Nambam7776 | 24.03.2016 11:50 | Hier, die Ergebnisse Code:
# AdwCleaner v5.105 - Bericht erstellt am 24/03/2016 um 11:06:16
# Aktualisiert am 21/03/2016 von Xplode
# Datenbank : 2016-03-24.1 [Server]
# Betriebssystem : Windows 10 Home (x64)
# Benutzername : Corinna - SORGENKIND
# Gestartet von : C:\Users\Corinna\Desktop\AdwCleaner_5.105.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\findit.xml
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
[-] Verknüpfung Desinfiziert : C:\Users\Corinna\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[-] Verknüpfung Desinfiziert : C:\Users\Administrator\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKCU\Software\MICROSOFT\OTUT
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [SearchAssistant]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-253957190-884513830-859000721-1001\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-253957190-884513830-859000721-1001\Software\Microsoft\Internet Explorer\Main [Search Bar]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-253957190-884513830-859000721-1001\Software\Microsoft\Internet Explorer\Main [SearchAssistant]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-253957190-884513830-859000721-1001\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-253957190-884513830-859000721-1001\Software\Microsoft\Internet Explorer\SearchUrl [Default]
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\bestpriceninja.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pstatic.bestpriceninja.com
***** [ Internetbrowser ] *****
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.hiddenOneOffs", "1&1 Suche,Amazon.de,Ask Search,Ask Web Search,Astromenda,DuckDuckGo,eBay,Englische Ergebnisse,GMX Suche,Google,Google Images,Google Maps,lastminute,LEO Eng-D[...]
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.astrmndasr.hmpgUrl", "hxxp://astromenda.com/?f=1&a=clickconnect&cd=2XzuyEtN2Y1L1Qzu0ByE0ByDtB0F0A0FyD0C0CyC0Dzy0DyCtN0D0Tzu0StCtDtCtDtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1V1[...]
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.astrmndasr.newTabUrl", "hxxp://astromenda.com/?f=2&a=clickconnect&cd=2XzuyEtN2Y1L1Qzu0ByE0ByDtB0F0A0FyD0C0CyC0Dzy0DyCtN0D0Tzu0StCtDtCtDtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD1[...]
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.astrmndasr.prtnrId", "WSE_Astromenda");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.astrmndasr.srchPrvdr", "Astromenda");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.astrmndasr.tlbrSrchUrl", "hxxp://astromenda.com/?f=3&a=clickconnect&cd=2XzuyEtN2Y1L1Qzu0ByE0ByDtB0F0A0FyD0C0CyC0Dzy0DyCtN0D0Tzu0StCtDtCtDtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDy[...]
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.BUTTON_STRUCTURE", "[{\"b\":224511887,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":224511888,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.browser.version.last", "44.0");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.competitorDNS", "{\"comment\":\"refresh every 1 week (7*24*60*60*1000)\",\"refreshPeriod\":604800000,\"list\":[{\"url\":\"hxxp://www.dnsrsearch.com/[...]
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.firstKnownVersion", "6.85.6.29198");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=7E3F698B-1B47-48C6-9D00-332A4D078D2C&n=781b1cf7&p2=^BYC^xdm001^YYA^de");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.hp.enabled", true);
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.hp.guardType", "HPR");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.hp.user.defined", true);
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.initialized", true);
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.installKeysSource", "Cookies");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.installType", "XPI");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.installation.contextKey", "");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.installation.dlpCountryCode", "DE");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.installation.installDate", "2015042807");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.installation.partnerId", "^BYC^xdm001^YYA^de");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.installation.partnerSubId", "");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.installation.pixelUrl", "hxxp://www.pconverter.com/install_pixels.jhtml?partner=^BYC^xdm001^YYA^de&coId=af6919b1a446402ba3cdec7aa777649d&tbGuid=7E3F[...]
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.installation.success", true);
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.installation.toolbarId", "7E3F698B-1B47-48C6-9D00-332A4D078D2C");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.isCompliantUninstallImplementation", true);
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.lastActivePing", "1457333047328");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.lastKnownVersion", "7.38.8.46577");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.lssState", "{\"previousLocales\":[\"de\",\"en-US\",\"en\"],\"supportedLocales\":[\"de\",\"es\",\"pt\",\"ja\",\"en\"],\"defaultLocale\":\"en\",\"supp[...]
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.options.defaultSearch", false);
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.options.homePageEnabled", false);
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.options.keywordEnabled", false);
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.options.tabEnabled", false);
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.partnerPixelFired", true);
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.productDeliveryOption.language", "en");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.productDeliveryOption.type", "Toolbar");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.successUrl", "hxxp://www.pconverter.com/installComplete.jhtml");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.toolbar.versionChanged", false);
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.toolbarCollapsed", true);
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.uninstallTasks", "{\"prefBranchesToDelete\":[\"extensions.toolbar.mindspark._dzMembers_.\"],\"filesToDelete\":[\"C:\\\\Users\\\\Corinna\\\\AppData\\[...]
