Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Malware & Hijacker Schock, schwankende Systemleistung (https://www.trojaner-board.de/181987-malware-hijacker-schock-schwankende-systemleistung.html)

lunaris 25.09.2016 19:15
Malware & Hijacker Schock, schwankende Systemleistung
 
Liebe Profis

Ich glaube, ich muss nun auch Eure Hilfe beanspruchen und möchte mich vorab schon mal herzlich für die Bemühungen bedanken.

Kontext:
Mein Notebook verhält sich seit der erstmaligen Installation von Win10 nur jeweils kurzweilig so, wie es sollte. Ich arbeite bald seit 10 Jahren als Projektleitung bei Webprojekten und bin mir über die Risiken, die im Web lauern, bewusst. Ich klicke keine Links an, deren Zusammenhang oder Ziele ich nur ansatzweise suspekt finde, und doch landet immer wieder Malware, Hijacker und anderes Gedöns auf meinem Gerät (letztens Hohosearch, muss ich mehr sagen :lmaa: ), es wird immer wieder mega langsam, fährt nach zwei bis max. 3 Monaten nicht mehr sauber runter und so weiter.

Ich habe mein Notebook nun schon 3x mal neu aufgesetzt. Gerade deshalb war ich umso mehr schockiert, als ich vor etwa 3 Wochen satte 21! Trojaner, Hijacker und sonstige Parasiten auf dem Notebook fand. Ich glaube daher eher, es liegt an mangelhaftem Schutz und da brauche ich eben Hilfe. Ich beschäftige mich eigentlich noch gerne mit der Bereinigung meines Geräts, aber aber jetzt fängt die Spinnerei schon wieder an und ich mag nicht mehr.

Problem:
Ich habe diverse, unterschiedliche Probleme, die immer mal wieder auftauchen. Win10 wird nach ein paar Wochen wieder langsamer, beim Herunterfahren werden immer wieder dll und / oder vorher nicht genutzte aber mir bekannte Tools angezeigt, die noch "laufen" sollen ... und momentan habe ich das Problem, dass die Kiste in einer unsäglichen Frequenz freezt und Programme nicht mehr reagieren, die auf meinem alten Notebook mit wesentlich weniger Leistung problemlos parallel liefen.

Das weiss ich mit Sicherheit:
  • Windows Hostprozess rundll32 ist meistens, aber laut Task-Manager nicht immer für die Blockaden verantwortlich.
  • In den anderen Fällen ist die CPU- und Arbeitsspeicher-Auslastung sehr hoch, allerdings findet sich in diesen Fällen kein Prozess im Task Manager, der entsprechende Werte ausweist.
  • Ich habe unter Autostart 4 Einträge drin, die "Program" heissen (alle deaktiviert) :aufsmaul:

Fragen oder Bitten:
  • Es wäre toll, wenn wir die Punkte der Liste oben mal anschauen und nach Möglichkeit eliminieren könnten.
  • Ich würde mich freuen, wenn mir jemand helfen könnte, mein Notebook unter die Lupe zu nehmen und zu schauen, was da so kreucht und fleucht, was ich an Settings & Tools, welche ich derzeit verwende, korrigieren oder verändern sollte, etc.
  • Ich bräuchte Beratung im Hinblick auf die Tools und Win10 Funktionen, die mich vor vor Viren, Malware, etc. optimal und vor allem aktiv schützen. Wichtig ist dabei, dass ich z.B. mein iPhone noch synchronisieren kann.

Wofür ich mein Notebook brauche (relevante Punkte):
  • Online-Banking, Online-Shopping, etc.
  • Manchmal für die Arbeit, aber das ist mein privates Notebook

Ich hoffe, es fehlt jetzt nichts Wesentliches. Ansonsten einfach fragen.

Liebe Grüsse und danke!

deeprybka 25.09.2016 19:34
:hallo:

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...:abklatsch:
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean :daumenhoc bekommst.



Los geht's:

Schritt 1
http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://deeprybka.trojaner-board.de/tdss/codetags.gif

lunaris 25.09.2016 20:01
Addition.txt
 
Hallo Jürgen, vielen Dank!

Die FRST.txt hat knapp 155K Zeichen. Wie soll ich das posten, dass es für Dich passt?

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-09-2016
durchgeführt von Sarah (25-09-2016 20:49:12)
Gestartet von C:\Users\Sarah\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-02 19:19:58)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1742419186-1601379352-809800023-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1742419186-1601379352-809800023-503 - Limited - Disabled)
Gast (S-1-5-21-1742419186-1601379352-809800023-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1742419186-1601379352-809800023-1006 - Limited - Enabled)
Sarah (S-1-5-21-1742419186-1601379352-809800023-1002 - Administrator - Enabled) => C:\Users\Sarah

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3006 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.8.0.310 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2015 (HKLM-x32\...\{EE2A0AA8-0386-11E5-8603-BC82F5DB1A71}) (Version: 16.1.3 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015.3 (HKLM-x32\...\ILST_20_1_0) (Version: 20.1.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2015 (HKLM-x32\...\{DBFD0312-6E55-1014-8952-E78D43BC0147}) (Version: 11.4.1.102 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015.3 (HKLM-x32\...\AME_10_4_0) (Version: 10.4.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0_1) (Version: 17.0.1 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.4218 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 10.4.26 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.47.1 - Dropbox, Inc.) Hidden
ELAN HIDI2C Filter Driver X64 13.6.1.1_WHQL (HKLM\...\Elantech) (Version: 13.6.1.1 - ELAN Microelectronic Corp.)
EPSON XP-432 435 Series Printer Uninstall (HKLM\...\EPSON XP-432 435 Series) (Version:  - Seiko Epson Corporation)
Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
FileZilla Client 3.17.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.17.0.1 - Tim Kosse)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.28.831 - Digital Wave Ltd)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
iCloud (HKLM\...\{724A887F-2B55-4306-B6F9-8F0E7A04B1B5}) (Version: 5.2.2.87 - Apple Inc.)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.5.146.1 - Intel Security)
Intel(R) Driver Update Utility 2.4 (x32 Version: 2.4.0.15 - Intel) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) Product Improvement Program (x32 Version: 2.1.27.3 - Intel) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{1b09c4de-9cae-4122-b17c-65d395062b50}) (Version: 2.4.0.15 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.376.2 - McAfee, Inc.)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7167.2060 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.7167.2060 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 - de-de (HKLM\...\VisioProRetail - de-de) (Version: 16.0.7167.2060 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version:  - )
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla)
Network Notepad Professional Edition (HKLM-x32\...\DotNetPad_is1) (Version:  - Jason Green)
NVIDIA Grafiktreiber 369.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 369.09 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
ProjectLibre (HKLM-x32\...\{8E2A530F-ABE9-45B4-B4EA-B9DF56698376}) (Version: 1.6.2.0 - ProjectLibre)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.21277 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7203 - Realtek Semiconductor Corp.)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
yEd Graph Editor 3.15.0.2 (HKLM-x32\...\3309-7404-0599-8908) (Version: 3.15.0.2 - yWorks GmbH)
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1742419186-1601379352-809800023-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Sarah\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1742419186-1601379352-809800023-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01102F16-64A4-4078-A5BC-6EC6784C96BE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-02] (Dropbox, Inc.)
Task: {08CC4D92-5144-4EAB-816C-26E59F9073F5} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {17FE7975-5BA7-4E78-B89E-EE8E60C52955} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-09-13] (Microsoft Corporation)
Task: {1DBB39FA-D817-4E58-A0E1-CBD63D3C4131} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {1DC5C606-21A6-41B5-A4EB-D5E19BC511EA} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {1EC40B2B-0882-4702-9C05-BF24A04350C7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {31665744-B4D5-41C0-A69E-2606ABDE779B} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {37B2B24B-FBD9-4293-9E26-76F558E36F1F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13] (Adobe Systems Incorporated)
Task: {3B07D30B-F2D1-43B2-A67D-72DBC64A1D65} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {4CB44732-DE2A-4C13-9C81-33E1CDE669EE} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {4D0F8159-7FA9-41A0-B0E7-FBC76BB073E9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-09-13] (Microsoft Corporation)
Task: {6F7A477C-19ED-418B-B5C7-FC5F47518338} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {766049C9-83ED-47A9-B285-B46E1A3B9AED} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-17] ()
Task: {7AD080D4-126A-47DB-8C5A-3F67B3C957D3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {7C2E5688-AD88-42ED-B445-C407775BDCDD} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {8019D117-35DB-4178-B012-B7D5AA489BA2} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {80FF5C13-D961-40F2-B892-BD65AAE8FE98} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-08-30] (Acer Incorporated)
Task: {836C7542-6DBC-4DE4-AD2D-87964E72B325} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-11] (Google Inc.)
Task: {8A6476D3-8858-41DB-8CA1-07845695313A} - System32\Tasks\EPSON XP-432 435 Series Update {E2701DEA-B8FE-4B92-B821-3B31EF5B091F} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPDE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {90E4AAEE-214F-4FE7-885E-DACBC0A26950} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-11] (Google Inc.)
Task: {96098DA8-4640-4247-B4A5-FC6A673AEAA8} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-02] (Dropbox, Inc.)
Task: {97E1F9CF-24F0-4180-8880-EBBA78D91724} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-09-05] (Microsoft Corporation)
Task: {99360872-D2C9-484C-8082-B53EF443B37F} - System32\Tasks\SafeZone scheduled Autoupdate 1463674154 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {9BD20DB4-DA4C-466D-8FDB-D8527B47F082} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-sarah.mueller88@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {9D3DFB64-9ED7-4E55-9C2A-5FB5C3B292D8} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Sarah\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-27] (Microsoft Corporation)
Task: {B20C0BB1-70E4-4BA1-B4AA-0FF27BACBBC2} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2016-08-15] ()
Task: {C9911319-3E2C-46C8-B9B9-4A24AB74AB49} - System32\Tasks\{F575C47D-0D94-4DFE-91EC-40B5F2E61535} => Chrome.exe hxxp://ui.skype.com/ui/0/7.24.0.104/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {D6F9FB7F-98FE-4BE7-AA87-98F8F6331D01} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {DA0F7C93-2B62-4FFB-8F77-03363DE7EE09} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-17] ()
Task: {DF71E165-635D-4DDA-88B3-4561462FD52B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {E418ED44-D79C-476F-9438-85F9A8353316} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-09-05] (Microsoft Corporation)
Task: {EDF4F705-2502-423E-A35C-997D185A2814} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {F69239AC-BF10-463C-8CAE-7FD508923AE7} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {F9228382-42AC-4428-918C-222927615477} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-09-09] (Acer)
Task: {FDD1237C-3C61-4917-95E5-D8477B878B50} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-09-13] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON XP-432 435 Series Update {E2701DEA-B8FE-4B92-B821-3B31EF5B091F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPDE.EXE:/EXE:{E2701DEA-B8FE-4B92-B821-3B31EF5B091F} /F:UpdateWORKGROUP\SARAH$
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Chrome Apps & Extensions Developer Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 4" --app-id=ohmmkhmmmpcnpikjeljgnaoabkaalbgc
ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 4" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Sarah - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Privat - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-16 04:38 - 2016-09-07 07:44 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-02 21:04 - 2016-08-01 14:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-25 23:23 - 2012-04-24 12:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-03-09 20:43 - 2016-03-09 20:43 - 00118424 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2016-09-16 04:38 - 2016-09-07 07:44 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-02 21:22 - 2016-09-02 21:22 - 01864384 _____ () C:\Users\Sarah\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2014-07-25 23:27 - 2014-07-01 23:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-05-09 09:22 - 2016-05-09 09:22 - 00052912 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2015-09-30 20:39 - 2015-09-30 20:39 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-09-16 04:38 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-16 04:35 - 2016-09-07 06:57 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-16 04:38 - 2016-09-07 06:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-16 04:38 - 2016-09-07 06:35 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-16 04:34 - 2016-09-07 06:35 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-16 04:38 - 2016-09-07 06:35 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-16 04:34 - 2016-09-07 06:40 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-05 13:36 - 2016-09-05 13:43 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-09-05 13:36 - 2016-09-05 13:43 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-09-05 13:36 - 2016-09-05 13:43 - 35288064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-08-15 15:24 - 2016-08-15 15:24 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2016-08-15 15:24 - 2016-08-15 15:24 - 00091488 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2015-07-17 14:39 - 2015-07-17 14:39 - 04612448 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2016-09-24 15:05 - 2016-08-31 19:55 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-09-24 15:05 - 2016-08-31 19:55 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-09-24 15:05 - 2016-08-31 19:55 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-09-24 15:05 - 2016-08-31 19:55 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2016-09-02 21:22 - 2016-09-02 21:22 - 01383616 _____ () C:\Users\Sarah\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-09-24 14:39 - 2016-09-14 02:38 - 01806152 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-24 14:39 - 2016-09-14 02:38 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll
2016-08-15 18:03 - 2016-08-15 18:03 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-08-15 18:05 - 2016-08-15 18:05 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-08-15 18:05 - 2016-08-15 18:05 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-08-15 18:04 - 2016-08-15 18:04 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2016-09-20 17:24 - 2016-09-20 17:24 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-08-30 15:09 - 2016-08-30 15:09 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-08-30 15:05 - 2016-08-30 15:05 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-09-09 10:51 - 2016-09-09 10:51 - 00202456 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-09-09 10:51 - 2016-09-09 10:51 - 00119000 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2016-08-15 15:24 - 2016-08-15 15:24 - 00277856 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2016-09-24 16:02 - 2016-09-12 17:48 - 17754304 _____ () C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.166\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2016-05-09 17:10 - 00000853 ____A C:\WINDOWS\system32\Drivers\etc\hosts


0.0.0.1        mssplus.mcafee.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1742419186-1601379352-809800023-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Sarah\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\tumblr_n944intfop1rmw9ado2_1280.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "AcerPortal"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "MailStylerWarmup"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{BEF4869F-E898-4111-9E30-02FB421E5B5F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{5E871996-732C-4888-86E9-400F21A63389}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{6E1E81DF-1A88-4B2E-B525-15176D1F836E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9C7B871F-E85A-4482-8C21-D7B22C783D8D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7BE51D4C-5769-407F-9273-6F578528EFDB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{843B6FE3-59DB-48B0-8927-AD5DBF3C03C2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{698B4D4D-0644-4525-9473-AC4C61EA53F5}C:\users\sarah\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sarah\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{399479EF-AB73-406A-8AC9-E56591FB1261}C:\users\sarah\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sarah\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B62E87F4-059D-426F-9810-51654207C962}C:\users\sarah\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sarah\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{02E1E182-EF20-408D-93F9-D7E55ABE8F7D}C:\users\sarah\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sarah\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7C3F9A14-27B0-402D-8D8D-3BFBA207B5BC}C:\program files (x86)\spotify\spotify.exe] => (Allow) C:\program files (x86)\spotify\spotify.exe
FirewallRules: [TCP Query User{8F0A5414-09AC-4EA3-8D99-4ED7744211A2}C:\program files (x86)\spotify\spotify.exe] => (Allow) C:\program files (x86)\spotify\spotify.exe
FirewallRules: [{08C23BF5-D36D-4777-8E9E-37BB3FCE826B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{C797F0F8-2AD0-42F9-86BA-C98E48201FF7}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{9E908B0B-EA1B-489D-ACC2-7E0F050E9717}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{419C7DFC-8D29-42B3-BE19-1A3DE34E4A39}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{719B08D9-C2E4-421F-9D75-FBA8685E2CCF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{C4FDA8DC-1A00-4587-ADE8-5F3A6CB4EF25}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{31F1F27A-4FB2-407C-9BB5-59C175CE34B3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F4F88768-5EEA-407A-B634-B00CE17CD973}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{0A20BDB2-3A22-4C8B-A174-0307ED73048D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{6B04AB04-A2A8-4C44-AD62-DFBE5F7C8CCA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{2EA69E2E-4249-4721-9591-66DB1CB31741}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{05FB242C-6370-4FB6-8BA6-BD7354BF5106}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{3F14814A-6654-4502-BAE3-2DB1FEF910BF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{2589C329-AB2F-46F6-8E8D-9248B56CE344}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{D6EF0449-6107-48A0-95A8-EF40668E33BC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F464C4BB-0BDC-43B9-BFC5-5E6583599744}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{A887D22E-D816-4E22-9ED0-B28FE8F6AE12}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{80386162-F41D-4031-83F2-073C9E49FD26}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{1624C36E-444C-42D3-832D-31A4D3F3FB78}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{6A455835-09DD-43E5-B7B5-A67B7071D38B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{D70B1843-F150-406F-BA86-18CEC577FE45}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{849A04A8-8D39-48E6-8193-B337070D0BB0}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{07542B01-8AE5-4995-8592-E0182729CF62}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{CCE2DE8C-7A61-4F61-9BFD-0BFF6CF9F129}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Play.exe
FirewallRules: [{95C70AC9-B34B-4E82-A378-3B18D0368995}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{444CF3C0-AB61-4BE2-BC0B-26AB9F4A9D57}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{03FFD20E-30BF-4D18-A57C-1DA5BA05D539}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{33D88064-9A0E-4F27-AE9E-10A9482A8040}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{57445F65-1D41-4575-A3B0-8506302ED8AA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{8A028987-6FE1-470D-A62E-2E855393DEEC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{503E1E78-7AB7-4E1B-B912-D36C3AA8ECC9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E078B810-7646-439E-A187-3E625525D143}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F4A9B08B-8C6B-493F-9048-6B16381DEC83}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BF4281CF-6DDF-41E9-B135-E5384FEE8BEE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BABEB67B-31CA-470C-803F-7F848DA1324B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A38369D5-29D8-400F-A3B5-F4E662BD8904}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{FEC3D5C3-5D88-458A-A809-191A07A12D28}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{822738EA-6D1F-4F3A-A76F-7389F08E851B}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{3EF104BA-A084-4C85-8E10-F5F85B2D8D51}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{12741BF9-B8FF-4F19-B229-514F5E1F9A04}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{49E0315D-C1ED-4624-88F9-BA4E1B00ECD4}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{4DDC6548-EC2B-4788-8209-D8565FE41C15}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{5D5F1636-CF99-40F4-AAA3-1A9260C66B07}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{446DC3AA-6132-4501-A511-47046C890C4F}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{E620DC92-C9B5-4A51-953E-D8D21C9BAE43}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{CA17D121-56F4-462F-8C4B-AD7DED6A6166}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{86944D29-D5FC-47F6-9CFA-027F0AE63DEE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{F2AC009A-026E-4AE3-8C8F-F18794E81B2A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5567E216-C27A-4A74-9221-48F930BFD4E6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D6C4C87D-54F0-4345-8FAC-CF36808E822B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{3D57D84F-F43C-416D-BEE1-597546A61121}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{08750F6A-F010-4765-A6C4-21F743B95E1B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

10-09-2016 16:10:40 Windows Modules Installer
14-09-2016 20:25:59 Windows Update
20-09-2016 17:17:49 Windows Update
24-09-2016 15:20:40 Installed iCloud

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/25/2016 08:12:12 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (09/25/2016 07:45:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_74bc87d3d22d9abe.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest.

Error: (09/25/2016 06:43:08 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_74bc87d3d22d9abe.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest.

Error: (09/25/2016 06:43:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe CEF Helper.exe, Version: 3.8.0.310, Zeitstempel: 0x57bdba68
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2171.2069.0, Zeitstempel: 0x551bdc44
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00444106
ID des fehlerhaften Prozesses: 0x33ec
Startzeit der fehlerhaften Anwendung: 0x01d21749e750b6e8
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
Berichtskennung: 214f59b8-9d1f-4132-b488-e848ccc67593
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/25/2016 06:41:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_74bc87d3d22d9abe.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.0_none_2d0f50fcbdb171b8.manifest.

Error: (09/24/2016 05:28:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31266

Error: (09/24/2016 05:28:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31266

Error: (09/24/2016 05:28:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/24/2016 05:28:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15641

Error: (09/24/2016 05:28:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15641


Systemfehler:
=============
Error: (09/25/2016 07:32:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/25/2016 07:32:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/25/2016 07:32:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/25/2016 07:31:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Windows Defender – KB2267602 (Definition 1.229.210.0)

Error: (09/25/2016 07:31:54 PM) (Source: DCOM) (EventID: 10010) (User: SARAH)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/25/2016 07:31:54 PM) (Source: DCOM) (EventID: 10010) (User: SARAH)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/25/2016 07:31:54 PM) (Source: DCOM) (EventID: 10010) (User: SARAH)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/25/2016 06:24:21 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/25/2016 06:21:22 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/25/2016 06:21:22 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 22%
Installierter physikalischer RAM: 16307.27 MB
Verfügbarer physikalischer RAM: 12693.53 MB
Summe virtueller Speicher: 33715.27 MB
Verfügbarer virtueller Speicher: 29905.95 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:206.51 GB) (Free:89.13 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: B9F9A14D)

Partition: GPT.

