\Extensions\{9f151910-c7b7-4060-98b3-333fd4cbc434}.xpi [2015-11-26] [ist nicht signiert]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\!70ACDE8C77C274EF19CEF2F3A8DE5D6270AC.js [2015-11-18]
EmptyTemp:
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-(exe)Anwendung befindet.
  • Starte FRST und drücke auf den Entfernen-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.

http://www.trojaner-board.de/extra/lesestoff.pngGibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Manuel476 07.12.2015 19:02
CloseProcesses:
C:\PROGRA~2\FAST-S~1
Task: {1F30D7A3-F649-4211-9326-A685814F8AF0} - System32\Tasks\gte3014 => C:\PROGRA~2\FAST-S~1\gte3014.exe
Task: {29D1A7C4-8C65-49DF-AF57-6492251C2E27} - \Start Driver Reviver Schedule -> Keine Datei
Task: {36C6E7DD-4572-422D-A9A1-D345574869D6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei
Task: {3BD8A3C6-9448-456D-924A-F36F112B9582} - \Form Bus -> Keine Datei
C:\ProgramData\Kinafaeheufok
Task: {3FE981C1-B198-4003-AA79-5C42D0C6E090} - System32\Tasks\Kinafaeheufok => C:\ProgramData\Kinafaeheufok\1.0.6.1\imeibauk.exe
Task: {51B4A8C0-A606-4CA5-9A68-7FE931D5FFE6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei
Task: {711B438A-7FA4-418A-A5C7-58D79E27A7CE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei
Task: {9DF2F485-CE47-4201-9809-14EB8207E70A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei
Task: {A69CB606-0D34-4F3E-B7F4-2F05B9F76B07} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei
Task: {AB467F6A-1B52-42C7-BF58-0690CB40EF27} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei
Task: {AE6CA2EE-3ADB-43F5-98B0-6D75686607BB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei
Task: {CEE41AE5-AB08-4134-9C32-C05C715C3C93} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei
Task: {DAFE209B-C28F-490E-82C4-87125500905A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei
Task: {E48832EA-24FA-4EB2-B6C3-28740C5C7D92} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei
Task: {E63F2B99-274B-4014-A1A9-E989BBFA6B28} - System32\Tasks\qPHwMWksY9eT0WjIbKxar => C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar.exe
Task: {EDEF0AE6-833E-44B5-B124-BB4510DB0639} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei
Task: {F4B3E856-1B33-43DD-B604-16F4F3117964} - \Start Driver Reviver Update -> Keine Datei
C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar.exe
Task: C:\WINDOWS\Tasks\qPHwMWksY9eT0WjIbKxar.job => C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar.exe
FF Extension: Outrageous Deal - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\Extensions\{9f151910-c7b7-4060-98b3-333fd4cbc434}.xpi [2015-11-26] [ist nicht signiert]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\!70ACDE8C77C274EF19CEF2F3A8DE5D6270AC.js [2015-11-18]
EmptyTemp:

deeprybka 07.12.2015 19:10
Anweisung genau lesen... :)

Manuel476 07.12.2015 19:34
Ich soll erst frst löschen aber finde leider keine softwaer die ich löschen soll oder was hab ich falsch gemacht?

deeprybka 07.12.2015 19:36
Wo steht, dass Du FRST löschen sollst?

Manuel476 07.12.2015 19:37
Und wenn ich den rest so augeführt habe wie ich es verstanden habe steht in der fixlog das was ich gesendet habe !?

deeprybka 07.12.2015 19:39
Das ist die Fixlist. Die musst Du abspeichern. Dann FRST starten und auf ENTFERNEN klicken. Dann wird ein Fixlog erstellt. Das muss gepostet werden.

Manuel476 07.12.2015 19:40

FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
durchgeführt von Manuel (Administrator) auf MANU (07-12-2015 18:58:27)
Gestartet von C:\Users\Manuel\Downloads
Geladene Profile: Manuel (Verfügbare Profile: Manuel)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\Casio\XW-DJ1\CasioCplApp.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1201.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Farbar) C:\Users\Manuel\Downloads\FRST64 (5).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648 2015-06-12] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Casio Control Panel Autostart.lnk [2015-11-26]
ShortcutTarget: Casio Control Panel Autostart.lnk -> C:\Program Files\Casio\XW-DJ1\CasioCplApp.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2015-11-22]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2015-12-06]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 0.0.0.1        mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{8d538c83-dc46-4aef-84b9-eff1c3096ba4}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930216073929093&GUID=05B5E2C7-6E6C-AA0A-4F3F-7F47FE4E0B66
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930216073945408&GUID=05B5E2C7-6E6C-AA0A-4F3F-7F47FE4E0B66
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-1273145720-561992726-3298081300-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default
FF SelectedSearchEngine: Bing®
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Extension: Outrageous Deal - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\Extensions\{9f151910-c7b7-4060-98b3-333fd4cbc434}.xpi [2015-11-26] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-27]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\!70ACDE8C77C274EF19CEF2F3A8DE5D6270AC.js [2015-11-18]