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark._dzMembers_.weather.location", "10001");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "pconverter@mindspark.com");
[-] [C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.toolbar.mindspark.lastInstalled", "easypdfcombine@mindspark.com");
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [13328 Bytes] - [24/03/2016 11:06:16]
C:\AdwCleaner\AdwCleaner[S1].txt - [16364 Bytes] - [24/03/2016 11:03:50]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [13476 Bytes] ########## Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 10 Home x64
Ran by Corinna (Administrator) on 24.03.2016 at 11:19:41,85
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
user_pref(extensions.astrmndasr.hmpgUrl, hxxp://astromenda.com/?f=1&a=clickconnect&cd=2XzuyEtN2Y1L1Qzu0ByE0ByDtB0F0A0FyD0C0CyC0Dzy0DyCtN0D0Tzu0StCtDtCtDtN1L2XzutAtFtBtFtCtF
user_pref(extensions.astrmndasr.newTabUrl, hxxp://astromenda.com/?f=2&a=clickconnect&cd=2XzuyEtN2Y1L1Qzu0ByE0ByDtB0F0A0FyD0C0CyC0Dzy0DyCtN0D0Tzu0StCtDtCtDtN1L2XzutAtFtBtFtC
user_pref(extensions.astrmndasr.srchPrvdr, Astromenda);
user_pref(extensions.astrmndasr.tlbrSrchUrl, hxxp://astromenda.com/?f=3&a=clickconnect&cd=2XzuyEtN2Y1L1Qzu0ByE0ByDtB0F0A0FyD0C0CyC0Dzy0DyCtN0D0Tzu0StCtDtCtDtN1L2XzutAtFtBtF
user_pref(extensions.toolbar.mindspark.lastInstalled, easypdfcombine@mindspark.com);
user_pref(extensions.unitedinternet.email.runonceNewUsersShown, true);
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.03.2016 at 11:20:22,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Corinna (Administrator) auf SORGENKIND (24-03-2016 11:28:22)
Gestartet von C:\Users\Corinna\Desktop
Geladene Profile: Corinna (Verfügbare Profile: Corinna & Administrator & Gast)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-08-10] (IDT, Inc.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-08-10] (Hewlett-Packard )
HKLM-x32\...\Run: [COMPUTERBILD-Abzockschutz] => C:\Program Files (x86)\COMPUTERBILD-Abzockschutz\bin\COMPUTERBILD-Abzockschutz.exe [537664 2014-04-15] (J3S GmbH)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2024800 2014-06-04] (Wondershare)
HKU\S-1-5-21-253957190-884513830-859000721-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-253957190-884513830-859000721-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-253957190-884513830-859000721-1001\...\RunOnce: [Uninstall C:\Users\Corinna\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Corinna\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-253957190-884513830-859000721-1001\...\RunOnce: [Uninstall C:\Users\Corinna\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Corinna\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
HKU\S-1-5-21-253957190-884513830-859000721-1001\...\RunOnce: [Uninstall C:\Users\Corinna\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Corinna\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
HKU\S-1-5-21-253957190-884513830-859000721-1001\...\RunOnce: [Uninstall C:\Users\Corinna\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Corinna\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-02-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.292\SSScheduler.exe (McAfee, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Hosts Datei wurde nicht im Standardordner gefunden
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{37ae8af0-6e54-45d8-b241-27b388b78e4d}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-253957190-884513830-859000721-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-253957190-884513830-859000721-1001\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPDSK13/4
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {421FA507-CA53-44FA-B153-358962457AC5} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-253957190-884513830-859000721-1001 -> DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p10_serp_ie_de_display?ie=UTF8&tagbase=bds-p10&tbrId=v1_abb-channel-10_0_1201_1401_20160312_DE_ie_ds_&tag=bds-p10-serp-de-ie-21&query={searchTerms}
SearchScopes: HKU\S-1-5-21-253957190-884513830-859000721-1001 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p10_serp_ie_de_display?ie=UTF8&tagbase=bds-p10&tbrId=v1_abb-channel-10_0_1201_1401_20160312_DE_ie_ds_&tag=bds-p10-serp-de-ie-21&query={searchTerms}
SearchScopes: HKU\S-1-5-21-253957190-884513830-859000721-1001 -> {C444B0E4-9E67-44E3-9A87-A3F485785167} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE0D20151124&p={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: CBAbzockschutz.InitToolbarBHO -> {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} -> C:\WINDOWS\SysWOW64\mscoree.dll [2015-10-30] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM-x32 - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\WINDOWS\SysWOW64\mscoree.dll [2015-10-30] (Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-03-21] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-03-21] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-03-21] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-03-21] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2016-03-03] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-03-03] (McAfee, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default
FF DefaultSearchEngine: Google
FF DefaultSearchUrl: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q=
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.schnell-startseite.de/
FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=UTF-8&oe=UTF-8&meta=lr=lang_de&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-11] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-03-03] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-03-03] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-253957190-884513830-859000721-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-05-29] (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\searchplugins\englische-ergebnisse.xml [2014-05-08]
FF SearchPlugin: C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\searchplugins\gmx-suche.xml [2014-05-08]
FF SearchPlugin: C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\searchplugins\google-images.xml [2014-10-05]
FF SearchPlugin: C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\searchplugins\google-maps.xml [2014-10-05]
FF SearchPlugin: C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\searchplugins\lastminute.xml [2014-05-08]
FF SearchPlugin: C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\searchplugins\McSiteAdvisor.xml [2016-03-16]
FF SearchPlugin: C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\searchplugins\webde-suche.xml [2014-05-08]
FF SearchPlugin: C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\searchplugins\youtube.xml [2015-11-13]
FF SearchPlugin: C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\azd9z9f4.default-1458114363129\searchplugins\McSiteAdvisor.xml [2016-03-16]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-09]
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29]
FF Extension: Adblock Plus - C:\Users\Corinna\AppData\Roaming\Mozilla\Firefox\Profiles\mvqz7k2q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-16]
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-10] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-02-29] [ist nicht signiert]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-23]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-23]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-08-29] (Hewlett-Packard)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-03-21] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2016-03-03] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.292\McCHSvc.exe [293128 2016-02-05] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe [1696712 2016-02-23] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [681680 2016-02-26] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2015-11-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [380896 2016-01-21] (McAfee, Inc.)