==================== Ende von Addition.txt ============================
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2016
durchgeführt von Sarah (Administrator) auf SARAH (25-09-2016 20:48:38)
Gestartet von C:\Users\Sarah\Desktop
Geladene Profile: Sarah (Verfügbare Profile: Sarah)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\DbxSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1380056 2014-03-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1803848 2016-08-03] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-08-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-07-28] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25382344 2016-09-20] (Dropbox, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [884920 2016-06-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\Run: [Spotify Web Helper] => C:\Users\Sarah\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1529456 2016-09-21] (Spotify Ltd)
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\Run: [MailStylerWarmup] => C:\Program Files (x86)\Delivery Tech Corp\MailStyler 1\MailStyler.exe /warmup
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2418392 2016-09-09] (Acer)
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\Run: [Spotify] => C:\Users\Sarah\AppData\Roaming\Spotify\Spotify.exe [6795376 2016-09-21] (Spotify Ltd)
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPDE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2016-07-08] (Apple Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-08-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 0.0.0.1        mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2769a870-44fb-4239-9187-fb148d1c5d16}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{49d21d93-9b48-4569-8a8d-1944b268e1f8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e2a389bd-efeb-49ad-b9dc-d97c08a473be}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> DefaultScope Wert fehlt
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-09-05] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-08-09] (Intel Security)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-25] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-25] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-08-09] (Intel Security)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Sarah\AppData\Roaming\Profiles\5arztgff.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-08-24] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [Keine Datei]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-09-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-08-24] (Adobe Systems)
FF Extension: (Avira Browser Safety) - C:\Users\Sarah\AppData\Roaming\Mozilla\Firefox\Profiles\GCafUnPd.default\Extensions\abs@avira.com [2016-06-23]
FF Extension: (Avira Browser Safety) - C:\Users\Sarah\AppData\Roaming\Profiles\5arztgff.default\Extensions\abs@avira.com [2016-09-07]
FF Extension: (Firefox Hotfix) - C:\Users\Sarah\AppData\Roaming\Profiles\5arztgff.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-13]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-05-05]

Chrome:
=======
CHR Profile: C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion [2016-08-25] <==== ACHTUNG
CHR Extension: (Google Präsentationen) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-25]
CHR Extension: (Google Docs) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-25]
CHR Extension: (Web Developer) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2016-07-23]
CHR Extension: (YouTube) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-11]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\bmagokdooijbeehmkpknfglimnifench [2016-04-11]
CHR Extension: (Debug Utils) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\djailkkojeahmihdpcelmmobkpepmkcl [2016-04-11]
CHR Extension: (Adobe Acrobat) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-05-05]
CHR Extension: (Google Tabellen) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-11]
CHR Extension: (Avira Browserschutz) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-07-23]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-07-23]
CHR Extension: (Google Docs Offline) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-11]
CHR Extension: (AdBlock) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-25]
CHR Extension: („Pin it“-Button) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-07-23]
CHR Extension: (Page Ruler) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\jlpkojjdgbllmedoapgfodplfhcbnbpn [2016-04-11]
CHR Extension: (Google Analytics Debugger) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\jnkmfdileelhofjcijamephohjechhna [2016-04-11]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2016-04-11]
CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2016-04-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-11]
CHR Extension: (TypeWonder) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\ohgmapelghofmbacalgamfbejaghdilh [2016-04-29]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2016-04-11]
CHR Extension: (Lineal zum Messen) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\pemefhlbiinkcopbapnfghcnjhlgceof [2016-04-11]
CHR Extension: (Google Mail) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-11]
CHR Extension: (Chrome Media Router) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-21]
CHR Profile: C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-09-25]
CHR Extension: (Google Präsentationen) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-27]
CHR Extension: (Google Docs) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-27]
CHR Extension: (Google Drive) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-28]
CHR Extension: (YouTube) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-09-10]
CHR Extension: (Google Tabellen) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-27]
CHR Extension: (Avira Browserschutz) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-21]
CHR Extension: (Google Docs Offline) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-28]
CHR Extension: (Wappalyzer) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gppongmhjkpfnbhagpmjfkannfbllamg [2016-09-09]
CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2016-09-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-27]
CHR Extension: (Google Mail) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-27]
CHR Extension: (Chrome Media Router) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-25]
CHR Profile: C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4 [2016-09-25]
CHR Extension: (Google Präsentationen) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-25]
CHR Extension: (Google Docs) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-25]
CHR Extension: (Google Drive) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-25]
CHR Extension: (YouTube) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-25]
CHR Extension: (Adblock Plus) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-25]
CHR Extension: (Adobe Acrobat) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-09-11]
CHR Extension: (Google Tabellen) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-25]
CHR Extension: (Google Docs Offline) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-25]
CHR Extension: (Google Mail) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-25]
CHR Extension: (Chrome Media Router) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-25]
CHR Profile: C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\System Profile [2016-09-25]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-08-24] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2980032 2016-09-05] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-02] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42792 2016-09-20] (Windows (R) Win 7 DDK provider)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [392168 2016-08-31] (Digital Wave Ltd.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370064 2015-09-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3036312 2016-07-28] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [327944 2016-07-19] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [118424 2016-03-09] ()
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [920616 2016-08-08] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-08-08] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-08-08] (McAfee, Inc.)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [173384 2014-04-09] (ELAN Microelectronic Corp.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R2 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-25] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9934c34dc6ca0c4b\nvlddmkm.sys [13746240 2016-08-03] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek                                            )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [761600 2015-06-24] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-03-09] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2016-06-21] (Zemana Ltd.)
U0 aswVmm; kein ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]