Chrome:
=======
CHR NewTab: Default -> "chrome-extension://akhmefomaihbclfehodbdmoaeoodjjdo/newtab/newtab-hp.html"
CHR Profile: C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-02]
CHR Extension: (Easy Screenshot) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\akhmefomaihbclfehodbdmoaeoodjjdo [2015-12-04]
CHR Extension: (Google Docs) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-02]
CHR Extension: (Google Drive) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-02]
CHR Extension: (YouTube) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-02]
CHR Extension: (Google Search) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-02]
CHR Extension: (Google Sheets) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-02]
CHR Extension: (SiteAdvisor) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-12-02]
CHR Extension: (Google Docs Offline) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-02]
CHR Extension: (Gmail) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-04-24] (Freemake) [Datei ist nicht signiert]
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2015-11-25] (Lavasoft Limited)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-06-12] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [42184 2015-06-12] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-07 18:57 - 2015-12-07 18:58 - 02369024 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64 (5).exe
2015-12-05 17:38 - 2015-12-05 17:39 - 02369024 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64 (3).exe
2015-12-05 17:38 - 2015-12-05 17:38 - 02369024 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64 (4).exe
2015-12-05 13:28 - 2015-12-05 13:28 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-04 11:02 - 2015-11-22 10:56 - 22394880 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-04 11:02 - 2015-11-22 10:43 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-04 11:01 - 2015-11-22 11:47 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-04 11:01 - 2015-11-22 11:47 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-04 11:01 - 2015-11-22 11:41 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-04 11:01 - 2015-11-22 11:41 - 01284960 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-04 11:01 - 2015-11-22 11:41 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-04 11:01 - 2015-11-22 11:35 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-04 11:01 - 2015-11-22 11:34 - 00975200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-04 11:01 - 2015-11-22 11:34 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2015-12-04 11:01 - 2015-11-22 11:33 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2015-12-04 11:01 - 2015-11-22 11:33 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-04 11:01 - 2015-11-22 11:33 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-04 11:01 - 2015-11-22 11:30 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-12-04 11:01 - 2015-11-22 11:30 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-12-04 11:01 - 2015-11-22 11:26 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-04 11:01 - 2015-11-22 11:25 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2015-12-04 11:01 - 2015-11-22 11:24 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-04 11:01 - 2015-11-22 11:20 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-12-04 11:01 - 2015-11-22 11:19 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-12-04 11:01 - 2015-11-22 11:14 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-04 11:01 - 2015-11-22 10:57 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-04 11:01 - 2015-11-22 10:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-04 11:01 - 2015-11-22 10:54 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-04 11:01 - 2015-11-22 10:54 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2015-12-04 11:01 - 2015-11-22 10:54 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-04 11:01 - 2015-11-22 10:52 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-04 11:01 - 2015-11-22 10:52 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2015-12-04 11:01 - 2015-11-22 10:52 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-12-04 11:01 - 2015-11-22 10:51 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-04 11:01 - 2015-11-22 10:51 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-12-04 11:01 - 2015-11-22 10:50 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2015-12-04 11:01 - 2015-11-22 10:49 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-04 11:01 - 2015-11-22 10:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-12-04 11:01 - 2015-11-22 10:49 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2015-12-04 11:01 - 2015-11-22 10:47 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-04 11:01 - 2015-11-22 10:46 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-04 11:01 - 2015-11-22 10:46 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-04 11:01 - 2015-11-22 10:45 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-04 11:01 - 2015-11-22 10:45 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-04 11:01 - 2015-11-22 10:45 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-04 11:01 - 2015-11-22 10:45 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-04 11:01 - 2015-11-22 10:45 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-04 11:01 - 2015-11-22 10:44 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-04 11:01 - 2015-11-22 10:43 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-04 11:01 - 2015-11-22 10:43 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-04 11:01 - 2015-11-22 10:43 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-04 11:01 - 2015-11-22 10:43 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-12-04 11:01 - 2015-11-22 10:43 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2015-12-04 11:01 - 2015-11-22 10:42 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-04 11:01 - 2015-11-22 10:42 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-04 11:01 - 2015-11-22 10:42 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-04 11:01 - 2015-11-22 10:42 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-04 11:01 - 2015-11-22 10:42 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-04 11:01 - 2015-11-22 10:41 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-04 11:01 - 2015-11-22 10:41 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-04 11:01 - 2015-11-22 10:41 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-04 11:01 - 2015-11-22 10:40 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-04 11:01 - 2015-11-22 10:40 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-04 11:01 - 2015-11-22 10:40 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-04 11:01 - 2015-11-22 10:40 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-04 11:01 - 2015-11-22 10:39 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-12-04 11:01 - 2015-11-22 10:38 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-04 11:01 - 2015-11-22 10:38 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-04 11:01 - 2015-11-22 10:38 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-04 11:01 - 2015-11-22 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2015-12-04 11:01 - 2015-11-22 10:38 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2015-12-04 11:01 - 2015-11-22 10:37 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-04 11:01 - 2015-11-22 10:37 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-04 11:01 - 2015-11-22 10:37 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-12-04 11:01 - 2015-11-22 10:36 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-04 11:01 - 2015-11-22 10:34 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-04 11:01 - 2015-11-22 10:34 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2015-12-04 11:01 - 2015-11-22 10:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-04 11:01 - 2015-11-22 10:34 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-12-04 11:01 - 2015-11-22 10:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-04 11:01 - 2015-11-22 10:33 - 13380608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-04 11:01 - 2015-11-22 10:33 - 02587136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-04 11:01 - 2015-11-22 10:32 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-04 11:01 - 2015-11-22 10:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2015-12-04 11:01 - 2015-11-22 10:32 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-04 11:01 - 2015-11-22 10:31 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-04 11:01 - 2015-11-22 10:31 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-04 11:01 - 2015-11-22 10:31 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-04 11:01 - 2015-11-22 10:30 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-04 11:01 - 2015-11-22 10:30 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-04 11:01 - 2015-11-22 10:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2015-12-04 11:01 - 2015-11-22 10:27 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-04 11:01 - 2015-11-22 10:27 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-04 11:01 - 2015-11-22 10:27 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-04 11:01 - 2015-11-22 10:27 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-04 11:01 - 2015-11-22 10:27 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2015-12-04 11:01 - 2015-11-22 10:27 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-04 11:01 - 2015-11-22 10:26 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-04 11:01 - 2015-11-22 10:26 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-04 11:01 - 2015-11-22 10:26 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2015-12-04 11:01 - 2015-11-22 10:26 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-12-04 11:01 - 2015-11-22 10:25 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-04 11:01 - 2015-11-22 10:25 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-04 11:01 - 2015-11-22 10:25 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-04 11:01 - 2015-11-22 10:24 - 12124672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-04 11:01 - 2015-11-22 10:24 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-04 11:01 - 2015-11-22 10:24 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-04 11:01 - 2015-11-22 10:24 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-12-04 11:01 - 2015-11-22 10:23 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-04 11:01 - 2015-11-22 10:20 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-04 11:01 - 2015-11-22 10:19 - 02064384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-04 11:01 - 2015-11-22 10:18 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-04 11:01 - 2015-11-22 10:18 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-12-04 11:01 - 2015-11-22 10:18 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2015-12-04 11:01 - 2015-11-22 10:17 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-04 11:01 - 2015-11-22 10:17 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-04 11:01 - 2015-11-22 10:16 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-04 11:01 - 2015-11-22 10:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-12-04 11:00 - 2015-11-22 11:00 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2015-12-04 11:00 - 2015-11-22 11:00 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2015-12-04 11:00 - 2015-11-22 10:57 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-04 11:00 - 2015-11-22 10:57 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-04 11:00 - 2015-11-22 10:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-04 11:00 - 2015-11-22 10:57 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-04 11:00 - 2015-11-22 10:56 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-04 11:00 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-04 11:00 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-04 11:00 - 2015-11-22 10:56 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2015-12-04 11:00 - 2015-11-22 10:55 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-04 11:00 - 2015-11-22 10:55 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-04 11:00 - 2015-11-22 10:54 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-04 11:00 - 2015-11-22 10:54 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2015-12-04 11:00 - 2015-11-22 10:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-04 11:00 - 2015-11-22 10:54 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2015-12-04 11:00 - 2015-11-22 10:54 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-04 11:00 - 2015-11-22 10:54 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-04 11:00 - 2015-11-22 10:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-04 11:00 - 2015-11-22 10:52 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-04 11:00 - 2015-11-22 10:51 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-04 11:00 - 2015-11-22 10:51 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2015-12-04 11:00 - 2015-11-22 10:51 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-04 11:00 - 2015-11-22 10:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-04 11:00 - 2015-11-22 10:48 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2015-12-04 11:00 - 2015-11-22 10:45 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-04 11:00 - 2015-11-22 10:45 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-04 11:00 - 2015-11-22 10:45 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2015-12-04 11:00 - 2015-11-22 10:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-04 11:00 - 2015-11-22 10:45 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-04 11:00 - 2015-11-22 10:44 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-04 11:00 - 2015-11-22 10:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2015-12-04 11:00 - 2015-11-22 10:42 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2015-12-04 11:00 - 2015-11-22 10:42 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2015-12-04 11:00 - 2015-11-22 10:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-04 11:00 - 2015-11-22 10:39 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2015-12-04 11:00 - 2015-11-22 10:34 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-04 11:00 - 2015-11-22 10:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-04 11:00 - 2015-11-22 10:33 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2015-12-04 11:00 - 2015-11-22 10:24 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2015-12-04 11:00 - 2015-11-22 10:24 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2015-12-04 09:09 - 2015-12-04 09:09 - 00002395 _____ C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-04 09:07 - 2015-12-04 09:07 - 00000000 ____D C:\ProgramData\ATI
2015-12-04 09:05 - 2015-12-04 09:05 - 00000000 ____D C:\Users\Manuel\AppData\Local\ActiveSync
2015-12-04 09:02 - 2015-12-04 09:02 - 00000020 ___SH C:\Users\Manuel\ntuser.ini
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-12-04 06:24 - 2015-12-06 03:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-04 06:13 - 2015-12-04 06:13 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2015-12-04 06:08 - 2015-12-04 06:15 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-12-04 06:06 - 2015-12-06 03:30 - 00000000 ____D C:\Users\Manuel
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Vorlagen
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Startmenü
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Netzwerkumgebung
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Lokale Einstellungen
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Eigene Dateien
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Druckumgebung
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Documents\Eigene Videos
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Documents\Eigene Musik
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Documents\Eigene Bilder
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\AppData\Local\Verlauf
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\AppData\Local\Anwendungsdaten
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Anwendungsdaten
2015-12-04 06:02 - 2015-12-04 06:09 - 00000000 ____D C:\ProgramData\AMD
2015-12-04 06:02 - 2015-12-04 06:02 - 00646947 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2015-12-04 06:02 - 2015-12-04 06:02 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-12-04 06:02 - 2015-12-04 06:02 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-12-04 06:02 - 2015-12-04 06:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-12-04 06:02 - 2015-12-04 06:02 - 00000000 ____D C:\Program Files\Common Files\Atheros
2015-12-04 06:02 - 2015-12-04 06:02 - 00000000 ____D C:\Program Files\ATI Technologies
2015-12-04 06:01 - 2015-12-04 06:09 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-04 06:01 - 2015-12-04 06:09 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_AMDASF_01011.Wdf
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____D C:\Program Files\Synaptics
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____D C:\Program Files\Realtek
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____D C:\Program Files\AMD
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2015-12-04 06:00 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-12-04 05:57 - 2015-12-04 06:16 - 00218048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-04 05:56 - 2015-12-04 12:00 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-04 05:51 - 2015-12-04 05:51 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 03670832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 02918808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-12-04 05:51 - 2015-12-04 05:51 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-12-04 05:51 - 2015-12-04 05:51 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00000000 ____D C:\Windows.old
2015-12-04 05:49 - 2015-12-04 05:49 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-04 05:45 - 2015-12-04 05:45 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-12-04 05:45 - 2015-12-04 05:45 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-04 05:45 - 2015-12-04 05:45 - 00000000 ____D C:\Program Files\MSBuild
2015-12-04 05:45 - 2015-12-04 05:45 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-04 05:45 - 2015-12-04 05:45 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-04 05:44 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-12-04 05:44 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-12-04 05:44 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-12-04 05:44 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-04 05:44 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-04 05:44 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-03 21:48 - 2015-12-03 21:48 - 14193160 _____ (Native Instruments GmbH) C:\Users\Manuel\Downloads\Alicias_Keys_Downloader (2).exe
2015-12-03 21:27 - 2015-12-03 21:27 - 14193160 _____ (Native Instruments GmbH) C:\Users\Manuel\Downloads\Alicias_Keys_Downloader (1).exe
2015-12-03 21:26 - 2015-12-03 21:51 - 00000000 ____D C:\Users\Manuel\Downloads\_nidownload_7fc60d8813c881f07538bc113254dc9524dd2724
2015-12-03 21:26 - 2015-12-03 21:48 - 00043376 _____ C:\Users\Manuel\Downloads\_nidownload_Alicias_Keys.toc
2015-12-03 21:25 - 2015-12-03 21:25 - 14193160 _____ (Native Instruments GmbH) C:\Users\Manuel\Downloads\Alicias_Keys_Downloader.exe
2015-12-03 21:05 - 2015-12-04 06:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClipGrab
2015-12-03 21:05 - 2015-12-03 21:05 - 00001040 _____ C:\Users\Public\Desktop\ClipGrab.lnk
2015-12-03 21:05 - 2015-12-03 21:05 - 00000000 ____D C:\Program Files (x86)\ClipGrab
2015-12-03 21:03 - 2015-12-03 21:04 - 22178792 _____ (Philipp Schmieder Medien ) C:\Users\Manuel\Downloads\clipgrab-3.5.5.exe
2015-12-02 23:05 - 2015-12-04 06:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-02 23:05 - 2015-12-02 23:05 - 00002288 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-02 23:03 - 2015-12-02 23:04 - 00929872 _____ (Google Inc.) C:\Users\Manuel\Downloads\ChromeSetup.exe
2015-12-02 22:49 - 2015-12-02 22:49 - 00000000 ____D C:\Users\Manuel\AppData\Local\AOP SDK
2015-12-02 21:09 - 2015-12-02 21:10 - 01736704 _____ C:\Users\Manuel\Downloads\AdwCleaner_5.023.exe
2015-12-02 08:25 - 2015-12-02 08:29 - 00253582 _____ C:\TDSSKiller.3.1.0.7_02.12.2015_08.25.03_log.txt
2015-12-02 08:23 - 2015-12-02 08:24 - 00252680 _____ C:\TDSSKiller.3.1.0.7_02.12.2015_08.23.06_log.txt
2015-12-02 08:18 - 2015-12-02 08:18 - 02350080 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64 (2).exe
2015-12-02 08:15 - 2015-12-02 08:15 - 02350080 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64 (1).exe
2015-12-02 08:09 - 2015-12-02 08:11 - 00252826 _____ C:\TDSSKiller.3.1.0.7_02.12.2015_08.09.53_log.txt
2015-12-02 08:09 - 2015-12-02 08:09 - 00000560 _____ C:\TDSSKiller.3.1.0.7_02.12.2015_08.09.44_log.txt
2015-12-02 08:04 - 2015-12-05 17:44 - 00045482 _____ C:\Users\Manuel\Downloads\Addition.txt
2015-12-02 08:03 - 2015-12-07 18:58 - 00016324 _____ C:\Users\Manuel\Downloads\FRST.txt
2015-12-02 08:01 - 2015-12-02 08:03 - 02350080 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64.exe
2015-12-01 23:43 - 2015-12-01 23:49 - 00252680 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_23.43.03_log.txt
2015-12-01 23:42 - 2015-12-01 23:43 - 04398264 _____ (Kaspersky Lab ZAO) C:\Users\Manuel\Downloads\tdsskiller.exe
2015-12-01 23:26 - 2015-12-01 23:28 - 00252680 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_23.26.38_log.txt
2015-12-01 23:25 - 2015-12-01 23:25 - 00048382 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_23.25.21_log.txt
2015-12-01 22:08 - 2015-12-01 22:10 - 00252846 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_22.08.56_log.txt
2015-12-01 21:43 - 2015-12-01 21:43 - 00000000 ____D C:\Program Files (x86)\Native Instruments
2015-12-01 12:43 - 2015-12-01 12:43 - 00000000 _____ C:\Users\Manuel\defogger_reenable
2015-11-30 16:12 - 2015-12-01 14:16 - 00000000 ____D C:\Users\Manuel\Documents\REAPER Media
2015-11-30 16:09 - 2015-12-04 06:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)
2015-11-30 16:09 - 2015-11-30 16:09 - 00000873 _____ C:\Users\Public\Desktop\REAPER (x64).lnk
2015-11-30 16:09 - 2015-11-30 16:09 - 00000000 ____D C:\Program Files\REAPER (x64)
2015-11-28 15:42 - 2015-12-04 06:24 - 00003294 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1448721735
2015-11-28 15:42 - 2015-11-28 15:42 - 00001208 _____ C:\Users\Public\Desktop\Opera.lnk
2015-11-28 15:42 - 2015-11-28 15:42 - 00001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-11-27 21:18 - 2015-11-27 23:37 - 00000000 ____D C:\Users\Manuel\Desktop\b
2015-11-27 19:53 - 2015-11-27 23:36 - 00000000 ____D C:\Users\Manuel\Desktop\november
2015-11-27 17:47 - 2015-11-27 17:47 - 00000000 ____D C:\Users\Manuel\Desktop\JRT_NewerVersion
2015-11-27 11:51 - 2015-11-27 11:52 - 00257212 _____ C:\TDSSKiller.3.1.0.6_27.11.2015_11.51.00_log.txt
2015-11-27 11:49 - 2015-11-27 11:49 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\AVG
2015-11-27 11:48 - 2015-11-27 11:48 - 00000000 ____D C:\Users\Manuel\AppData\Local\Avg
2015-11-27 11:47 - 2015-11-27 11:49 - 00000000 ____D C:\ProgramData\AVG
2015-11-27 11:14 - 2015-11-27 11:14 - 00000000 ____D C:\Users\Manuel\Desktop\RECORDER
2015-11-27 10:34 - 2015-11-27 12:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2015-11-26 18:25 - 2015-12-04 06:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Casio
2015-11-26 18:25 - 2015-11-26 18:25 - 00000000 ____D C:\Program Files\Casio
2015-11-26 15:01 - 2015-12-04 06:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REAPER
2015-11-26 15:01 - 2015-11-26 15:01 - 00001052 _____ C:\Users\Manuel\Desktop\REAPER.lnk
2015-11-26 15:01 - 2015-11-26 15:01 - 00000000 ____D C:\Program Files (x86)\REAPER
2015-11-26 14:58 - 2015-11-30 16:28 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\REAPER
2015-11-26 14:55 - 2015-11-26 14:55 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2015-11-26 09:26 - 2015-11-26 09:26 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\PianoBooster
2015-11-26 09:20 - 2015-12-04 06:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Piano Booster
2015-11-26 09:20 - 2015-11-26 09:20 - 00000000 ____D C:\Program Files (x86)\Piano Booster
2015-11-25 16:16 - 2015-11-25 16:17 - 00001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia.lnk
2015-11-25 16:02 - 2015-11-25 16:17 - 00001974 _____ C:\Users\Public\Desktop\Synthesia.lnk
2015-11-25 16:02 - 2015-11-25 16:16 - 00000000 ____D C:\Program Files (x86)\Synthesia
2015-11-25 16:02 - 2015-11-25 16:02 - 00000000 ____D C:\Users\Manuel\Documents\Synthesia Music
2015-11-25 15:48 - 2015-11-25 15:48 - 00000000 ____D C:\Users\Manuel\Documents\Myriad Documents
2015-11-25 15:47 - 2015-12-04 06:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Melody Assistant
2015-11-25 15:47 - 2015-11-25 15:48 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\ACAMPREF
2015-11-25 15:47 - 2015-11-25 15:47 - 00001160 _____ C:\Users\Manuel\Desktop\Melody Assistant.lnk
2015-11-25 15:47 - 2015-11-25 15:47 - 00000000 ____D C:\Program Files (x86)\Melody Assistant
2015-11-25 10:31 - 2015-12-04 06:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2015-11-25 10:31 - 2015-11-25 14:41 - 00001166 _____ C:\Users\Manuel\Desktop\ASIO4ALL v2 Anleitung.lnk
2015-11-25 10:31 - 2015-11-25 14:41 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2015-11-25 10:09 - 2015-12-04 19:09 - 00002912 _____ C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
2015-11-25 10:09 - 2015-12-04 19:09 - 00002912 _____ C:\WINDOWS\system32\LavasoftTcpServiceOff.ini
2015-11-25 10:09 - 2015-12-04 06:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-11-25 10:09 - 2015-11-27 17:48 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Lavasoft
2015-11-25 10:09 - 2015-11-25 10:09 - 00425744 _____ (Lavasoft Limited) C:\WINDOWS\system32\LavasoftTcpService64.dll
2015-11-25 10:09 - 2015-11-25 10:09 - 00345360 _____ (Lavasoft Limited) C:\WINDOWS\SysWOW64\LavasoftTcpService.dll
2015-11-25 10:09 - 2015-11-25 10:09 - 00000000 ____D C:\Users\Manuel\AppData\Local\Lavasoft
2015-11-25 10:08 - 2015-11-27 17:48 - 00000000 ____D C:\ProgramData\Lavasoft
2015-11-25 10:08 - 2015-11-25 10:08 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-11-23 11:37 - 2015-11-30 11:27 - 00305598 _____ C:\Users\Manuel\Documents\Bewerbung_Maler_und_Lackierer.doc2.neu.odt
2015-11-21 18:18 - 2015-12-04 06:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MIDI Pianist
2015-11-21 18:18 - 2015-11-22 18:50 - 00002024 _____ C:\Users\Manuel\Desktop\MIDI Pianist.lnk
2015-11-21 18:18 - 2015-11-21 18:18 - 00000010 ___SH C:\Users\Manuel\AppData\Roaming\user_database.dat
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\winregistry_001
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\mip
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Program Files (x86)\MIDI Pianist
2015-11-21 18:13 - 2015-11-25 10:11 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\dlg
2015-11-21 15:39 - 2015-11-21 15:39 - 00039884 _____ C:\mbam.txt
2015-11-21 14:32 - 2015-12-02 21:28 - 00000000 ____D C:\AdwCleaner
2015-11-21 13:44 - 2015-11-21 14:34 - 00513740 _____ C:\TDSSKiller.3.1.0.6_21.11.2015_13.44.40_log.txt
2015-11-21 13:42 - 2015-12-07 18:58 - 00000000 ____D C:\FRST
2015-11-19 17:21 - 2015-11-19 17:21 - 00000000 ____D C:\Users\Manuel\AppData\Local\CEF
2015-11-19 16:39 - 2015-12-04 06:24 - 00002302 _____ C:\WINDOWS\System32\Tasks\{D6F067B6-DC67-4EA0-BCBB-5CF0DD427DBE}
2015-11-19 15:22 - 2015-12-04 10:56 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-19 15:22 - 2015-12-04 06:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-19 15:22 - 2015-11-22 18:51 - 00001169 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-19 15:22 - 2015-11-19 15:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-19 15:22 - 2015-11-19 15:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-19 15:22 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-11-19 15:22 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-19 15:22 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-19 14:43 - 2015-11-19 14:43 - 00000000 _____ C:\autoexec.bat
2015-11-18 22:37 - 2015-12-04 06:24 - 00002604 _____ C:\WINDOWS\System32\Tasks\Kinafaeheufok
2015-11-18 21:39 - 2015-12-04 06:24 - 00002224 _____ C:\WINDOWS\System32\Tasks\{E49DE93D-3C2D-4E1A-A749-025F78238EEF}
2015-11-18 21:07 - 2015-12-06 21:07 - 00001028 _____ C:\WINDOWS\Tasks\qPHwMWksY9eT0WjIbKxar.job
2015-11-18 21:07 - 2015-12-04 06:24 - 00003640 _____ C:\WINDOWS\System32\Tasks\qPHwMWksY9eT0WjIbKxar
2015-11-18 21:06 - 2015-11-21 12:14 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-18 21:05 - 2015-12-04 06:24 - 00002222 _____ C:\WINDOWS\System32\Tasks\gte3014
2015-11-18 21:02 - 2015-09-05 18:58 - 00000856 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-11-18 19:26 - 2015-11-18 19:49 - 00000000 ____D C:\Users\Manuel\Desktop\^piano
2015-11-18 19:05 - 2015-11-18 19:22 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Synthesia
2015-11-18 18:26 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\WINDOWS\SysWOW64\dhRichClient3.dll
2015-11-18 18:26 - 2011-03-25 20:42 - 00338432 _____ C:\WINDOWS\SysWOW64\sqlite36_engine.dll
2015-11-16 19:39 - 2015-11-16 19:45 - 00000000 ____D C:\Users\Manuel\AppData\Local\calibre-cache
2015-11-16 19:38 - 2015-12-04 06:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2015-11-16 19:38 - 2015-11-22 18:51 - 00000997 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2015-11-16 19:38 - 2015-11-18 21:49 - 00000000 ____D C:\Program Files\Calibre2
2015-11-16 19:38 - 2015-11-16 19:45 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\calibre
2015-11-16 19:38 - 2015-11-16 19:44 - 00000000 ____D C:\Users\Manuel\Documents\Calibre-Bibliothek
2015-11-15 17:52 - 2015-11-18 21:58 - 00000000 ____D C:\ProgramData\eMule
2015-11-07 13:11 - 2015-12-02 22:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-07 18:39 - 2015-04-24 21:30 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{01E50813-C029-43AD-83B0-C8875C1F6992}
2015-12-07 18:38 - 2015-05-09 14:44 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-06 09:36 - 2015-10-30 19:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-06 09:36 - 2015-10-30 19:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-06 09:36 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2015-12-06 09:36 - 2015-08-22 04:14 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-06 09:07 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-06 03:32 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-06 03:32 - 2015-08-22 04:05 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-12-06 03:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-05 22:53 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-05 17:43 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2015-12-05 06:37 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-05 06:37 - 2015-04-24 21:27 - 00000000 ____D C:\Users\Manuel\AppData\Local\Packages
2015-12-05 06:35 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-12-04 14:59 - 2015-05-05 18:33 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\vlc
2015-12-04 09:21 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-04 09:09 - 2015-08-22 05:54 - 00000000 ___RD C:\Users\Manuel\OneDrive
2015-12-04 09:06 - 2015-05-17 19:31 - 00004186 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 09:06 - 2015-05-17 19:31 - 00003954 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-04 09:06 - 2015-05-17 19:31 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-04 09:06 - 2015-05-17 19:31 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-04 09:04 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-12-04 09:04 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-04 09:03 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-04 09:03 - 2015-04-24 20:51 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-04 06:36 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-04 06:34 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT
2015-12-04 06:34 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-04 06:34 - 2015-08-22 03:11 - 00019053 _____ C:\WINDOWS\diagwrn.xml
2015-12-04 06:34 - 2015-08-22 03:11 - 00019053 _____ C:\WINDOWS\diagerr.xml
2015-12-04 06:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration
2015-12-04 06:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-04 06:25 - 2015-08-22 04:19 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-12-04 06:25 - 2015-02-23 13:28 - 00002736 _____ C:\WINDOWS\System32\Tasks\Norton Online Backup ARA
2015-12-04 06:24 - 2015-07-20 12:48 - 00002564 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2015-12-04 06:24 - 2015-05-09 14:44 - 00003098 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-04 06:24 - 2015-04-24 21:33 - 00002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1273145720-561992726-3298081300-1001
2015-12-04 06:24 - 2015-02-23 13:25 - 00002248 _____ C:\WINDOWS\System32\Tasks\Power Management
2015-12-04 06:24 - 2015-02-23 13:10 - 00002032 _____ C:\WINDOWS\System32\Tasks\Dolby Selector
2015-12-04 06:24 - 2015-02-23 12:32 - 00002876 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1273145720-561992726-3298081300-500
2015-12-04 06:24 - 2014-01-16 16:11 - 00003752 _____ C:\WINDOWS\System32\Tasks\ALUAgent
2015-12-04 06:24 - 2014-01-16 16:11 - 00002780 _____ C:\WINDOWS\System32\Tasks\ALU
2015-12-04 06:24 - 2014-01-16 16:11 - 00002238 _____ C:\WINDOWS\System32\Tasks\Launch Manager
2015-12-04 06:23 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-04 06:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help
2015-12-04 06:15 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-04 06:15 - 2015-10-21 19:16 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-12-04 06:15 - 2015-10-13 18:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-12-04 06:15 - 2015-10-13 18:31 - 00000000 ____D C:\WINDOWS\de
2015-12-04 06:15 - 2015-08-12 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-04 06:15 - 2015-07-29 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP4300
2015-12-04 06:15 - 2015-06-23 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
2015-12-04 06:15 - 2015-05-05 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-12-04 06:15 - 2015-05-05 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-12-04 06:15 - 2015-04-25 15:41 - 00000000 ____D C:\Program Files\Common Files\logishrd
2015-12-04 06:15 - 2015-02-23 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
2015-12-04 06:15 - 2015-02-23 13:12 - 00000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e
2015-12-04 06:15 - 2015-02-23 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2015-12-04 06:15 - 2014-01-16 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-12-04 06:15 - 2014-01-16 16:01 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-04 06:13 - 2015-07-10 10:05 - 00000000 ____D C:\Users\Default.migrated
2015-12-04 06:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-12-04 06:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-04 06:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-04 06:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-12-04 06:11 - 2015-06-23 21:41 - 00000000 ____D C:\WINDOWS\SysWOW64\spool
2015-12-04 06:11 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-12-04 06:11 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-12-04 06:09 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-04 06:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-04 06:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\InputMethod
2015-12-04 06:09 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-12-04 06:09 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-04 06:09 - 2015-09-26 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-04 06:09 - 2015-07-29 08:00 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2015-12-04 06:09 - 2015-06-23 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software
2015-12-04 06:09 - 2015-05-26 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-12-04 06:09 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-12-04 06:05 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-04 06:01 - 2015-08-22 03:52 - 00000000 ____D C:\AMD
2015-12-04 05:57 - 2015-10-30 19:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-12-04 05:56 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-04 05:51 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-04 05:51 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-04 05:51 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-04 05:51 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-04 05:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-12-04 05:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-12-04 05:30 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-02 23:43 - 2015-05-17 19:31 - 00000000 ____D C:\Users\Manuel\AppData\Local\Google
2015-12-02 23:04 - 2015-05-17 19:31 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-02 23:00 - 2015-04-25 13:51 - 00000000 ____D C:\Users\Manuel\AppData\Local\CrashDumps
2015-12-02 22:50 - 2014-01-16 16:01 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2015-12-02 22:49 - 2015-06-13 10:43 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\WildTangent
2015-12-02 22:49 - 2014-01-16 16:01 - 00000000 ____D C:\ProgramData\WildTangent
2015-12-02 22:48 - 2015-04-24 21:29 - 00000000 ____D C:\Users\Manuel\AppData\Local\clear.fi
2015-12-02 22:48 - 2014-01-16 16:11 - 00000000 ____D C:\Program Files (x86)\Acer
2015-12-02 13:15 - 2014-01-16 15:04 - 00000000 ___HD C:\OEM
2015-12-02 12:38 - 2015-10-10 19:47 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\DVDVideoSoft
2015-11-30 21:14 - 2015-07-27 18:26 - 664977556 _____ C:\WINDOWS\MEMORY.DMP
2015-11-28 15:42 - 2015-05-05 17:37 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-27 18:04 - 2015-04-25 05:13 - 00000000 ____D C:\Users\Public\OEM
2015-11-22 18:52 - 2015-10-13 18:31 - 00001370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-11-22 18:52 - 2015-09-15 11:00 - 00002225 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-11-22 18:52 - 2015-06-04 07:52 - 00001439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-11-22 18:52 - 2015-06-03 21:23 - 00000946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-11-22 18:52 - 2015-02-23 13:27 - 00001978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2015-11-22 18:52 - 2015-02-23 13:17 - 00001939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-11-22 18:51 - 2015-10-21 19:16 - 00001126 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-11-22 18:51 - 2015-07-30 22:55 - 00001995 _____ C:\Users\Public\Desktop\abMedia.lnk
2015-11-22 18:51 - 2015-06-23 21:42 - 00002163 _____ C:\Users\Public\Desktop\Perfect Effects Free 9.lnk
2015-11-22 18:51 - 2015-05-26 13:59 - 00001206 _____ C:\Users\Public\Desktop\ImageBrowser EX.lnk
2015-11-22 18:51 - 2015-05-26 13:56 - 00001211 _____ C:\Users\Public\Desktop\Picture Style Editor.lnk
2015-11-22 18:51 - 2015-05-26 13:56 - 00001081 _____ C:\Users\Public\Desktop\EOS Utility.lnk
2015-11-22 18:51 - 2015-05-26 13:55 - 00001146 _____ C:\Users\Public\Desktop\Digital Photo Professional.lnk
2015-11-22 18:51 - 2015-05-05 18:32 - 00001080 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-11-22 18:51 - 2015-05-05 17:35 - 00001346 _____ C:\Users\Public\Desktop\Freemake Video Downloader.lnk
2015-11-22 18:51 - 2015-04-25 16:09 - 00002636 _____ C:\Users\Public\Desktop\Skype.lnk
2015-11-22 18:51 - 2015-02-23 14:01 - 00001680 _____ C:\Users\Public\Desktop\Online kaufen.lnk
2015-11-22 18:51 - 2015-02-23 13:28 - 00002127 _____ C:\Users\Public\Desktop\Norton Online Backup.lnk
2015-11-22 18:50 - 2015-06-23 21:01 - 00001078 _____ C:\Users\Manuel\Desktop\PhotoFiltre 7.lnk
2015-11-22 18:50 - 2015-05-03 17:52 - 00001444 _____ C:\Users\Manuel\Desktop\amazon.de.lnk
2015-11-21 17:03 - 2015-04-25 16:09 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Skype
2015-11-19 16:22 - 2013-08-22 14:25 - 00000226 _____ C:\WINDOWS\win.ini
2015-11-13 14:54 - 2015-04-30 22:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-13 14:51 - 2015-04-30 22:01 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar
2015-11-21 18:18 - 2015-11-21 18:18 - 0000010 ___SH () C:\Users\Manuel\AppData\Roaming\user_database.dat
2015-07-26 15:55 - 2015-07-26 15:55 - 0001520 _____ () C:\Users\Manuel\AppData\Local\recently-used.xbel
2015-12-04 06:02 - 2015-12-04 06:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-04 05:56