R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [275368 2015-11-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [902112 2015-12-14] (Intel Security, Inc.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-08-10] (IDT, Inc.) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2015-11-25] (McAfee, Inc.)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2015-01-23] (Sony Mobile Communications)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2015-11-25] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351144 2015-11-25] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2015-11-25] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [846080 2015-11-25] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [539496 2015-11-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-11-20] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [36968 2016-01-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2015-11-25] (McAfee, Inc.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896752 2015-08-07] (Realtek )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-24 11:28 - 2016-03-24 11:28 - 00020319 _____ C:\Users\Corinna\Desktop\FRST.txt
2016-03-24 11:17 - 2016-03-24 11:20 - 00001288 _____ C:\Users\Corinna\Desktop\JRT.txt
2016-03-24 11:15 - 2016-03-24 11:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-03-24 11:13 - 2016-03-24 11:16 - 01610352 _____ (Malwarebytes) C:\Users\Corinna\Desktop\JRT.exe
2016-03-24 11:01 - 2016-03-24 11:06 - 00000000 ____D C:\AdwCleaner
2016-03-24 10:56 - 2016-03-24 11:01 - 01530368 _____ C:\Users\Corinna\Desktop\AdwCleaner_5.105.exe
2016-03-23 13:04 - 2016-03-23 13:04 - 00000000 ___HD C:\OneDriveTemp
2016-03-23 10:43 - 2016-03-23 13:03 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-03-23 09:54 - 2016-03-24 11:26 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-03-23 09:44 - 2016-03-24 10:46 - 00004208 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2016-03-22 08:53 - 2016-03-22 08:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-22 08:52 - 2016-03-24 11:07 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-03-22 08:52 - 2016-03-23 13:06 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-22 08:49 - 2016-03-24 10:40 - 00000000 ____D C:\Users\Corinna\Desktop\mbar
2016-03-22 08:49 - 2016-03-23 13:06 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-03-22 08:48 - 2016-03-22 08:49 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Corinna\Desktop\mbar-1.09.3.1001.exe
2016-03-21 16:40 - 2016-03-21 16:41 - 00035310 _____ C:\Users\Corinna\Downloads\Addition.txt
2016-03-21 16:38 - 2016-03-21 16:41 - 00078442 _____ C:\Users\Corinna\Downloads\FRST.txt
2016-03-21 16:37 - 2016-03-24 11:28 - 00000000 ____D C:\FRST
2016-03-21 16:35 - 2016-03-21 16:37 - 02374144 _____ (Farbar) C:\Users\Corinna\Desktop\FRST64.exe
2016-03-21 15:12 - 2016-03-21 15:12 - 00058555 _____ C:\Users\Corinna\Downloads\0467.PDF
2016-03-21 15:07 - 2016-03-21 15:07 - 00038065 _____ C:\Users\Corinna\Downloads\0443(5).PDF
2016-03-21 15:06 - 2016-03-21 15:06 - 00038065 _____ C:\Users\Corinna\Downloads\0443(4).PDF
2016-03-21 15:05 - 2016-03-21 15:06 - 00279298 _____ C:\Users\Corinna\Downloads\0699.PDF
2016-03-21 15:04 - 2016-03-21 15:04 - 00038065 _____ C:\Users\Corinna\Downloads\0443(3).PDF
2016-03-21 15:04 - 2016-03-21 15:04 - 00038065 _____ C:\Users\Corinna\Downloads\0443(2).PDF
2016-03-21 15:01 - 2016-03-21 15:01 - 00038065 _____ C:\Users\Corinna\Downloads\0443.PDF
2016-03-21 15:01 - 2016-03-21 15:01 - 00038065 _____ C:\Users\Corinna\Downloads\0443(1).PDF
2016-03-21 15:00 - 2016-03-21 15:01 - 00026662 _____ C:\Users\Corinna\Downloads\0101(1).PDF
2016-03-21 15:00 - 2016-03-21 15:00 - 00087015 _____ C:\Users\Corinna\Downloads\0101.PDF
2016-03-21 14:55 - 2016-03-21 14:55 - 00238665 _____ C:\Users\Corinna\Downloads\0533(1).PDF
2016-03-21 14:55 - 2016-03-21 14:55 - 00161174 _____ C:\Users\Corinna\Downloads\0531(1).PDF
2016-03-21 14:55 - 2016-03-21 14:55 - 00093725 _____ C:\Users\Corinna\Downloads\0533.PDF
2016-03-21 14:54 - 2016-03-21 14:54 - 00202129 _____ C:\Users\Corinna\Downloads\0531.PDF
2016-03-16 14:48 - 2016-03-16 15:03 - 00000000 ____D C:\Program Files (x86)\AdwCleaner
2016-03-16 09:20 - 2016-03-16 09:20 - 00001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-16 09:20 - 2016-03-16 09:20 - 00000995 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-16 09:19 - 2016-03-23 13:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-14 08:47 - 2016-03-14 08:47 - 00003246 _____ C:\WINDOWS\System32\Tasks\{FB6F8D95-8734-46AD-9EA3-79C5A4029EBF}
2016-03-14 08:36 - 2016-03-16 08:17 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2016-03-14 08:32 - 2016-03-14 08:41 - 00000134 _____ C:\appmanager.txt
2016-03-14 08:31 - 2016-03-14 08:48 - 00000000 ____D C:\Users\Corinna\AppData\Roaming\FileOpenerWindows
2016-03-11 07:35 - 2016-03-11 07:35 - 11035328 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2016-03-09 05:01 - 2016-03-01 06:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-09 05:01 - 2016-03-01 06:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-09 05:01 - 2016-02-24 10:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-09 05:01 - 2016-02-24 10:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 05:01 - 2016-02-24 10:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-09 05:01 - 2016-02-24 10:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 05:01 - 2016-02-24 10:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-09 05:01 - 2016-02-24 10:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-09 05:01 - 2016-02-24 09:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 05:01 - 2016-02-24 09:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 05:01 - 2016-02-24 09:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-09 05:01 - 2016-02-24 09:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-09 05:01 - 2016-02-24 09:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 05:01 - 2016-02-24 09:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-09 05:01 - 2016-02-24 09:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 05:01 - 2016-02-24 09:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-09 05:01 - 2016-02-24 09:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 05:01 - 2016-02-24 09:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-09 05:01 - 2016-02-24 09:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-09 05:01 - 2016-02-24 09:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 05:01 - 2016-02-24 09:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 05:01 - 2016-02-24 09:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-09 05:01 - 2016-02-24 09:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 