lunaris 26.09.2016 11:59
Code:
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-25 20:48 - 2016-09-25 20:48 - 00039098 _____ C:\Users\Sarah\Desktop\FRST.txt
2016-09-25 20:47 - 2016-09-25 20:48 - 02403328 _____ (Farbar) C:\Users\Sarah\Desktop\FRST64.exe
2016-09-25 19:44 - 2016-09-25 20:18 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-25 19:44 - 2016-09-25 19:44 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-25 19:44 - 2016-09-25 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-25 19:44 - 2016-09-25 19:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-25 19:44 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-25 19:44 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-25 19:44 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-25 19:32 - 2016-09-25 20:48 - 00057987 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2016-09-25 18:39 - 2016-09-25 18:39 - 00001183 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2015.3.lnk
2016-09-25 18:38 - 2016-09-25 18:38 - 00000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2016-09-24 17:07 - 2016-09-24 17:07 - 00000564 _____ C:\Users\Sarah\Documents\starburn.txt
2016-09-24 17:07 - 2016-09-24 17:07 - 00000000 ____D C:\Users\Sarah\AppData\Local\Wondershare
2016-09-24 17:07 - 2016-09-24 17:07 - 00000000 ____D C:\ProgramData\Wondershare
2016-09-24 17:06 - 2016-09-24 17:07 - 00000000 ____D C:\Users\Sarah\Documents\Wondershare Filmora
2016-09-24 16:56 - 2016-09-24 17:14 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Audacity
2016-09-24 16:56 - 2016-09-24 17:06 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2016-09-24 16:56 - 2016-09-24 16:56 - 00000000 ____D C:\Users\Sarah\AppData\Local\Audacity
2016-09-24 16:33 - 2016-09-24 16:33 - 00000000 ____D C:\Users\Sarah\AppData\Local\Meltytech
2016-09-24 15:30 - 2016-09-24 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-09-24 15:05 - 2016-09-24 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-09-24 15:05 - 2016-09-24 15:13 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-09-24 15:05 - 2016-09-24 15:05 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2016-09-24 15:04 - 2016-09-24 16:22 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\DVDVideoSoft
2016-09-24 14:46 - 2016-09-24 16:56 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-09-24 14:46 - 2016-09-24 14:46 - 00001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-09-24 14:19 - 2016-09-24 16:10 - 00000000 ____D C:\Users\Sarah\AppData\Local\Apple Inc
2016-09-24 14:05 - 2016-09-24 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-09-24 14:04 - 2016-09-24 14:05 - 00000000 ____D C:\Program Files\iTunes
2016-09-24 14:04 - 2016-09-24 14:04 - 00000000 ____D C:\Program Files\iPod
2016-09-22 17:50 - 2016-09-22 17:50 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\SolidDocuments
2016-09-20 17:57 - 2016-09-20 17:57 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign5a608a1c29730024
2016-09-20 17:24 - 2016-09-20 17:24 - 00003388 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2016-09-20 17:09 - 2016-09-20 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-09-20 03:15 - 2016-09-20 03:15 - 00042792 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DbxSvc.exe
2016-09-20 03:07 - 2016-09-20 03:07 - 00073840 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-09-20 03:07 - 2016-09-20 03:07 - 00073840 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-09-20 03:07 - 2016-09-20 03:07 - 00073840 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-09-18 20:24 - 2016-09-18 20:24 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignd22cd09c6c1521e9
2016-09-18 20:24 - 2016-09-18 20:24 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign970827402366b86b
2016-09-18 20:24 - 2016-09-18 20:24 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign9420718812e25a3c
2016-09-18 20:24 - 2016-09-18 20:24 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign7e8383828d86b79d
2016-09-18 20:17 - 2016-09-18 20:17 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign215a0da6545243ea
2016-09-18 20:04 - 2016-09-18 20:04 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignc7e3fa7c1f817c56
2016-09-18 20:04 - 2016-09-18 20:04 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign67c76fe7f5af8dc1
2016-09-18 20:04 - 2016-09-18 20:04 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign1c9e878afbad19bd
2016-09-18 20:04 - 2016-09-18 20:04 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign109421efd09cec46
2016-09-18 19:45 - 2016-09-18 19:45 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign7715561e8d0c1c26
2016-09-18 19:42 - 2016-09-18 19:42 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignf9356dec25ff868d
2016-09-18 19:42 - 2016-09-18 19:42 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigneb8d8021b59157ba
2016-09-18 19:42 - 2016-09-18 19:42 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign1570b9b9b7458278
2016-09-18 19:42 - 2016-09-18 19:42 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign1541ab59446813be
2016-09-16 04:38 - 2016-09-07 07:55 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-09-16 04:38 - 2016-09-07 07:50 - 07813472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-16 04:38 - 2016-09-07 07:50 - 00773200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-16 04:38 - 2016-09-07 07:46 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-09-16 04:38 - 2016-09-07 07:44 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-16 04:38 - 2016-09-07 07:44 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-16 04:38 - 2016-09-07 07:36 - 00405344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-16 04:38 - 2016-09-07 07:36 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-09-16 04:38 - 2016-09-07 07:34 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-16 04:38 - 2016-09-07 07:34 - 01280352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-16 04:38 - 2016-09-07 07:34 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-16 04:38 - 2016-09-07 07:33 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-09-16 04:38 - 2016-09-07 07:33 - 00681304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-16 04:38 - 2016-09-07 07:32 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-16 04:38 - 2016-09-07 07:30 - 00601200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-16 04:38 - 2016-09-07 07:29 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-16 04:38 - 2016-09-07 07:20 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-16 04:38 - 2016-09-07 07:18 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-16 04:38 - 2016-09-07 07:18 - 01430208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-16 04:38 - 2016-09-07 07:17 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-16 04:38 - 2016-09-07 07:17 - 00853344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-16 04:38 - 2016-09-07 07:16 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-09-16 04:38 - 2016-09-07 07:13 - 20965248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-16 04:38 - 2016-09-07 07:13 - 06653592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-16 04:38 - 2016-09-07 07:13 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-16 04:38 - 2016-09-07 07:08 - 07220224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-16 04:38 - 2016-09-07 07:04 - 05684736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-16 04:38 - 2016-09-07 07:04 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-09-16 04:38 - 2016-09-07 07:03 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-09-16 04:38 - 2016-09-07 07:03 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-09-16 04:38 - 2016-09-07 07:03 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-09-16 04:38 - 2016-09-07 07:03 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-09-16 04:38 - 2016-09-07 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-09-16 04:38 - 2016-09-07 07:02 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-09-16 04:38 - 2016-09-07 07:02 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-09-16 04:38 - 2016-09-07 07:02 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-09-16 04:38 - 2016-09-07 07:02 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-09-16 04:38 - 2016-09-07 07:02 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-09-16 04:38 - 2016-09-07 07:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-09-16 04:38 - 2016-09-07 07:01 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-09-16 04:38 - 2016-09-07 07:00 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-09-16 04:38 - 2016-09-07 07:00 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-09-16 04:38 - 2016-09-07 07:00 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-09-16 04:38 - 2016-09-07 07:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-09-16 04:38 - 2016-09-07 06:58 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-16 04:38 - 2016-09-07 06:58 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-09-16 04:38 - 2016-09-07 06:58 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-16 04:38 - 2016-09-07 06:58 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-09-16 04:38 - 2016-09-07 06:58 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-09-16 04:38 - 2016-09-07 06:58 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-09-16 04:38 - 2016-09-07 06:58 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccessRes.dll
2016-09-16 04:38 - 2016-09-07 06:57 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-09-16 04:38 - 2016-09-07 06:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-09-16 04:38 - 2016-09-07 06:56 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-09-16 04:38 - 2016-09-07 06:56 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-09-16 04:38 - 2016-09-07 06:56 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-09-16 04:38 - 2016-09-07 06:56 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-09-16 04:38 - 2016-09-07 06:56 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-09-16 04:38 - 2016-09-07 06:55 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-09-16 04:38 - 2016-09-07 06:55 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-09-16 04:38 - 2016-09-07 06:55 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-09-16 04:38 - 2016-09-07 06:55 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-09-16 04:38 - 2016-09-07 06:55 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-09-16 04:38 - 2016-09-07 06:55 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-09-16 04:38 - 2016-09-07 06:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-09-16 04:38 - 2016-09-07 06:54 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-09-16 04:38 - 2016-09-07 06:54 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-09-16 04:38 - 2016-09-07 06:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-16 04:38 - 2016-09-07 06:54 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-09-16 04:38 - 2016-09-07 06:54 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-09-16 04:38 - 2016-09-07 06:54 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-16 04:38 - 2016-09-07 06:54 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-09-16 04:38 - 2016-09-07 06:54 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-16 04:38 - 2016-09-07 06:54 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-09-16 04:38 - 2016-09-07 06:54 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-09-16 04:38 - 2016-09-07 06:53 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-16 04:38 - 2016-09-07 06:53 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-09-16 04:38 - 2016-09-07 06:53 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-09-16 04:38 - 2016-09-07 06:52 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-09-16 04:38 - 2016-09-07 06:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-09-16 04:38 - 2016-09-07 06:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-09-16 04:38 - 2016-09-07 06:52 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-09-16 04:38 - 2016-09-07 06:52 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-16 04:38 - 2016-09-07 06:52 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-16 04:38 - 2016-09-07 06:51 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-16 04:38 - 2016-09-07 06:51 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-16 04:38 - 2016-09-07 06:50 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-09-16 04:38 - 2016-09-07 06:50 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-16 04:38 - 2016-09-07 06:50 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-16 04:38 - 2016-09-07 06:49 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-16 04:38 - 2016-09-07 06:49 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-16 04:38 - 2016-09-07 06:49 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-16 04:38 - 2016-09-07 06:49 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-09-16 04:38 - 2016-09-07 06:49 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-16 04:38 - 2016-09-07 06:49 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-16 04:38 - 2016-09-07 06:49 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2016-09-16 04:38 - 2016-09-07 06:48 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-09-16 04:38 - 2016-09-07 06:47 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-09-16 04:38 - 2016-09-07 06:47 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-09-16 04:38 - 2016-09-07 06:46 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-09-16 04:38 - 2016-09-07 06:46 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-16 04:38 - 2016-09-07 06:45 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-16 04:38 - 2016-09-07 06:45 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-16 04:38 - 2016-09-07 06:45 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-16 04:38 - 2016-09-07 06:45 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-16 04:38 - 2016-09-07 06:44 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-16 04:38 - 2016-09-07 06:44 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-16 04:38 - 2016-09-07 06:44 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-09-16 04:38 - 2016-09-07 06:42 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-09-16 04:38 - 2016-09-07 06:41 - 08122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-16 04:38 - 2016-09-07 06:41 - 03435008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-09-16 04:38 - 2016-09-07 06:41 - 02947072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-09-16 04:38 - 2016-09-07 06:41 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-16 04:38 - 2016-09-07 06:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-16 04:38 - 2016-09-07 06:41 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-16 04:38 - 2016-09-07 06:40 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-16 04:38 - 2016-09-07 06:40 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-16 04:38 - 2016-09-07 06:40 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-09-16 04:38 - 2016-09-07 06:40 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-09-16 04:38 - 2016-09-07 06:40 - 00959488 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-16 04:38 - 2016-09-07 06:40 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-09-16 04:38 - 2016-09-07 06:39 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-16 04:38 - 2016-09-07 06:39 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-09-16 04:38 - 2016-09-07 06:39 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-09-16 04:38 - 2016-09-07 06:39 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-16 04:38 - 2016-09-07 06:39 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-16 04:38 - 2016-09-07 06:39 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-16 04:38 - 2016-09-07 06:38 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-16 04:38 - 2016-09-07 06:38 - 02630144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-16 04:38 - 2016-09-07 06:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-16 04:38 - 2016-09-07 06:37 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-16 04:38 - 2016-09-07 06:37 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-16 04:38 - 2016-09-07 06:37 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-09-16 04:38 - 2016-09-07 06:37 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-09-16 04:38 - 2016-09-07 06:36 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-16 04:38 - 2016-09-07 06:36 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-16 04:38 - 2016-09-07 06:36 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-09-16 04:38 - 2016-09-07 06:35 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-09-16 04:38 - 2016-09-07 06:35 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-09-16 04:38 - 2016-09-07 06:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-16 04:38 - 2016-09-07 06:35 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-09-16 04:38 - 2016-09-07 06:35 - 00650240 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-09-16 04:38 - 2016-09-07 06:34 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-09-16 04:38 - 2016-09-07 06:34 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-16 04:38 - 2016-09-07 06:34 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-16 04:38 - 2016-09-07 06:34 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-09-16 04:38 - 2016-09-07 06:34 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-09-16 04:38 - 2016-09-07 06:33 - 02217472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-16 04:38 - 2016-09-07 06:33 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-09-16 04:38 - 2016-09-07 06:33 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-16 04:38 - 2016-09-07 06:31 - 00461312 _____ (Microsoft) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-09-16 04:38 - 2016-08-06 05:50 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-16 04:38 - 2016-08-06 05:48 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-16 04:38 - 2016-08-06 05:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-16 04:38 - 2016-08-02 10:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-16 04:38 - 2016-08-02 10:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-16 04:38 - 2016-08-02 06:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-16 04:38 - 2016-07-22 03:27 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-16 04:38 - 2016-07-22 02:49 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-16 04:37 - 2016-09-07 08:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-16 04:37 - 2016-09-07 07:51 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-16 04:37 - 2016-09-07 07:51 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-16 04:37 - 2016-09-07 07:49 - 00552288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-09-16 04:37 - 2016-09-07 07:48 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-09-16 04:37 - 2016-09-07 07:43 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-16 04:37 - 2016-09-07 07:37 - 01966288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-09-16 04:37 - 2016-09-07 07:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-16 04:37 - 2016-09-07 07:34 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-16 04:37 - 2016-09-07 07:33 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-16 04:37 - 2016-09-07 07:32 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-09-16 04:37 - 2016-09-07 07:32 - 00942432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-16 04:37 - 2016-09-07 07:30 - 01707512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-09-16 04:37 - 2016-09-07 07:30 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-16 04:37 - 2016-09-07 07:29 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-16 04:37 - 2016-09-07 07:29 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-16 04:37 - 2016-09-07 07:29 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-16 04:37 - 2016-09-07 07:29 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-16 04:37 - 2016-09-07 07:27 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-16 04:37 - 2016-09-07 07:27 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2016-09-16 04:37 - 2016-09-07 07:25 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-16 04:37 - 2016-09-07 07:24 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-16 04:37 - 2016-09-07 07:24 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-16 04:37 - 2016-09-07 07:24 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-16 04:37 - 2016-09-07 07:17 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-16 04:37 - 2016-09-07 07:17 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-16 04:37 - 2016-09-07 07:17 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-16 04:37 - 2016-09-07 07:15 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-16 04:37 - 2016-09-07 07:15 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-16 04:37 - 2016-09-07 07:13 - 01853232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-09-16 04:37 - 2016-09-07 07:13 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-16 04:37 - 2016-09-07 07:13 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-16 04:37 - 2016-09-07 07:13 - 01123360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-16 04:37 - 2016-09-07 07:13 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-16 04:37 - 2016-09-07 07:13 - 00959104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-16 04:37 - 2016-09-07 07:13 - 00955520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-16 04:37 - 2016-09-07 07:13 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-09-16 04:37 - 2016-09-07 07:13 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-16 04:37 - 2016-09-07 07:12 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-09-16 04:37 - 2016-09-07 07:09 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-16 04:37 - 2016-09-07 07:07 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-16 04:37 - 2016-09-07 06:59 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-09-16 04:37 - 2016-09-07 06:58 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-09-16 04:37 - 2016-09-07 06:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-16 04:37 - 2016-09-07 06:58 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-09-16 04:37 - 2016-09-07 06:58 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AddressParser.dll
2016-09-16 04:37 - 2016-09-07 06:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneutilRes.dll
2016-09-16 04:37 - 2016-09-07 06:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2016-09-16 04:37 - 2016-09-07 06:57 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2016-09-16 04:37 - 2016-09-07 06:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactActivation.dll
2016-09-16 04:37 - 2016-09-07 06:54 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-16 04:37 - 2016-09-07 06:54 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-09-16 04:37 - 2016-09-07 06:53 - 02083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-09-16 04:37 - 2016-09-07 06:53 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-16 04:37 - 2016-09-07 06:53 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-09-16 04:37 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-09-16 04:37 - 2016-09-07 06:52 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-16 04:37 - 2016-09-07 06:52 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-16 04:37 - 2016-09-07 06:51 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-16 04:37 - 2016-09-07 06:51 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-16 04:37 - 2016-09-07 06:50 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-09-16 04:37 - 2016-09-07 06:50 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-16 04:37 - 2016-09-07 06:50 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-09-16 04:37 - 2016-09-07 06:50 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-16 04:37 - 2016-09-07 06:49 - 01905664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-16 04:37 - 2016-09-07 06:47 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-16 04:37 - 2016-09-07 06:47 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-16 04:37 - 2016-09-07 06:46 - 07623680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-16 04:37 - 2016-09-07 06:46 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-09-16 04:37 - 2016-09-07 06:46 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-09-16 04:37 - 2016-09-07 06:45 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-16 04:37 - 2016-09-07 06:45 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-16 04:37 - 2016-09-07 06:45 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-16 04:37 - 2016-09-07 06:45 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-16 04:37 - 2016-09-07 06:45 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-09-16 04:37 - 2016-09-07 06:45 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-16 04:37 - 2016-09-07 06:44 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-16 04:37 - 2016-09-07 06:43 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-16 04:37 - 2016-09-07 06:43 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-16 04:37 - 2016-09-07 06:42 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-16 04:37 - 2016-09-07 06:42 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-16 04:37 - 2016-09-07 06:42 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-16 04:37 - 2016-09-07 06:41 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-16 04:37 - 2016-09-07 06:41 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-16 04:37 - 2016-09-07 06:41 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-16 04:37 - 2016-09-07 06:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-16 04:37 - 2016-09-07 06:41 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-16 04:37 - 2016-09-07 06:41 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-16 04:37 - 2016-09-07 06:40 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-09-16 04:37 - 2016-09-07 06:40 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-16 04:37 - 2016-09-07 06:39 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-09-16 04:37 - 2016-09-07 06:39 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-16 04:37 - 2016-09-07 06:38 - 01491968 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-16 04:37 - 2016-09-07 06:38 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-16 04:37 - 2016-09-07 06:38 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-09-16 04:37 - 2016-09-07 06:37 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-09-16 04:37 - 2016-09-07 06:37 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-16 04:37 - 2016-09-07 06:37 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-16 04:37 - 2016-09-07 06:37 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-16 04:37 - 2016-09-07 06:37 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-16 04:37 - 2016-09-07 06:37 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-16 04:37 - 2016-09-07 06:37 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-09-16 04:37 - 2016-09-07 06:36 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-16 04:37 - 2016-09-07 06:36 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-16 04:37 - 2016-09-07 06:35 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-16 04:37 - 2016-09-07 06:35 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-16 04:37 - 2016-09-07 06:35 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-16 04:37 - 2016-09-07 06:35 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-09-16 04:37 - 2016-09-07 06:34 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-16 04:37 - 2016-09-07 06:34 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-16 04:37 - 2016-09-07 06:34 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-16 04:37 - 2016-09-07 06:34 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-09-16 04:37 - 2016-09-07 06:33 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-16 04:37 - 2016-09-07 06:33 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-16 04:37 - 2016-09-07 06:32 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-16 04:37 - 2016-09-07 06:32 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-09-16 04:37 - 2016-09-07 06:31 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-09-16 04:37 - 2016-09-07 06:31 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-16 04:37 - 2016-09-07 06:11 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-16 04:37 - 2016-08-06 06:26 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-16 04:37 - 2016-08-06 06:16 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-16 04:37 - 2016-08-06 06:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-16 04:37 - 2016-08-06 06:16 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-16 04:37 - 2016-08-06 06:13 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-16 04:37 - 2016-08-06 05:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-16 04:37 - 2016-08-06 05:42 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-16 04:37 - 2016-08-06 05:37 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-16 04:37 - 2016-08-06 05:29 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-16 04:37 - 2016-08-02 10:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-16 04:37 - 2016-08-02 06:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-16 04:37 - 2016-08-02 06:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-16 04:37 - 2016-08-02 06:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-16 04:35 - 2016-09-07 07:53 - 02183792 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-09-16 04:35 - 2016-09-07 07:44 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-09-16 04:35 - 2016-09-07 07:34 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-16 04:35 - 2016-09-07 07:34 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-16 04:35 - 2016-09-07 07:33 - 00450392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-16 04:35 - 2016-09-07 07:29 - 08156592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-16 04:35 - 2016-09-07 07:02 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-16 04:35 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-09-16 04:35 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-09-16 04:35 - 2016-09-07 07:01 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-09-16 04:35 - 2016-09-07 06:58 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-16 04:35 - 2016-09-07 06:56 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-16 04:35 - 2016-09-07 06:56 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-16 04:35 - 2016-09-07 06:55 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-16 04:35 - 2016-09-07 06:55 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-16 04:35 - 2016-09-07 06:55 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-16 04:35 - 2016-09-07 06:53 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-16 04:35 - 2016-09-07 06:52 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-16 04:35 - 2016-09-07 06:52 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-09-16 04:35 - 2016-09-07 06:51 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-16 04:35 - 2016-09-07 06:49 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-16 04:35 - 2016-09-07 06:49 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-16 04:35 - 2016-09-07 06:47 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-16 04:35 - 2016-09-07 06:41 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-16 04:35 - 2016-09-07 06:40 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-16 04:35 - 2016-09-07 06:39 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-09-16 04:35 - 2016-09-07 06:38 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-16 04:35 - 2016-09-07 06:38 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-09-16 04:35 - 2016-09-07 06:38 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-16 04:35 - 2016-09-07 06:35 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-16 04:35 - 2016-09-07 06:34 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-16 04:35 - 2016-08-06 05:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-16 04:35 - 2016-08-06 05:47 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-16 04:35 - 2016-08-06 05:43 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-16 04:35 - 2016-08-06 05:40 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-16 04:35 - 2016-08-06 05:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-16 04:35 - 2016-08-06 05:38 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-16 04:35 - 2016-08-06 05:35 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-16 04:35 - 2016-08-02 10:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-16 04:35 - 2016-08-02 10:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-16 04:35 - 2016-08-02 10:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-16 04:34 - 2016-09-07 07:54 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-16 04:34 - 2016-09-07 07:54 - 00885824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-16 04:34 - 2016-09-07 07:54 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-16 04:34 - 2016-09-07 07:54 - 00133472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-16 04:34 - 2016-09-07 07:53 - 02481768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-09-16 04:34 - 2016-09-07 07:51 - 02214784 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-09-16 04:34 - 2016-09-07 07:48 - 02256224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-16 04:34 - 2016-09-07 07:41 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-16 04:34 - 2016-09-07 07:39 - 00996192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-16 04:34 - 2016-09-07 07:34 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-16 04:34 - 2016-09-07 07:34 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-16 04:34 - 2016-09-07 07:34 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-16 04:34 - 2016-09-07 07:32 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-16 04:34 - 2016-09-07 07:29 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-16 04:34 - 2016-09-07 07:29 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-16 04:34 - 2016-09-07 07:29 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-16 04:34 - 2016-09-07 07:29 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-16 04:34 - 2016-09-07 07:29 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-09-16 04:34 - 2016-09-07 07:29 - 00755656 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-09-16 04:34 - 2016-09-07 07:29 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-16 04:34 - 2016-09-07 07:29 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-09-16 04:34 - 2016-09-07 07:29 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-16 04:34 - 2016-09-07 07:24 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-16 04:34 - 2016-09-07 07:24 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-09-16 04:34 - 2016-09-07 07:04 - 22566400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-16 04:34 - 2016-09-07 07:03 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-16 04:34 - 2016-09-07 07:02 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-09-16 04:34 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-09-16 04:34 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-09-16 04:34 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-09-16 04:34 - 2016-09-07 06:56 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-16 04:34 - 2016-09-07 06:56 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-09-16 04:34 - 2016-09-07 06:55 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-16 04:34 - 2016-09-07 06:55 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-16 04:34 - 2016-09-07 06:55 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-16 04:34 - 2016-09-07 06:55 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-09-16 04:34 - 2016-09-07 06:54 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-16 04:34 - 2016-09-07 06:53 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-16 04:34 - 2016-09-07 06:52 - 17187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-16 04:34 - 2016-09-07 06:52 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-16 04:34 - 2016-09-07 06:48 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-16 04:34 - 2016-09-07 06:48 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-16 04:34 - 2016-09-07 06:48 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-16 04:34 - 2016-09-07 06:48 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-16 04:34 - 2016-09-07 06:47 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-16 04:34 - 2016-09-07 06:47 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-16 04:34 - 2016-09-07 06:47 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-16 04:34 - 2016-09-07 06:46 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-16 04:34 - 2016-09-07 06:46 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-16 04:34 - 2016-09-07 06:45 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-16 04:34 - 2016-09-07 06:45 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-16 04:34 - 2016-09-07 06:45 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-16 04:34 - 2016-09-07 06:44 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-16 04:34 - 2016-09-07 06:44 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-16 04:34 - 2016-09-07 06:43 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-16 04:34 - 2016-09-07 06:43 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-09-16 04:34 - 2016-09-07 06:41 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-16 04:34 - 2016-09-07 06:41 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-16 04:34 - 2016-09-07 06:41 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-16 04:34 - 2016-09-07 06:41 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-16 04:34 - 2016-09-07 06:40 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-16 04:34 - 2016-09-07 06:40 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-16 04:34 - 2016-09-07 06:40 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-16 04:34 - 2016-09-07 06:39 - 03116544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-16 04:34 - 2016-09-07 06:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-16 04:34 - 2016-09-07 06:38 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-16 04:34 - 2016-09-07 06:38 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-16 04:34 - 2016-09-07 06:37 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-16 04:34 - 2016-09-07 06:37 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-09-16 04:34 - 2016-09-07 06:37 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-16 04:34 - 2016-09-07 06:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-16 04:34 - 2016-09-07 06:33 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-16 04:34 - 2016-08-06 05:39 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-16 04:34 - 2016-08-02 10:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-16 04:34 - 2016-07-22 03:27 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-16 04:33 - 2016-09-07 07:41 - 00303968 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-09-16 04:33 - 2016-09-07 07:39 - 01217880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-09-16 04:33 - 2016-09-07 07:32 - 01099616 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-16 04:33 - 2016-09-07 07:32 - 00988000 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-16 04:33 - 2016-09-07 07:32 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-16 04:33 - 2016-09-07 07:29 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-09-16 04:33 - 2016-09-07 06:58 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-09-16 04:33 - 2016-09-07 06:56 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2016-09-16 04:33 - 2016-09-07 06:55 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-16 04:33 - 2016-09-07 06:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-16 04:33 - 2016-09-07 06:46 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-09-16 04:26 - 2016-09-16 04:26 - 00456084 _____ C:\WINDOWS\Minidump\091616-15843-01.dmp
2016-09-14 20:27 - 2016-09-14 20:27 - 00000000 ____D C:\WINDOWS\system32\MpEngineStore
2016-09-13 22:02 - 2016-09-16 04:26 - 00000000 ____D C:\WINDOWS\Minidump
2016-09-13 22:02 - 2016-09-13 22:02 - 00543380 _____ C:\WINDOWS\Minidump\091316-12937-01.dmp
2016-09-13 10:49 - 2016-09-13 10:49 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigne2c51333e0221b3e
2016-09-13 10:49 - 2016-09-13 10:49 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigndc5e6e4d6612d5c4
2016-09-13 10:49 - 2016-09-13 10:49 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignd61fdde32507670d
2016-09-13 10:49 - 2016-09-13 10:49 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignb1028b7e08666ef1
2016-09-13 10:49 - 2016-09-13 10:49 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign942963d34ffcf306
2016-09-13 10:49 - 2016-09-13 10:49 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign89976fa11cf3874c
2016-09-13 10:49 - 2016-09-13 10:49 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign7cc58b519a10d29d
2016-09-13 10:49 - 2016-09-13 10:49 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign7c33e5fcaeec7742
2016-09-13 10:45 - 2016-09-13 10:45 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign4741482b74091f3b
2016-09-13 10:37 - 2016-09-13 10:37 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigndcee556f1617fc54
2016-09-13 10:37 - 2016-09-13 10:37 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign6cfcab7ff9366e9a
2016-09-13 10:37 - 2016-09-13 10:37 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign1a41af00aedc69f4
2016-09-13 10:37 - 2016-09-13 10:37 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign066d9aa20bd62e76
2016-09-13 10:36 - 2016-09-13 10:36 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign8c14f65d08149cc9
2016-09-13 10:36 - 2016-09-13 10:36 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign89751af22985e3ec
2016-09-13 10:36 - 2016-09-13 10:36 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign4fc4ed6b6768038d
2016-09-13 10:36 - 2016-09-13 10:36 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign4524c16e48a83951
2016-09-13 10:33 - 2016-09-13 10:33 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigndcc79bec5d5514f4
2016-09-13 10:30 - 2016-09-13 10:30 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign9f7a2eaaa0a40c53
2016-09-13 10:19 - 2016-09-13 10:19 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignc1c9687453fbd416
2016-09-13 10:19 - 2016-09-13 10:19 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign398f6342a71951db
2016-09-13 10:19 - 2016-09-13 10:19 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign03b3cccfc8324920
2016-09-13 10:19 - 2016-09-13 10:19 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign003b2c86b30607d7
2016-09-12 18:32 - 2016-09-12 18:32 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign9f2b43cf139f300c
2016-09-12 18:32 - 2016-09-12 18:32 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign4668f8bf41093273
2016-09-11 20:06 - 2016-09-13 22:02 - 00000931 _____ C:\WINDOWS\Tasks\EPSON XP-432 435 Series Update {E2701DEA-B8FE-4B92-B821-3B31EF5B091F}.job
2016-09-11 20:06 - 2016-09-11 20:06 - 00004136 _____ C:\WINDOWS\System32\Tasks\EPSON XP-432 435 Series Update {E2701DEA-B8FE-4B92-B821-3B31EF5B091F}
2016-09-11 20:06 - 2016-09-11 20:06 - 00000000 ____D C:\Program Files\Common Files\EPSON
2016-09-11 20:04 - 2016-09-11 20:06 - 00000000 ____D C:\ProgramData\EPSON
2016-09-11 20:04 - 2014-03-05 04:06 - 00180224 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YLMBPDE.DLL
2016-09-11 20:04 - 2011-03-15 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YD4BPDE.DLL
2016-09-11 16:55 - 2016-09-11 16:55 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignb94abd8f476ab35b
2016-09-11 16:55 - 2016-09-11 16:55 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign702e7ceae5ec6905
2016-09-11 16:15 - 2016-09-11 16:15 - 00000000 ___SD C:\Users\Sarah\Documents\Meine Shapes
2016-09-11 16:12 - 2016-09-11 16:12 - 00002567 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio 2016.lnk
2016-09-11 15:12 - 2016-09-11 15:12 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign8d7962384d9d98d1
2016-09-11 15:11 - 2016-09-11 15:11 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignc107a025fd696e69
2016-09-11 15:08 - 2016-09-11 15:08 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign043ab04ef5046786
2016-09-11 15:06 - 2016-09-11 15:06 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign82ecd2fd4cba74c8
2016-09-11 14:58 - 2016-09-11 14:58 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignff5c6c50b2e5a7e0
2016-09-11 14:57 - 2016-09-11 14:57 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign3dc54236fd5f5d47
2016-09-11 14:56 - 2016-09-11 14:56 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign58335f08f51885ff
2016-09-11 14:55 - 2016-09-11 14:55 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign9539dd1dd007a481
2016-09-11 14:55 - 2016-09-11 14:55 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign222b240c17196694
2016-09-11 14:52 - 2016-09-11 14:52 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign0f0f7e5ae75d7600
2016-09-11 14:51 - 2016-09-11 14:51 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignc09bd3b62711abaf
2016-09-11 14:45 - 2016-09-11 14:45 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigne99f67054c4a6718
2016-09-11 14:43 - 2016-09-11 14:43 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignb6bf46abc09e8936
2016-09-11 14:35 - 2016-09-11 14:35 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign30481dc5691704ec
2016-09-11 14:20 - 2016-09-11 14:20 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign907c70a42d0cbda3
2016-09-11 14:20 - 2016-09-11 14:20 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign18f5e082653fb9cc
2016-09-10 18:10 - 2016-09-10 18:10 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignf8e2f122f58b9c3d
2016-09-10 18:10 - 2016-09-10 18:10 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignc1ac4ed2f1771bd4
2016-09-10 17:15 - 2016-09-10 17:15 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignfd00579e47990e90
2016-09-10 17:15 - 2016-09-10 17:15 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign72c99212ea7e90c6
2016-09-10 17:15 - 2016-09-10 17:15 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign675beefe82573caa
2016-09-10 17:15 - 2016-09-10 17:15 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign252b559d880cdc65
2016-09-10 17:15 - 2016-09-10 17:15 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign16301609950cbb03
2016-09-10 17:07 - 2016-09-10 17:07 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignbc61c891c5e7aaf0
2016-09-10 17:07 - 2016-09-10 17:07 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignac1071ca695760be
2016-09-10 17:07 - 2016-09-10 17:07 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigna19ced07a4ce8d1b
2016-09-10 17:07 - 2016-09-10 17:07 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign401f594e4a146437
2016-09-10 17:07 - 2016-09-10 17:07 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign1f4201733e72e91e
2016-09-10 16:47 - 2016-09-10 16:47 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign6be9bec90768b995
2016-09-10 16:27 - 2016-09-10 16:27 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign9ed5bc0e3d591910
2016-09-10 16:14 - 2016-09-10 16:14 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign486d792494660c48
2016-09-10 16:14 - 2016-09-10 16:14 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign2792b51bd0ffd6c0
2016-09-10 16:09 - 2016-09-10 16:09 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigne14d54c05abbcca9
2016-09-10 16:09 - 2016-09-10 16:09 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigncffa6467f6bc3708
2016-09-10 16:09 - 2016-09-10 16:09 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign74a43825f25335cb
2016-09-10 16:09 - 2016-09-10 16:09 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign2fa893cee3ec2125
2016-09-07 20:46 - 2016-09-07 20:46 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignfbb921ad93d5d197
2016-09-07 20:46 - 2016-09-07 20:46 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign313a06c1b7b82f4e
2016-09-07 19:25 - 2016-09-07 19:25 - 00000000 ____D C:\Users\Sarah\AppData\Local\Macromedia
2016-09-07 19:24 - 2016-09-07 19:30 - 00000000 ____D C:\Users\Sarah\AppData\Local\Mozilla
2016-09-07 19:24 - 2016-09-07 19:24 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-07 19:24 - 2016-09-07 19:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-07 19:23 - 2016-09-07 19:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-06 14:54 - 2016-09-06 14:54 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigne5a55324ddb983b1
2016-09-06 14:54 - 2016-09-06 14:54 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignc68a42313d8ab1b1
2016-09-06 14:54 - 2016-09-06 14:54 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignaa2bf3c570699804
2016-09-06 14:54 - 2016-09-06 14:54 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign4b4e211bbee9ce6d
2016-09-06 13:19 - 2016-09-06 13:19 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigncf53f3c73b53b9f7
2016-09-06 13:19 - 2016-09-06 13:19 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignc4defad17f4320fb
2016-09-06 13:19 - 2016-09-06 13:19 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignad72f59df0cdead9
2016-09-06 13:19 - 2016-09-06 13:19 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign519dc5a4a16efbaf
2016-09-06 12:00 - 2016-09-06 12:00 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignfc553e829efa3b01
2016-09-06 12:00 - 2016-09-06 12:00 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignf5ee937a39777edb
2016-09-06 12:00 - 2016-09-06 12:00 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign9fa5947698bde522
2016-09-06 12:00 - 2016-09-06 12:00 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign25489d06245476fc
2016-09-06 12:00 - 2016-09-06 12:00 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign0a49e21c79ddeb0f
2016-09-05 21:41 - 2016-09-05 21:41 - 00002544 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2015.3.lnk
2016-09-05 21:33 - 2016-09-05 21:33 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignb1f79cbfa125ef85
2016-09-05 21:33 - 2016-09-05 21:33 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignb12484fcb134c40d
2016-09-05 21:17 - 2016-09-05 21:17 - 00001105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.5.lnk
2016-09-05 19:20 - 2016-09-16 04:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-09-05 19:19 - 2016-09-21 19:58 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-09-05 19:19 - 2016-09-21 19:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-09-05 13:59 - 2016-09-05 13:59 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-09-05 13:59 - 2016-05-04 04:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-09-05 13:59 - 2016-05-04 04:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-09-05 13:59 - 2016-05-04 04:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-09-05 13:59 - 2016-05-04 04:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-09-02 22:02 - 2016-09-02 21:19 - 00000000 ___DC C:\WINDOWS\Panther
2016-09-02 22:00 - 2016-09-02 22:00 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-09-02 22:00 - 2016-09-02 22:00 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-09-02 22:00 - 2016-09-02 22:00 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-02 22:00 - 2016-09-02 22:00 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-02 22:00 - 2016-09-02 22:00 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-09-02 22:00 - 2016-09-02 22:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-09-02 22:00 - 2016-09-02 22:00 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-02 22:00 - 2016-09-02 22:00 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-02 22:00 - 2016-09-02 22:00 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-02 22:00 - 2016-09-02 22:00 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-02 22:00 - 2016-09-02 22:00 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-09-02 22:00 - 2016-09-02 22:00 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-09-02 22:00 - 2016-09-02 22:00 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-09-02 21:53 - 2016-09-02 21:53 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-09-02 21:48 - 2016-09-02 21:48 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-02 21:48 - 2016-09-02 21:48 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-02 21:48 - 2016-09-02 21:48 - 00000000 ____D C:\Program Files\MSBuild
2016-09-02 21:48 - 2016-09-02 21:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-02 21:48 - 2016-09-02 21:48 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-02 21:48 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-02 21:48 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-02 21:48 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-02 21:48 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-02 21:48 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-02 21:48 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-02 21:47 - 2016-09-02 21:47 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-09-02 21:22 - 2016-09-02 21:22 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-02 21:21 - 2016-09-02 21:21 - 00000000 ____D C:\ProgramData\USOShared
2016-09-02 21:20 - 2016-09-05 09:20 - 00000000 ____D C:\Users\Sarah\AppData\Local\ConnectedDevicesPlatform
2016-09-02 21:20 - 2016-09-02 21:20 - 00000020 ___SH C:\Users\Sarah\ntuser.ini
2016-09-02 21:19 - 2016-09-02 21:19 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-09-02 21:19 - 2016-09-02 21:19 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-09-02 21:16 - 2016-09-25 19:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-02 21:16 - 2016-09-20 17:24 - 00003508 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2016-09-02 21:16 - 2016-09-18 16:25 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-09-02 21:16 - 2016-09-02 21:16 - 00003742 _____ C:\WINDOWS\System32\Tasks\ACCAgent
2016-09-02 21:16 - 2016-09-02 21:16 - 00003738 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2016-09-02 21:16 - 2016-09-02 21:16 - 00003642 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-02 21:16 - 2016-09-02 21:16 - 00003514 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2016-09-02 21:16 - 2016-09-02 21:16 - 00003418 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-02 21:16 - 2016-09-02 21:16 - 00003370 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1463674154
2016-09-02 21:16 - 2016-09-02 21:16 - 00003292 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E37D6889-D2AB-4D89-B563-C59DB829CC5C}
2016-09-02 21:16 - 2016-09-02 21:16 - 00003098 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-09-02 21:16 - 2016-09-02 21:16 - 00002822 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-09-02 21:16 - 2016-09-02 21:16 - 00002810 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1742419186-1601379352-809800023-1002
2016-09-02 21:16 - 2016-09-02 21:16 - 00002748 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1742419186-1601379352-809800023-500
2016-09-02 21:16 - 2016-09-02 21:16 - 00002596 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-sarah.mueller88@hotmail.com
2016-09-02 21:16 - 2016-09-02 21:16 - 00002574 _____ C:\WINDOWS\System32\Tasks\UbtFrameworkService
2016-09-02 21:16 - 2016-09-02 21:16 - 00002550 _____ C:\WINDOWS\System32\Tasks\abDocsDllLoader
2016-09-02 21:16 - 2016-09-02 21:16 - 00002310 _____ C:\WINDOWS\System32\Tasks\{F575C47D-0D94-4DFE-91EC-40B5F2E61535}
2016-09-02 21:16 - 2016-09-02 21:16 - 00002186 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2016-09-02 21:16 - 2016-09-02 21:16 - 00002182 _____ C:\WINDOWS\System32\Tasks\Quick Access Quick Launcher
2016-09-02 21:16 - 2016-09-02 21:16 - 00002170 _____ C:\WINDOWS\System32\Tasks\USER_ESRV_SVC_WILLAMETTE
2016-09-02 21:16 - 2016-09-02 21:16 - 00002118 _____ C:\WINDOWS\System32\Tasks\DolbySelectorTask
2016-09-02 21:16 - 2016-09-02 21:16 - 00002096 _____ C:\WINDOWS\System32\Tasks\Power Management
2016-09-02 21:16 - 2016-09-02 21:16 - 00002070 _____ C:\WINDOWS\System32\Tasks\Launch Manager
2016-09-02 21:16 - 2016-09-02 21:16 - 00002062 _____ C:\WINDOWS\System32\Tasks\Quick Access
2016-09-02 21:16 - 2016-09-02 21:16 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel
2016-09-02 21:16 - 2016-09-02 21:16 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-09-02 21:16 - 2014-09-16 10:34 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-615273258-2510798667-4273039071-500
2016-09-02 21:16 - 2014-07-25 23:41 - 00003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-729939966-155158532-1426229192-500
2016-09-02 21:12 - 2016-09-02 21:12 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-02 21:09 - 2016-09-02 21:12 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-09-02 21:08 - 2016-09-24 16:10 - 00000000 ____D C:\Users\Sarah
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\Vorlagen
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\Startmenü
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\Netzwerkumgebung
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\Lokale Einstellungen
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\Eigene Dateien
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\Druckumgebung
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\Documents\Eigene Videos
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\Documents\Eigene Musik
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\Documents\Eigene Bilder
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\AppData\Local\Verlauf
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\AppData\Local\Anwendungsdaten
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\Anwendungsdaten
2016-09-02 21:05 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-09-02 21:04 - 2016-09-05 14:04 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-02 21:04 - 2016-09-05 13:58 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-09-02 21:04 - 2016-09-02 21:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-09-02 21:04 - 2016-09-02 21:04 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-09-02 21:04 - 2016-09-02 21:04 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-09-02 21:04 - 2016-09-02 21:04 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-09-02 21:04 - 2016-09-02 21:04 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-09-02 21:04 - 2016-09-02 21:04 - 00000000 ____D C:\Program Files\Realtek
2016-09-02 21:04 - 2016-09-02 21:04 - 00000000 ____D C:\Program Files\Elantech
2016-09-02 21:04 - 2016-09-02 21:04 - 00000000 ____D C:\Program Files\Common Files\Atheros
2016-09-02 21:04 - 2016-08-01 14:54 - 06386744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-09-02 21:04 - 2016-08-01 14:54 - 02466360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-09-02 21:04 - 2016-08-01 14:54 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-09-02 21:04 - 2016-08-01 14:54 - 01365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-09-02 21:04 - 2016-08-01 14:54 - 00547896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-09-02 21:04 - 2016-08-01 14:54 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-09-02 21:04 - 2016-08-01 14:54 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-09-02 21:04 - 2016-08-01 14:54 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-09-02 21:04 - 2016-07-28 15:02 - 07242545 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-09-02 21:03 - 2016-09-25 19:32 - 00533232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-02 21:03 - 2016-09-25 19:32 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-02 21:03 - 2016-09-24 11:04 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-02 21:03 - 2016-09-02 21:09 - 00000000 ____D C:\Program Files\Intel
2016-09-02 21:03 - 2016-09-02 21:03 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-09-02 21:03 - 2016-09-02 21:03 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-02 21:03 - 2015-09-30 20:39 - 00105472 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-09-02 21:03 - 2015-09-30 20:39 - 00099856 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-09-02 17:14 - 2016-09-02 21:09 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2016-09-02 17:14 - 2016-09-02 17:14 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Intel
2016-09-02 17:13 - 2016-09-02 17:13 - 00000000 ____D C:\Users\Sarah\Intel.sav
2016-09-02 17:13 - 2016-09-02 17:13 - 00000000 ____D C:\ProgramData\Intel.sav
2016-09-02 17:13 - 2016-09-02 17:13 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-09-02 17:09 - 2016-09-02 17:09 - 00000000 ____D C:\Users\Sarah\Intel
2016-09-02 17:08 - 2016-09-02 17:08 - 00000724 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk
2016-09-02 17:06 - 2016-09-02 17:06 - 00000000 ____D C:\Users\Sarah\AppData\Local\NVIDIA
2016-09-02 17:01 - 2016-09-02 17:14 - 00000000 ____D C:\Users\Sarah\Documents\Treiber
2016-09-02 15:34 - 2016-09-02 15:34 - 00001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-09-02 10:16 - 2016-09-25 18:22 - 00000000 ___RD C:\Users\Sarah\Dropbox
2016-09-02 10:14 - 2016-09-20 17:09 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-09-02 10:14 - 2016-09-02 17:19 - 00001224 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-09-02 10:14 - 2016-09-02 17:09 - 00001220 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-09-02 10:14 - 2016-09-02 10:16 - 00000000 ____D C:\Users\Sarah\AppData\Local\Dropbox
2016-09-02 10:14 - 2016-09-02 10:14 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Dropbox
2016-09-02 10:14 - 2016-09-02 10:14 - 00000000 ____D C:\ProgramData\Dropbox
2016-08-30 15:47 - 2016-09-02 17:09 - 00000000 ____D C:\Users\Sarah\AppData\Local\Franz
2016-08-30 15:47 - 2016-09-02 15:09 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Franz
2016-08-30 15:47 - 2016-09-02 15:09 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Franz
2016-08-30 15:47 - 2016-08-30 15:47 - 00000000 ____D C:\Users\Sarah\AppData\Local\SquirrelTemp
2016-08-26 10:45 - 2016-09-16 04:26 - 4215401187 _____ C:\WINDOWS\MEMORY.DMP