==================== Ende von FRST.txt ============================
--- --- ---

deeprybka 07.12.2015 19:40
Liste der Anhänge anzeigen (Anzahl: 1)
Lade Dir mal die Textdatei runter und starte FRST, klicke entfernen und poste das erstellte Log.

Manuel476 07.12.2015 20:10

FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
durchgeführt von Manuel (Administrator) auf MANU (07-12-2015 18:58:27)
Gestartet von C:\Users\Manuel\Downloads
Geladene Profile: Manuel (Verfügbare Profile: Manuel)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\Casio\XW-DJ1\CasioCplApp.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1201.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Farbar) C:\Users\Manuel\Downloads\FRST64 (5).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648 2015-06-12] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Casio Control Panel Autostart.lnk [2015-11-26]
ShortcutTarget: Casio Control Panel Autostart.lnk -> C:\Program Files\Casio\XW-DJ1\CasioCplApp.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2015-11-22]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2015-12-06]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 0.0.0.1        mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{8d538c83-dc46-4aef-84b9-eff1c3096ba4}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930216073929093&GUID=05B5E2C7-6E6C-AA0A-4F3F-7F47FE4E0B66
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930216073945408&GUID=05B5E2C7-6E6C-AA0A-4F3F-7F47FE4E0B66
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.)
Toolbar: HKU\S-1-5-21-1273145720-561992726-3298081300-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default
FF SelectedSearchEngine: Bing®
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-10] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-10] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Extension: Outrageous Deal - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\Extensions\{9f151910-c7b7-4060-98b3-333fd4cbc434}.xpi [2015-11-26] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-27]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\!70ACDE8C77C274EF19CEF2F3A8DE5D6270AC.js [2015-11-18]