05:01 - 2016-02-24 09:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-09 05:01 - 2016-02-24 08:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-09 05:01 - 2016-02-24 08:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-09 05:01 - 2016-02-24 08:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-09 05:01 - 2016-02-24 08:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-09 05:01 - 2016-02-24 08:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-09 05:01 - 2016-02-24 08:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-09 05:01 - 2016-02-24 07:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 05:01 - 2016-02-24 07:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 05:01 - 2016-02-24 07:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-09 05:01 - 2016-02-24 07:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 05:01 - 2016-02-24 07:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-09 05:01 - 2016-02-24 07:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 05:01 - 2016-02-24 07:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 05:01 - 2016-02-24 07:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-09 05:01 - 2016-02-24 07:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-09 05:01 - 2016-02-24 07:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-09 05:01 - 2016-02-24 07:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 05:01 - 2016-02-24 07:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-09 05:01 - 2016-02-24 07:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 05:01 - 2016-02-24 07:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 05:01 - 2016-02-24 07:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-09 05:01 - 2016-02-24 07:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-09 05:01 - 2016-02-24 07:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-09 05:01 - 2016-02-24 07:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-09 05:01 - 2016-02-24 07:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-09 05:01 - 2016-02-24 07:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-09 05:01 - 2016-02-24 07:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-09 05:01 - 2016-02-24 07:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-09 05:01 - 2016-02-24 07:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-09 05:01 - 2016-02-24 07:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 05:01 - 2016-02-24 07:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 05:01 - 2016-02-24 07:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-09 05:01 - 2016-02-24 06:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 05:01 - 2016-02-24 06:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-09 05:01 - 2016-02-24 06:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 05:01 - 2016-02-24 06:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-09 05:01 - 2016-02-24 06:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 05:01 - 2016-02-24 06:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 05:01 - 2016-02-24 06:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 05:01 - 2016-02-24 06:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 05:01 - 2016-02-24 06:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 05:01 - 2016-02-24 06:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 05:01 - 2016-02-24 05:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 05:01 - 2016-02-24 05:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-09 05:00 - 2016-02-24 10:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 05:00 - 2016-02-24 10:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-09 05:00 - 2016-02-24 09:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-09 05:00 - 2016-02-24 09:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-09 05:00 - 2016-02-24 09:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-09 05:00 - 2016-02-24 09:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-09 05:00 - 2016-02-24 09:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 05:00 - 2016-02-24 08:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 05:00 - 2016-02-24 08:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 05:00 - 2016-02-24 08:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-09 05:00 - 2016-02-24 08:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 05:00 - 2016-02-24 08:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 05:00 - 2016-02-24 08:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 05:00 - 2016-02-24 08:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 05:00 - 2016-02-24 08:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-09 05:00 - 2016-02-24 08:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-09 05:00 - 2016-02-24 08:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-09 05:00 - 2016-02-24 08:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 05:00 - 2016-02-24 08:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 05:00 - 2016-02-24 08:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 05:00 - 2016-02-24 08:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 05:00 - 2016-02-24 08:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-09 05:00 - 2016-02-24 08:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 05:00 - 2016-02-24 08:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-09 05:00 - 2016-02-24 08:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 05:00 - 2016-02-24 08:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 05:00 - 2016-02-24 08:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-09 05:00 - 2016-02-24 08:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 05:00 - 2016-02-24 08:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-09 05:00 - 2016-02-24 08:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 05:00 - 2016-02-24 08:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-09 05:00 - 2016-02-24 08:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 05:00 - 2016-02-24 08:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-09 05:00 - 2016-02-24 08:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 05:00 - 2016-02-24 08:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-09 05:00 - 2016-02-24 08:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 05:00 - 2016-02-24 08:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 05:00 - 2016-02-24 08:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 05:00 - 2016-02-24 08:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 05:00 - 2016-02-24 08:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-09 05:00 - 2016-02-24 08:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 05:00 - 2016-02-24 07:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 05:00 - 2016-02-24 07:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-09 05:00 - 2016-02-24 07:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 05:00 - 2016-02-24 07:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-09 05:00 - 2016-02-24 07:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 05:00 - 2016-02-24 07:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-09 05:00 - 2016-02-24 07:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 05:00 - 2016-02-24 07:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-09 05:00 - 2016-02-24 07:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-09 05:00 - 2016-02-24 07:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-09 05:00 - 2016-02-24 07:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-09 05:00 - 2016-02-24 07:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 05:00 - 2016-02-24 07:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-09 05:00 - 2016-02-24 07:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-09 05:00 - 2016-02-24 07:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-09 05:00 - 2016-02-24 07:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-09 05:00 - 2016-02-24 07:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-09 05:00 - 2016-02-24 07:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 05:00 - 2016-02-24 07:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-09 05:00 - 2016-02-24 07:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 05:00 - 2016-02-24 07:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 05:00 - 2016-02-24 07:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-09 05:00 - 2016-02-24 07:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-09 05:00 - 2016-02-24 07:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 05:00 - 2016-02-24 07:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-09 05:00 - 2016-02-24 07:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-09 05:00 - 2016-02-24 07:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-09 05:00 - 2016-02-24 07:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-09 05:00 - 2016-02-24 07:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-09 05:00 - 2016-02-24 07:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-09 05:00 - 2016-02-24 07:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-09 05:00 - 2016-02-24 07:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 05:00 - 2016-02-24 07:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-09 05:00 - 2016-02-24 07:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-09 05:00 - 2016-02-24 07:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-09 05:00 - 2016-02-24 07:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-09 05:00 - 2016-02-24 07:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-09 05:00 - 2016-02-24 07:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-09 05:00 - 2016-02-24 07:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-09 05:00 - 2016-02-24 07:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-09 05:00 - 2016-02-24 07:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-09 05:00 - 2016-02-24 06:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 05:00 - 2016-02-24 06:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-09 05:00 - 2016-02-24 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-09 04:49 - 2016-03-09 04:49 - 00000000 ____D C:\Users\Corinna\AppData\Local\bvxvcxxvaf
2016-03-07 15:01 - 2016-03-07 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-03-07 15:00 - 2016-03-07 15:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-03-07 15:00 - 2016-03-07 15:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-03-07 14:37 - 2016-03-07 14:37 - 00003742 _____ C:\WINDOWS\System32\Tasks\{59EEA3C3-48DF-4510-AE5B-EF6FE721626D}
2016-03-07 14:34 - 2016-03-07 14:34 - 00003248 _____ C:\WINDOWS\System32\Tasks\{B2030BD2-89FA-4709-B30B-129724BA9B6C}
2016-03-07 14:27 - 2016-03-07 14:27 - 00000000 ____D C:\WINDOWS\system32\lana
2016-03-07 12:04 - 2016-03-07 12:04 - 08037888 _____ C:\Users\Corinna\AppData\Roaming\agent.dat
2016-03-07 12:04 - 2016-03-07 12:04 - 01900932 _____ C:\Users\Corinna\AppData\Roaming\DonHotbam.tst
2016-03-07 12:04 - 2016-03-07 12:04 - 00126464 _____ C:\Users\Corinna\AppData\Roaming\noah.dat
2016-03-07 12:04 - 2016-03-07 12:04 - 00126464 _____ C:\Users\Corinna\AppData\Roaming\lobby.dat
2016-03-07 12:04 - 2016-03-07 12:04 - 00072708 _____ C:\Users\Corinna\AppData\Roaming\Goodtam.tst
2016-03-07 12:04 - 2016-03-07 12:04 - 00065040 _____ C:\Users\Corinna\AppData\Roaming\Config.xml
2016-03-07 12:04 - 2016-03-07 12:04 - 00054272 _____ C:\Users\Corinna\AppData\Roaming\ApplicationHosting.dat
2016-03-07 12:04 - 2016-03-07 12:04 - 00018432 _____ C:\Users\Corinna\AppData\Roaming\Main.dat
2016-03-07 12:04 - 2016-03-07 12:04 - 00005568 _____ C:\Users\Corinna\AppData\Roaming\md.xml
2016-03-07 12:04 - 2016-03-07 12:04 - 00000000 ____D C:\ProgramData\Hayzumflexs
2016-03-07 12:03 - 2016-03-07 12:04 - 00000000 ____D C:\Users\Corinna\AppData\Local\Tempfolder
2016-03-07 12:03 - 2016-03-07 12:03 - 00127488 _____ C:\Users\Corinna\AppData\Roaming\Installer.dat
2016-03-07 12:03 - 2016-03-07 12:03 - 00015744 _____ C:\Users\Corinna\AppData\Roaming\InstallationConfiguration.xml
2016-03-07 12:03 - 2016-03-07 12:03 - 00003414 _____ C:\WINDOWS\System32\Tasks\Bucduja
2016-03-07 12:03 - 2016-03-07 12:03 - 00000000 ____D C:\uninst
2016-03-07 11:53 - 2016-03-16 15:00 - 00000260 _____ C:\WINDOWS\SysWOW64\slp.bat
2016-03-07 11:53 - 2016-03-16 15:00 - 00000135 _____ C:\WINDOWS\SysWOW64\bhnd.vbs
2016-03-07 11:50 - 2016-03-07 11:50 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-03-07 11:50 - 2016-03-07 11:50 - 00000000 ____D C:\Users\Corinna\AppData\Local\F727A298-4DB4-456A-AC54-A93EA5F8554D
2016-03-07 11:50 - 2016-03-07 11:50 - 00000000 ____D C:\Users\Corinna\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-03-07 11:46 - 2016-03-07 11:46 - 00000000 ____D C:\WINDOWS\SysWOW64\shared
2016-03-07 11:46 - 2016-03-07 11:46 - 00000000 ____D C:\WINDOWS\SysWOW64\64
2016-03-07 11:46 - 2016-03-07 11:46 - 00000000 ____D C:\WINDOWS\SysWOW64\32x
2016-03-07 11:46 - 2016-03-07 11:46 - 00000000 ____D C:\WINDOWS\SysWOW64\32
2016-03-07 11:44 - 2016-03-07 11:47 - 00000000 ____D C:\WINDOWS\SysWOW64\chdl
2016-03-07 11:38 - 2016-03-07 14:33 - 00000000 ____D C:\ProgramData\BOINC
2016-03-07 11:38 - 2016-03-07 11:44 - 184043658 _____ C:\WINDOWS\SysWOW64\chdl.zip
2016-03-07 11:38 - 2016-03-07 11:38 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2016-03-07 11:37 - 2016-03-07 11:37 - 00032256 _____ C:\WINDOWS\SysWOW64\instsrv.exe
2016-03-07 11:37 - 2016-03-07 11:37 - 00000000 _____ C:\WINDOWS\SysWOW64\64.dat