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-25 20:48 - 2016-08-25 17:16 - 00000000 ____D C:\FRST
2016-09-25 20:26 - 2016-04-13 03:46 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-09-25 20:26 - 2016-04-13 03:38 - 00000000 ____D C:\Users\Sarah\AppData\Local\Adobe
2016-09-25 19:43 - 2015-08-16 13:21 - 00000000 ____D C:\Users\Sarah\Documents\Sonstiges
2016-09-25 19:38 - 2016-07-17 00:51 - 00686138 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-25 19:38 - 2016-07-17 00:51 - 00140726 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-25 19:38 - 2016-04-13 19:55 - 01812546 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-25 19:32 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2016-09-25 19:32 - 2016-05-19 18:03 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-25 19:32 - 2016-04-11 06:09 - 00000000 __SHD C:\Users\Sarah\IntelGraphicsProfiles
2016-09-25 19:31 - 2016-05-05 10:38 - 00000000 ____D C:\Users\Sarah\AppData\Local\Spotify
2016-09-25 19:31 - 2016-04-11 06:14 - 00000000 __RDO C:\Users\Sarah\OneDrive
2016-09-25 19:29 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-09-25 18:43 - 2016-04-11 06:54 - 00000000 ____D C:\Users\Sarah\AppData\Local\CrashDumps
2016-09-25 18:40 - 2016-04-11 06:10 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Adobe
2016-09-25 18:39 - 2016-04-13 04:19 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-09-25 18:39 - 2016-04-13 04:19 - 00000000 ____D C:\Program Files\Adobe
2016-09-25 18:28 - 2016-05-24 18:21 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\vlc
2016-09-25 18:26 - 2016-05-05 10:38 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Spotify
2016-09-25 18:22 - 2016-04-13 03:46 - 00000000 ___RD C:\Users\Sarah\Creative Cloud Files
2016-09-25 11:44 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-24 15:54 - 2016-08-25 20:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2016-09-24 15:31 - 2016-06-02 11:29 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Apple Computer
2016-09-24 15:30 - 2016-06-02 11:21 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-09-24 14:39 - 2016-04-11 06:22 - 00002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-24 14:15 - 2016-08-25 20:50 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-09-24 14:06 - 2016-06-02 11:29 - 00000000 ____D C:\Users\Sarah\AppData\Local\Apple Computer
2016-09-24 10:42 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-22 19:08 - 2016-04-11 06:10 - 00000000 ____D C:\Users\Sarah\AppData\Local\Packages
2016-09-22 18:50 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-22 18:49 - 2016-05-31 13:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-21 21:04 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-09-21 20:01 - 2016-02-13 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-21 19:39 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-21 19:39 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-20 17:24 - 2014-07-25 23:57 - 00000000 ___HD C:\OEM
2016-09-20 17:24 - 2014-07-25 23:21 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-09-20 17:24 - 2014-07-25 23:20 - 00000000 ____D C:\Program Files (x86)\Acer
2016-09-20 17:23 - 2016-04-11 06:10 - 00000000 ____D C:\Users\Sarah\AppData\Local\clear.fi
2016-09-20 17:19 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-18 20:24 - 2016-04-14 19:37 - 00000033 _____ C:\Users\Sarah\AppData\Roaming\AdobeWLCMCache.dat
2016-09-14 20:26 - 2016-04-14 15:33 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-14 20:26 - 2016-04-14 15:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-13 10:25 - 2016-04-10 19:33 - 00000000 ____D C:\Users\Sarah\Documents\Kunden
2016-09-11 17:44 - 2016-04-14 19:14 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\FileZilla
2016-09-11 15:17 - 2016-04-14 20:35 - 00000600 _____ C:\Users\Sarah\AppData\Local\PUTTY.RND
2016-09-11 13:57 - 2015-08-16 13:20 - 00000000 ____D C:\Users\Sarah\Documents\Studium
2016-09-07 19:24 - 2016-06-23 07:48 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Mozilla
2016-09-07 18:32 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 18:32 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-05 21:31 - 2016-04-13 04:39 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-09-05 21:17 - 2015-09-30 23:53 - 00000000 ____D C:\Users\Sarah\Documents\Adobe
2016-09-05 09:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-09-02 22:02 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-09-02 22:00 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-02 21:56 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-09-02 21:56 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-09-02 21:56 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-09-02 21:56 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-09-02 21:56 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-09-02 21:56 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-09-02 21:56 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-09-02 21:56 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-09-02 21:56 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-09-02 21:56 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-09-02 21:56 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-09-02 21:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-09-02 21:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-09-02 21:56 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-09-02 21:56 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-09-02 21:56 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\servicing
2016-09-02 21:48 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-02 21:48 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-02 21:23 - 2016-04-13 21:11 - 00002422 _____ C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-02 21:21 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-09-02 21:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-09-02 21:19 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-09-02 21:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-09-02 21:18 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-09-02 21:16 - 2016-04-13 19:51 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-09-02 21:15 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-02 21:12 - 2016-08-25 15:30 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2016-09-02 21:12 - 2016-08-15 10:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-09-02 21:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-02 21:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Help
2016-09-02 21:12 - 2016-05-31 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Network Notepad Professional
2016-09-02 21:12 - 2016-05-31 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\yEd Graph Editor
2016-09-02 21:12 - 2016-05-31 14:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-09-02 21:12 - 2016-05-24 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-09-02 21:12 - 2016-05-19 18:16 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2016-09-02 21:12 - 2016-04-29 09:30 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-09-02 21:12 - 2016-04-29 09:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-09-02 21:12 - 2016-04-16 13:21 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProjectLibre
2016-09-02 21:12 - 2016-04-16 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-09-02 21:12 - 2016-04-14 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-09-02 21:12 - 2016-04-14 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-09-02 21:12 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2016-09-02 21:12 - 2014-09-16 10:27 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power Media Player 12
2016-09-02 21:12 - 2014-07-25 23:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\InputMethod
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-02 21:09 - 2014-07-25 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2016-09-02 21:09 - 2014-07-25 23:23 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
2016-09-02 21:09 - 2014-07-25 23:22 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3
2016-09-02 21:09 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-09-02 21:09 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-09-02 21:05 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-02 21:05 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-09-02 21:05 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-09-02 17:14 - 2014-07-25 23:00 - 00000000 ____D C:\Users\Administrator
2016-09-02 17:13 - 2016-05-06 21:18 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-09-02 17:13 - 2014-09-16 10:05 - 00000000 ____D C:\ProgramData\Intel
2016-09-02 17:13 - 2014-09-16 09:47 - 00000000 ____D C:\Program Files (x86)\Intel
2016-09-02 17:13 - 2014-07-25 23:21 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-02 17:09 - 2016-04-11 06:21 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-02 17:09 - 2014-09-16 09:49 - 00016878 _____ C:\WINDOWS\system32\results.xml
2016-09-02 17:06 - 2014-09-16 10:07 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-09-02 16:37 - 2016-04-11 06:21 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-02 16:30 - 2016-05-06 21:09 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-02 16:29 - 2015-08-22 14:39 - 00000000 ____D C:\Users\Sarah\Documents\b-public
2016-09-02 15:34 - 2016-04-13 03:41 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-09-02 10:16 - 2016-04-11 06:10 - 00000000 ____D C:\Users\Sarah\AppData\Local\VirtualStore
2016-08-30 13:52 - 2016-04-14 19:16 - 00000000 ____D C:\ProgramData\Skype
2016-08-30 13:51 - 2016-04-14 19:16 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Skype

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-04-14 19:37 - 2016-09-18 20:24 - 0000033 _____ () C:\Users\Sarah\AppData\Roaming\AdobeWLCMCache.dat
2016-05-03 20:06 - 2016-08-12 13:47 - 0001456 _____ () C:\Users\Sarah\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-04-14 20:35 - 2016-09-11 15:17 - 0000600 _____ () C:\Users\Sarah\AppData\Local\PUTTY.RND
2016-09-02 21:04 - 2016-09-02 21:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-22 18:21

==================== Ende von FRST.txt ============================
Hallo Jürgen

Ein Update: Ich wollte soeben mein Notebook neustarten, weil keine Netzwerke angezeigt wurden, obwohl da jede Menge sind und bin während des Neustarts auf einem Bluescreen gelandet.

Ich denke, dass die Performance Probleme und so vieles vom Anniversary Update kommen. Keine Ahnung was ich jetzt machen soll.

Stillstandcode: Driver Power State Failure. (Ich habe die Treiber vor etwa 2 Wochen alle anhand der Angaben von Acer aktualisiert)

BugChecks:

Code:
Protokollname: System
Quelle:        Microsoft-Windows-WER-SystemErrorReporting
Datum:        26.09.2016 12:08:59
Ereignis-ID:  1001
Aufgabenkategorie:Keine
Ebene:        Fehler
Schlüsselwörter:Klassisch
Benutzer:      Nicht zutreffend
Computer:      Sarah
Beschreibung:
Der Computer wurde nach einem schwerwiegenden Fehler neu gestartet. Der Fehlercode war: 0x0000009f (0x0000000000000004, 0x000000000000012c, 0xffffd70ba5080040, 0xffffc700a5509980). Ein volles Abbild wurde gespeichert in: C:\WINDOWS\MEMORY.DMP. Berichts-ID: 05cb9fb4-94fe-4be0-8403-c029fe3c5236.
Ereignis-XML:
<Event xmlns="hxxp://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-WER-SystemErrorReporting" Guid="{ABCE23E7-DE45-4366-8631-84FA6C525952}" EventSourceName="BugCheck" />
    <EventID Qualifiers="16384">1001</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2016-09-26T10:08:59.837715300Z" />
    <EventRecordID>3444</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>Sarah</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">0x0000009f (0x0000000000000004, 0x000000000000012c, 0xffffd70ba5080040, 0xffffc700a5509980)</Data>
    <Data Name="param2">C:\WINDOWS\MEMORY.DMP</Data>
    <Data Name="param3">05cb9fb4-94fe-4be0-8403-c029fe3c5236</Data>
  </EventData>
</Event>

Ach mann :(

deeprybka 26.09.2016 12:22
Kannst Du am PC arbeiten?

Wenn ja,

Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 2

http://deeprybka.trojaner-board.de/m...mbamlogo4a.pnghttp://deeprybka.trojaner-board.de/m...mbamlogo4b.png
  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass Deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

lunaris 26.09.2016 20:26
Code:
# AdwCleaner v6.020 - Bericht erstellt am 26/09/2016 um 21:26:04
# Aktualisiert am 14/09/2016 von ToolsLib
# Datenbank : 2016-09-26.3 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Sarah - SARAH
# Gestartet von : C:\Users\Sarah\Desktop\AdwCleaner_6.020.exe
# Modus: Löschen
# Unterstützung : https://toolslib.net/forum



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Program Files (x86)\Jujatsterkerther
[-] Ordner gelöscht: C:\Users\Sarah\AppData\Roaming\Profiles\5arztgff.default


***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL


***** [ Browser ] *****

[-] Firefox Profil bereinigt: Profile1


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [5911 Bytes] - [25/08/2016 17:26:36]
C:\AdwCleaner\AdwCleaner[C2].txt - [4354 Bytes] - [25/08/2016 17:55:24]
C:\AdwCleaner\AdwCleaner[C3].txt - [2023 Bytes] - [26/09/2016 21:26:04]
C:\AdwCleaner\AdwCleaner[S0].txt - [5771 Bytes] - [25/08/2016 17:23:36]
C:\AdwCleaner\AdwCleaner[S1].txt - [3846 Bytes] - [25/08/2016 17:53:53]
C:\AdwCleaner\AdwCleaner[S2].txt - [1614 Bytes] - [25/08/2016 20:13:11]
C:\AdwCleaner\AdwCleaner[S3].txt - [2456 Bytes] - [26/09/2016 21:23:38]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [2388 Bytes] ##########

deeprybka 26.09.2016 20:58
MBAM kommt noch? :)

lunaris 26.09.2016 20:59
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 26.09.2016
Suchlaufzeit: 21:29
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.09.26.09
Rootkit-Datenbank: v2016.09.26.02
Lizenz: Premium-Version
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Aktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Sarah

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 355089
Abgelaufene Zeit: 15 Min., 37 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

deeprybka 26.09.2016 21:04
Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

lunaris 27.09.2016 06:23
Code:
Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 25-09-2016
durchgeführt von Sarah (27-09-2016 07:19:59)
Gestartet von C:\Users\Sarah\Desktop
Start-Modus: Normal

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)





Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\01 - File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\03 - Documents.lnk -> C:\Users\Sarah\Documents ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\04 - Downloads.lnk -> C:\Users\Sarah\Downloads ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\05 - Music.lnk -> C:\Users\Sarah\Music ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\06 - Pictures.lnk -> C:\Users\Sarah\Pictures ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\07 - Videos.lnk -> C:\Users\Sarah\Videos ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\08 - Homegroup.lnk -> Microsoft.Windows.Homegroup
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\09 - Network.lnk -> Microsoft.Windows.Network
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\10 - UserProfile.lnk -> C:\Users\Sarah ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSACCESS.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk -> C:\Windows\Installer\{AC76BA86-1033-FFFF-7760-0C0F074E4100}\_SC_Acrobat.ico (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrodist.exe (Adobe Systems Incorporated.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Dreamweaver CC 2015.lnk -> C:\Program Files\Adobe\Adobe Dreamweaver CC 2015\Dreamweaver.exe (Adobe Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2015.3.lnk -> C:\Program Files\Adobe\Adobe Illustrator CC 2015.3\Support Files\Contents\Windows\Illustrator.exe (Adobe Systems Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC 2015.lnk -> C:\Program Files\Adobe\Adobe InDesign CC 2015\InDesign.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2015.3.lnk -> C:\Program Files\Adobe\Adobe Media Encoder CC 2015.3\Adobe Media Encoder.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.5.lnk -> C:\Program Files\Adobe\Adobe Photoshop CC 2015.5\Photoshop.exe (Adobe Systems, Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{56EC47AA-5813-4FF6-8E75-544026FBEA83}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk -> C:\Windows\System32\GfxUIEx.exe (Intel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk -> C:\Windows\MiracastView\MiracastView.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTE.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk -> C:\Windows\PrintDialog\PrintDialog.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\MSPUB.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spotify.lnk -> C:\Program Files (x86)\Spotify\SpotifyLauncher.exe (Spotify Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\VISIO.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\yEd Graph Editor\yEd Graph Editor Uninstaller.lnk -> C:\Program Files (x86)\yWorks\yEd\uninstall.exe (yWorks GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\yEd Graph Editor\yEd Graph Editor.lnk -> C:\Program Files (x86)\yWorks\yEd\yEd.exe (yWorks GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Base.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sbase.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Calc.lnk -> C:\Program Files (x86)\OpenOffice 4\program\scalc.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Draw.lnk -> C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Impress.lnk -> C:\Program Files (x86)\OpenOffice 4\program\simpress.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Math.lnk -> C:\Program Files (x86)\OpenOffice 4\program\smath.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice Writer.lnk -> C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2\OpenOffice.lnk -> C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Network Notepad Professional\Network Notepad License Manager.lnk -> C:\Program Files (x86)\Network Notepad Professional\License Manager.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Network Notepad Professional\Network Notepad Professional .lnk -> C:\Program Files (x86)\Network Notepad Professional\dotnetpad.exe (J A Green)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Network Notepad Professional\Uninstall Network Notepad.lnk -> C:\Program Files (x86)\Network Notepad Professional\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Office 2016-Spracheinstellungen.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\SETLANG.EXE (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware entfernen.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk -> C:\Program Files\iTunes\iTunes.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Über iTunes.lnk -> C:\Program Files\iTunes\iTunes.Resources\de.lproj\About iTunes.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility\Intel(R) Driver Update Utility 2.4.lnk -> C:\Program Files (x86)\Intel Driver Update Utility\DriverUpdateUI.exe (Intel)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud-Fotos.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\ShellStreamsShortcut.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iCloud.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe (Apple Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF\Foxit PhantomPDF.lnk -> C:\Program Files (x86)\Foxit PhantomPDF\FoxitPhantomPDF.exe (Foxit Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\FileZilla.lnk -> C:\Program Files\FileZilla FTP Client\filezilla.exe (FileZilla Project)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client\Uninstall.lnk -> C:\Program Files\FileZilla FTP Client\uninstall.exe (Tim Kosse)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\FreeStudioManager.exe (Digital Wave Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Free YouTube To MP3 Converter.lnk -> C:\Program Files (x86)\DVDVideoSoft\Free YouTube To MP3 Converter\FreeYouTubeToMP3Converter.exe (Digital Wave Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe (DVDVideoSoft Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Premium Membership.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\PremiumMembershipOffer.exe (DVDVideoSoft Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk -> C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10\PowerDirector 10.lnk -> C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power Media Player 12\CyberLink Power Media Player 12.lnk -> C:\Program Files (x86)\CyberLink\PowerDVD12\PDVDLaunchPolicy.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3\CyberLink PhotoDirector 3.lnk -> C:\Program Files (x86)\CyberLink\PhotoDirector3\PhotoDirector3.exe (CyberLink Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft® Windows® Operating System)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\abDocs.lnk -> C:\Program Files (x86)\Acer\abDocs\abDocs.exe (acer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\abMusic.lnk -> C:\Program Files (x86)\Acer\abMusic\abMusic.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\abPhoto.lnk -> C:\Program Files (x86)\Acer\abPhoto\abPhoto.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Care Center.lnk -> C:\Program Files (x86)\Acer\Care Center\CareCenter.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Portal.lnk -> C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe (Acer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Power Management.lnk -> C:\Program Files\Acer\Acer Power Management\ePowerUI.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Quick Access.lnk -> C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe (Acer Incorporate)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer User Experience Improvement Program.lnk -> C:\Program Files\Acer\User Experience Improvement Program\Framework\Setting.exe (acer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer User's Manual.lnk -> C:\OEM\Preload\Autorun\GUI\Acer User's Manual\00\OnePager.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\Acer Video Player.lnk -> C:\Program Files (x86)\Acer\Acer Video Player\AcerVideoPlayer.exe (Acer Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-304
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\Users\Sarah\Links\Creative Cloud Files.lnk -> C:\Users\Sarah\Creative Cloud Files ()
Shortcut: C:\Users\Sarah\Links\Desktop.lnk -> C:\Users\Sarah\Desktop ()
Shortcut: C:\Users\Sarah\Links\Downloads.lnk -> C:\Users\Sarah\Downloads ()
Shortcut: C:\Users\Sarah\Links\RecentPlaces.lnk -> L ᐁ  À  䘀                        耟穭⊇㞡䘚낑�깚馼 ć        ꀀz 匱卐뜥䟯ယ怂麌곫1
 ἀ က 娀甀氀攀琀稀琀 戀攀猀甀挀栀琀 ⴀ Ѐ  
 Systemordner    匱卐檦⡣锽ᇒ횵쀀�퀘e  ἀ ⤀ 㨀㨀笀㈀㈀㠀㜀㜀䄀㘀䐀ⴀ㌀㜀䄀㄀ⴀ㐀㘀㄀䄀ⴀ㤀㄀䈀 ⴀ䐀䈀䐀䄀㔀䄀䄀䔀䈀䌀㤀㤀紀       
Shortcut: C:\Users\Sarah\Documents\Steuerfälle\Steuerfaelle\steuern.lu.2012 nP.lnk -> C:\Program Files (x86)\steuern.lu.2012 nP\steuern.lu.2012 nP.exe (Keine Datei)
Shortcut: C:\Users\Sarah\Documents\Adobe\After Effects CC 2015\User Presets\(Adobe).lnk -> C:\Program Files\Adobe\Adobe After Effects CC 2015\Support Files\Presets (Keine Datei)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk -> C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Sarah\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Benutzerhandbuch für die Konsolenversion von RAR.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Hilfe zu WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Was ist neu in dieser Version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-304
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProjectLibre\ProjectLibre.lnk -> C:\Program Files (x86)\ProjectLibre\projectlibre.exe (ProjectLibre Inc.)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Portal.lnk -> C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe (Acer)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer (2).lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Outlook 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Spotify.lnk -> C:\Program Files (x86)\Spotify\SpotifyLauncher.exe (Spotify Ltd)
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\ZinioLLC.Zinio_0q6dqzpp40p2e\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\WildTangentGames.-GamesApp-_qt5r5pa5dyg8m\WTGames.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\TuneIn.TuneInRadio_6bhtb546zcxnj\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneVideo_8wekyb3d8bbwe\Microsoft.ZuneVideo.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.ZuneMusic_8wekyb3d8bbwe\Microsoft.ZuneMusic.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.XboxOneSmartGlass_8wekyb3d8bbwe\Microsoft.XboxOneSmartGlass.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.XboxLIVEGames_8wekyb3d8bbwe\Microsoft.XboxLIVEGames.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsSoundRecorder_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsScan_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsReadingList_8wekyb3d8bbwe\Microsoft.WindowsReadingList.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Calendar.lnk -> 0x4C0000000114020000000000C000000000000046800000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000050000090000A0570100003153505355284C9F799F394BA8D0E1D42DE1D5F37500000011000000001F000000320000006D006900630072006F0073006F00660074002E00770069006E0064006F007700730063006F006D006D0075006E00690063006100740069006F006E00730061007000700073005F003800770065006B007900620033006400380062006200770065000000110000000E000000001300000001000000B500000005000000001F000000510000006D006900630072006F0073006F00660074002E00770069006E0064006F007700730063006F006D006D0075006E00690063006100740069006F006E00730061007000700073005F003800770065006B0079006200330064003800620062007700650021004D006900630072006F0073006F00660074002E00570069006E0064006F00770073004C006900760065002E00430061006C0065006E006400610072000000000000000000AE020000315350534D0BD48669903C44819A2A54090DCCEC510000000C000000001F000000200000004D006F006400650072006E00430061006C0065006E006400610072005C00430061006C0065006E006400610072004C006F0067006F002E0070006E0067000000550000000F000000001F000000210000004D006F006400650072006E00430061006C0065006E006400610072005C00430061006C0065006E00640061007200420061006400670065002E0070006E006700000000005D00000002000000001F000000250000004D006F006400650072006E00430061006C0065006E006400610072005C00430061006C0065006E0064006100720053006D0061006C006C004C006F0067006F002E0070006E00670000000000590000000D000000001F000000240000004D006F006400650072006E00430061006C0065006E006400610072005C00430061006C0065006E0064006100720057006900640065004C006F0067006F002E0070006E0067000000110000000400000000130000005133ABFF5D00000013000000001F000000250000004D006F006400650072006E00430061006C0065006E006400610072005C00430061006C0065006E006400610072004C0061007200670065004C006F0067006F002E0070006E0067000000000011000000050000000013000000FFFFFFFF110000000E0000000013000000AD0000004D0000000B000000001F0000001D0000006D0073002D007200650073006F0075007200630065003A00630061006C0065006E006400610072004100700070005400690074006C006500000000005900000014000000001F000000240000004D006F006400650072006E00430061006C0065006E006400610072005C00430061006C0065006E00640061007200540069006E0079004C006F0067006F002E0070006E006700000000000000690000003153505330F125B7EF471A10A5F102608C9EEBAC4D0000000A000000001F0000001D0000006D0073002D007200650073006F0075007200630065003A00630061006C0065006E006400610072004100700070005400690074006C00650000000000000000002D00000031535053B377ED0D14C66C45AE5B285B38D7B01B1100000015000000001300000012000000000000005900000031535053904F1E8459FF164D8947E81BBFFAB36D3D00000002000000001F000000160000004D006900630072006F0073006F0066007400200043006F00720070006F0072006100740069006F006E000000000000000000000000000000
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Mail.lnk -> 0x4C0000000114020000000000C000000000000046800000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000029050000090000A04F0100003153505355284C9F799F394BA8D0E1D42DE1D5F37500000011000000001F000000320000006D006900630072006F0073006F00660074002E00770069006E0064006F007700730063006F006D006D0075006E00690063006100740069006F006E00730061007000700073005F003800770065006B007900620033006400380062006200770065000000110000000E000000001300000001000000AD00000005000000001F0000004D0000006D006900630072006F0073006F00660074002E00770069006E0064006F007700730063006F006D006D0075006E00690063006100740069006F006E00730061007000700073005F003800770065006B0079006200330064003800620062007700650021004D006900630072006F0073006F00660074002E00570069006E0064006F00770073004C006900760065002E004D00610069006C00000000000000000076020000315350534D0BD48669903C44819A2A54090DCCEC490000000C000000001F0000001C0000004D006F006400650072006E004D00610069006C005C005200650073005C004D00610069006C004C006F0067006F002E0070006E00670000004D0000000F000000001F0000001D0000004D006F006400650072006E004D00610069006C005C005200650073005C004D00610069006C00420061006400670065002E0070006E006700000000005500000002000000001F000000210000004D006F006400650072006E004D00610069006C005C005200650073005C004D00610069006C0053006D0061006C006C004C006F0067006F002E0070006E00670000000000510000000D000000001F000000200000004D006F006400650072006E004D00610069006C005C005200650073005C004D00610069006C0057006900640065004C006F0067006F002E0070006E0067000000110000000400000000130000000072C6FF5500000013000000001F000000210000004D006F006400650072006E004D00610069006C005C005200650073005C004D00610069006C004C0061007200670065004C006F0067006F002E0070006E0067000000000011000000050000000013000000FFFFFFFF110000000E0000000013000000AB000000450000000B000000001F000000190000006D0073002D007200650073006F0075007200630065003A006D00610069006C004100700070005400690074006C006500000000005100000014000000001F000000200000004D006F006400650072006E004D00610069006C005C005200650073005C004D00610069006C00540069006E0079004C006F0067006F002E0070006E006700000000000000610000003153505330F125B7EF471A10A5F102608C9EEBAC450000000A000000001F000000190000006D0073002D007200650073006F0075007200630065003A006D00610069006C004100700070005400690074006C00650000000000000000007100000031535053B87D4086F79DCD48B986F999ADC197315500000002000000001F000000210000006D0073002D007200650073006F0075007200630065003A006D00610069006C00530068006100720065004400650073006300720069007000740069006F006E0000000000000000002D00000031535053B377ED0D14C66C45AE5B285B38D7B01B1100000015000000001300000012000000000000005900000031535053904F1E8459FF164D8947E81BBFFAB36D3D00000002000000001F000000160000004D006900630072006F0073006F0066007400200043006F00720070006F0072006100740069006F006E000000000000000000000000000000
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.People.lnk -> 0x4C0000000114020000000000C0000000000000468000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000F8040000090000A0530100003153505355284C9F799F394BA8D0E1D42DE1D5F37500000011000000001F000000320000006D006900630072006F0073006F00660074002E00770069006E0064006F007700730063006F006D006D0075006E00690063006100740069006F006E00730061007000700073005F003800770065006B007900620033006400380062006200770065000000110000000E000000001300000001000000B100000005000000001F0000004F0000006D006900630072006F0073006F00660074002E00770069006E0064006F007700730063006F006D006D0075006E00690063006100740069006F006E00730061007000700073005F003800770065006B0079006200330064003800620062007700650021004D006900630072006F0073006F00660074002E00570069006E0064006F00770073004C006900760065002E00500065006F0070006C006500000000000000000019020000315350534D0BD48669903C44819A2A54090DCCEC410000000C000000001F000000180000004D006F006400650072006E00500065006F0070006C0065005C00500065006F0070006C0065002E0070006E00670000004D00000002000000001F0000001D0000004D006F006400650072006E00500065006F0070006C0065005C00500065006F0070006C00650053006D0061006C006C002E0070006E00670000000000490000000D000000001F0000001C0000004D006F006400650072006E00500065006F0070006C0065005C00500065006F0070006C00650057006900640065002E0070006E006700000011000000040000000013000000D24726FF4D00000013000000001F0000001D0000004D006F006400650072006E00500065006F0070006C0065005C00500065006F0070006C0065004C0061007200670065002E0070006E0067000000000011000000050000000013000000FFFFFFFF110000000E0000000013000000A30000005D0000000B000000001F000000250000006D0073002D007200650073006F0075007200630065003A002F002F002F0073007400720069006E00670073002F00700065006F0070006C0065004100700070004E0061006D006500000000004900000014000000001F0000001C0000004D006F006400650072006E00500065006F0070006C0065005C00500065006F0070006C006500540069006E0079002E0070006E006700000000000000790000003153505330F125B7EF471A10A5F102608C9EEBAC5D0000000A000000001F000000250000006D0073002D007200650073006F0075007200630065003A002F002F002F0073007400720069006E00670073002F00700065006F0070006C0065004100700070004E0061006D00650000000000000000008100000031535053B87D4086F79DCD48B986F999ADC197316500000002000000001F0000002A0000006D0073002D007200650073006F0075007200630065003A002F002F002F0073007400720069006E00670073002F0072006100530068006100720065004400650073006300720069007000740069006F006E000000000000002D00000031535053B377ED0D14C66C45AE5B285B38D7B01B1100000015000000001300000012000000000000005900000031535053904F1E8459FF164D8947E81BBFFAB36D3D00000002000000001F000000160000004D006900630072006F0073006F0066007400200043006F00720070006F0072006100740069006F006E000000000000000000000000000000
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsCalculator_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.WindowsAlarms_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.SkypeApp_kzf8qxf38zg5c\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Reader_8wekyb3d8bbwe\Microsoft.Reader.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.Office.OneNote_8wekyb3d8bbwe\microsoft.onenoteim.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.MovieMoments_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.HelpAndTips_8wekyb3d8bbwe\HelpAndTips.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.FreshPaint_8wekyb3d8bbwe\Microsoft.FreshPaint.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingWeather_8wekyb3d8bbwe\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingTravel_8wekyb3d8bbwe\AppexTravel.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingSports_8wekyb3d8bbwe\AppexSports.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingNews_8wekyb3d8bbwe\AppexNews.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingMaps_8wekyb3d8bbwe\AppexMaps.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingHealthAndFitness_8wekyb3d8bbwe\AppexHealthAndFitness.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFoodAndDrink_8wekyb3d8bbwe\AppexFoodAndDrink.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Microsoft.BingFinance_8wekyb3d8bbwe\AppexFinance.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Flipboard.Flipboard_3f5azkryzdbc4\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\Evernote.Evernote_q4d96b2w5wcc2\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\eBayInc.eBay_1618n3s9xq8tw\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\AMZNMobileLLC.KindleforWindows8_stfe6vwa9jnbp\com.amazon.kindle.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\AcerIncorporated.AcerExplorer_48frkmn4z8aw4\AcerExplorer.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\AccuWeather.AccuWeatherforWindows8_8zz2pj9h1h1d8\App.lnk -> Tile and icon assets
Shortcut: C:\Users\Sarah\AppData\Local\Microsoft\Windows\Application Shortcuts\4AE8B7C2.Booking.comPartnerEdition_6wqyppa9wfhnr\App.lnk -> Tile and icon assets




ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk -> C:\Program Files\Intel Security\True Key\Application\truekey.exe () -> --open-source=startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk -> C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe (WildTangent) -> /src gamesmenu /dp Acerlt
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools\Office 2016 Upload Center.lnk -> C:\Program Files (x86)\Microsoft Office\root\client\AppVLP.exe (Microsoft Corporation) -> "C:\Program Files (x86)\Microsoft Office\Root\Office16\MSOUC.EXE"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\Deinstallieren.lnk -> C:\Program Files\McAfee Security Scan\uninstall.exe (McAfee, Inc.) -> C:\Program Files\McAfee Security Scan\3.11.376\McAfee.ico
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus\McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\McUICnt.exe (McAfee, Inc.) -> SecurityScanner.dll
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\E-Mails.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> mail
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Erinnerungen.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> reminders
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\iPhone suchen.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> find
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Kalender.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> calendar
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Keynote.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> keynote
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Kontakte.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> contacts
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Notizen.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> notes
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Numbers.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> numbers
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud\Pages.lnk -> C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudWeb.exe (Apple Inc.) -> pages
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Casual Games.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Enthusiast Games.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=26352374-af55-4b53-b07b-6b0288ed97df /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Family Games.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Kids Games.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Aloha TriPeaks.lnk -> C:\Program Files (x86)\WildGames\Aloha TriPeaks\alohatripeaks-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Bejeweled 2 Deluxe.lnk -> C:\Program Files (x86)\WildGames\Bejeweled 2 Deluxe\Bejeweled 2 Deluxe-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Farm to Fork Collector's Edition.lnk -> C:\Program Files (x86)\WildGames\Farm to Fork Collectors Edition\FarmToFork-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Governor of Poker 2 Premium Edition.lnk -> C:\Program Files (x86)\WildGames\Governor of Poker 2 Premium Edition\GovernorofPoker2_PE-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Jewel Match 3.lnk -> C:\Program Files (x86)\WildGames\Jewel Match 3\jewelmatch3-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\King Oddball.lnk -> C:\Program Files (x86)\WildGames\King Oddball\KingOddball-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\LUXOR Evolved.lnk -> C:\Program Files (x86)\WildGames\LUXOR Evolved\luxor_ev_x86-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Magic Academy.lnk -> C:\Program Files (x86)\WildGames\Magic Academy\Magic Academy-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games from WildTangent Games.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - main\provider.exe (WildTangent) -> /id=977b5905-4d14-47f1-bbbf-7b92f596695d /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Peggle Nights.lnk -> C:\Program Files (x86)\WildGames\Peggle Nights\pegglenights-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Plants vs. Zombies - Game of the Year.lnk -> C:\Program Files (x86)\WildGames\Plants vs Zombies - Game of the Year\plantsvszombies-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Polar Bowler 1st Frame.lnk -> C:\Program Files (x86)\WildGames\Polar Bowler 1st Frame\PBFF-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\The Chronicles of Emerland Solitaire.lnk -> C:\Program Files (x86)\WildGames\The Chronicles of Emerland Solitaire\solitaire-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Trinklit Supreme.lnk -> C:\Program Files (x86)\WildGames\Trinklit Supreme\trinklitsupreme-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\WildTangent Games App - acer.lnk -> C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe (WildTangent) -> /src gamesmenu /dp Acerlt
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Zuma's Revenge.lnk -> C:\Program Files (x86)\WildGames\Zumas Revenge\Zuma's Revenge-WT.exe (WildTangent, Inc.) -> /launchgc /src gamesmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{f244afb6-a31c-4254-82f2-e89a2cfa9c24}\PlayTasks\0\LUXOR Evolved.lnk -> C:\Program Files (x86)\WildGames\LUXOR Evolved\luxor_ev_x86-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{e7670ec4-0132-4d49-b460-96cc37855a0b}\PlayTasks\0\King Oddball.lnk -> C:\Program Files (x86)\WildGames\King Oddball\KingOddball-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{d58eecb0-0816-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{9fbd6a31-c1d2-4269-a69a-fb9d00766ebc}\PlayTasks\0\Trinklit Supreme.lnk -> C:\Program Files (x86)\WildGames\Trinklit Supreme\trinklitsupreme-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{977b5905-4d14-47f1-bbbf-7b92f596695d}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - main\provider.exe (WildTangent) -> /id=977b5905-4d14-47f1-bbbf-7b92f596695d /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{74e6d22f-cb18-4829-9d0a-ed768ab6d91e}\PlayTasks\0\Peggle Nights.lnk -> C:\Program Files (x86)\WildGames\Peggle Nights\pegglenights-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{7364bdbb-1a13-4f43-b6fc-8decae898f9c}\PlayTasks\0\The Chronicles of Emerland Solitaire.lnk -> C:\Program Files (x86)\WildGames\The Chronicles of Emerland Solitaire\solitaire-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{5efc38bb-2dab-4442-8e97-38975fa121af}\PlayTasks\0\Magic Academy.lnk -> C:\Program Files (x86)\WildGames\Magic Academy\Magic Academy-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{5ae0d760-ddcf-4247-85df-eacefd518e86}\PlayTasks\0\Plants vs. Zombies - Game of the Year.lnk -> C:\Program Files (x86)\WildGames\Plants vs Zombies - Game of the Year\plantsvszombies-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{4ab17087-5348-4a14-8af5-cd43a0707d5f}\PlayTasks\0\Polar Bowler 1st Frame.lnk -> C:\Program Files (x86)\WildGames\Polar Bowler 1st Frame\PBFF-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{471351f0-4e8a-47bf-a6b3-3de3c99ae340}\PlayTasks\0\Jewel Match 3.lnk -> C:\Program Files (x86)\WildGames\Jewel Match 3\jewelmatch3-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{40b39904-c402-4e7c-84e5-15c753e22bb8}\PlayTasks\0\Farm to Fork Collector's Edition.lnk -> C:\Program Files (x86)\WildGames\Farm to Fork Collectors Edition\FarmToFork-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{3eda1e54-8889-41f5-a649-5a306789b7ef}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{26352374-af55-4b53-b07b-6b0288ed97df}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=26352374-af55-4b53-b07b-6b0288ed97df /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{1447c6c0-8a7b-4b3f-a3b2-cbc9cb3ff16d}\PlayTasks\0\Aloha TriPeaks.lnk -> C:\Program Files (x86)\WildGames\Aloha TriPeaks\alohatripeaks-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{134726E5-0682-43C5-8AA2-DD4D6A866DD4}\PlayTasks\0\Bejeweled 2 Deluxe.lnk -> C:\Program Files (x86)\WildGames\Bejeweled 2 Deluxe\Bejeweled 2 Deluxe-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{11df15ff-f066-4c33-ac85-8738689543f5}\PlayTasks\0\Governor of Poker 2 Premium Edition.lnk -> C:\Program Files (x86)\WildGames\Governor of Poker 2 Premium Edition\GovernorofPoker2_PE-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{0334682e-f04f-4f03-8b56-d518fdcb7661}\PlayTasks\0\Zuma's Revenge.lnk -> C:\Program Files (x86)\WildGames\Zumas Revenge\Zuma's Revenge-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{000d96f5-8034-4b74-a429-b6f0b04c75f4}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gameexploreroem
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Default Apps.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsDefaults
ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemDevices
ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Chrome Apps & Extensions Developer Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 4" --app-id=ohmmkhmmmpcnpikjeljgnaoabkaalbgc
ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 4" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE (Microsoft Corporation) -> /recycle
ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Franz.lnk -> C:\Users\Sarah\AppData\Local\Franz\Update.exe (GitHub) -> --processStart Franz.exe
ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Sarah - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Privat - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"
ShortcutWithArgument: C:\Users\Sarah\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Sarah\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Sarah\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Sarah\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Sarah\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Sarah\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Sarah\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Sarah\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Sarah\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft® Windows® Operating System) -> /0
ShortcutWithArgument: C:\Users\Sarah\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Besuchen Sie Java.com.url -> URL: hxxp://java.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Hilfe aufrufen.url -> URL: hxxp://java.com/help
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL ->
InternetURL: C:\Users\Default\Favorites\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=379334
InternetURL: C:\Users\Default\Favorites\Acer\Acer.url -> URL: hxxp://www.acer.com/
InternetURL: C:\Users\Sarah\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Sarah\Favorites\Booking.com.url -> URL: hxxp://www.booking.com/index.html?aid=379334
InternetURL: C:\Users\Sarah\Favorites\Acer\Acer.url -> URL: hxxp://www.acer.com/
InternetURL: C:\Users\Sarah\Favorites\Acer\eBay.url -> URL: hxxp://rover.ebay.com/rover/1/5222-124917-24801-4/4
InternetURL: C:\Users\Sarah\Documents\Kunden\Boschung\Web\wordpress\wp-content\themes\Divi\readme.url -> URL: hxxp://www.elegantthemes.com/gallery/divi/readme.html
InternetURL: C:\Users\Sarah\Documents\Kunden\Bellevue\Infografiken\FreeVector.COM.url -> URL: hxxp://www.freevector.com/
InternetURL: C:\Users\Sarah\Documents\Kunden\Bellevue\Infografiken\Source\vecteezy.url -> URL: hxxp://www.vecteezy.com