Chrome:
=======
CHR NewTab: Default -> "chrome-extension://akhmefomaihbclfehodbdmoaeoodjjdo/newtab/newtab-hp.html"
CHR Profile: C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-02]
CHR Extension: (Easy Screenshot) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\akhmefomaihbclfehodbdmoaeoodjjdo [2015-12-04]
CHR Extension: (Google Docs) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-02]
CHR Extension: (Google Drive) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-02]
CHR Extension: (YouTube) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-02]
CHR Extension: (Google Search) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-02]
CHR Extension: (Google Sheets) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-02]
CHR Extension: (SiteAdvisor) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-12-02]
CHR Extension: (Google Docs Offline) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-02]
CHR Extension: (Gmail) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-04-24] (Freemake) [Datei ist nicht signiert]
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2015-11-25] (Lavasoft Limited)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-06-12] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [42184 2015-06-12] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-07 18:57 - 2015-12-07 18:58 - 02369024 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64 (5).exe
2015-12-05 17:38 - 2015-12-05 17:39 - 02369024 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64 (3).exe
2015-12-05 17:38 - 2015-12-05 17:38 - 02369024 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64 (4).exe
2015-12-05 13:28 - 2015-12-05 13:28 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-04 11:02 - 2015-11-22 10:56 - 22394880 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-04 11:02 - 2015-11-22 10:43 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-04 11:01 - 2015-11-22 11:47 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-04 11:01 - 2015-11-22 11:47 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-04 11:01 - 2015-11-22 11:41 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-04 11:01 - 2015-11-22 11:41 - 01284960 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-04 11:01 - 2015-11-22 11:41 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-04 11:01 - 2015-11-22 11:35 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-04 11:01 - 2015-11-22 11:34 - 00975200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-04 11:01 - 2015-11-22 11:34 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2015-12-04 11:01 - 2015-11-22 11:33 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2015-12-04 11:01 - 2015-11-22 11:33 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-04 11:01 - 2015-11-22 11:33 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-04 11:01 - 2015-11-22 11:30 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-12-04 11:01 - 2015-11-22 11:30 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-12-04 11:01 - 2015-11-22 11:26 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-04 11:01 - 2015-11-22 11:25 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2015-12-04 11:01 - 2015-11-22 11:24 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-04 11:01 - 2015-11-22 11:20 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-12-04 11:01 - 2015-11-22 11:19 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-12-04 11:01 - 2015-11-22 11:14 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-04 11:01 - 2015-11-22 10:57 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-04 11:01 - 2015-11-22 10:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-04 11:01 - 2015-11-22 10:54 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-04 11:01 - 2015-11-22 10:54 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2015-12-04 11:01 - 2015-11-22 10:54 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-04 11:01 - 2015-11-22 10:52 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-04 11:01 - 2015-11-22 10:52 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2015-12-04 11:01 - 2015-11-22 10:52 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-12-04 11:01 - 2015-11-22 10:51 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-04 11:01 - 2015-11-22 10:51 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-12-04 11:01 - 2015-11-22 10:50 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2015-12-04 11:01 - 2015-11-22 10:49 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-04 11:01 - 2015-11-22 10:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-12-04 11:01 - 2015-11-22 10:49 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2015-12-04 11:01 - 2015-11-22 10:47 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-04 11:01 - 2015-11-22 10:46 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-04 11:01 - 2015-11-22 10:46 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-04 11:01 - 2015-11-22 10:45 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-04 11:01 - 2015-11-22 10:45 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-04 11:01 - 2015-11-22 10:45 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-04 11:01 - 2015-11-22 10:45 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-04 11:01 - 2015-11-22 10:45 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-04 11:01 - 2015-11-22 10:44 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-04 11:01 - 2015-11-22 10:43 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-04 11:01 - 2015-11-22 10:43 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-04 11:01 - 2015-11-22 10:43 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-04 11:01 - 2015-11-22 10:43 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-12-04 11:01 - 2015-11-22 10:43 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2015-12-04 11:01 - 2015-11-22 10:42 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-04 11:01 - 2015-11-22 10:42 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-04 11:01 - 2015-11-22 10:42 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-04 11:01 - 2015-11-22 10:42 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-04 11:01 - 2015-11-22 10:42 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-04 11:01 - 2015-11-22 10:41 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-04 11:01 - 2015-11-22 10:41 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-04 11:01 - 2015-11-22 10:41 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-04 11:01 - 2015-11-22 10:40 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-04 11:01 - 2015-11-22 10:40 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-04 11:01 - 2015-11-22 10:40 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-04 11:01 - 2015-11-22 10:40 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-04 11:01 - 2015-11-22 10:39 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-12-04 11:01 - 2015-11-22 10:38 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-04 11:01 - 2015-11-22 10:38 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-04 11:01 - 2015-11-22 10:38 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-04 11:01 - 2015-11-22 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2015-12-04 11:01 - 2015-11-22 10:38 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2015-12-04 11:01 - 2015-11-22 10:37 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-04 11:01 - 2015-11-22 10:37 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-04 11:01 - 2015-11-22 10:37 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-12-04 11:01 - 2015-11-22 10:36 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-04 11:01 - 2015-11-22 10:34 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-04 11:01 - 2015-11-22 10:34 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2015-12-04 11:01 - 2015-11-22 10:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-04 11:01 - 2015-11-22 10:34 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-12-04 11:01 - 2015-11-22 10:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-04 11:01 - 2015-11-22 10:33 - 13380608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-04 11:01 - 2015-11-22 10:33 - 02587136 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-04 11:01 - 2015-11-22 10:32 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-04 11:01 - 2015-11-22 10:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2015-12-04 11:01 - 2015-11-22 10:32 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-04 11:01 - 2015-11-22 10:31 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-04 11:01 - 2015-11-22 10:31 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-04 11:01 - 2015-11-22 10:31 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-04 11:01 - 2015-11-22 10:30 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-04 11:01 - 2015-11-22 10:30 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-04 11:01 - 2015-11-22 10:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2015-12-04 11:01 - 2015-11-22 10:27 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-04 11:01 - 2015-11-22 10:27 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-04 11:01 - 2015-11-22 10:27 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-04 11:01 - 2015-11-22 10:27 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-04 11:01 - 2015-11-22 10:27 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2015-12-04 11:01 - 2015-11-22 10:27 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-04 11:01 - 2015-11-22 10:26 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-04 11:01 - 2015-11-22 10:26 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-04 11:01 - 2015-11-22 10:26 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2015-12-04 11:01 - 2015-11-22 10:26 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-12-04 11:01 - 2015-11-22 10:25 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-04 11:01 - 2015-11-22 10:25 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-04 11:01 - 2015-11-22 10:25 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-04 11:01 - 2015-11-22 10:24 - 12124672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-04 11:01 - 2015-11-22 10:24 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-04 11:01 - 2015-11-22 10:24 - 01995264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-04 11:01 - 2015-11-22 10:24 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-12-04 11:01 - 2015-11-22 10:23 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-04 11:01 - 2015-11-22 10:20 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-04 11:01 - 2015-11-22 10:19 - 02064384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-04 11:01 - 2015-11-22 10:18 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-04 11:01 - 2015-11-22 10:18 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-12-04 11:01 - 2015-11-22 10:18 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2015-12-04 11:01 - 2015-11-22 10:17 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-04 11:01 - 2015-11-22 10:17 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-04 11:01 - 2015-11-22 10:16 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-04 11:01 - 2015-11-22 10:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-12-04 11:00 - 2015-11-22 11:00 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2015-12-04 11:00 - 2015-11-22 11:00 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2015-12-04 11:00 - 2015-11-22 10:57 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-04 11:00 - 2015-11-22 10:57 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-04 11:00 - 2015-11-22 10:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-04 11:00 - 2015-11-22 10:57 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-04 11:00 - 2015-11-22 10:56 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-04 11:00 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-04 11:00 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-04 11:00 - 2015-11-22 10:56 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2015-12-04 11:00 - 2015-11-22 10:55 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-04 11:00 - 2015-11-22 10:55 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-04 11:00 - 2015-11-22 10:54 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-04 11:00 - 2015-11-22 10:54 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2015-12-04 11:00 - 2015-11-22 10:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-04 11:00 - 2015-11-22 10:54 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2015-12-04 11:00 - 2015-11-22 10:54 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-04 11:00 - 2015-11-22 10:54 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-04 11:00 - 2015-11-22 10:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-04 11:00 - 2015-11-22 10:52 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-04 11:00 - 2015-11-22 10:51 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-04 11:00 - 2015-11-22 10:51 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2015-12-04 11:00 - 2015-11-22 10:51 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-04 11:00 - 2015-11-22 10:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-04 11:00 - 2015-11-22 10:48 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2015-12-04 11:00 - 2015-11-22 10:45 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-04 11:00 - 2015-11-22 10:45 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-04 11:00 - 2015-11-22 10:45 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2015-12-04 11:00 - 2015-11-22 10:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-04 11:00 - 2015-11-22 10:45 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-04 11:00 - 2015-11-22 10:44 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-04 11:00 - 2015-11-22 10:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2015-12-04 11:00 - 2015-11-22 10:42 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2015-12-04 11:00 - 2015-11-22 10:42 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2015-12-04 11:00 - 2015-11-22 10:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-04 11:00 - 2015-11-22 10:39 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2015-12-04 11:00 - 2015-11-22 10:34 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-04 11:00 - 2015-11-22 10:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-04 11:00 - 2015-11-22 10:33 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2015-12-04 11:00 - 2015-11-22 10:24 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2015-12-04 11:00 - 2015-11-22 10:24 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2015-12-04 09:09 - 2015-12-04 09:09 - 00002395 _____ C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-04 09:07 - 2015-12-04 09:07 - 00000000 ____D C:\ProgramData\ATI
2015-12-04 09:05 - 2015-12-04 09:05 - 00000000 ____D C:\Users\Manuel\AppData\Local\ActiveSync
2015-12-04 09:02 - 2015-12-04 09:02 - 00000020 ___SH C:\Users\Manuel\ntuser.ini
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-12-04 06:24 - 2015-12-06 03:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-04 06:13 - 2015-12-04 06:13 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2015-12-04 06:08 - 2015-12-04 06:15 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-12-04 06:06 - 2015-12-06 03:30 - 00000000 ____D C:\Users\Manuel
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Vorlagen
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Startmenü
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Netzwerkumgebung
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Lokale Einstellungen
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Eigene Dateien
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Druckumgebung
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Documents\Eigene Videos
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Documents\Eigene Musik
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Documents\Eigene Bilder
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\AppData\Local\Verlauf
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\AppData\Local\Anwendungsdaten
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Anwendungsdaten
2015-12-04 06:02 - 2015-12-04 06:09 - 00000000 ____D C:\ProgramData\AMD
2015-12-04 06:02 - 2015-12-04 06:02 - 00646947 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2015-12-04 06:02 - 2015-12-04 06:02 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-12-04 06:02 - 2015-12-04 06:02 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-12-04 06:02 - 2015-12-04 06:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-12-04 06:02 - 2015-12-04 06:02 - 00000000 ____D C:\Program Files\Common Files\Atheros
2015-12-04 06:02 - 2015-12-04 06:02 - 00000000 ____D C:\Program Files\ATI Technologies
2015-12-04 06:01 - 2015-12-04 06:09 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-04 06:01 - 2015-12-04 06:09 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_AMDASF_01011.Wdf
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____D C:\Program Files\Synaptics
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____D C:\Program Files\Realtek
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____D C:\Program Files\AMD
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2015-12-04 06:00 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-12-04 05:57 - 2015-12-04 06:16 - 00218048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-04 05:56 - 2015-12-04 12:00 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-04 05:51 - 2015-12-04 05:51 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 03670832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 02918808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-12-04 05:51 - 2015-12-04 05:51 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-12-04 05:51 - 2015-12-04 05:51 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00000000 ____D C:\Windows.old
2015-12-04 05:49 - 2015-12-04 05:49 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-04 05:45 - 2015-12-04 05:45 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-12-04 05:45 - 2015-12-04 05:45 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-04 05:45 - 2015-12-04 05:45 - 00000000 ____D C:\Program Files\MSBuild
2015-12-04 05:45 - 2015-12-04 05:45 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-04 05:45 - 2015-12-04 05:45 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-04 05:44 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-12-04 05:44 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-12-04 05:44 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-12-04 05:44 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-04 05:44 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-04 05:44 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-03 21:48 - 2015-12-03 21:48 - 14193160 _____ (Native Instruments GmbH) C:\Users\Manuel\Downloads\Alicias_Keys_Downloader (2).exe
2015-12-03 21:27 - 2015-12-03 21:27 - 14193160 _____ (Native Instruments GmbH) C:\Users\Manuel\Downloads\Alicias_Keys_Downloader (1).exe
2015-12-03 21:26 - 2015-12-03 21:51 - 00000000 ____D C:\Users\Manuel\Downloads\_nidownload_7fc60d8813c881f07538bc113254dc9524dd2724
2015-12-03 21:26 - 2015-12-03 21:48 - 00043376 _____ C:\Users\Manuel\Downloads\_nidownload_Alicias_Keys.toc
2015-12-03 21:25 - 2015-12-03 21:25 - 14193160 _____ (Native Instruments GmbH) C:\Users\Manuel\Downloads\Alicias_Keys_Downloader.exe
2015-12-03 21:05 - 2015-12-04 06:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClipGrab
2015-12-03 21:05 - 2015-12-03 21:05 - 00001040 _____ C:\Users\Public\Desktop\ClipGrab.lnk
2015-12-03 21:05 - 2015-12-03 21:05 - 00000000 ____D C:\Program Files (x86)\ClipGrab
2015-12-03 21:03 - 2015-12-03 21:04 - 22178792 _____ (Philipp Schmieder Medien ) C:\Users\Manuel\Downloads\clipgrab-3.5.5.exe
2015-12-02 23:05 - 2015-12-04 06:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-02 23:05 - 2015-12-02 23:05 - 00002288 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-02 23:03 - 2015-12-02 23:04 - 00929872 _____ (Google Inc.) C:\Users\Manuel\Downloads\ChromeSetup.exe
2015-12-02 22:49 - 2015-12-02 22:49 - 00000000 ____D C:\Users\Manuel\AppData\Local\AOP SDK
2015-12-02 21:09 - 2015-12-02 21:10 - 01736704 _____ C:\Users\Manuel\Downloads\AdwCleaner_5.023.exe
2015-12-02 08:25 - 2015-12-02 08:29 - 00253582 _____ C:\TDSSKiller.3.1.0.7_02.12.2015_08.25.03_log.txt
2015-12-02 08:23 - 2015-12-02 08:24 - 00252680 _____ C:\TDSSKiller.3.1.0.7_02.12.2015_08.23.06_log.txt
2015-12-02 08:18 - 2015-12-02 08:18 - 02350080 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64 (2).exe
2015-12-02 08:15 - 2015-12-02 08:15 - 02350080 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64 (1).exe
2015-12-02 08:09 - 2015-12-02 08:11 - 00252826 _____ C:\TDSSKiller.3.1.0.7_02.12.2015_08.09.53_log.txt
2015-12-02 08:09 - 2015-12-02 08:09 - 00000560 _____ C:\TDSSKiller.3.1.0.7_02.12.2015_08.09.44_log.txt
2015-12-02 08:04 - 2015-12-05 17:44 - 00045482 _____ C:\Users\Manuel\Downloads\Addition.txt
2015-12-02 08:03 - 2015-12-07 18:58 - 00016324 _____ C:\Users\Manuel\Downloads\FRST.txt
2015-12-02 08:01 - 2015-12-02 08:03 - 02350080 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64.exe
2015-12-01 23:43 - 2015-12-01 23:49 - 00252680 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_23.43.03_log.txt
2015-12-01 23:42 - 2015-12-01 23:43 - 04398264 _____ (Kaspersky Lab ZAO) C:\Users\Manuel\Downloads\tdsskiller.exe
2015-12-01 23:26 - 2015-12-01 23:28 - 00252680 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_23.26.38_log.txt
2015-12-01 23:25 - 2015-12-01 23:25 - 00048382 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_23.25.21_log.txt
2015-12-01 22:08 - 2015-12-01 22:10 - 00252846 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_22.08.56_log.txt
2015-12-01 21:43 - 2015-12-01 21:43 - 00000000 ____D C:\Program Files (x86)\Native Instruments
2015-12-01 12:43 - 2015-12-01 12:43 - 00000000 _____ C:\Users\Manuel\defogger_reenable
2015-11-30 16:12 - 2015-12-01 14:16 - 00000000 ____D C:\Users\Manuel\Documents\REAPER Media
2015-11-30 16:09 - 2015-12-04 06:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)
2015-11-30 16:09 - 2015-11-30 16:09 - 00000873 _____ C:\Users\Public\Desktop\REAPER (x64).lnk
2015-11-30 16:09 - 2015-11-30 16:09 - 00000000 ____D C:\Program Files\REAPER (x64)
2015-11-28 15:42 - 2015-12-04 06:24 - 00003294 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1448721735
2015-11-28 15:42 - 2015-11-28 15:42 - 00001208 _____ C:\Users\Public\Desktop\Opera.lnk
2015-11-28 15:42 - 2015-11-28 15:42 - 00001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-11-27 21:18 - 2015-11-27 23:37 - 00000000 ____D C:\Users\Manuel\Desktop\b
2015-11-27 19:53 - 2015-11-27 23:36 - 00000000 ____D C:\Users\Manuel\Desktop\november
2015-11-27 17:47 - 2015-11-27 17:47 - 00000000 ____D C:\Users\Manuel\Desktop\JRT_NewerVersion
2015-11-27 11:51 - 2015-11-27 11:52 - 00257212 _____ C:\TDSSKiller.3.1.0.6_27.11.2015_11.51.00_log.txt
2015-11-27 11:49 - 2015-11-27 11:49 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\AVG
2015-11-27 11:48 - 2015-11-27 11:48 - 00000000 ____D C:\Users\Manuel\AppData\Local\Avg
2015-11-27 11:47 - 2015-11-27 11:49 - 00000000 ____D C:\ProgramData\AVG
2015-11-27 11:14 - 2015-11-27 11:14 - 00000000 ____D C:\Users\Manuel\Desktop\RECORDER
2015-11-27 10:34 - 2015-11-27 12:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2015-11-26 18:25 - 2015-12-04 06:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Casio
2015-11-26 18:25 - 2015-11-26 18:25 - 00000000 ____D C:\Program Files\Casio
2015-11-26 15:01 - 2015-12-04 06:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REAPER
2015-11-26 15:01 - 2015-11-26 15:01 - 00001052 _____ C:\Users\Manuel\Desktop\REAPER.lnk
2015-11-26 15:01 - 2015-11-26 15:01 - 00000000 ____D C:\Program Files (x86)\REAPER
2015-11-26 14:58 - 2015-11-30 16:28 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\REAPER
2015-11-26 14:55 - 2015-11-26 14:55 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2015-11-26 09:26 - 2015-11-26 09:26 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\PianoBooster
2015-11-26 09:20 - 2015-12-04 06:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Piano Booster
2015-11-26 09:20 - 2015-11-26 09:20 - 00000000 ____D C:\Program Files (x86)\Piano Booster
2015-11-25 16:16 - 2015-11-25 16:17 - 00001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia.lnk
2015-11-25 16:02 - 2015-11-25 16:17 - 00001974 _____ C:\Users\Public\Desktop\Synthesia.lnk
2015-11-25 16:02 - 2015-11-25 16:16 - 00000000 ____D C:\Program Files (x86)\Synthesia
2015-11-25 16:02 - 2015-11-25 16:02 - 00000000 ____D C:\Users\Manuel\Documents\Synthesia Music
2015-11-25 15:48 - 2015-11-25 15:48 - 00000000 ____D C:\Users\Manuel\Documents\Myriad Documents
2015-11-25 15:47 - 2015-12-04 06:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Melody Assistant
2015-11-25 15:47 - 2015-11-25 15:48 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\ACAMPREF
2015-11-25 15:47 - 2015-11-25 15:47 - 00001160 _____ C:\Users\Manuel\Desktop\Melody Assistant.lnk
2015-11-25 15:47 - 2015-11-25 15:47 - 00000000 ____D C:\Program Files (x86)\Melody Assistant
2015-11-25 10:31 - 2015-12-04 06:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2015-11-25 10:31 - 2015-11-25 14:41 - 00001166 _____ C:\Users\Manuel\Desktop\ASIO4ALL v2 Anleitung.lnk
2015-11-25 10:31 - 2015-11-25 14:41 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2015-11-25 10:09 - 2015-12-04 19:09 - 00002912 _____ C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
2015-11-25 10:09 - 2015-12-04 19:09 - 00002912 _____ C:\WINDOWS\system32\LavasoftTcpServiceOff.ini
2015-11-25 10:09 - 2015-12-04 06:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-11-25 10:09 - 2015-11-27 17:48 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Lavasoft
2015-11-25 10:09 - 2015-11-25 10:09 - 00425744 _____ (Lavasoft Limited) C:\WINDOWS\system32\LavasoftTcpService64.dll
2015-11-25 10:09 - 2015-11-25 10:09 - 00345360 _____ (Lavasoft Limited) C:\WINDOWS\SysWOW64\LavasoftTcpService.dll
2015-11-25 10:09 - 2015-11-25 10:09 - 00000000 ____D C:\Users\Manuel\AppData\Local\Lavasoft
2015-11-25 10:08 - 2015-11-27 17:48 - 00000000 ____D C:\ProgramData\Lavasoft
2015-11-25 10:08 - 2015-11-25 10:08 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-11-23 11:37 - 2015-11-30 11:27 - 00305598 _____ C:\Users\Manuel\Documents\Bewerbung_Maler_und_Lackierer.doc2.neu.odt
2015-11-21 18:18 - 2015-12-04 06:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MIDI Pianist
2015-11-21 18:18 - 2015-11-22 18:50 - 00002024 _____ C:\Users\Manuel\Desktop\MIDI Pianist.lnk
2015-11-21 18:18 - 2015-11-21 18:18 - 00000010 ___SH C:\Users\Manuel\AppData\Roaming\user_database.dat
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\winregistry_001
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\mip
2015-11-21 18:18 - 2015-11-21 18:18 - 00000000 ____D C:\Program Files (x86)\MIDI Pianist
2015-11-21 18:13 - 2015-11-25 10:11 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\dlg
2015-11-21 15:39 - 2015-11-21 15:39 - 00039884 _____ C:\mbam.txt
2015-11-21 14:32 - 2015-12-02 21:28 - 00000000 ____D C:\AdwCleaner
2015-11-21 13:44 - 2015-11-21 14:34 - 00513740 _____ C:\TDSSKiller.3.1.0.6_21.11.2015_13.44.40_log.txt
2015-11-21 13:42 - 2015-12-07 18:58 - 00000000 ____D C:\FRST
2015-11-19 17:21 - 2015-11-19 17:21 - 00000000 ____D C:\Users\Manuel\AppData\Local\CEF
2015-11-19 16:39 - 2015-12-04 06:24 - 00002302 _____ C:\WINDOWS\System32\Tasks\{D6F067B6-DC67-4EA0-BCBB-5CF0DD427DBE}
2015-11-19 15:22 - 2015-12-04 10:56 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-11-19 15:22 - 2015-12-04 06:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-19 15:22 - 2015-11-22 18:51 - 00001169 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-19 15:22 - 2015-11-19 15:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-19 15:22 - 2015-11-19 15:22 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-19 15:22 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-11-19 15:22 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-11-19 15:22 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-11-19 14:43 - 2015-11-19 14:43 - 00000000 _____ C:\autoexec.bat
2015-11-18 22:37 - 2015-12-04 06:24 - 00002604 _____ C:\WINDOWS\System32\Tasks\Kinafaeheufok
2015-11-18 21:39 - 2015-12-04 06:24 - 00002224 _____ C:\WINDOWS\System32\Tasks\{E49DE93D-3C2D-4E1A-A749-025F78238EEF}
2015-11-18 21:07 - 2015-12-06 21:07 - 00001028 _____ C:\WINDOWS\Tasks\qPHwMWksY9eT0WjIbKxar.job
2015-11-18 21:07 - 2015-12-04 06:24 - 00003640 _____ C:\WINDOWS\System32\Tasks\qPHwMWksY9eT0WjIbKxar
2015-11-18 21:06 - 2015-11-21 12:14 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-18 21:05 - 2015-12-04 06:24 - 00002222 _____ C:\WINDOWS\System32\Tasks\gte3014
2015-11-18 21:02 - 2015-09-05 18:58 - 00000856 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2015-11-18 19:26 - 2015-11-18 19:49 - 00000000 ____D C:\Users\Manuel\Desktop\^piano
2015-11-18 19:05 - 2015-11-18 19:22 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Synthesia
2015-11-18 18:26 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\WINDOWS\SysWOW64\dhRichClient3.dll
2015-11-18 18:26 - 2011-03-25 20:42 - 00338432 _____ C:\WINDOWS\SysWOW64\sqlite36_engine.dll
2015-11-16 19:39 - 2015-11-16 19:45 - 00000000 ____D C:\Users\Manuel\AppData\Local\calibre-cache
2015-11-16 19:38 - 2015-12-04 06:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2015-11-16 19:38 - 2015-11-22 18:51 - 00000997 _____ C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2015-11-16 19:38 - 2015-11-18 21:49 - 00000000 ____D C:\Program Files\Calibre2
2015-11-16 19:38 - 2015-11-16 19:45 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\calibre
2015-11-16 19:38 - 2015-11-16 19:44 - 00000000 ____D C:\Users\Manuel\Documents\Calibre-Bibliothek
2015-11-15 17:52 - 2015-11-18 21:58 - 00000000 ____D C:\ProgramData\eMule
2015-11-07 13:11 - 2015-12-02 22:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-07 18:39 - 2015-04-24 21:30 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{01E50813-C029-43AD-83B0-C8875C1F6992}
2015-12-07 18:38 - 2015-05-09 14:44 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-06 09:36 - 2015-10-30 19:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-06 09:36 - 2015-10-30 19:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-06 09:36 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2015-12-06 09:36 - 2015-08-22 04:14 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-06 09:07 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-06 03:32 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-06 03:32 - 2015-08-22 04:05 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-12-06 03:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-05 22:53 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-05 17:43 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2015-12-05 06:37 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-05 06:37 - 2015-04-24 21:27 - 00000000 ____D C:\Users\Manuel\AppData\Local\Packages
2015-12-05 06:35 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-12-04 14:59 - 2015-05-05 18:33 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\vlc
2015-12-04 09:21 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-04 09:09 - 2015-08-22 05:54 - 00000000 ___RD C:\Users\Manuel\OneDrive
2015-12-04 09:06 - 2015-05-17 19:31 - 00004186 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 09:06 - 2015-05-17 19:31 - 00003954 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-04 09:06 - 2015-05-17 19:31 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-04 09:06 - 2015-05-17 19:31 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-04 09:04 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-12-04 09:04 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-04 09:03 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-04 09:03 - 2015-04-24 20:51 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-04 06:36 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-04 06:34 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT
2015-12-04 06:34 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-04 06:34 - 2015-08-22 03:11 - 00019053 _____ C:\WINDOWS\diagwrn.xml
2015-12-04 06:34 - 2015-08-22 03:11 - 00019053 _____ C:\WINDOWS\diagerr.xml
2015-12-04 06:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration
2015-12-04 06:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-04 06:25 - 2015-08-22 04:19 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-12-04 06:25 - 2015-02-23 13:28 - 00002736 _____ C:\WINDOWS\System32\Tasks\Norton Online Backup ARA
2015-12-04 06:24 - 2015-07-20 12:48 - 00002564 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2015-12-04 06:24 - 2015-05-09 14:44 - 00003098 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-04 06:24 - 2015-04-24 21:33 - 00002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1273145720-561992726-3298081300-1001
2015-12-04 06:24 - 2015-02-23 13:25 - 00002248 _____ C:\WINDOWS\System32\Tasks\Power Management
2015-12-04 06:24 - 2015-02-23 13:10 - 00002032 _____ C:\WINDOWS\System32\Tasks\Dolby Selector
2015-12-04 06:24 - 2015-02-23 12:32 - 00002876 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1273145720-561992726-3298081300-500
2015-12-04 06:24 - 2014-01-16 16:11 - 00003752 _____ C:\WINDOWS\System32\Tasks\ALUAgent
2015-12-04 06:24 - 2014-01-16 16:11 - 00002780 _____ C:\WINDOWS\System32\Tasks\ALU
2015-12-04 06:24 - 2014-01-16 16:11 - 00002238 _____ C:\WINDOWS\System32\Tasks\Launch Manager
2015-12-04 06:23 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-04 06:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help
2015-12-04 06:15 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-04 06:15 - 2015-10-21 19:16 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-12-04 06:15 - 2015-10-13 18:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-12-04 06:15 - 2015-10-13 18:31 - 00000000 ____D C:\WINDOWS\de
2015-12-04 06:15 - 2015-08-12 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-04 06:15 - 2015-07-29 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP4300
2015-12-04 06:15 - 2015-06-23 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
2015-12-04 06:15 - 2015-05-05 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-12-04 06:15 - 2015-05-05 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-12-04 06:15 - 2015-04-25 15:41 - 00000000 ____D C:\Program Files\Common Files\logishrd
2015-12-04 06:15 - 2015-02-23 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
2015-12-04 06:15 - 2015-02-23 13:12 - 00000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e
2015-12-04 06:15 - 2015-02-23 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2015-12-04 06:15 - 2014-01-16 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-12-04 06:15 - 2014-01-16 16:01 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-04 06:13 - 2015-07-10 10:05 - 00000000 ____D C:\Users\Default.migrated
2015-12-04 06:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-12-04 06:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-04 06:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-04 06:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-12-04 06:11 - 2015-06-23 21:41 - 00000000 ____D C:\WINDOWS\SysWOW64\spool
2015-12-04 06:11 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-12-04 06:11 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-12-04 06:09 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-04 06:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-04 06:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\InputMethod
2015-12-04 06:09 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-12-04 06:09 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-04 06:09 - 2015-09-26 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-04 06:09 - 2015-07-29 08:00 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2015-12-04 06:09 - 2015-06-23 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software
2015-12-04 06:09 - 2015-05-26 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-12-04 06:09 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-12-04 06:05 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-04 06:01 - 2015-08-22 03:52 - 00000000 ____D C:\AMD
2015-12-04 05:57 - 2015-10-30 19:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-12-04 05:56 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-04 05:51 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-04 05:51 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-04 05:51 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-04 05:51 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-04 05:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-12-04 05:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-12-04 05:30 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-02 23:43 - 2015-05-17 19:31 - 00000000 ____D C:\Users\Manuel\AppData\Local\Google
2015-12-02 23:04 - 2015-05-17 19:31 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-02 23:00 - 2015-04-25 13:51 - 00000000 ____D C:\Users\Manuel\AppData\Local\CrashDumps
2015-12-02 22:50 - 2014-01-16 16:01 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2015-12-02 22:49 - 2015-06-13 10:43 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\WildTangent
2015-12-02 22:49 - 2014-01-16 16:01 - 00000000 ____D C:\ProgramData\WildTangent
2015-12-02 22:48 - 2015-04-24 21:29 - 00000000 ____D C:\Users\Manuel\AppData\Local\clear.fi
2015-12-02 22:48 - 2014-01-16 16:11 - 00000000 ____D C:\Program Files (x86)\Acer
2015-12-02 13:15 - 2014-01-16 15:04 - 00000000 ___HD C:\OEM
2015-12-02 12:38 - 2015-10-10 19:47 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\DVDVideoSoft
2015-11-30 21:14 - 2015-07-27 18:26 - 664977556 _____ C:\WINDOWS\MEMORY.DMP
2015-11-28 15:42 - 2015-05-05 17:37 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-27 18:04 - 2015-04-25 05:13 - 00000000 ____D C:\Users\Public\OEM
2015-11-22 18:52 - 2015-10-13 18:31 - 00001370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2015-11-22 18:52 - 2015-09-15 11:00 - 00002225 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-11-22 18:52 - 2015-06-04 07:52 - 00001439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2015-11-22 18:52 - 2015-06-03 21:23 - 00000946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-11-22 18:52 - 2015-02-23 13:27 - 00001978 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2015-11-22 18:52 - 2015-02-23 13:17 - 00001939 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-11-22 18:51 - 2015-10-21 19:16 - 00001126 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-11-22 18:51 - 2015-07-30 22:55 - 00001995 _____ C:\Users\Public\Desktop\abMedia.lnk
2015-11-22 18:51 - 2015-06-23 21:42 - 00002163 _____ C:\Users\Public\Desktop\Perfect Effects Free 9.lnk
2015-11-22 18:51 - 2015-05-26 13:59 - 00001206 _____ C:\Users\Public\Desktop\ImageBrowser EX.lnk
2015-11-22 18:51 - 2015-05-26 13:56 - 00001211 _____ C:\Users\Public\Desktop\Picture Style Editor.lnk
2015-11-22 18:51 - 2015-05-26 13:56 - 00001081 _____ C:\Users\Public\Desktop\EOS Utility.lnk
2015-11-22 18:51 - 2015-05-26 13:55 - 00001146 _____ C:\Users\Public\Desktop\Digital Photo Professional.lnk
2015-11-22 18:51 - 2015-05-05 18:32 - 00001080 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-11-22 18:51 - 2015-05-05 17:35 - 00001346 _____ C:\Users\Public\Desktop\Freemake Video Downloader.lnk
2015-11-22 18:51 - 2015-04-25 16:09 - 00002636 _____ C:\Users\Public\Desktop\Skype.lnk
2015-11-22 18:51 - 2015-02-23 14:01 - 00001680 _____ C:\Users\Public\Desktop\Online kaufen.lnk
2015-11-22 18:51 - 2015-02-23 13:28 - 00002127 _____ C:\Users\Public\Desktop\Norton Online Backup.lnk
2015-11-22 18:50 - 2015-06-23 21:01 - 00001078 _____ C:\Users\Manuel\Desktop\PhotoFiltre 7.lnk
2015-11-22 18:50 - 2015-05-03 17:52 - 00001444 _____ C:\Users\Manuel\Desktop\amazon.de.lnk
2015-11-21 17:03 - 2015-04-25 16:09 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Skype
2015-11-19 16:22 - 2013-08-22 14:25 - 00000226 _____ C:\WINDOWS\win.ini
2015-11-13 14:54 - 2015-04-30 22:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-13 14:51 - 2015-04-30 22:01 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar
2015-11-21 18:18 - 2015-11-21 18:18 - 0000010 ___SH () C:\Users\Manuel\AppData\Roaming\user_database.dat
2015-07-26 15:55 - 2015-07-26 15:55 - 0001520 _____ () C:\Users\Manuel\AppData\Local\recently-used.xbel
2015-12-04 06:02 - 2015-12-04 06:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-04 05:56