2016-03-07 11:28 - 2016-03-07 12:10 - 00000000 __RHD C:\ESD
2016-03-03 12:13 - 2016-02-23 12:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-03 12:13 - 2016-02-23 11:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-03 12:13 - 2016-02-23 11:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-03 12:13 - 2016-02-23 11:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-03 12:13 - 2016-02-23 11:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-03 12:13 - 2016-02-23 11:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-03 12:13 - 2016-02-23 10:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-03 12:13 - 2016-02-23 10:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-03 12:13 - 2016-02-23 10:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-03 12:13 - 2016-02-23 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-03 12:13 - 2016-02-23 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-03 12:13 - 2016-02-23 09:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-03 12:13 - 2016-02-23 09:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-03 12:13 - 2016-02-23 09:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-03 12:13 - 2016-02-23 09:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-03 12:13 - 2016-02-23 09:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-03 12:13 - 2016-02-23 08:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-03 12:13 - 2016-02-23 08:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-03 12:13 - 2016-02-23 08:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-03 12:13 - 2016-02-23 08:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-03 12:13 - 2016-02-23 08:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-03 12:13 - 2016-02-23 08:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-03 12:13 - 2016-02-23 07:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-03 12:13 - 2016-02-23 07:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-03 12:13 - 2016-02-23 07:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-03 12:13 - 2016-02-23 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-03 12:13 - 2016-02-23 07:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-03 12:13 - 2016-02-23 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-03 12:13 - 2016-02-23 07:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-03 12:13 - 2016-02-23 07:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-03 12:13 - 2016-02-09 04:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-03 12:13 - 2016-02-09 04:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-03 12:13 - 2016-02-09 04:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-03 12:12 - 2016-02-23 12:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-03 12:12 - 2016-02-23 12:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-03 12:12 - 2016-02-23 12:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-03 12:12 - 2016-02-23 12:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-03 12:12 - 2016-02-23 12:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-03 12:12 - 2016-02-23 12:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-03 12:12 - 2016-02-23 12:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-03 12:12 - 2016-02-23 12:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-03 12:12 - 2016-02-23 12:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-03 12:12 - 2016-02-23 11:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-03 12:12 - 2016-02-23 11:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-03 12:12 - 2016-02-23 11:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-03 12:12 - 2016-02-23 11:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-03 12:12 - 2016-02-23 11:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-03 12:12 - 2016-02-23 11:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-03 12:12 - 2016-02-23 11:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-03 12:12 - 2016-02-23 11:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-03 12:12 - 2016-02-23 11:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-03 12:12 - 2016-02-23 11:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-03 12:12 - 2016-02-23 11:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-03 12:12 - 2016-02-23 11:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-03 12:12 - 2016-02-23 11:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-03 12:12 - 2016-02-23 11:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-03 12:12 - 2016-02-23 10:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-03 12:12 - 2016-02-23 10:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-03 12:12 - 2016-02-23 10:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-03 12:12 - 2016-02-23 10:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-03 12:12 - 2016-02-23 10:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-03 12:12 - 2016-02-23 10:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-03 12:12 - 2016-02-23 10:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-03 12:12 - 2016-02-23 10:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-03 12:12 - 2016-02-23 10:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-03 12:12 - 2016-02-23 10:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-03 12:12 - 2016-02-23 10:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-03 12:12 - 2016-02-23 10:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-03 12:12 - 2016-02-23 10:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-03 12:12 - 2016-02-23 10:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-03 12:12 - 2016-02-23 10:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-03 12:12 - 2016-02-23 10:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-03 12:12 - 2016-02-23 10:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-03 12:12 - 2016-02-23 10:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-03 12:12 - 2016-02-23 10:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-03 12:12 - 2016-02-23 10:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-03 12:12 - 2016-02-23 10:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-03 12:12 - 2016-02-23 10:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-03 12:12 - 2016-02-23 10:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-03 12:12 - 2016-02-23 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-03 12:12 - 2016-02-23 10:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-03 12:12 - 2016-02-23 09:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-03 12:12 - 2016-02-23 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-03 12:12 - 2016-02-23 09:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-03 