==================== Ende von Shortcut.txt =============================

lunaris 27.09.2016 06:24
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-09-2016
durchgeführt von Sarah (27-09-2016 07:18:19)
Gestartet von C:\Users\Sarah\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-02 19:19:58)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1742419186-1601379352-809800023-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1742419186-1601379352-809800023-503 - Limited - Disabled)
Gast (S-1-5-21-1742419186-1601379352-809800023-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1742419186-1601379352-809800023-1006 - Limited - Enabled)
Sarah (S-1-5-21-1742419186-1601379352-809800023-1002 - Administrator - Enabled) => C:\Users\Sarah

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3006 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.8.0.310 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2015 (HKLM-x32\...\{EE2A0AA8-0386-11E5-8603-BC82F5DB1A71}) (Version: 16.1.3 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015.3 (HKLM-x32\...\ILST_20_1_0) (Version: 20.1.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2015 (HKLM-x32\...\{DBFD0312-6E55-1014-8952-E78D43BC0147}) (Version: 11.4.1.102 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015.3 (HKLM-x32\...\AME_10_4_0) (Version: 10.4.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0_1) (Version: 17.0.1 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.4218 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 10.4.26 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.47.1 - Dropbox, Inc.) Hidden
ELAN HIDI2C Filter Driver X64 13.6.1.1_WHQL (HKLM\...\Elantech) (Version: 13.6.1.1 - ELAN Microelectronic Corp.)
EPSON XP-432 435 Series Printer Uninstall (HKLM\...\EPSON XP-432 435 Series) (Version:  - Seiko Epson Corporation)
Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
FileZilla Client 3.17.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.17.0.1 - Tim Kosse)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.28.831 - Digital Wave Ltd)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
iCloud (HKLM\...\{724A887F-2B55-4306-B6F9-8F0E7A04B1B5}) (Version: 5.2.2.87 - Apple Inc.)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.5.146.1 - Intel Security)
Intel(R) Driver Update Utility 2.4 (x32 Version: 2.4.0.15 - Intel) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) Product Improvement Program (x32 Version: 2.1.27.3 - Intel) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{1b09c4de-9cae-4122-b17c-65d395062b50}) (Version: 2.4.0.15 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.376.2 - McAfee, Inc.)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7167.2060 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.7167.2060 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 - de-de (HKLM\...\VisioProRetail - de-de) (Version: 16.0.7167.2060 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version:  - )
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla)
Network Notepad Professional Edition (HKLM-x32\...\DotNetPad_is1) (Version:  - Jason Green)
NVIDIA Grafiktreiber 369.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 369.09 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
ProjectLibre (HKLM-x32\...\{8E2A530F-ABE9-45B4-B4EA-B9DF56698376}) (Version: 1.6.2.0 - ProjectLibre)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.21277 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7203 - Realtek Semiconductor Corp.)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
yEd Graph Editor 3.15.0.2 (HKLM-x32\...\3309-7404-0599-8908) (Version: 3.15.0.2 - yWorks GmbH)
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1742419186-1601379352-809800023-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Sarah\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1742419186-1601379352-809800023-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01102F16-64A4-4078-A5BC-6EC6784C96BE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-02] (Dropbox, Inc.)
Task: {08CC4D92-5144-4EAB-816C-26E59F9073F5} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {17FE7975-5BA7-4E78-B89E-EE8E60C52955} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-09-13] (Microsoft Corporation)
Task: {1DBB39FA-D817-4E58-A0E1-CBD63D3C4131} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {1DC5C606-21A6-41B5-A4EB-D5E19BC511EA} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {1EC40B2B-0882-4702-9C05-BF24A04350C7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {31665744-B4D5-41C0-A69E-2606ABDE779B} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {37B2B24B-FBD9-4293-9E26-76F558E36F1F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13] (Adobe Systems Incorporated)
Task: {3B07D30B-F2D1-43B2-A67D-72DBC64A1D65} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {4CB44732-DE2A-4C13-9C81-33E1CDE669EE} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {4D0F8159-7FA9-41A0-B0E7-FBC76BB073E9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-09-13] (Microsoft Corporation)
Task: {6F7A477C-19ED-418B-B5C7-FC5F47518338} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {766049C9-83ED-47A9-B285-B46E1A3B9AED} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-17] ()
Task: {7AD080D4-126A-47DB-8C5A-3F67B3C957D3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {7C2E5688-AD88-42ED-B445-C407775BDCDD} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {8019D117-35DB-4178-B012-B7D5AA489BA2} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {80FF5C13-D961-40F2-B892-BD65AAE8FE98} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-08-30] (Acer Incorporated)
Task: {836C7542-6DBC-4DE4-AD2D-87964E72B325} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-11] (Google Inc.)
Task: {8A6476D3-8858-41DB-8CA1-07845695313A} - System32\Tasks\EPSON XP-432 435 Series Update {E2701DEA-B8FE-4B92-B821-3B31EF5B091F} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPDE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {90E4AAEE-214F-4FE7-885E-DACBC0A26950} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-11] (Google Inc.)
Task: {96098DA8-4640-4247-B4A5-FC6A673AEAA8} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-02] (Dropbox, Inc.)
Task: {97E1F9CF-24F0-4180-8880-EBBA78D91724} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-09-05] (Microsoft Corporation)
Task: {99360872-D2C9-484C-8082-B53EF443B37F} - System32\Tasks\SafeZone scheduled Autoupdate 1463674154 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {9BD20DB4-DA4C-466D-8FDB-D8527B47F082} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-sarah.mueller88@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {9D3DFB64-9ED7-4E55-9C2A-5FB5C3B292D8} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Sarah\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-27] (Microsoft Corporation)
Task: {B20C0BB1-70E4-4BA1-B4AA-0FF27BACBBC2} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2016-08-15] ()
Task: {C9911319-3E2C-46C8-B9B9-4A24AB74AB49} - System32\Tasks\{F575C47D-0D94-4DFE-91EC-40B5F2E61535} => Chrome.exe hxxp://ui.skype.com/ui/0/7.24.0.104/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {D6F9FB7F-98FE-4BE7-AA87-98F8F6331D01} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {DA0F7C93-2B62-4FFB-8F77-03363DE7EE09} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-17] ()
Task: {DF71E165-635D-4DDA-88B3-4561462FD52B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {E418ED44-D79C-476F-9438-85F9A8353316} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-09-05] (Microsoft Corporation)
Task: {EDF4F705-2502-423E-A35C-997D185A2814} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {F69239AC-BF10-463C-8CAE-7FD508923AE7} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {F9228382-42AC-4428-918C-222927615477} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-09-09] (Acer)
Task: {FDD1237C-3C61-4917-95E5-D8477B878B50} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-09-13] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON XP-432 435 Series Update {E2701DEA-B8FE-4B92-B821-3B31EF5B091F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPDE.EXE:/EXE:{E2701DEA-B8FE-4B92-B821-3B31EF5B091F} /F:UpdateWORKGROUP\SARAH$
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Chrome Apps & Extensions Developer Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 4" --app-id=ohmmkhmmmpcnpikjeljgnaoabkaalbgc
ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 4" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Sarah - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Privat - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-09 20:43 - 2016-03-09 20:43 - 00118424 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2014-07-25 23:23 - 2012-04-24 12:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-16 04:38 - 2016-09-07 07:44 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-02 21:04 - 2016-08-01 14:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-16 04:38 - 2016-09-07 07:44 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 20:39 - 2015-09-30 20:39 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-09-16 04:38 - 2016-09-07 07:44 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-02 21:22 - 2016-09-02 21:22 - 01864384 _____ () C:\Users\Sarah\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-09-16 04:38 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-16 04:35 - 2016-09-07 06:57 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-16 04:38 - 2016-09-07 06:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-16 04:38 - 2016-09-07 06:35 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-16 04:34 - 2016-09-07 06:35 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-16 04:38 - 2016-09-07 06:35 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-16 04:34 - 2016-09-07 06:40 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-05 13:36 - 2016-09-05 13:43 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-09-05 13:36 - 2016-09-05 13:43 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-09-05 13:36 - 2016-09-05 13:43 - 35288064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-09-05 13:36 - 2016-09-05 13:43 - 00181760 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\Microsoft.Skype.ImageTool.dll
2016-08-15 15:24 - 2016-08-15 15:24 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2016-08-15 15:24 - 2016-08-15 15:24 - 00091488 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2015-07-17 14:39 - 2015-07-17 14:39 - 04612448 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2016-09-24 15:05 - 2016-08-31 19:55 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-09-24 15:05 - 2016-08-31 19:55 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-09-24 15:05 - 2016-08-31 19:55 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-09-24 15:05 - 2016-08-31 19:55 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2016-09-24 14:39 - 2016-09-14 02:38 - 01806152 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-24 14:39 - 2016-09-14 02:38 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll
2016-08-15 18:03 - 2016-08-15 18:03 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-08-15 18:05 - 2016-08-15 18:05 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-08-15 18:05 - 2016-08-15 18:05 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-08-15 18:04 - 2016-08-15 18:04 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2016-09-20 17:24 - 2016-09-20 17:24 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-08-30 15:09 - 2016-08-30 15:09 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-08-30 15:05 - 2016-08-30 15:05 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-09-09 10:51 - 2016-09-09 10:51 - 00202456 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-09-09 10:51 - 2016-09-09 10:51 - 00119000 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2016-08-15 15:24 - 2016-08-15 15:24 - 00277856 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2016-09-11 16:08 - 2016-09-21 20:17 - 03598536 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\gfx.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00141312 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\de_de\PDFMaker\PDFMOutlookAddin.DEU
2016-06-30 13:55 - 2016-06-30 13:55 - 05919416 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\PDFMaker\Common\AdobePDFMakerX.dll
2015-12-18 17:42 - 2015-12-18 17:42 - 03385856 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2016-09-11 16:08 - 2016-09-05 15:40 - 01063624 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll
2016-05-03 16:41 - 2016-05-03 16:41 - 02099896 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\PDFMaker\Common\SendAsLinkX.dll
2015-12-18 17:42 - 2015-12-18 17:42 - 00230912 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\de_DE\Adobe Send\SendAsLinkX.DEU
2016-05-03 16:41 - 2016-05-03 16:41 - 01201664 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\adistres.DEU
2016-09-11 16:09 - 2016-09-21 20:17 - 00158400 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\JitV.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2016-05-09 17:10 - 00000853 ____A C:\WINDOWS\system32\Drivers\etc\hosts


0.0.0.1        mssplus.mcafee.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1742419186-1601379352-809800023-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Sarah\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\tumblr_n944intfop1rmw9ado2_1280.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "AcerPortal"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "MailStylerWarmup"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{BEF4869F-E898-4111-9E30-02FB421E5B5F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{5E871996-732C-4888-86E9-400F21A63389}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{6E1E81DF-1A88-4B2E-B525-15176D1F836E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9C7B871F-E85A-4482-8C21-D7B22C783D8D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7BE51D4C-5769-407F-9273-6F578528EFDB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{843B6FE3-59DB-48B0-8927-AD5DBF3C03C2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{698B4D4D-0644-4525-9473-AC4C61EA53F5}C:\users\sarah\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sarah\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{399479EF-AB73-406A-8AC9-E56591FB1261}C:\users\sarah\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sarah\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B62E87F4-059D-426F-9810-51654207C962}C:\users\sarah\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sarah\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{02E1E182-EF20-408D-93F9-D7E55ABE8F7D}C:\users\sarah\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sarah\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7C3F9A14-27B0-402D-8D8D-3BFBA207B5BC}C:\program files (x86)\spotify\spotify.exe] => (Allow) C:\program files (x86)\spotify\spotify.exe
FirewallRules: [TCP Query User{8F0A5414-09AC-4EA3-8D99-4ED7744211A2}C:\program files (x86)\spotify\spotify.exe] => (Allow) C:\program files (x86)\spotify\spotify.exe
FirewallRules: [{08C23BF5-D36D-4777-8E9E-37BB3FCE826B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{C797F0F8-2AD0-42F9-86BA-C98E48201FF7}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{9E908B0B-EA1B-489D-ACC2-7E0F050E9717}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{419C7DFC-8D29-42B3-BE19-1A3DE34E4A39}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{719B08D9-C2E4-421F-9D75-FBA8685E2CCF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{C4FDA8DC-1A00-4587-ADE8-5F3A6CB4EF25}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{31F1F27A-4FB2-407C-9BB5-59C175CE34B3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F4F88768-5EEA-407A-B634-B00CE17CD973}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{0A20BDB2-3A22-4C8B-A174-0307ED73048D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{6B04AB04-A2A8-4C44-AD62-DFBE5F7C8CCA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{2EA69E2E-4249-4721-9591-66DB1CB31741}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{05FB242C-6370-4FB6-8BA6-BD7354BF5106}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{3F14814A-6654-4502-BAE3-2DB1FEF910BF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{2589C329-AB2F-46F6-8E8D-9248B56CE344}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{D6EF0449-6107-48A0-95A8-EF40668E33BC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F464C4BB-0BDC-43B9-BFC5-5E6583599744}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{A887D22E-D816-4E22-9ED0-B28FE8F6AE12}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{80386162-F41D-4031-83F2-073C9E49FD26}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{1624C36E-444C-42D3-832D-31A4D3F3FB78}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{6A455835-09DD-43E5-B7B5-A67B7071D38B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{D70B1843-F150-406F-BA86-18CEC577FE45}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{849A04A8-8D39-48E6-8193-B337070D0BB0}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{07542B01-8AE5-4995-8592-E0182729CF62}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{CCE2DE8C-7A61-4F61-9BFD-0BFF6CF9F129}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Play.exe
FirewallRules: [{95C70AC9-B34B-4E82-A378-3B18D0368995}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{444CF3C0-AB61-4BE2-BC0B-26AB9F4A9D57}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{03FFD20E-30BF-4D18-A57C-1DA5BA05D539}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{33D88064-9A0E-4F27-AE9E-10A9482A8040}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{57445F65-1D41-4575-A3B0-8506302ED8AA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{8A028987-6FE1-470D-A62E-2E855393DEEC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{503E1E78-7AB7-4E1B-B912-D36C3AA8ECC9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E078B810-7646-439E-A187-3E625525D143}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F4A9B08B-8C6B-493F-9048-6B16381DEC83}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BF4281CF-6DDF-41E9-B135-E5384FEE8BEE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BABEB67B-31CA-470C-803F-7F848DA1324B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A38369D5-29D8-400F-A3B5-F4E662BD8904}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{FEC3D5C3-5D88-458A-A809-191A07A12D28}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{822738EA-6D1F-4F3A-A76F-7389F08E851B}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{3EF104BA-A084-4C85-8E10-F5F85B2D8D51}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{12741BF9-B8FF-4F19-B229-514F5E1F9A04}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{49E0315D-C1ED-4624-88F9-BA4E1B00ECD4}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{4DDC6548-EC2B-4788-8209-D8565FE41C15}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{5D5F1636-CF99-40F4-AAA3-1A9260C66B07}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{446DC3AA-6132-4501-A511-47046C890C4F}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{E620DC92-C9B5-4A51-953E-D8D21C9BAE43}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{CA17D121-56F4-462F-8C4B-AD7DED6A6166}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{86944D29-D5FC-47F6-9CFA-027F0AE63DEE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{F2AC009A-026E-4AE3-8C8F-F18794E81B2A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5567E216-C27A-4A74-9221-48F930BFD4E6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D6C4C87D-54F0-4345-8FAC-CF36808E822B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{3D57D84F-F43C-416D-BEE1-597546A61121}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{08750F6A-F010-4765-A6C4-21F743B95E1B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/26/2016 10:04:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31187

Error: (09/26/2016 10:04:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31187

Error: (09/26/2016 10:04:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/26/2016 10:04:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15593

Error: (09/26/2016 10:04:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15593

Error: (09/26/2016 10:04:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/26/2016 01:16:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SARAH)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/26/2016 01:16:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SARAH)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/26/2016 01:16:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SARAH)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/26/2016 01:16:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SARAH)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (09/27/2016 07:07:49 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/27/2016 07:07:49 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/27/2016 07:07:48 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/26/2016 09:56:28 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/26/2016 09:26:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/26/2016 09:26:41 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/26/2016 09:26:38 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/26/2016 09:26:07 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (09/26/2016 09:25:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ePower Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/26/2016 09:25:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GamesAppIntegrationService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2016-09-26 14:04:02.829
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-26 14:04:02.784
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-26 14:04:02.685
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-26 14:04:02.605
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-26 14:04:02.513
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-26 14:04:02.480
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-26 14:04:02.444
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-26 14:04:02.389
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-26 14:04:02.357
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-26 14:04:02.324
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 16307.27 MB
Verfügbarer physikalischer RAM: 13187.79 MB
Summe virtueller Speicher: 33715.27 MB
Verfügbarer virtueller Speicher: 30393.83 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:206.51 GB) (Free:102.6 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: B9F9A14D)

Partition: GPT.