==================== Ende von FRST.txt ============================
--- --- ---

deeprybka 07.12.2015 20:13
Das ist nicht das Fixlog.txt das ist FRST.txt...

Manuel476 07.12.2015 20:53
Mhh. also ich habe die fixlist erstellt und gespeichert, dann habe ich frst geladen und entfernen gedrückt, daraufhin sagt mir dass Programm fixlist nicht gefunden bzw. muss im Ordner fixlist zu finden sein.
Nun gehe ich in frst und finde auch die fixlist wodrin aber nur drinn steht was mit windos taste und R gespeichert wurde und wenn ich in den logddateiein nachsehe steht auch uhrzeit und Tag von heute aber keine datei, ich bin ratlos

In meinen Eistellungen steht unter frst
Hives
Logs
Qaurantine
Fixlist
Und nirgens finde ich den log
Unter log steht zwar datum und uhrzeit aber keine datei und in der fixlist nur das was in mit windos +r gespeichert wurde

deeprybka 07.12.2015 22:12
FRST64.exe und fixlist.txt müssen im gleichen ordner liegen. Bei Dir downloads. Dann entfernen drücken...

Manuel476 08.12.2015 20:31
Ich verstehe das orgendwie nicht, ich habe das in frst copiert und auch dort zu finden aber es funktioniert nicht bei mir ???

deeprybka 08.12.2015 20:40
Code:
(Farbar) C:\Users\Manuel\Downloads\FRST64 (5).exe
In dieses Verzeichnis muss die fixlist.txt runtergeladen werden. Dann startest Du FRST und klickst statt auf Untersuchen auf Entfernen.

Manuel476 10.12.2015 18:57
genau da speichert er es ja auch aber kommet immer die meldung fixlist nicht zu finden muss im selben ordner sein frst und in meinen einstekungen finde ich es ja auch aber keinen report??

deeprybka 10.12.2015 20:36
Tut mir leid, wenn Du diesen Schritt nicht ausführen kannst, machst Du etwas falsch. Mehr als 1000 User arbeiten nach unseren Anleitungen ohne Probleme. Vielleicht kann Dir jemand helfen, der sich mit PC's besser auskennt beim Abarbeiten der Anweisung?

Manuel476 10.12.2015 21:37
FRST64.exe und fixlist.txt müssen im gleichen ordner liegen. Bei Dir downloads. Dann entfernen drücken...


Das ist bei mir ja auch der fall aber wenn ich es öffene ist nur der eingangs kopierte Text zu finden aber ich lasse bei gelegenheit mal jemanden drauf schauen.mmhh

deeprybka 10.12.2015 22:02
Ok. :)

Manuel476 23.12.2015 09:17
Ich glaub es hat funktiniert obwohl ich nichts anderes gemacht habe als mal dass selbe prozedere im explorer zu versuchen...

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-12-2015
durchgeführt von Manuel (2015-12-23 09:06:16) Run:1
Gestartet von C:\Users\Manuel\Downloads
Geladene Profile: Manuel & (Verfügbare Profile: Manuel)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CloseProcesses:
C:\PROGRA~2\FAST-S~1
Task: {1F30D7A3-F649-4211-9326-A685814F8AF0} - System32\Tasks\gte3014 => C:\PROGRA~2\FAST-S~1\gte3014.exe
Task: {29D1A7C4-8C65-49DF-AF57-6492251C2E27} - \Start Driver Reviver Schedule -> Keine Datei
Task: {36C6E7DD-4572-422D-A9A1-D345574869D6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei
Task: {3BD8A3C6-9448-456D-924A-F36F112B9582} - \Form Bus -> Keine Datei
C:\ProgramData\Kinafaeheufok
Task: {3FE981C1-B198-4003-AA79-5C42D0C6E090} - System32\Tasks\Kinafaeheufok => C:\ProgramData\Kinafaeheufok\1.0.6.1\imeibauk.exe
Task: {51B4A8C0-A606-4CA5-9A68-7FE931D5FFE6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei
Task: {711B438A-7FA4-418A-A5C7-58D79E27A7CE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei
Task: {9DF2F485-CE47-4201-9809-14EB8207E70A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei
Task: {A69CB606-0D34-4F3E-B7F4-2F05B9F76B07} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei
Task: {AB467F6A-1B52-42C7-BF58-0690CB40EF27} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei
Task: {AE6CA2EE-3ADB-43F5-98B0-6D75686607BB} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei
Task: {CEE41AE5-AB08-4134-9C32-C05C715C3C93} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei
Task: {DAFE209B-C28F-490E-82C4-87125500905A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei
Task: {E48832EA-24FA-4EB2-B6C3-28740C5C7D92} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei
Task: {E63F2B99-274B-4014-A1A9-E989BBFA6B28} - System32\Tasks\qPHwMWksY9eT0WjIbKxar => C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar.exe
Task: {EDEF0AE6-833E-44B5-B124-BB4510DB0639} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei
Task: {F4B3E856-1B33-43DD-B604-16F4F3117964} - \Start Driver Reviver Update -> Keine Datei
C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar.exe
Task: C:\WINDOWS\Tasks\qPHwMWksY9eT0WjIbKxar.job => C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar.exe
FF Extension: Outrageous Deal - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\Extensions\{9f151910-c7b7-4060-98b3-333fd4cbc434}.xpi [2015-11-26] [ist nicht signiert]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\!70ACDE8C77C274EF19CEF2F3A8DE5D6270AC.js [2015-11-18]
EmptyTemp:

*****************

Prozess erfolgreich geschlossen.
"C:\PROGRA~2\FAST-S~1" => nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1F30D7A3-F649-4211-9326-A685814F8AF0}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1F30D7A3-F649-4211-9326-A685814F8AF0}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\gte3014 => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\gte3014" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29D1A7C4-8C65-49DF-AF57-6492251C2E27}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29D1A7C4-8C65-49DF-AF57-6492251C2E27}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Start Driver Reviver Schedule => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{36C6E7DD-4572-422D-A9A1-D345574869D6}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36C6E7DD-4572-422D-A9A1-D345574869D6}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3BD8A3C6-9448-456D-924A-F36F112B9582}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3BD8A3C6-9448-456D-924A-F36F112B9582}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Form Bus => Schlüssel nicht gefunden.
"C:\ProgramData\Kinafaeheufok" => nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{3FE981C1-B198-4003-AA79-5C42D0C6E090}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FE981C1-B198-4003-AA79-5C42D0C6E090}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\Kinafaeheufok => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Kinafaeheufok" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{51B4A8C0-A606-4CA5-9A68-7FE931D5FFE6}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51B4A8C0-A606-4CA5-9A68-7FE931D5FFE6}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{711B438A-7FA4-418A-A5C7-58D79E27A7CE}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{711B438A-7FA4-418A-A5C7-58D79E27A7CE}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9DF2F485-CE47-4201-9809-14EB8207E70A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DF2F485-CE47-4201-9809-14EB8207E70A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A69CB606-0D34-4F3E-B7F4-2F05B9F76B07}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A69CB606-0D34-4F3E-B7F4-2F05B9F76B07}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB467F6A-1B52-42C7-BF58-0690CB40EF27}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB467F6A-1B52-42C7-BF58-0690CB40EF27}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE6CA2EE-3ADB-43F5-98B0-6D75686607BB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE6CA2EE-3ADB-43F5-98B0-6D75686607BB}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEE41AE5-AB08-4134-9C32-C05C715C3C93}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEE41AE5-AB08-4134-9C32-C05C715C3C93}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DAFE209B-C28F-490E-82C4-87125500905A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DAFE209B-C28F-490E-82C4-87125500905A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E48832EA-24FA-4EB2-B6C3-28740C5C7D92}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E48832EA-24FA-4EB2-B6C3-28740C5C7D92}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E63F2B99-274B-4014-A1A9-E989BBFA6B28}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E63F2B99-274B-4014-A1A9-E989BBFA6B28}" => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\qPHwMWksY9eT0WjIbKxar => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\qPHwMWksY9eT0WjIbKxar" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EDEF0AE6-833E-44B5-B124-BB4510DB0639}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EDEF0AE6-833E-44B5-B124-BB4510DB0639}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F4B3E856-1B33-43DD-B604-16F4F3117964}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F4B3E856-1B33-43DD-B604-16F4F3117964}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Start Driver Reviver Update => Schlüssel nicht gefunden.
"C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar.exe" => nicht gefunden.
C:\WINDOWS\Tasks\qPHwMWksY9eT0WjIbKxar.job => erfolgreich verschoben
C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\Extensions\{9f151910-c7b7-4060-98b3-333fd4cbc434}.xpi => erfolgreich verschoben
C:\Program Files (x86)\mozilla firefox\defaults\pref\!70ACDE8C77C274EF19CEF2F3A8DE5D6270AC.js => erfolgreich verschoben
EmptyTemp: => 2.7 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 09:08:37 ====

deeprybka 23.12.2015 19:37
http://www.trojaner-board.de/extra/lesestoff.pngGibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Manuel476 23.12.2015 19:46
Ja, reagiert noch etwas schleppend und ich hab jetzt wieder die nervige Jahoo Tolbar im firefox.

deeprybka 23.12.2015 19:53
Das macht ja auch keinen Sinn wenn 14 Tage zwischen den Antworten liegen....

Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte starte FRST erneut, und drücke auf Untersuchen.
Bitte poste mir den Inhalt des Logs.

Manuel476 23.12.2015 20:34

FRST Logfile:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-12-2015
durchgeführt von Manuel (Administrator) auf MANU (23-12-2015 20:31:06)
Gestartet von C:\Users\Manuel\Downloads
Geladene Profile: Manuel (Verfügbare Profile: Manuel)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\Casio\XW-DJ1\CasioCplApp.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
konnte nicht auf den Prozess zugreifen -> OneDrive.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648 2015-06-12] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\RunOnce: [Uninstall C:\Users\Manuel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Manuel\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Casio Control Panel Autostart.lnk [2015-11-26]
ShortcutTarget: Casio Control Panel Autostart.lnk -> C:\Program Files\Casio\XW-DJ1\CasioCplApp.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2015-11-22]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2015-12-06]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 0.0.0.1        mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{8d538c83-dc46-4aef-84b9-eff1c3096ba4}: [DhcpNameServer] 192.168.0.1 192.168.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930216073929093&GUID=05B5E2C7-6E6C-AA0A-4F3F-7F47FE4E0B66
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1273145720-561992726-3298081300-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130930216073945408&GUID=05B5E2C7-6E6C-AA0A-4F3F-7F47FE4E0B66
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: IGMONObj Class -> {02464DDC-3187-11D8-8004-0020ED227566} -> C:\Program Files (x86)\iGetter\Integration\x64\IGMON.dll [2014-12-16] (Presenta Ltd.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.)
BHO-x32: IGMONObj Class -> {02464DDC-3187-11D8-8004-0020ED227566} -> C:\Program Files (x86)\iGetter\Integration\IGMON.dll [2014-12-16] (Presenta Ltd.)
BHO-x32: Kein Name -> {206E52E0-D52E-11D4-AD54-0000E86C26F6} -> C:\Program Files (x86)\FreshDevices\FreshDownload\fdcatch.dll [2011-04-26] (FreshDevices Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-10-28] (FreeDownloadManager.ORG)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-1273145720-561992726-3298081300-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default
FF DefaultSearchEngine: Default
FF SelectedSearchEngine: Bing®
FF Homepage: hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggTIl8NBQBDEBhAcwldTA1FEVcOeAoBURRCGFBCcFtdBApJQAQFIk0FA18DB0VXfWFoKB8fHHpWNEtZBlweVEZnJVhU
FF Session Restore: -> ist aktiviert.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF user.js: detected! => C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\user.js [2015-12-16]
FF SearchPlugin: C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\searchplugins\default.xml [2015-12-20]
FF Extension: NoScript - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-12-10]
FF Extension: DownThemAll! - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-12-10]
FF Extension: Kein Name - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\Extensions\adblockpopups@jessehakanen.net.xpi [2015-12-12] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Manuel\AppData\Roaming\Mozilla\Firefox\Profiles\ep28g06x.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-27]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
FF HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.0.19
FF Extension: Free Download Manager extension - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.0.19 [2015-12-10]
FF HKU\S-1-5-21-1273145720-561992726-3298081300-1001\...\Firefox\Extensions: [igetter@presenta.net] - C:\Program Files (x86)\iGetter\Integration\igetter@presenta.net.xpi
FF Extension: iGetter Extension - C:\Program Files (x86)\iGetter\Integration\igetter@presenta.net.xpi [2015-08-25]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\70ACDE8C77C274EF19CEF2F3A8DE5D6270AC [2015-11-18] <==== ACHTUNG