12:12 - 2016-02-23 09:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-03 12:12 - 2016-02-23 09:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-03 12:12 - 2016-02-23 09:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-03 12:12 - 2016-02-23 09:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-03 12:12 - 2016-02-23 09:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-03 12:12 - 2016-02-23 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-03 12:12 - 2016-02-23 09:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-03 12:12 - 2016-02-23 09:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-03 12:12 - 2016-02-23 09:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-03 12:12 - 2016-02-23 09:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-03 12:12 - 2016-02-23 09:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-03 12:12 - 2016-02-23 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-03 12:12 - 2016-02-23 09:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-03 12:12 - 2016-02-23 09:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-03 12:12 - 2016-02-23 09:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-03 12:12 - 2016-02-23 09:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-03 12:12 - 2016-02-23 09:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-03 12:12 - 2016-02-23 09:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-03 12:12 - 2016-02-23 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-03 12:12 - 2016-02-23 09:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-03 12:12 - 2016-02-23 09:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-03 12:12 - 2016-02-23 09:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-03 12:12 - 2016-02-23 09:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-03 12:12 - 2016-02-23 09:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-03 12:12 - 2016-02-23 09:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-03 12:12 - 2016-02-23 09:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-03 12:12 - 2016-02-23 09:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-03 12:12 - 2016-02-23 09:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-03 12:12 - 2016-02-23 09:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-03 12:12 - 2016-02-23 09:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-03 12:12 - 2016-02-23 09:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-03 12:12 - 2016-02-23 09:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-03 12:12 - 2016-02-23 09:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-03 12:12 - 2016-02-23 09:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-03 12:12 - 2016-02-23 09:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-03 12:12 - 2016-02-23 09:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-03 12:12 - 2016-02-23 09:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-03 12:12 - 2016-02-23 09:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-03 12:12 - 2016-02-23 09:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-03 12:12 - 2016-02-23 09:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-03 12:12 - 2016-02-23 09:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-03 12:12 - 2016-02-23 09:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-03 12:12 - 2016-02-23 09:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-03 12:12 - 2016-02-23 09:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-03 12:12 - 2016-02-23 09:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-03 12:12 - 2016-02-23 09:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-03 12:12 - 2016-02-23 09:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-03 12:12 - 2016-02-23 09:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-03 12:12 - 2016-02-23 08:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-03 12:12 - 2016-02-23 08:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-03 12:12 - 2016-02-23 08:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-03 12:12 - 2016-02-23 08:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-03 12:12 - 2016-02-23 08:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-03 12:12 - 2016-02-23 08:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-03 12:12 - 2016-02-23 08:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-03 12:12 - 2016-02-23 08:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-03 12:12 - 2016-02-23 08:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-03 12:12 - 2016-02-23 08:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-03 12:12 - 2016-02-23 08:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-03 12:12 - 2016-02-23 08:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-03 12:12 - 2016-02-23 08:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-03 12:12 - 2016-02-23 08:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-03 12:12 - 2016-02-23 08:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-03 12:12 - 2016-02-23 08:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-03 12:12 - 2016-02-23 08:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-03 12:12 - 2016-02-23 08:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-03 12:12 - 2016-02-23 08:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-03 12:12 - 2016-02-23 08:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-03 12:12 - 2016-02-23 08:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-03 12:12 - 2016-02-23 08:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-03 12:12 - 2016-02-23 08:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-03 12:12 - 2016-02-23 08:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-03 12:12 - 2016-02-23 08:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-03 12:12 - 2016-02-23 08:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-03 12:12 - 2016-02-23 08:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-03 12:12 - 2016-02-23 08:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-03 12:12 - 2016-02-23 08:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-03 12:12 - 2016-02-23 08:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-03 12:12 - 2016-02-23 07:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-03 12:12 - 2016-02-23 07:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-03 12:12 - 2016-02-23 07:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-03 12:12 - 2016-02-23 07:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-03 12:12 - 2016-02-23 07:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-03 12:12 - 2016-02-23 07:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-03 12:12 - 2016-02-23 07:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-03 12:12 - 2016-02-23 07:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-03 12:12 - 2016-02-23 07:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-03 12:12 - 2016-02-23 07:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-03 12:12 - 2016-02-23 07:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-03 12:12 - 2016-02-23 07:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-03 12:12 - 2016-02-09 05:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-03 12:12 - 2016-02-09 05:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-03 12:12 - 2016-02-09 04:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-03 12:12 - 2016-02-09 04:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-03 12:12 - 2016-02-09 04:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-02-24 10:36 - 2016-02-24 10:36 - 00509909 _____ C:\Users\Corinna\Downloads\4189321(1).pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-24 11:16 - 2014-07-20 10:18 - 00000000 ___RD C:\Users\Corinna\OneDrive