==================== Ende von Addition.txt ============================

deeprybka 27.09.2016 17:26
Bitte letzte Anweisung nochmal lesen und ausführen.

lunaris 27.09.2016 17:45
FRST.txt Teil 1

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2016
durchgeführt von Sarah (Administrator) auf SARAH (27-09-2016 18:43:22)
Gestartet von C:\Users\Sarah\Desktop
Geladene Profile: Sarah (Verfügbare Profile: Sarah)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\DbxSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Swisscom (Schweiz) AG) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
(Swisscom (Schweiz) AG) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Repair.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1380056 2014-03-18] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1803848 2016-08-03] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-08-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-07-28] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25382344 2016-09-20] (Dropbox, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [My Swisscom Assistant] => C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe [14371936 2015-11-26] (Swisscom (Schweiz) AG)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [884920 2016-06-30] (Adobe Systems Incorporated)
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\Run: [Spotify Web Helper] => C:\Users\Sarah\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1529456 2016-09-21] (Spotify Ltd)
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\Run: [MailStylerWarmup] => C:\Program Files (x86)\Delivery Tech Corp\MailStyler 1\MailStyler.exe /warmup
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2418392 2016-09-09] (Acer)
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\Run: [Spotify] => C:\Users\Sarah\AppData\Roaming\Spotify\Spotify.exe [6795376 2016-09-21] (Spotify Ltd)
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIPDE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-07-08] (Apple Inc.)
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2016-07-08] (Apple Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\Win32\shellext_win.dll [2016-09-09] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.43.dll [2016-09-20] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-08-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 0.0.0.1        mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2769a870-44fb-4239-9187-fb148d1c5d16}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{49d21d93-9b48-4569-8a8d-1944b268e1f8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e2a389bd-efeb-49ad-b9dc-d97c08a473be}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> DefaultScope Wert fehlt
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-09-05] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-09-05] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-08-09] (Intel Security)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-25] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-25] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-12-18] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-08-09] (Intel Security)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-09-05] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-08-24] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [Keine Datei]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-09-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-08-24] (Adobe Systems)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-05-05]

Chrome:
=======
CHR Profile: C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion [2016-08-25] <==== ACHTUNG
CHR Extension: (Google Präsentationen) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-25]
CHR Extension: (Google Docs) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-25]
CHR Extension: (Web Developer) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2016-07-23]
CHR Extension: (YouTube) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-11]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\bmagokdooijbeehmkpknfglimnifench [2016-04-11]
CHR Extension: (Debug Utils) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\djailkkojeahmihdpcelmmobkpepmkcl [2016-04-11]
CHR Extension: (Adobe Acrobat) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-05-05]
CHR Extension: (Google Tabellen) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-11]
CHR Extension: (Avira Browserschutz) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-07-23]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2016-07-23]
CHR Extension: (Google Docs Offline) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-11]
CHR Extension: (AdBlock) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-25]
CHR Extension: („Pin it“-Button) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-07-23]
CHR Extension: (Page Ruler) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\jlpkojjdgbllmedoapgfodplfhcbnbpn [2016-04-11]
CHR Extension: (Google Analytics Debugger) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\jnkmfdileelhofjcijamephohjechhna [2016-04-11]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2016-04-11]
CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2016-04-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-11]
CHR Extension: (TypeWonder) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\ohgmapelghofmbacalgamfbejaghdilh [2016-04-29]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2016-04-11]
CHR Extension: (Lineal zum Messen) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\pemefhlbiinkcopbapnfghcnjhlgceof [2016-04-11]
CHR Extension: (Google Mail) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-11]
CHR Extension: (Chrome Media Router) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\glecultruvtaindetion\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-21]
CHR Profile: C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-09-27]
CHR Extension: (Google Präsentationen) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-27]
CHR Extension: (Google Docs) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-27]
CHR Extension: (Google Drive) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-28]
CHR Extension: (YouTube) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-27]
CHR Extension: (Adobe Acrobat) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-09-10]
CHR Extension: (Google Tabellen) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-27]
CHR Extension: (Avira Browserschutz) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-21]
CHR Extension: (Google Docs Offline) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-28]
CHR Extension: (Wappalyzer) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gppongmhjkpfnbhagpmjfkannfbllamg [2016-09-09]
CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2016-09-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-27]
CHR Extension: (Google Mail) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-27]
CHR Extension: (Chrome Media Router) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-25]
CHR Profile: C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4 [2016-09-27]
CHR Extension: (Google Präsentationen) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-25]
CHR Extension: (Google Docs) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-25]
CHR Extension: (Google Drive) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-25]
CHR Extension: (YouTube) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-25]
CHR Extension: (Adblock Plus) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-08-25]
CHR Extension: (Adobe Acrobat) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-09-11]
CHR Extension: (Google Tabellen) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-25]
CHR Extension: (Google Docs Offline) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-25]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-25]
CHR Extension: (Google Mail) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-25]
CHR Extension: (Chrome Media Router) - C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-25]
CHR Profile: C:\Users\Sarah\AppData\Local\Google\Chrome\User Data\System Profile [2016-09-27]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-08-24] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2980032 2016-09-05] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-02] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42792 2016-09-20] (Windows (R) Win 7 DDK provider)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [392168 2016-08-31] (Digital Wave Ltd.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] ()
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370064 2015-09-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3036312 2016-07-28] (Intel(R) Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
S3 m2UpdateService_F8F8565687B043BDB2BA3B7982C22B5E; C:\Program Files (x86)\Swisscom\My Swisscom Assistant\m2UpdateService.exe [8331360 2015-11-26] (Swisscom (Schweiz) AG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [327944 2016-07-19] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [118424 2016-03-09] ()
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [920616 2016-08-08] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-08-08] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-08-08] (McAfee, Inc.)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [173384 2014-04-09] (ELAN Microelectronic Corp.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R2 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [140672 2016-03-10] (Malwarebytes)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-27] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R1 MpKsld1a963ce; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{298F2D26-4758-44CA-889A-AA3CCF4C502D}\MpKsld1a963ce.sys [44928 2016-09-26] (Microsoft Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9934c34dc6ca0c4b\nvlddmkm.sys [13746240 2016-08-03] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [887552 2015-09-10] (Realtek                                            )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [761600 2015-06-24] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-03-09] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2016-06-21] (Zemana Ltd.)
U0 aswVmm; kein ImagePath
S3 dbx; system32\DRIVERS\dbx.sys [X]