Chrome:
=======
CHR Profile: C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Background image for Instagram) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aanhjnlmndepokfbmfbffhnnoocnjpkh [2015-12-15]
CHR Extension: (Google Slides) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-02]
CHR Extension: (Free Download Manager Chrome extension) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2015-12-10]
CHR Extension: (Easy Screenshot) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\akhmefomaihbclfehodbdmoaeoodjjdo [2015-12-13]
CHR Extension: (Google Docs) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-02]
CHR Extension: (Google Drive) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-02]
CHR Extension: (YouTube) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-02]
CHR Extension: (Worldwide) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdmncibnekibhhnaioibggjddhiaoopd [2015-12-12]
CHR Extension: (Google Search) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-02]
CHR Extension: (Google Sheets) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-02]
CHR Extension: (SiteAdvisor) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-12-02]
CHR Extension: (Google Docs Offline) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-04]
CHR Extension: (iGetter Extension) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kefncalcphllnknagnlnfcndlehpkpck [2015-12-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-02]
CHR Extension: (Gmail) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [kefncalcphllnknagnlnfcndlehpkpck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [kefncalcphllnknagnlnfcndlehpkpck] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-04-24] (Freemake) [Datei ist nicht signiert]
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2015-11-25] (Lavasoft Limited)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4278112 2013-08-01] (Symantec Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-06-12] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0405000.009\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-23] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 NIWinCDEmu; C:\Windows\System32\drivers\NIWinCDEmu.sys [112408 2015-12-07] ()
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [42184 2015-06-12] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-23 20:19 - 2015-12-23 20:19 - 00000000 ____D C:\Users\Manuel\Downloads\FRST-OlderVersion
2015-12-23 09:06 - 2015-12-23 09:08 - 00011433 _____ C:\Users\Manuel\Downloads\Fixlog.txt
2015-12-21 22:48 - 2015-12-21 22:48 - 00327922 _____ C:\Users\Manuel\Downloads\Dokument (1).pdf
2015-12-21 10:56 - 2015-12-21 10:56 - 00012333 _____ C:\Users\Manuel\Documents\Lagerhelfer Bewerbung.odt
2015-12-21 09:28 - 2015-12-21 09:28 - 00305595 _____ C:\Users\Manuel\Downloads\Bewerbung_Maler_und_Lackierer.doc2.neu.odt
2015-12-18 18:40 - 2015-12-07 05:03 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-18 18:40 - 2015-12-07 04:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-18 18:40 - 2015-12-07 04:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-18 18:39 - 2015-12-07 05:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-18 18:39 - 2015-12-07 05:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-18 18:39 - 2015-12-07 05:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-18 18:39 - 2015-12-07 05:48 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-18 18:39 - 2015-12-07 05:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-18 18:39 - 2015-12-07 05:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-18 18:39 - 2015-12-07 05:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-18 18:39 - 2015-12-07 05:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-18 18:39 - 2015-12-07 05:47 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-18 18:39 - 2015-12-07 05:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-18 18:39 - 2015-12-07 05:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-18 18:39 - 2015-12-07 05:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-18 18:39 - 2015-12-07 05:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-18 18:39 - 2015-12-07 05:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-18 18:39 - 2015-12-07 05:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-18 18:39 - 2015-12-07 05:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-18 18:39 - 2015-12-07 05:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-18 18:39 - 2015-12-07 05:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-18 18:39 - 2015-12-07 05:07 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-18 18:39 - 2015-12-07 05:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-18 18:39 - 2015-12-07 05:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-18 18:39 - 2015-12-07 05:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-18 18:39 - 2015-12-07 05:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-18 18:39 - 2015-12-07 05:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-18 18:39 - 2015-12-07 05:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-18 18:39 - 2015-12-07 05:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-18 18:39 - 2015-12-07 05:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-18 18:39 - 2015-12-07 05:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-18 18:39 - 2015-12-07 05:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-18 18:39 - 2015-12-07 05:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-18 18:39 - 2015-12-07 05:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-18 18:39 - 2015-12-07 05:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-18 18:39 - 2015-12-07 05:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-18 18:39 - 2015-12-07 05:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-18 18:39 - 2015-12-07 05:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-18 18:39 - 2015-12-07 05:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-18 18:39 - 2015-12-07 04:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-18 18:39 - 2015-12-07 04:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-18 18:39 - 2015-12-07 04:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-18 18:39 - 2015-12-07 04:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-18 18:39 - 2015-12-07 04:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-18 18:39 - 2015-12-07 04:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-18 18:39 - 2015-12-07 04:57 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2015-12-18 18:39 - 2015-12-07 04:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-18 18:39 - 2015-12-07 04:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-18 18:39 - 2015-12-07 04:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-18 18:39 - 2015-12-07 04:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-18 18:39 - 2015-12-07 04:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-18 18:39 - 2015-12-07 04:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-18 18:39 - 2015-12-07 04:54 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2015-12-18 18:39 - 2015-12-07 04:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-18 18:39 - 2015-12-07 04:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-18 18:39 - 2015-12-07 04:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-18 18:39 - 2015-12-07 04:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-18 18:39 - 2015-12-07 04:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-18 18:39 - 2015-12-07 04:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-18 18:39 - 2015-12-07 04:47 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-12-18 18:39 - 2015-12-07 04:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-18 18:39 - 2015-12-07 04:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-18 18:39 - 2015-12-07 04:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-18 18:39 - 2015-12-07 04:44 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-18 18:39 - 2015-12-07 04:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-18 18:39 - 2015-12-07 04:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-18 18:39 - 2015-12-07 04:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-18 18:39 - 2015-12-07 04:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-18 18:39 - 2015-12-07 04:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-18 18:39 - 2015-12-07 04:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-18 18:39 - 2015-12-07 04:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-18 18:39 - 2015-12-07 04:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-18 18:39 - 2015-12-07 04:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-18 18:39 - 2015-12-07 04:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-18 11:07 - 2015-12-18 11:07 - 00327765 _____ C:\Users\Manuel\Downloads\Dokument.pdf
2015-12-17 15:52 - 2015-12-17 15:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-12-16 20:07 - 2015-12-16 20:07 - 47794160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 39720944 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 30775792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 27544560 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 25320432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 22327280 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 15725552 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 14310896 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 06686192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 05216240 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 01196032 _____ C:\WINDOWS\system32\amdocl_as64.exe
2015-12-16 20:07 - 2015-12-16 20:07 - 01070592 _____ C:\WINDOWS\system32\amdocl_ld64.exe
2015-12-16 20:07 - 2015-12-16 20:07 - 01004032 _____ C:\WINDOWS\SysWOW64\amdocl_as32.exe
2015-12-16 20:07 - 2015-12-16 20:07 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00935408 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00807424 _____ C:\WINDOWS\SysWOW64\amdocl_ld32.exe
2015-12-16 20:07 - 2015-12-16 20:07 - 00631792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00524272 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00375792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-12-16 20:07 - 2015-12-16 20:07 - 00341488 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODE.exe
2015-12-16 20:07 - 2015-12-16 20:07 - 00243696 _____ C:\WINDOWS\system32\clinfo.exe
2015-12-16 20:07 - 2015-12-16 20:07 - 00213488 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00199664 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00198640 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00168944 _____ C:\WINDOWS\system32\atieah64.exe
2015-12-16 20:07 - 2015-12-16 20:07 - 00165360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00152560 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2015-12-16 20:07 - 2015-12-16 20:07 - 00150512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00143344 _____ C:\WINDOWS\system32\amdhdl64.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00136176 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00132080 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00122352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00111600 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00111088 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00103408 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00097776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00096752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00089584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00083952 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00078320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00073712 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00071152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00068080 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00064496 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00060912 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00059888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ATIODCLI.exe
2015-12-16 20:07 - 2015-12-16 20:07 - 00059376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00057840 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00052208 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00048112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00038384 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2015-12-16 20:07 - 2015-12-16 20:07 - 00012784 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2015-12-16 20:06 - 2015-12-16 20:06 - 09355016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2015-12-16 20:06 - 2015-12-16 20:06 - 07683096 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2015-12-16 20:06 - 2015-12-16 20:06 - 00471320 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-12-16 20:06 - 2015-12-16 20:06 - 00138384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2015-12-16 20:06 - 2015-12-16 20:06 - 00117600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2015-12-16 20:06 - 2015-12-16 20:06 - 00110320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2015-12-16 20:06 - 2015-12-16 20:06 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-12-16 20:06 - 2015-12-16 20:06 - 00088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-12-16 20:06 - 2015-12-16 20:06 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-12-16 20:06 - 2015-12-16 20:06 - 00081160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-12-13 13:28 - 2015-12-13 13:31 - 00000000 ____D C:\ProgramData\F-Secure
2015-12-13 13:27 - 2015-12-13 13:28 - 06218784 _____ (Facebook Inc.) C:\Users\Manuel\Downloads\Fsecure_T722456411188490T_.exe
2015-12-12 19:11 - 2015-12-12 19:11 - 01802336 _____ ( ) C:\Users\Manuel\Downloads\OneSafe_PC_Cleaner.exe
2015-12-10 21:35 - 2015-12-10 21:35 - 00002480 _____ C:\Users\Manuel\Downloads\fixlist (1).txt
2015-12-10 21:27 - 2015-12-10 21:28 - 00055663 _____ C:\Users\Manuel\Downloads\Addition.txt
2015-12-10 21:26 - 2015-12-23 20:31 - 00018330 _____ C:\Users\Manuel\Downloads\FRST.txt
2015-12-10 20:18 - 2015-12-10 20:20 - 14193160 _____ (Native Instruments GmbH) C:\Users\Manuel\Downloads\Alicias_Keys_Downloader(1).exe
2015-12-10 20:16 - 2015-12-10 20:16 - 14193160 _____ (Native Instruments GmbH) C:\Users\Manuel\Desktop\Alicias_Keys_Downloader.exe
2015-12-10 20:15 - 2015-12-10 20:15 - 14193160 _____ (Native Instruments GmbH) C:\Users\Manuel\Downloads\Alicias_Keys_Downloader (1).exe
2015-12-10 20:12 - 2015-12-10 20:13 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\iGetter
2015-12-10 20:12 - 2015-12-10 20:12 - 00001002 _____ C:\Users\Public\Desktop\iGetter.lnk
2015-12-10 20:12 - 2015-12-10 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iGetter
2015-12-10 20:12 - 2015-12-10 20:12 - 00000000 ____D C:\Program Files (x86)\iGetter
2015-12-10 20:11 - 2015-12-10 20:11 - 02560200 _____ (Presenta Ltd. ) C:\Users\Manuel\Downloads\iGetter2.7.3.exe
2015-12-10 20:02 - 2015-12-10 20:02 - 00001266 _____ C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\FreshDownload.lnk
2015-12-10 20:02 - 2015-12-10 20:02 - 00001242 _____ C:\Users\Manuel\Desktop\FreshDownload.lnk
2015-12-10 20:02 - 2015-12-10 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreshDevices
2015-12-10 20:02 - 2015-12-10 20:02 - 00000000 ____D C:\Program Files (x86)\FreshDevices
2015-12-10 19:57 - 2015-12-10 19:57 - 01466656 _____ C:\Users\Manuel\Downloads\Fresh Download - CHIP-Installer.exe
2015-12-10 19:38 - 2015-12-10 19:45 - 14193160 _____ (Native Instruments GmbH) C:\Users\Manuel\Downloads\Alicias_Keys_Downloader.exe
2015-12-10 19:34 - 2015-12-10 19:34 - 10669636 _____ C:\Users\Manuel\Downloads\Alicias_Keys_Downloader.zip
2015-12-10 19:32 - 2015-12-15 08:47 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Free Download Manager
2015-12-10 19:32 - 2015-12-10 19:32 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\FreeDownloadManager.ORG
2015-12-10 19:32 - 2015-12-10 19:32 - 00000000 ____D C:\ProgramData\FreeDownloadManager.ORG
2015-12-10 19:32 - 2015-12-10 19:32 - 00000000 ____D C:\ProgramData\Free Download Manager
2015-12-10 19:28 - 2015-12-10 19:28 - 00001140 _____ C:\Users\Manuel\Desktop\Free Download Manager.lnk
2015-12-10 19:28 - 2015-12-10 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager
2015-12-10 19:28 - 2015-12-10 19:28 - 00000000 ____D C:\Program Files (x86)\Free Download Manager
2015-12-10 19:27 - 2015-12-10 19:27 - 10789776 _____ (FreeDownloadManager.ORG ) C:\Users\Manuel\Downloads\fdminst.exe
2015-12-10 19:24 - 2015-12-23 20:19 - 02370560 _____ (Farbar) C:\Users\Manuel\Downloads\FRST64.exe
2015-12-10 19:07 - 2015-12-10 19:07 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-10 19:07 - 2015-12-10 19:07 - 00001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-10 19:07 - 2015-12-10 19:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-10 18:48 - 2015-12-10 18:48 - 00000000 ____D C:\Fixlist
2015-12-09 19:22 - 2015-12-01 08:12 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-09 19:22 - 2015-11-24 13:07 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-09 19:22 - 2015-11-24 12:06 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-09 19:22 - 2015-11-24 11:26 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-09 19:22 - 2015-11-24 11:01 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-09 19:22 - 2015-11-24 10:54 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-09 19:22 - 2015-11-24 10:53 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-09 19:22 - 2015-11-24 10:45 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2015-12-09 19:22 - 2015-11-24 10:37 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-09 19:22 - 2015-11-24 10:26 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-09 19:22 - 2015-11-24 10:19 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-09 19:22 - 2015-11-24 10:12 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-09 19:22 - 2015-11-24 09:58 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-09 19:22 - 2015-11-24 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-09 19:22 - 2015-11-24 09:54 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-09 19:22 - 2015-11-24 09:52 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 19:22 - 2015-11-24 09:49 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-09 19:22 - 2015-11-24 09:14 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-09 19:22 - 2015-11-24 09:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-09 19:22 - 2015-11-24 08:59 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-09 19:22 - 2015-11-24 08:57 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-09 19:22 - 2015-11-24 08:35 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-09 19:22 - 2015-11-24 08:29 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-09 19:22 - 2015-11-24 08:23 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-09 19:22 - 2015-11-24 08:11 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-09 19:22 - 2015-11-24 08:08 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-09 19:22 - 2015-11-24 08:04 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-05 13:28 - 2015-12-05 13:28 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-04 11:01 - 2015-11-22 11:47 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-04 11:01 - 2015-11-22 11:47 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-04 11:01 - 2015-11-22 11:41 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-04 11:01 - 2015-11-22 11:41 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-04 11:01 - 2015-11-22 11:35 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-04 11:01 - 2015-11-22 11:34 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2015-12-04 11:01 - 2015-11-22 11:33 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2015-12-04 11:01 - 2015-11-22 11:33 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-04 11:01 - 2015-11-22 11:33 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-04 11:01 - 2015-11-22 11:30 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-12-04 11:01 - 2015-11-22 11:30 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-12-04 11:01 - 2015-11-22 11:26 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-04 11:01 - 2015-11-22 11:25 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2015-12-04 11:01 - 2015-11-22 11:24 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-04 11:01 - 2015-11-22 11:20 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-12-04 11:01 - 2015-11-22 11:19 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-12-04 11:01 - 2015-11-22 11:14 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-04 11:01 - 2015-11-22 10:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-04 11:01 - 2015-11-22 10:54 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-04 11:01 - 2015-11-22 10:54 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2015-12-04 11:01 - 2015-11-22 10:54 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-04 11:01 - 2015-11-22 10:52 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2015-12-04 11:01 - 2015-11-22 10:52 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-12-04 11:01 - 2015-11-22 10:51 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-04 11:01 - 2015-11-22 10:51 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-12-04 11:01 - 2015-11-22 10:50 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2015-12-04 11:01 - 2015-11-22 10:49 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-04 11:01 - 2015-11-22 10:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-12-04 11:01 - 2015-11-22 10:49 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2015-12-04 11:01 - 2015-11-22 10:46 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-04 11:01 - 2015-11-22 10:45 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-04 11:01 - 2015-11-22 10:45 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-04 11:01 - 2015-11-22 10:45 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-04 11:01 - 2015-11-22 10:45 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-04 11:01 - 2015-11-22 10:43 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-04 11:01 - 2015-11-22 10:43 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-04 11:01 - 2015-11-22 10:43 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-12-04 11:01 - 2015-11-22 10:43 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2015-12-04 11:01 - 2015-11-22 10:42 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-04 11:01 - 2015-11-22 10:42 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-04 11:01 - 2015-11-22 10:42 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-04 11:01 - 2015-11-22 10:41 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-04 11:01 - 2015-11-22 10:41 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-04 11:01 - 2015-11-22 10:40 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-04 11:01 - 2015-11-22 10:40 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-04 11:01 - 2015-11-22 10:40 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-04 11:01 - 2015-11-22 10:39 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2015-12-04 11:01 - 2015-11-22 10:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-12-04 11:01 - 2015-11-22 10:38 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-04 11:01 - 2015-11-22 10:38 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-04 11:01 - 2015-11-22 10:38 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-04 11:01 - 2015-11-22 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2015-12-04 11:01 - 2015-11-22 10:38 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2015-12-04 11:01 - 2015-11-22 10:37 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-04 11:01 - 2015-11-22 10:37 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-04 11:01 - 2015-11-22 10:37 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-12-04 11:01 - 2015-11-22 10:36 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-04 11:01 - 2015-11-22 10:34 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-04 11:01 - 2015-11-22 10:34 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2015-12-04 11:01 - 2015-11-22 10:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-04 11:01 - 2015-11-22 10:34 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-12-04 11:01 - 2015-11-22 10:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2015-12-04 11:01 - 2015-11-22 10:32 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-04 11:01 - 2015-11-22 10:31 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-04 11:01 - 2015-11-22 10:31 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-04 11:01 - 2015-11-22 10:31 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-04 11:01 - 2015-11-22 10:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-04 11:01 - 2015-11-22 10:28 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2015-12-04 11:01 - 2015-11-22 10:27 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-04 11:01 - 2015-11-22 10:27 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-04 11:01 - 2015-11-22 10:27 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-04 11:01 - 2015-11-22 10:27 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-04 11:01 - 2015-11-22 10:27 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2015-12-04 11:01 - 2015-11-22 10:27 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-04 11:01 - 2015-11-22 10:26 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-04 11:01 - 2015-11-22 10:26 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-04 11:01 - 2015-11-22 10:26 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2015-12-04 11:01 - 2015-11-22 10:26 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-12-04 11:01 - 2015-11-22 10:25 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-04 11:01 - 2015-11-22 10:25 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-04 11:01 - 2015-11-22 10:24 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-04 11:01 - 2015-11-22 10:24 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-12-04 11:01 - 2015-11-22 10:23 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-04 11:01 - 2015-11-22 10:20 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-04 11:01 - 2015-11-22 10:18 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-04 11:01 - 2015-11-22 10:18 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-12-04 11:01 - 2015-11-22 10:18 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2015-12-04 11:01 - 2015-11-22 10:17 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-04 11:01 - 2015-11-22 10:17 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-04 11:01 - 2015-11-22 10:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-12-04 11:00 - 2015-11-22 11:00 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2015-12-04 11:00 - 2015-11-22 11:00 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2015-12-04 11:00 - 2015-11-22 10:57 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-04 11:00 - 2015-11-22 10:57 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-04 11:00 - 2015-11-22 10:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-04 11:00 - 2015-11-22 10:57 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-04 11:00 - 2015-11-22 10:56 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-04 11:00 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-04 11:00 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-04 11:00 - 2015-11-22 10:56 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2015-12-04 11:00 - 2015-11-22 10:55 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-04 11:00 - 2015-11-22 10:54 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-04 11:00 - 2015-11-22 10:54 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2015-12-04 11:00 - 2015-11-22 10:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-04 11:00 - 2015-11-22 10:54 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2015-12-04 11:00 - 2015-11-22 10:54 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-04 11:00 - 2015-11-22 10:54 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-04 11:00 - 2015-11-22 10:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-04 11:00 - 2015-11-22 10:52 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-04 11:00 - 2015-11-22 10:51 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-04 11:00 - 2015-11-22 10:51 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2015-12-04 11:00 - 2015-11-22 10:51 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-04 11:00 - 2015-11-22 10:48 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2015-12-04 11:00 - 2015-11-22 10:45 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-04 11:00 - 2015-11-22 10:45 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-04 11:00 - 2015-11-22 10:45 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2015-12-04 11:00 - 2015-11-22 10:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-04 11:00 - 2015-11-22 10:45 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-04 11:00 - 2015-11-22 10:44 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-04 11:00 - 2015-11-22 10:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2015-12-04 11:00 - 2015-11-22 10:42 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2015-12-04 11:00 - 2015-11-22 10:42 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2015-12-04 11:00 - 2015-11-22 10:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-04 11:00 - 2015-11-22 10:39 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2015-12-04 11:00 - 2015-11-22 10:34 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-04 11:00 - 2015-11-22 10:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-04 11:00 - 2015-11-22 10:33 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2015-12-04 11:00 - 2015-11-22 10:24 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2015-12-04 11:00 - 2015-11-22 10:24 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2015-12-04 09:09 - 2015-12-09 20:39 - 00002424 _____ C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-04 09:05 - 2015-12-04 09:05 - 00000000 ____D C:\Users\Manuel\AppData\Local\ActiveSync