2016-03-24 11:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-24 11:08 - 2015-11-29 16:37 - 00000000 __SHD C:\Users\Corinna\IntelGraphicsProfiles
2016-03-24 11:08 - 2015-11-29 15:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-24 11:07 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-24 10:44 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-24 10:43 - 2014-07-21 13:02 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{319B35C6-C45E-4AA8-AC2F-81FCC91474CC}
2016-03-23 16:35 - 2014-05-08 11:30 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-23 09:49 - 2015-11-24 19:07 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-03-23 09:45 - 2015-11-29 14:59 - 00000000 ____D C:\Users\Corinna
2016-03-23 09:44 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-23 09:32 - 2015-11-29 14:59 - 00000000 ____D C:\Users\Gast
2016-03-23 09:32 - 2015-11-29 14:59 - 00000000 ____D C:\Users\Administrator
2016-03-23 09:32 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-23 09:32 - 2014-10-16 11:17 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2016-03-23 09:24 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\registration
2016-03-23 09:16 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-03-22 10:13 - 2014-09-15 17:44 - 00000000 ____D C:\Users\Corinna\AppData\Local\ElevatedDiagnostics
2016-03-21 16:30 - 2015-07-05 10:52 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-21 15:43 - 2015-01-21 16:04 - 00000000 ____D C:\Users\Corinna\Desktop\Ramon
2016-03-20 12:43 - 2015-11-29 14:59 - 02003246 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-20 12:43 - 2015-10-30 19:35 - 00852510 _____ C:\WINDOWS\system32\perfh007.dat
2016-03-20 12:43 - 2015-10-30 19:35 - 00187736 _____ C:\WINDOWS\system32\perfc007.dat
2016-03-20 12:41 - 2015-12-18 16:17 - 00003262 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForCorinna
2016-03-20 12:41 - 2015-12-18 16:17 - 00000362 _____ C:\WINDOWS\Tasks\HPCeeScheduleForCorinna.job
2016-03-20 03:13 - 2015-06-23 09:14 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2016-03-18 06:12 - 2015-10-30 07:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-16 15:08 - 2014-07-20 11:13 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-03-16 08:59 - 2016-02-16 10:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-12 11:32 - 2015-01-25 07:38 - 00000000 ____D C:\ProgramData\Oracle
2016-03-12 11:28 - 2015-08-23 09:58 - 00000000 ____D C:\Users\Corinna\.oracle_jre_usage
2016-03-12 06:34 - 2014-05-09 20:12 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-12 06:34 - 2014-05-09 20:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-12 06:21 - 2015-04-12 06:12 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-12 06:13 - 2014-10-11 18:13 - 00001128 _____ C:\Users\Corinna\Desktop\Mazda Toolbox.lnk
2016-03-12 06:09 - 2015-11-29 16:43 - 00002429 _____ C:\Users\Corinna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-10 03:23 - 2015-11-29 14:52 - 00222440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-10 03:21 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-10 03:21 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-10 03:21 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-10 03:21 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-08 08:12 - 2015-10-30 08:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:12 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-07 12:47 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-03-05 06:03 - 2012-11-02 15:59 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-05 03:31 - 2015-10-30 19:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-05 03:31 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-05 03:31 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-05 03:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-05 03:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-05 03:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-05 03:31 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-05 03:31 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-05 03:31 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-03-07 12:04 - 2016-03-07 12:04 - 8037888 _____ () C:\Users\Corinna\AppData\Roaming\agent.dat
2016-03-07 12:04 - 2016-03-07 12:04 - 0054272 _____ () C:\Users\Corinna\AppData\Roaming\ApplicationHosting.dat
2016-03-07 12:04 - 2016-03-07 12:04 - 0065040 _____ () C:\Users\Corinna\AppData\Roaming\Config.xml
2016-03-07 12:04 - 2016-03-07 12:04 - 1900932 _____ () C:\Users\Corinna\AppData\Roaming\DonHotbam.tst
2016-03-07 12:04 - 2016-03-07 12:04 - 0072708 _____ () C:\Users\Corinna\AppData\Roaming\Goodtam.tst
2016-03-07 12:03 - 2016-03-07 12:03 - 0015744 _____ () C:\Users\Corinna\AppData\Roaming\InstallationConfiguration.xml
2016-03-07 12:03 - 2016-03-07 12:03 - 0127488 _____ () C:\Users\Corinna\AppData\Roaming\Installer.dat
2016-03-07 12:04 - 2016-03-07 12:04 - 0126464 _____ () C:\Users\Corinna\AppData\Roaming\lobby.dat
2016-03-07 12:04 - 2016-03-07 12:04 - 0018432 _____ () C:\Users\Corinna\AppData\Roaming\Main.dat
2016-03-07 12:04 - 2016-03-07 12:04 - 0005568 _____ () C:\Users\Corinna\AppData\Roaming\md.xml
2016-03-07 12:04 - 2016-03-07 12:04 - 0126464 _____ () C:\Users\Corinna\AppData\Roaming\noah.dat
2016-03-07 12:04 - 2016-03-07 12:04 - 0032038 _____ () C:\Users\Corinna\AppData\Roaming\uninstall_temp.ico
2014-10-06 16:36 - 2014-10-06 16:36 - 0000043 _____ () C:\Users\Corinna\AppData\Roaming\WB.CFG
2012-09-27 21:20 - 2012-09-27 21:20 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
Einige Dateien in TEMP:
====================
C:\Users\Corinna\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-20 03:16
==================== Ende von FRST.txt ============================ |