2015-12-04 09:02 - 2015-12-04 09:02 - 00000020 ___SH C:\Users\Manuel\ntuser.ini
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-12-04 06:34 - 2015-12-04 06:34 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-12-04 06:24 - 2015-12-23 20:27 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-04 06:13 - 2015-12-04 06:13 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki
2015-12-04 06:13 - 2015-12-04 06:13 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2015-12-04 06:08 - 2015-12-04 06:15 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-12-04 06:06 - 2015-12-23 20:28 - 00000000 ____D C:\Users\Manuel
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Vorlagen
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Startmenü
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Netzwerkumgebung
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Lokale Einstellungen
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Eigene Dateien
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Druckumgebung
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Documents\Eigene Videos
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Documents\Eigene Musik
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Documents\Eigene Bilder
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\AppData\Local\Verlauf
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\AppData\Local\Anwendungsdaten
2015-12-04 06:06 - 2015-12-04 06:06 - 00000000 _SHDL C:\Users\Manuel\Anwendungsdaten
2015-12-04 06:02 - 2015-12-17 15:51 - 00000000 ____D C:\ProgramData\AMD
2015-12-04 06:02 - 2015-12-04 06:02 - 00646947 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2015-12-04 06:02 - 2015-12-04 06:02 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2015-12-04 06:02 - 2015-12-04 06:02 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-12-04 06:02 - 2015-12-04 06:02 - 00000000 ____D C:\Program Files\Common Files\Atheros
2015-12-04 06:02 - 2015-12-04 06:02 - 00000000 ____D C:\Program Files\ATI Technologies
2015-12-04 06:01 - 2015-12-04 06:09 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-04 06:01 - 2015-12-04 06:09 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_AMDASF_01011.Wdf
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____D C:\Program Files\Synaptics
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____D C:\Program Files\Realtek
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 ____D C:\Program Files\AMD
2015-12-04 06:01 - 2015-12-04 06:01 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2015-12-04 06:00 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-12-04 05:57 - 2015-12-12 14:15 - 00218048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-04 05:56 - 2015-12-04 12:00 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-04 05:51 - 2015-12-04 05:51 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-12-04 05:51 - 2015-12-04 05:51 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-12-04 05:51 - 2015-12-04 05:51 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-12-04 05:51 - 2015-12-04 05:51 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-12-04 05:51 - 2015-12-04 05:51 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-12-04 05:51 - 2015-12-04 05:51 - 00000000 ____D C:\Windows.old
2015-12-04 05:49 - 2015-12-04 05:49 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-04 05:45 - 2015-12-04 05:45 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-12-04 05:45 - 2015-12-04 05:45 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-04 05:45 - 2015-12-04 05:45 - 00000000 ____D C:\Program Files\MSBuild
2015-12-04 05:45 - 2015-12-04 05:45 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-04 05:45 - 2015-12-04 05:45 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-04 05:44 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-12-04 05:44 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-12-04 05:44 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-12-04 05:44 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-04 05:44 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-04 05:44 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-03 21:05 - 2015-12-04 06:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClipGrab
2015-12-02 23:05 - 2015-12-16 22:51 - 00002256 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-02 23:05 - 2015-12-04 06:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-02 22:49 - 2015-12-02 22:49 - 00000000 ____D C:\Users\Manuel\AppData\Local\AOP SDK
2015-12-02 08:25 - 2015-12-02 08:29 - 00253582 _____ C:\TDSSKiller.3.1.0.7_02.12.2015_08.25.03_log.txt
2015-12-02 08:23 - 2015-12-02 08:24 - 00252680 _____ C:\TDSSKiller.3.1.0.7_02.12.2015_08.23.06_log.txt
2015-12-02 08:09 - 2015-12-02 08:11 - 00252826 _____ C:\TDSSKiller.3.1.0.7_02.12.2015_08.09.53_log.txt
2015-12-02 08:09 - 2015-12-02 08:09 - 00000560 _____ C:\TDSSKiller.3.1.0.7_02.12.2015_08.09.44_log.txt
2015-12-01 23:43 - 2015-12-01 23:49 - 00252680 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_23.43.03_log.txt
2015-12-01 23:26 - 2015-12-01 23:28 - 00252680 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_23.26.38_log.txt
2015-12-01 23:25 - 2015-12-01 23:25 - 00048382 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_23.25.21_log.txt
2015-12-01 22:08 - 2015-12-01 22:10 - 00252846 _____ C:\TDSSKiller.3.1.0.7_01.12.2015_22.08.56_log.txt
2015-12-01 21:43 - 2015-12-07 19:11 - 00112408 _____ C:\WINDOWS\system32\Drivers\NIWinCDEmu.sys
2015-12-01 21:43 - 2015-12-01 21:43 - 00000000 ____D C:\Program Files (x86)\Native Instruments
2015-12-01 12:43 - 2015-12-01 12:43 - 00000000 _____ C:\Users\Manuel\defogger_reenable
2015-11-30 16:12 - 2015-12-01 14:16 - 00000000 ____D C:\Users\Manuel\Documents\REAPER Media
2015-11-30 16:09 - 2015-12-04 06:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)
2015-11-30 16:09 - 2015-11-30 16:09 - 00000873 _____ C:\Users\Public\Desktop\REAPER (x64).lnk
2015-11-30 16:09 - 2015-11-30 16:09 - 00000000 ____D C:\Program Files\REAPER (x64)
2015-11-28 15:42 - 2015-12-04 06:24 - 00003294 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1448721735
2015-11-28 15:42 - 2015-11-28 15:42 - 00001208 _____ C:\Users\Public\Desktop\Opera.lnk
2015-11-28 15:42 - 2015-11-28 15:42 - 00001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-11-27 21:18 - 2015-11-27 23:37 - 00000000 ____D C:\Users\Manuel\Desktop\b
2015-11-27 19:53 - 2015-11-27 23:36 - 00000000 ____D C:\Users\Manuel\Desktop\november
2015-11-27 17:47 - 2015-11-27 17:47 - 00000000 ____D C:\Users\Manuel\Desktop\JRT_NewerVersion
2015-11-27 11:51 - 2015-11-27 11:52 - 00257212 _____ C:\TDSSKiller.3.1.0.6_27.11.2015_11.51.00_log.txt
2015-11-27 11:49 - 2015-11-27 11:49 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\AVG
2015-11-27 11:48 - 2015-11-27 11:48 - 00000000 ____D C:\Users\Manuel\AppData\Local\Avg
2015-11-27 11:47 - 2015-11-27 11:49 - 00000000 ____D C:\ProgramData\AVG
2015-11-27 11:14 - 2015-11-27 11:14 - 00000000 ____D C:\Users\Manuel\Desktop\RECORDER
2015-11-27 10:34 - 2015-11-27 12:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2015-11-26 18:25 - 2015-12-04 06:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Casio
2015-11-26 18:25 - 2015-11-26 18:25 - 00000000 ____D C:\Program Files\Casio
2015-11-26 15:01 - 2015-12-04 06:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\REAPER
2015-11-26 15:01 - 2015-11-26 15:01 - 00001052 _____ C:\Users\Manuel\Desktop\REAPER.lnk
2015-11-26 15:01 - 2015-11-26 15:01 - 00000000 ____D C:\Program Files (x86)\REAPER
2015-11-26 14:58 - 2015-11-30 16:28 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\REAPER
2015-11-26 14:55 - 2015-11-26 14:55 - 00000000 ____D C:\Program Files\Common Files\Propellerhead Software
2015-11-26 09:26 - 2015-11-26 09:26 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\PianoBooster
2015-11-26 09:20 - 2015-12-04 06:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Piano Booster
2015-11-26 09:20 - 2015-11-26 09:20 - 00000000 ____D C:\Program Files (x86)\Piano Booster
2015-11-25 16:16 - 2015-11-25 16:17 - 00001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synthesia.lnk
2015-11-25 16:02 - 2015-11-25 16:17 - 00001974 _____ C:\Users\Public\Desktop\Synthesia.lnk
2015-11-25 16:02 - 2015-11-25 16:16 - 00000000 ____D C:\Program Files (x86)\Synthesia
2015-11-25 16:02 - 2015-11-25 16:02 - 00000000 ____D C:\Users\Manuel\Documents\Synthesia Music
2015-11-25 15:48 - 2015-11-25 15:48 - 00000000 ____D C:\Users\Manuel\Documents\Myriad Documents
2015-11-25 15:47 - 2015-12-04 06:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Melody Assistant
2015-11-25 15:47 - 2015-11-25 15:48 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\ACAMPREF
2015-11-25 15:47 - 2015-11-25 15:47 - 00001160 _____ C:\Users\Manuel\Desktop\Melody Assistant.lnk
2015-11-25 15:47 - 2015-11-25 15:47 - 00000000 ____D C:\Program Files (x86)\Melody Assistant
2015-11-25 10:31 - 2015-12-04 06:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
2015-11-25 10:31 - 2015-11-25 14:41 - 00001166 _____ C:\Users\Manuel\Desktop\ASIO4ALL v2 Anleitung.lnk
2015-11-25 10:31 - 2015-11-25 14:41 - 00000000 ____D C:\Program Files (x86)\ASIO4ALL v2
2015-11-25 10:09 - 2015-12-04 19:09 - 00002912 _____ C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
2015-11-25 10:09 - 2015-12-04 19:09 - 00002912 _____ C:\WINDOWS\system32\LavasoftTcpServiceOff.ini
2015-11-25 10:09 - 2015-12-04 06:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-11-25 10:09 - 2015-11-27 17:48 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Lavasoft
2015-11-25 10:09 - 2015-11-25 10:09 - 00425744 _____ (Lavasoft Limited) C:\WINDOWS\system32\LavasoftTcpService64.dll
2015-11-25 10:09 - 2015-11-25 10:09 - 00345360 _____ (Lavasoft Limited) C:\WINDOWS\SysWOW64\LavasoftTcpService.dll
2015-11-25 10:09 - 2015-11-25 10:09 - 00000000 ____D C:\Users\Manuel\AppData\Local\Lavasoft
2015-11-25 10:08 - 2015-11-27 17:48 - 00000000 ____D C:\ProgramData\Lavasoft
2015-11-25 10:08 - 2015-11-25 10:08 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-11-23 11:37 - 2015-12-21 08:39 - 00305595 _____ C:\Users\Manuel\Documents\Bewerbung_Maler_und_Lackierer.doc2.neu.odt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-23 20:31 - 2015-11-21 13:42 - 00000000 ____D C:\FRST
2015-12-23 16:42 - 2015-04-24 21:30 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{01E50813-C029-43AD-83B0-C8875C1F6992}
2015-12-23 14:38 - 2015-05-09 14:44 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-23 09:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-23 09:16 - 2015-10-30 19:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-23 09:16 - 2015-10-30 19:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-23 09:16 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2015-12-23 09:16 - 2015-08-22 04:14 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-23 09:09 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-23 09:09 - 2015-08-22 04:05 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2015-12-23 08:51 - 2015-11-19 15:22 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-22 19:09 - 2015-05-05 18:33 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\vlc
2015-12-22 09:30 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-20 03:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-20 03:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-20 03:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-12-18 18:45 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-18 18:30 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2015-12-17 15:48 - 2015-08-22 03:52 - 00000000 ____D C:\AMD
2015-12-16 20:07 - 2015-10-07 09:54 - 00874480 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll
2015-12-16 20:07 - 2015-10-07 09:53 - 21648880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-12-16 20:07 - 2015-10-07 09:53 - 01256432 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-12-16 20:07 - 2015-10-07 09:53 - 00683504 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-12-16 20:07 - 2015-10-07 09:53 - 00674288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-12-16 20:07 - 2015-10-07 09:53 - 00451056 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-12-16 20:07 - 2015-10-07 09:53 - 00255472 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-12-16 20:06 - 2015-10-07 09:53 - 12088000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-12-16 20:06 - 2015-10-07 09:53 - 10211016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2015-12-16 20:06 - 2015-10-07 09:53 - 08982432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-12-16 20:06 - 2015-10-07 09:53 - 08864920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-12-16 20:06 - 2015-10-07 09:53 - 08009360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-12-16 20:06 - 2015-10-07 09:53 - 07482560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-12-16 20:06 - 2015-10-07 09:53 - 01479808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-12-16 20:06 - 2015-10-07 09:53 - 01223544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2015-12-16 20:06 - 2015-10-07 09:53 - 00162232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-12-16 20:06 - 2015-10-07 09:53 - 00151936 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2015-12-16 20:06 - 2015-10-07 09:53 - 00143056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2015-12-16 20:06 - 2015-10-07 09:53 - 00130064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-12-16 20:06 - 2015-10-07 09:53 - 00112360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-12-16 07:25 - 2015-04-24 21:27 - 00000000 ____D C:\Users\Manuel\AppData\Local\Packages
2015-12-15 16:40 - 2015-04-25 16:09 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Skype
2015-12-12 14:13 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-12 14:12 - 2015-08-12 19:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-12 14:12 - 2015-08-12 19:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-11 18:32 - 2015-08-12 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-11 18:31 - 2015-04-30 22:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-11 18:25 - 2015-04-30 22:01 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-10 19:07 - 2015-11-07 13:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-09 20:39 - 2015-08-22 05:54 - 00000000 ___RD C:\Users\Manuel\OneDrive
2015-12-09 20:38 - 2015-05-09 14:44 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-09 04:39 - 2015-07-09 16:44 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-12-08 06:41 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-06 03:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-05 06:35 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-12-04 09:21 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-04 09:06 - 2015-05-17 19:31 - 00004186 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 09:06 - 2015-05-17 19:31 - 00003954 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-04 09:06 - 2015-05-17 19:31 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-04 09:06 - 2015-05-17 19:31 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-04 09:04 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-12-04 09:04 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-04 09:03 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-04 09:03 - 2015-04-24 20:51 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-04 06:34 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT
2015-12-04 06:34 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-04 06:34 - 2015-08-22 03:11 - 00019053 _____ C:\WINDOWS\diagwrn.xml
2015-12-04 06:34 - 2015-08-22 03:11 - 00019053 _____ C:\WINDOWS\diagerr.xml
2015-12-04 06:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration
2015-12-04 06:30 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-04 06:25 - 2015-08-22 04:19 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-12-04 06:25 - 2015-02-23 13:28 - 00002736 _____ C:\WINDOWS\System32\Tasks\Norton Online Backup ARA
2015-12-04 06:24 - 2015-11-19 16:39 - 00002302 _____ C:\WINDOWS\System32\Tasks\{D6F067B6-DC67-4EA0-BCBB-5CF0DD427DBE}
2015-12-04 06:24 - 2015-11-18 21:39 - 00002224 _____ C:\WINDOWS\System32\Tasks\{E49DE93D-3C2D-4E1A-A749-025F78238EEF}
2015-12-04 06:24 - 2015-07-20 12:48 - 00002564 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2015-12-04 06:24 - 2015-04-24 21:33 - 00002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1273145720-561992726-3298081300-1001
2015-12-04 06:24 - 2015-02-23 13:25 - 00002248 _____ C:\WINDOWS\System32\Tasks\Power Management
2015-12-04 06:24 - 2015-02-23 13:10 - 00002032 _____ C:\WINDOWS\System32\Tasks\Dolby Selector
2015-12-04 06:24 - 2015-02-23 12:32 - 00002876 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1273145720-561992726-3298081300-500
2015-12-04 06:24 - 2014-01-16 16:11 - 00003752 _____ C:\WINDOWS\System32\Tasks\ALUAgent
2015-12-04 06:24 - 2014-01-16 16:11 - 00002780 _____ C:\WINDOWS\System32\Tasks\ALU
2015-12-04 06:24 - 2014-01-16 16:11 - 00002238 _____ C:\WINDOWS\System32\Tasks\Launch Manager
2015-12-04 06:23 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-04 06:15 - 2015-11-21 18:18 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MIDI Pianist
2015-12-04 06:15 - 2015-11-19 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-12-04 06:15 - 2015-11-16 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2015-12-04 06:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help
2015-12-04 06:15 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-04 06:15 - 2015-10-21 19:16 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-12-04 06:15 - 2015-10-13 18:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-12-04 06:15 - 2015-10-13 18:31 - 00000000 ____D C:\WINDOWS\de
2015-12-04 06:15 - 2015-07-29 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon iP4300
2015-12-04 06:15 - 2015-06-23 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
2015-12-04 06:15 - 2015-05-05 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-12-04 06:15 - 2015-05-05 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2015-12-04 06:15 - 2015-04-25 15:41 - 00000000 ____D C:\Program Files\Common Files\logishrd
2015-12-04 06:15 - 2015-02-23 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
2015-12-04 06:15 - 2015-02-23 13:12 - 00000000 ____D C:\WINDOWS\SysWOW64\Atheros_L1e
2015-12-04 06:15 - 2015-02-23 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Quick Stream
2015-12-04 06:15 - 2014-01-16 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-12-04 06:15 - 2014-01-16 16:01 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-04 06:13 - 2015-07-10 10:05 - 00000000 ____D C:\Users\Default.migrated
2015-12-04 06:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-12-04 06:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-04 06:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-12-04 06:11 - 2015-06-23 21:41 - 00000000 ____D C:\WINDOWS\SysWOW64\spool
2015-12-04 06:11 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-12-04 06:11 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-12-04 06:09 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-04 06:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-04 06:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\InputMethod
2015-12-04 06:09 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-12-04 06:09 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-04 06:09 - 2015-09-26 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-04 06:09 - 2015-07-29 08:00 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2015-12-04 06:09 - 2015-06-23 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software
2015-12-04 06:09 - 2015-05-26 13:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-12-04 06:09 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-12-04 06:05 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-04 05:57 - 2015-10-30 19:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-12-04 05:56 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-04 05:51 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-04 05:51 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-04 05:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-12-04 05:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-12-04 05:30 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-02 23:43 - 2015-05-17 19:31 - 00000000 ____D C:\Users\Manuel\AppData\Local\Google
2015-12-02 23:04 - 2015-05-17 19:31 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-02 23:00 - 2015-04-25 13:51 - 00000000 ____D C:\Users\Manuel\AppData\Local\CrashDumps
2015-12-02 22:50 - 2014-01-16 16:01 - 00000000 ____D C:\Program Files (x86)\WildTangent Games
2015-12-02 22:49 - 2015-06-13 10:43 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\WildTangent
2015-12-02 22:49 - 2014-01-16 16:01 - 00000000 ____D C:\ProgramData\WildTangent
2015-12-02 22:48 - 2015-04-24 21:29 - 00000000 ____D C:\Users\Manuel\AppData\Local\clear.fi
2015-12-02 22:48 - 2014-01-16 16:11 - 00000000 ____D C:\Program Files (x86)\Acer
2015-12-02 21:28 - 2015-11-21 14:32 - 00000000 ____D C:\AdwCleaner
2015-12-02 13:15 - 2014-01-16 15:04 - 00000000 ___HD C:\OEM
2015-12-02 12:38 - 2015-10-10 19:47 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\DVDVideoSoft
2015-12-01 01:33 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 01:33 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-30 21:14 - 2015-07-27 18:26 - 664977556 _____ C:\WINDOWS\MEMORY.DMP
2015-11-28 15:42 - 2015-05-05 17:37 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-27 18:04 - 2015-04-25 05:13 - 00000000 ____D C:\Users\Public\OEM
2015-11-25 10:11 - 2015-11-21 18:13 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\dlg

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-14 17:28 - 2015-04-14 17:28 - 0004387 _____ () C:\Users\Manuel\AppData\Roaming\qPHwMWksY9eT0WjIbKxar
2015-11-21 18:18 - 2015-11-21 18:18 - 0000010 ___SH () C:\Users\Manuel\AppData\Roaming\user_database.dat
2015-07-26 15:55 - 2015-07-26 15:55 - 0001520 _____ () C:\Users\Manuel\AppData\Local\recently-used.xbel
2015-12-04 06:02 - 2015-12-04 06:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-20 08:53

==================== Ende von FRST.txt ============================
--- --- ---

deeprybka 24.12.2015 19:25
Frohe Weihnachten! :)

Das bitte mal machen.

https://support.mozilla.org/de/kb/fi...-zuruecksetzen

Manuel476 25.12.2015 10:25
Vielen lieben Dankund wünsche ich auch !
TOLL DAS ES EUCH GIBT !!
VIELEN DANKE !!


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:13 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130