lunaris 27.09.2016 17:46
FRST.txt Teil 2

Code:
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-27 18:22 - 2016-09-27 18:32 - 00000000 ____D C:\ProgramData\mquadr.at
2016-09-27 18:22 - 2016-09-27 18:22 - 00000000 ____D C:\Users\Sarah\AppData\Local\mquadr.at
2016-09-27 18:22 - 2016-09-27 18:22 - 00000000 ____D C:\Users\Public\Documents\Swisscom
2016-09-27 18:21 - 2016-09-27 18:22 - 00000000 __HDC C:\ProgramData\{AD01E8B4-DD5E-436D-B67C-C071BB14FFCB}
2016-09-27 18:21 - 2016-09-27 18:21 - 00001492 _____ C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\My Swisscom Assistant.lnk
2016-09-27 18:21 - 2016-09-27 18:21 - 00001472 _____ C:\Users\Public\Desktop\My Swisscom Assistant.lnk
2016-09-27 18:21 - 2016-09-27 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Swisscom
2016-09-27 18:21 - 2015-11-26 12:26 - 05470856 ____N (mquadr.at software engineering & consulting GmbH) C:\WINDOWS\SysWOW64\m2network64helper.exe
2016-09-27 18:21 - 2015-11-26 12:26 - 04837992 ____N (mquadr.at software engineering und consulting GmbH) C:\WINDOWS\SysWOW64\m2ElevatedCalls.dll
2016-09-27 18:21 - 2015-11-26 12:26 - 04236936 ____N (mquadr.at software engineering) C:\WINDOWS\SysWOW64\M2ElevatedNetworkAdapters.dll
2016-09-27 18:21 - 2012-12-03 15:58 - 00279040 ____N (Nicomsoft Ltd.) C:\WINDOWS\system32\WiFiMan.dll
2016-09-27 18:21 - 2012-12-03 15:57 - 00238592 ____N (Nicomsoft Ltd.) C:\WINDOWS\SysWOW64\WiFiMan.dll
2016-09-27 18:20 - 2016-09-27 18:20 - 00000000 ____D C:\Program Files (x86)\Swisscom
2016-09-27 18:18 - 2016-09-27 18:18 - 00000000 ____D C:\Users\Sarah\AppData\Local\swisscom
2016-09-27 18:17 - 2016-09-27 18:18 - 105116256 _____ (mquadr.at software engineering & consulting GmbH) C:\Users\Sarah\Downloads\MySwisscomAssistant_Setup.exe
2016-09-27 11:19 - 2016-09-27 11:19 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign8433ec935a2abec6
2016-09-27 07:37 - 2016-09-27 07:37 - 00440883 _____ C:\Users\Sarah\Downloads\issues.pdf
2016-09-27 07:37 - 2016-09-27 07:37 - 00026327 _____ C:\Users\Sarah\Downloads\issues.csv
2016-09-27 07:19 - 2016-09-27 07:19 - 00069364 _____ C:\Users\Sarah\Desktop\Shortcut.txt
2016-09-26 22:01 - 2016-09-26 22:01 - 00001182 _____ C:\Users\Sarah\Desktop\mbam.txt
2016-09-26 21:18 - 2016-09-26 21:19 - 03861056 _____ C:\Users\Sarah\Desktop\AdwCleaner_6.020.exe
2016-09-26 20:45 - 2016-09-26 20:45 - 00825575 _____ C:\Users\Sarah\Downloads\bill-2016-09-11.pdf
2016-09-26 20:43 - 2016-09-26 20:43 - 00825676 _____ C:\Users\Sarah\Downloads\bill-2016-08-10.pdf
2016-09-26 12:08 - 2016-09-26 12:08 - 00562476 _____ C:\WINDOWS\Minidump\092616-6828-01.dmp
2016-09-25 21:23 - 2016-09-25 21:23 - 04965259 _____ C:\Users\Sarah\Downloads\1476-1_APEN_PP_Block 1-5_15-03 (1).pptx
2016-09-25 21:22 - 2016-09-25 21:22 - 02810628 _____ C:\Users\Sarah\Downloads\1401_BE_Sem4_M198_201110-2.pptx
2016-09-25 20:49 - 2016-09-27 07:20 - 00053468 _____ C:\Users\Sarah\Desktop\Addition.txt
2016-09-25 20:48 - 2016-09-27 18:43 - 00039914 _____ C:\Users\Sarah\Desktop\FRST.txt
2016-09-25 20:47 - 2016-09-25 20:48 - 02403328 _____ (Farbar) C:\Users\Sarah\Desktop\FRST64.exe
2016-09-25 19:44 - 2016-09-27 17:24 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-25 19:44 - 2016-09-25 19:44 - 00001175 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-09-25 19:44 - 2016-09-25 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-09-25 19:44 - 2016-09-25 19:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-09-25 19:44 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-25 19:44 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-25 19:44 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-25 19:32 - 2016-09-27 18:43 - 00231151 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2016-09-25 18:39 - 2016-09-25 18:39 - 00001183 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2015.3.lnk
2016-09-25 18:38 - 2016-09-25 18:38 - 00000000 ____D C:\Users\Public\Documents\AdobeInstalledCodecs
2016-09-24 17:07 - 2016-09-24 17:07 - 00000564 _____ C:\Users\Sarah\Documents\starburn.txt
2016-09-24 17:07 - 2016-09-24 17:07 - 00000000 ____D C:\Users\Sarah\AppData\Local\Wondershare
2016-09-24 17:07 - 2016-09-24 17:07 - 00000000 ____D C:\ProgramData\Wondershare
2016-09-24 17:06 - 2016-09-24 17:07 - 00000000 ____D C:\Users\Sarah\Documents\Wondershare Filmora
2016-09-24 16:56 - 2016-09-24 17:14 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Audacity
2016-09-24 16:56 - 2016-09-24 17:06 - 00000000 ____D C:\Users\Public\Documents\Wondershare
2016-09-24 16:56 - 2016-09-24 16:56 - 00000000 ____D C:\Users\Sarah\AppData\Local\Audacity
2016-09-24 16:33 - 2016-09-24 16:33 - 00000000 ____D C:\Users\Sarah\AppData\Local\Meltytech
2016-09-24 15:30 - 2016-09-24 15:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-09-24 15:05 - 2016-09-24 15:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-09-24 15:05 - 2016-09-24 15:13 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-09-24 15:05 - 2016-09-24 15:05 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2016-09-24 15:04 - 2016-09-24 16:22 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\DVDVideoSoft
2016-09-24 14:46 - 2016-09-24 16:56 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-09-24 14:46 - 2016-09-24 14:46 - 00001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-09-24 14:19 - 2016-09-24 16:10 - 00000000 ____D C:\Users\Sarah\AppData\Local\Apple Inc
2016-09-24 14:05 - 2016-09-24 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-09-24 14:04 - 2016-09-24 14:05 - 00000000 ____D C:\Program Files\iTunes
2016-09-24 14:04 - 2016-09-24 14:04 - 00000000 ____D C:\Program Files\iPod
2016-09-22 17:50 - 2016-09-22 17:50 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\SolidDocuments
2016-09-20 17:57 - 2016-09-20 17:57 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign5a608a1c29730024
2016-09-20 17:24 - 2016-09-20 17:24 - 00003388 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2016-09-20 17:09 - 2016-09-20 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-09-20 03:15 - 2016-09-20 03:15 - 00042792 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DbxSvc.exe
2016-09-20 03:07 - 2016-09-20 03:07 - 00073840 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-09-20 03:07 - 2016-09-20 03:07 - 00073840 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-09-20 03:07 - 2016-09-20 03:07 - 00073840 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-09-18 20:24 - 2016-09-18 20:24 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignd22cd09c6c1521e9
2016-09-18 20:24 - 2016-09-18 20:24 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign970827402366b86b
2016-09-18 20:24 - 2016-09-18 20:24 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign9420718812e25a3c
2016-09-18 20:24 - 2016-09-18 20:24 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign7e8383828d86b79d
2016-09-18 20:17 - 2016-09-18 20:17 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign215a0da6545243ea
2016-09-18 20:04 - 2016-09-18 20:04 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignc7e3fa7c1f817c56
2016-09-18 20:04 - 2016-09-18 20:04 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign67c76fe7f5af8dc1
2016-09-18 20:04 - 2016-09-18 20:04 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign1c9e878afbad19bd
2016-09-18 20:04 - 2016-09-18 20:04 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign109421efd09cec46
2016-09-18 19:45 - 2016-09-18 19:45 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign7715561e8d0c1c26
2016-09-18 19:42 - 2016-09-18 19:42 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignf9356dec25ff868d
2016-09-18 19:42 - 2016-09-18 19:42 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigneb8d8021b59157ba
2016-09-18 19:42 - 2016-09-18 19:42 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign1570b9b9b7458278
2016-09-18 19:42 - 2016-09-18 19:42 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign1541ab59446813be
2016-09-16 04:38 - 2016-09-07 07:55 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-09-16 04:38 - 2016-09-07 07:50 - 07813472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-16 04:38 - 2016-09-07 07:50 - 00773200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-09-16 04:38 - 2016-09-07 07:46 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-09-16 04:38 - 2016-09-07 07:44 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-09-16 04:38 - 2016-09-07 07:44 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-16 04:38 - 2016-09-07 07:36 - 00405344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-09-16 04:38 - 2016-09-07 07:36 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-09-16 04:38 - 2016-09-07 07:34 - 01738040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-09-16 04:38 - 2016-09-07 07:34 - 01280352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-16 04:38 - 2016-09-07 07:34 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-16 04:38 - 2016-09-07 07:33 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-09-16 04:38 - 2016-09-07 07:33 - 00681304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-16 04:38 - 2016-09-07 07:32 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-16 04:38 - 2016-09-07 07:30 - 00601200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-09-16 04:38 - 2016-09-07 07:29 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-16 04:38 - 2016-09-07 07:20 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-09-16 04:38 - 2016-09-07 07:18 - 01503032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-09-16 04:38 - 2016-09-07 07:18 - 01430208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-16 04:38 - 2016-09-07 07:17 - 05721808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-16 04:38 - 2016-09-07 07:17 - 00853344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-16 04:38 - 2016-09-07 07:16 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-09-16 04:38 - 2016-09-07 07:13 - 20965248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-16 04:38 - 2016-09-07 07:13 - 06653592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-09-16 04:38 - 2016-09-07 07:13 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-16 04:38 - 2016-09-07 07:08 - 07220224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-09-16 04:38 - 2016-09-07 07:04 - 05684736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-09-16 04:38 - 2016-09-07 07:04 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-09-16 04:38 - 2016-09-07 07:03 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-09-16 04:38 - 2016-09-07 07:03 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-09-16 04:38 - 2016-09-07 07:03 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-09-16 04:38 - 2016-09-07 07:03 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-09-16 04:38 - 2016-09-07 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccessRes.dll
2016-09-16 04:38 - 2016-09-07 07:02 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-09-16 04:38 - 2016-09-07 07:02 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-09-16 04:38 - 2016-09-07 07:02 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-09-16 04:38 - 2016-09-07 07:02 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-09-16 04:38 - 2016-09-07 07:02 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-09-16 04:38 - 2016-09-07 07:01 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-09-16 04:38 - 2016-09-07 07:01 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-09-16 04:38 - 2016-09-07 07:00 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-09-16 04:38 - 2016-09-07 07:00 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-09-16 04:38 - 2016-09-07 07:00 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-09-16 04:38 - 2016-09-07 07:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactActivation.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-09-16 04:38 - 2016-09-07 06:59 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-09-16 04:38 - 2016-09-07 06:58 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-16 04:38 - 2016-09-07 06:58 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-09-16 04:38 - 2016-09-07 06:58 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2016-09-16 04:38 - 2016-09-07 06:58 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-09-16 04:38 - 2016-09-07 06:58 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-09-16 04:38 - 2016-09-07 06:58 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-09-16 04:38 - 2016-09-07 06:58 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccessRes.dll
2016-09-16 04:38 - 2016-09-07 06:57 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-09-16 04:38 - 2016-09-07 06:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-09-16 04:38 - 2016-09-07 06:56 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-09-16 04:38 - 2016-09-07 06:56 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-09-16 04:38 - 2016-09-07 06:56 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-09-16 04:38 - 2016-09-07 06:56 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-09-16 04:38 - 2016-09-07 06:56 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-09-16 04:38 - 2016-09-07 06:55 - 00820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-09-16 04:38 - 2016-09-07 06:55 - 00781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-09-16 04:38 - 2016-09-07 06:55 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-09-16 04:38 - 2016-09-07 06:55 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-09-16 04:38 - 2016-09-07 06:55 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-09-16 04:38 - 2016-09-07 06:55 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-09-16 04:38 - 2016-09-07 06:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-09-16 04:38 - 2016-09-07 06:54 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2016-09-16 04:38 - 2016-09-07 06:54 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-09-16 04:38 - 2016-09-07 06:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-16 04:38 - 2016-09-07 06:54 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-09-16 04:38 - 2016-09-07 06:54 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2016-09-16 04:38 - 2016-09-07 06:54 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2016-09-16 04:38 - 2016-09-07 06:54 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2016-09-16 04:38 - 2016-09-07 06:54 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-09-16 04:38 - 2016-09-07 06:54 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-09-16 04:38 - 2016-09-07 06:54 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-09-16 04:38 - 2016-09-07 06:53 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-09-16 04:38 - 2016-09-07 06:53 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-09-16 04:38 - 2016-09-07 06:53 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-09-16 04:38 - 2016-09-07 06:52 - 00536576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-09-16 04:38 - 2016-09-07 06:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-09-16 04:38 - 2016-09-07 06:52 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-09-16 04:38 - 2016-09-07 06:52 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-09-16 04:38 - 2016-09-07 06:52 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-09-16 04:38 - 2016-09-07 06:52 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2016-09-16 04:38 - 2016-09-07 06:51 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-16 04:38 - 2016-09-07 06:51 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-16 04:38 - 2016-09-07 06:50 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-09-16 04:38 - 2016-09-07 06:50 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-09-16 04:38 - 2016-09-07 06:50 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-09-16 04:38 - 2016-09-07 06:49 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-09-16 04:38 - 2016-09-07 06:49 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-16 04:38 - 2016-09-07 06:49 - 03776512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-09-16 04:38 - 2016-09-07 06:49 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-09-16 04:38 - 2016-09-07 06:49 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-09-16 04:38 - 2016-09-07 06:49 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-16 04:38 - 2016-09-07 06:49 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2016-09-16 04:38 - 2016-09-07 06:48 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-09-16 04:38 - 2016-09-07 06:47 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-09-16 04:38 - 2016-09-07 06:47 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-09-16 04:38 - 2016-09-07 06:46 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-09-16 04:38 - 2016-09-07 06:46 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-09-16 04:38 - 2016-09-07 06:45 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-16 04:38 - 2016-09-07 06:45 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-16 04:38 - 2016-09-07 06:45 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-09-16 04:38 - 2016-09-07 06:45 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-09-16 04:38 - 2016-09-07 06:44 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-16 04:38 - 2016-09-07 06:44 - 13081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-09-16 04:38 - 2016-09-07 06:44 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-09-16 04:38 - 2016-09-07 06:42 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-09-16 04:38 - 2016-09-07 06:41 - 08122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-16 04:38 - 2016-09-07 06:41 - 03435008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-09-16 04:38 - 2016-09-07 06:41 - 02947072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-09-16 04:38 - 2016-09-07 06:41 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-09-16 04:38 - 2016-09-07 06:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-09-16 04:38 - 2016-09-07 06:41 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-09-16 04:38 - 2016-09-07 06:40 - 12345856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-09-16 04:38 - 2016-09-07 06:40 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-09-16 04:38 - 2016-09-07 06:40 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2016-09-16 04:38 - 2016-09-07 06:40 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-09-16 04:38 - 2016-09-07 06:40 - 00959488 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-09-16 04:38 - 2016-09-07 06:40 - 00911872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-09-16 04:38 - 2016-09-07 06:39 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-09-16 04:38 - 2016-09-07 06:39 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-09-16 04:38 - 2016-09-07 06:39 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-09-16 04:38 - 2016-09-07 06:39 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-09-16 04:38 - 2016-09-07 06:39 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-16 04:38 - 2016-09-07 06:39 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-09-16 04:38 - 2016-09-07 06:38 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-16 04:38 - 2016-09-07 06:38 - 02630144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-09-16 04:38 - 2016-09-07 06:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2016-09-16 04:38 - 2016-09-07 06:37 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-09-16 04:38 - 2016-09-07 06:37 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-09-16 04:38 - 2016-09-07 06:37 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-09-16 04:38 - 2016-09-07 06:37 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-09-16 04:38 - 2016-09-07 06:36 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-16 04:38 - 2016-09-07 06:36 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-09-16 04:38 - 2016-09-07 06:36 - 02360832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-09-16 04:38 - 2016-09-07 06:35 - 02107392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-09-16 04:38 - 2016-09-07 06:35 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-09-16 04:38 - 2016-09-07 06:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-09-16 04:38 - 2016-09-07 06:35 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-09-16 04:38 - 2016-09-07 06:35 - 00650240 _____ (Microsoft) C:\WINDOWS\system32\DbgModel.dll
2016-09-16 04:38 - 2016-09-07 06:34 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-09-16 04:38 - 2016-09-07 06:34 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-16 04:38 - 2016-09-07 06:34 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-09-16 04:38 - 2016-09-07 06:34 - 00761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-09-16 04:38 - 2016-09-07 06:34 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-09-16 04:38 - 2016-09-07 06:33 - 02217472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-09-16 04:38 - 2016-09-07 06:33 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-09-16 04:38 - 2016-09-07 06:33 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-09-16 04:38 - 2016-09-07 06:31 - 00461312 _____ (Microsoft) C:\WINDOWS\SysWOW64\DbgModel.dll
2016-09-16 04:38 - 2016-08-06 05:50 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-16 04:38 - 2016-08-06 05:48 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-16 04:38 - 2016-08-06 05:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-16 04:38 - 2016-08-02 10:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-16 04:38 - 2016-08-02 10:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-16 04:38 - 2016-08-02 06:37 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-16 04:38 - 2016-07-22 03:27 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-16 04:38 - 2016-07-22 02:49 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-16 04:37 - 2016-09-07 08:10 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-16 04:37 - 2016-09-07 07:51 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-16 04:37 - 2016-09-07 07:51 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-16 04:37 - 2016-09-07 07:49 - 00552288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-09-16 04:37 - 2016-09-07 07:48 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-09-16 04:37 - 2016-09-07 07:43 - 00764936 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-09-16 04:37 - 2016-09-07 07:37 - 01966288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-09-16 04:37 - 2016-09-07 07:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-09-16 04:37 - 2016-09-07 07:34 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-16 04:37 - 2016-09-07 07:33 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-09-16 04:37 - 2016-09-07 07:32 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-09-16 04:37 - 2016-09-07 07:32 - 00942432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-16 04:37 - 2016-09-07 07:30 - 01707512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-09-16 04:37 - 2016-09-07 07:30 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-09-16 04:37 - 2016-09-07 07:29 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-09-16 04:37 - 2016-09-07 07:29 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-09-16 04:37 - 2016-09-07 07:29 - 01066104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-09-16 04:37 - 2016-09-07 07:29 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-09-16 04:37 - 2016-09-07 07:27 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-09-16 04:37 - 2016-09-07 07:27 - 01362504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2016-09-16 04:37 - 2016-09-07 07:25 - 01418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-16 04:37 - 2016-09-07 07:24 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-16 04:37 - 2016-09-07 07:24 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-09-16 04:37 - 2016-09-07 07:24 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-09-16 04:37 - 2016-09-07 07:17 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-09-16 04:37 - 2016-09-07 07:17 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-16 04:37 - 2016-09-07 07:17 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-09-16 04:37 - 2016-09-07 07:15 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-16 04:37 - 2016-09-07 07:15 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-16 04:37 - 2016-09-07 07:13 - 01853232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-09-16 04:37 - 2016-09-07 07:13 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-09-16 04:37 - 2016-09-07 07:13 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-16 04:37 - 2016-09-07 07:13 - 01123360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-09-16 04:37 - 2016-09-07 07:13 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-16 04:37 - 2016-09-07 07:13 - 00959104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-09-16 04:37 - 2016-09-07 07:13 - 00955520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-09-16 04:37 - 2016-09-07 07:13 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-09-16 04:37 - 2016-09-07 07:13 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-09-16 04:37 - 2016-09-07 07:12 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-09-16 04:37 - 2016-09-07 07:09 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-16 04:37 - 2016-09-07 07:07 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-09-16 04:37 - 2016-09-07 06:59 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-09-16 04:37 - 2016-09-07 06:58 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-09-16 04:37 - 2016-09-07 06:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-09-16 04:37 - 2016-09-07 06:58 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-09-16 04:37 - 2016-09-07 06:58 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AddressParser.dll
2016-09-16 04:37 - 2016-09-07 06:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneutilRes.dll
2016-09-16 04:37 - 2016-09-07 06:58 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2016-09-16 04:37 - 2016-09-07 06:57 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2016-09-16 04:37 - 2016-09-07 06:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactActivation.dll
2016-09-16 04:37 - 2016-09-07 06:54 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-09-16 04:37 - 2016-09-07 06:54 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-09-16 04:37 - 2016-09-07 06:53 - 02083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-09-16 04:37 - 2016-09-07 06:53 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-16 04:37 - 2016-09-07 06:53 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-09-16 04:37 - 2016-09-07 06:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-09-16 04:37 - 2016-09-07 06:52 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-09-16 04:37 - 2016-09-07 06:52 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-16 04:37 - 2016-09-07 06:51 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-09-16 04:37 - 2016-09-07 06:51 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-16 04:37 - 2016-09-07 06:50 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-09-16 04:37 - 2016-09-07 06:50 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-09-16 04:37 - 2016-09-07 06:50 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-09-16 04:37 - 2016-09-07 06:50 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-16 04:37 - 2016-09-07 06:49 - 01905664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-16 04:37 - 2016-09-07 06:47 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-09-16 04:37 - 2016-09-07 06:47 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2016-09-16 04:37 - 2016-09-07 06:46 - 07623680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-16 04:37 - 2016-09-07 06:46 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-09-16 04:37 - 2016-09-07 06:46 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-09-16 04:37 - 2016-09-07 06:45 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-16 04:37 - 2016-09-07 06:45 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-16 04:37 - 2016-09-07 06:45 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-09-16 04:37 - 2016-09-07 06:45 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-09-16 04:37 - 2016-09-07 06:45 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-09-16 04:37 - 2016-09-07 06:45 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-09-16 04:37 - 2016-09-07 06:44 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-09-16 04:37 - 2016-09-07 06:43 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-16 04:37 - 2016-09-07 06:43 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-16 04:37 - 2016-09-07 06:42 - 03305984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-09-16 04:37 - 2016-09-07 06:42 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-16 04:37 - 2016-09-07 06:42 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2016-09-16 04:37 - 2016-09-07 06:41 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-16 04:37 - 2016-09-07 06:41 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2016-09-16 04:37 - 2016-09-07 06:41 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-09-16 04:37 - 2016-09-07 06:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-16 04:37 - 2016-09-07 06:41 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-09-16 04:37 - 2016-09-07 06:41 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-09-16 04:37 - 2016-09-07 06:40 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-09-16 04:37 - 2016-09-07 06:40 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-09-16 04:37 - 2016-09-07 06:39 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-09-16 04:37 - 2016-09-07 06:39 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-09-16 04:37 - 2016-09-07 06:38 - 01491968 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-09-16 04:37 - 2016-09-07 06:38 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-09-16 04:37 - 2016-09-07 06:38 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-09-16 04:37 - 2016-09-07 06:37 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-09-16 04:37 - 2016-09-07 06:37 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-16 04:37 - 2016-09-07 06:37 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-16 04:37 - 2016-09-07 06:37 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-09-16 04:37 - 2016-09-07 06:37 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-09-16 04:37 - 2016-09-07 06:37 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-16 04:37 - 2016-09-07 06:37 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-09-16 04:37 - 2016-09-07 06:36 - 02423296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-09-16 04:37 - 2016-09-07 06:36 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-09-16 04:37 - 2016-09-07 06:35 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-09-16 04:37 - 2016-09-07 06:35 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2016-09-16 04:37 - 2016-09-07 06:35 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-09-16 04:37 - 2016-09-07 06:35 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-09-16 04:37 - 2016-09-07 06:34 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-09-16 04:37 - 2016-09-07 06:34 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-16 04:37 - 2016-09-07 06:34 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-09-16 04:37 - 2016-09-07 06:34 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-09-16 04:37 - 2016-09-07 06:33 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-16 04:37 - 2016-09-07 06:33 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-16 04:37 - 2016-09-07 06:32 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-16 04:37 - 2016-09-07 06:32 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-09-16 04:37 - 2016-09-07 06:31 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-09-16 04:37 - 2016-09-07 06:31 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-09-16 04:37 - 2016-09-07 06:11 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-09-16 04:37 - 2016-08-06 06:26 - 00409944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-16 04:37 - 2016-08-06 06:16 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-16 04:37 - 2016-08-06 06:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-16 04:37 - 2016-08-06 06:16 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-16 04:37 - 2016-08-06 06:13 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-16 04:37 - 2016-08-06 05:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-16 04:37 - 2016-08-06 05:42 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-16 04:37 - 2016-08-06 05:37 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-16 04:37 - 2016-08-06 05:29 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-16 04:37 - 2016-08-02 10:44 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-16 04:37 - 2016-08-02 06:47 - 00079536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-16 04:37 - 2016-08-02 06:36 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-16 04:37 - 2016-08-02 06:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-16 04:35 - 2016-09-07 07:53 - 02183792 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-09-16 04:35 - 2016-09-07 07:44 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-09-16 04:35 - 2016-09-07 07:34 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-16 04:35 - 2016-09-07 07:34 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-16 04:35 - 2016-09-07 07:33 - 00450392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-09-16 04:35 - 2016-09-07 07:29 - 08156592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-09-16 04:35 - 2016-09-07 07:02 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-09-16 04:35 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneutilRes.dll
2016-09-16 04:35 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneServiceRes.dll
2016-09-16 04:35 - 2016-09-07 07:01 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AddressParser.dll
2016-09-16 04:35 - 2016-09-07 06:58 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-09-16 04:35 - 2016-09-07 06:56 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-09-16 04:35 - 2016-09-07 06:56 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-16 04:35 - 2016-09-07 06:55 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-09-16 04:35 - 2016-09-07 06:55 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-16 04:35 - 2016-09-07 06:55 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-09-16 04:35 - 2016-09-07 06:53 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-16 04:35 - 2016-09-07 06:52 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-16 04:35 - 2016-09-07 06:52 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-09-16 04:35 - 2016-09-07 06:51 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-16 04:35 - 2016-09-07 06:49 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-16 04:35 - 2016-09-07 06:49 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-09-16 04:35 - 2016-09-07 06:47 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-09-16 04:35 - 2016-09-07 06:41 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-09-16 04:35 - 2016-09-07 06:40 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-16 04:35 - 2016-09-07 06:39 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2016-09-16 04:35 - 2016-09-07 06:38 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-16 04:35 - 2016-09-07 06:38 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-09-16 04:35 - 2016-09-07 06:38 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-16 04:35 - 2016-09-07 06:35 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-16 04:35 - 2016-09-07 06:34 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-09-16 04:35 - 2016-08-06 05:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-16 04:35 - 2016-08-06 05:47 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-09-16 04:35 - 2016-08-06 05:43 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-16 04:35 - 2016-08-06 05:40 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-16 04:35 - 2016-08-06 05:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-16 04:35 - 2016-08-06 05:38 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-16 04:35 - 2016-08-06 05:35 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-16 04:35 - 2016-08-02 10:20 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-16 04:35 - 2016-08-02 10:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-16 04:35 - 2016-08-02 10:15 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-16 04:34 - 2016-09-07 07:54 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-16 04:34 - 2016-09-07 07:54 - 00885824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-16 04:34 - 2016-09-07 07:54 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-16 04:34 - 2016-09-07 07:54 - 00133472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2016-09-16 04:34 - 2016-09-07 07:53 - 02481768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-09-16 04:34 - 2016-09-07 07:51 - 02214784 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-09-16 04:34 - 2016-09-07 07:48 - 02256224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-16 04:34 - 2016-09-07 07:41 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-09-16 04:34 - 2016-09-07 07:39 - 00996192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-09-16 04:34 - 2016-09-07 07:34 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-16 04:34 - 2016-09-07 07:34 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-09-16 04:34 - 2016-09-07 07:34 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-09-16 04:34 - 2016-09-07 07:32 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-16 04:34 - 2016-09-07 07:29 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-16 04:34 - 2016-09-07 07:29 - 01990640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-09-16 04:34 - 2016-09-07 07:29 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-09-16 04:34 - 2016-09-07 07:29 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-16 04:34 - 2016-09-07 07:29 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-09-16 04:34 - 2016-09-07 07:29 - 00755656 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-09-16 04:34 - 2016-09-07 07:29 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-09-16 04:34 - 2016-09-07 07:29 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-09-16 04:34 - 2016-09-07 07:29 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-09-16 04:34 - 2016-09-07 07:24 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-09-16 04:34 - 2016-09-07 07:24 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2016-09-16 04:34 - 2016-09-07 07:04 - 22566400 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-16 04:34 - 2016-09-07 07:03 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-09-16 04:34 - 2016-09-07 07:02 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-09-16 04:34 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2016-09-16 04:34 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2016-09-16 04:34 - 2016-09-07 07:02 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-09-16 04:34 - 2016-09-07 06:56 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-16 04:34 - 2016-09-07 06:56 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-09-16 04:34 - 2016-09-07 06:55 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-09-16 04:34 - 2016-09-07 06:55 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-09-16 04:34 - 2016-09-07 06:55 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-09-16 04:34 - 2016-09-07 06:55 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-09-16 04:34 - 2016-09-07 06:54 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-09-16 04:34 - 2016-09-07 06:53 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-09-16 04:34 - 2016-09-07 06:52 - 17187840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-09-16 04:34 - 2016-09-07 06:52 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-16 04:34 - 2016-09-07 06:48 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-16 04:34 - 2016-09-07 06:48 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-16 04:34 - 2016-09-07 06:48 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2016-09-16 04:34 - 2016-09-07 06:48 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-16 04:34 - 2016-09-07 06:47 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-09-16 04:34 - 2016-09-07 06:47 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-16 04:34 - 2016-09-07 06:47 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-09-16 04:34 - 2016-09-07 06:46 - 13434368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-09-16 04:34 - 2016-09-07 06:46 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-09-16 04:34 - 2016-09-07 06:45 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-09-16 04:34 - 2016-09-07 06:45 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-16 04:34 - 2016-09-07 06:45 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-09-16 04:34 - 2016-09-07 06:44 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-16 04:34 - 2016-09-07 06:44 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-16 04:34 - 2016-09-07 06:43 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-16 04:34 - 2016-09-07 06:43 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-09-16 04:34 - 2016-09-07 06:41 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-16 04:34 - 2016-09-07 06:41 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-16 04:34 - 2016-09-07 06:41 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-09-16 04:34 - 2016-09-07 06:41 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-09-16 04:34 - 2016-09-07 06:40 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-09-16 04:34 - 2016-09-07 06:40 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-09-16 04:34 - 2016-09-07 06:40 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-16 04:34 - 2016-09-07 06:39 - 03116544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-09-16 04:34 - 2016-09-07 06:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-09-16 04:34 - 2016-09-07 06:38 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-16 04:34 - 2016-09-07 06:38 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-09-16 04:34 - 2016-09-07 06:37 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-09-16 04:34 - 2016-09-07 06:37 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-09-16 04:34 - 2016-09-07 06:37 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-09-16 04:34 - 2016-09-07 06:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-09-16 04:34 - 2016-09-07 06:33 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2016-09-16 04:34 - 2016-08-06 05:39 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-16 04:34 - 2016-08-02 10:14 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-16 04:34 - 2016-07-22 03:27 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-16 04:33 - 2016-09-07 07:41 - 00303968 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-09-16 04:33 - 2016-09-07 07:39 - 01217880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-09-16 04:33 - 2016-09-07 07:32 - 01099616 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-16 04:33 - 2016-09-07 07:32 - 00988000 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-16 04:33 - 2016-09-07 07:32 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-16 04:33 - 2016-09-07 07:29 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
2016-09-16 04:33 - 2016-09-07 06:58 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-09-16 04:33 - 2016-09-07 06:56 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2016-09-16 04:33 - 2016-09-07 06:55 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-09-16 04:33 - 2016-09-07 06:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-16 04:33 - 2016-09-07 06:46 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-09-16 04:26 - 2016-09-16 04:26 - 00456084 _____ C:\WINDOWS\Minidump\091616-15843-01.dmp
2016-09-14 20:27 - 2016-09-14 20:27 - 00000000 ____D C:\WINDOWS\system32\MpEngineStore
2016-09-13 22:02 - 2016-09-26 12:08 - 00000000 ____D C:\WINDOWS\Minidump
2016-09-13 22:02 - 2016-09-13 22:02 - 00543380 _____ C:\WINDOWS\Minidump\091316-12937-01.dmp
2016-09-13 10:49 - 2016-09-13 10:49 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigne2c51333e0221b3e
2016-09-13 10:49 - 2016-09-13 10:49 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigndc5e6e4d6612d5c4
2016-09-13 10:49 - 2016-09-13 10:49 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignd61fdde32507670d
2016-09-13 10:49 - 2016-09-13 10:49 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignb1028b7e08666ef1
2016-09-13 10:49 - 2016-09-13 10:49 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign942963d34ffcf306
2016-09-13 10:49 - 2016-09-13 10:49 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign89976fa11cf3874c
2016-09-13 10:49 - 2016-09-13 10:49 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign7cc58b519a10d29d
2016-09-13 10:49 - 2016-09-13 10:49 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign7c33e5fcaeec7742
2016-09-13 10:45 - 2016-09-13 10:45 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign4741482b74091f3b
2016-09-13 10:37 - 2016-09-13 10:37 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigndcee556f1617fc54
2016-09-13 10:37 - 2016-09-13 10:37 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign6cfcab7ff9366e9a
2016-09-13 10:37 - 2016-09-13 10:37 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign1a41af00aedc69f4
2016-09-13 10:37 - 2016-09-13 10:37 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign066d9aa20bd62e76
2016-09-13 10:36 - 2016-09-13 10:36 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign8c14f65d08149cc9
2016-09-13 10:36 - 2016-09-13 10:36 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign89751af22985e3ec
2016-09-13 10:36 - 2016-09-13 10:36 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign4fc4ed6b6768038d
2016-09-13 10:36 - 2016-09-13 10:36 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign4524c16e48a83951
2016-09-13 10:33 - 2016-09-13 10:33 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigndcc79bec5d5514f4
2016-09-13 10:30 - 2016-09-13 10:30 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign9f7a2eaaa0a40c53
2016-09-13 10:19 - 2016-09-13 10:19 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignc1c9687453fbd416
2016-09-13 10:19 - 2016-09-13 10:19 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign398f6342a71951db
2016-09-13 10:19 - 2016-09-13 10:19 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign03b3cccfc8324920
2016-09-13 10:19 - 2016-09-13 10:19 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign003b2c86b30607d7
2016-09-12 18:32 - 2016-09-12 18:32 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign9f2b43cf139f300c
2016-09-12 18:32 - 2016-09-12 18:32 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign4668f8bf41093273
2016-09-11 20:06 - 2016-09-13 22:02 - 00000931 _____ C:\WINDOWS\Tasks\EPSON XP-432 435 Series Update {E2701DEA-B8FE-4B92-B821-3B31EF5B091F}.job
2016-09-11 20:06 - 2016-09-11 20:06 - 00004136 _____ C:\WINDOWS\System32\Tasks\EPSON XP-432 435 Series Update {E2701DEA-B8FE-4B92-B821-3B31EF5B091F}
2016-09-11 20:06 - 2016-09-11 20:06 - 00000000 ____D C:\Program Files\Common Files\EPSON
2016-09-11 20:04 - 2016-09-11 20:06 - 00000000 ____D C:\ProgramData\EPSON
2016-09-11 20:04 - 2014-03-05 04:06 - 00180224 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YLMBPDE.DLL
2016-09-11 20:04 - 2011-03-15 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YD4BPDE.DLL
2016-09-11 16:55 - 2016-09-11 16:55 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignb94abd8f476ab35b
2016-09-11 16:55 - 2016-09-11 16:55 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign702e7ceae5ec6905
2016-09-11 16:15 - 2016-09-11 16:15 - 00000000 ___SD C:\Users\Sarah\Documents\Meine Shapes
2016-09-11 16:12 - 2016-09-11 16:12 - 00002567 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio 2016.lnk
2016-09-11 15:12 - 2016-09-11 15:12 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign8d7962384d9d98d1
2016-09-11 15:11 - 2016-09-11 15:11 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignc107a025fd696e69
2016-09-11 15:08 - 2016-09-11 15:08 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign043ab04ef5046786
2016-09-11 15:06 - 2016-09-11 15:06 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign82ecd2fd4cba74c8
2016-09-11 14:58 - 2016-09-11 14:58 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignff5c6c50b2e5a7e0
2016-09-11 14:57 - 2016-09-11 14:57 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign3dc54236fd5f5d47
2016-09-11 14:56 - 2016-09-11 14:56 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign58335f08f51885ff
2016-09-11 14:55 - 2016-09-11 14:55 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign9539dd1dd007a481
2016-09-11 14:55 - 2016-09-11 14:55 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign222b240c17196694
2016-09-11 14:52 - 2016-09-11 14:52 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign0f0f7e5ae75d7600
2016-09-11 14:51 - 2016-09-11 14:51 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignc09bd3b62711abaf
2016-09-11 14:45 - 2016-09-11 14:45 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigne99f67054c4a6718
2016-09-11 14:43 - 2016-09-11 14:43 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignb6bf46abc09e8936
2016-09-11 14:35 - 2016-09-11 14:35 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign30481dc5691704ec
2016-09-11 14:20 - 2016-09-11 14:20 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign907c70a42d0cbda3
2016-09-11 14:20 - 2016-09-11 14:20 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign18f5e082653fb9cc
2016-09-10 18:10 - 2016-09-10 18:10 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignf8e2f122f58b9c3d
2016-09-10 18:10 - 2016-09-10 18:10 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignc1ac4ed2f1771bd4
2016-09-10 17:15 - 2016-09-10 17:15 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignfd00579e47990e90
2016-09-10 17:15 - 2016-09-10 17:15 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign72c99212ea7e90c6
2016-09-10 17:15 - 2016-09-10 17:15 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign675beefe82573caa
2016-09-10 17:15 - 2016-09-10 17:15 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign252b559d880cdc65
2016-09-10 17:15 - 2016-09-10 17:15 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign16301609950cbb03
2016-09-10 17:07 - 2016-09-10 17:07 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignbc61c891c5e7aaf0
2016-09-10 17:07 - 2016-09-10 17:07 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignac1071ca695760be
2016-09-10 17:07 - 2016-09-10 17:07 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigna19ced07a4ce8d1b
2016-09-10 17:07 - 2016-09-10 17:07 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign401f594e4a146437
2016-09-10 17:07 - 2016-09-10 17:07 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign1f4201733e72e91e
2016-09-10 16:47 - 2016-09-10 16:47 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign6be9bec90768b995
2016-09-10 16:27 - 2016-09-10 16:27 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign9ed5bc0e3d591910
2016-09-10 16:14 - 2016-09-10 16:14 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign486d792494660c48
2016-09-10 16:14 - 2016-09-10 16:14 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign2792b51bd0ffd6c0
2016-09-10 16:09 - 2016-09-10 16:09 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigne14d54c05abbcca9
2016-09-10 16:09 - 2016-09-10 16:09 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigncffa6467f6bc3708
2016-09-10 16:09 - 2016-09-10 16:09 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign74a43825f25335cb
2016-09-10 16:09 - 2016-09-10 16:09 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign2fa893cee3ec2125
2016-09-07 20:46 - 2016-09-07 20:46 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignfbb921ad93d5d197
2016-09-07 20:46 - 2016-09-07 20:46 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign313a06c1b7b82f4e
2016-09-07 19:25 - 2016-09-07 19:25 - 00000000 ____D C:\Users\Sarah\AppData\Local\Macromedia
2016-09-07 19:24 - 2016-09-07 19:30 - 00000000 ____D C:\Users\Sarah\AppData\Local\Mozilla
2016-09-07 19:24 - 2016-09-07 19:24 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-09-07 19:24 - 2016-09-07 19:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-07 19:23 - 2016-09-07 19:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-06 14:54 - 2016-09-06 14:54 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigne5a55324ddb983b1
2016-09-06 14:54 - 2016-09-06 14:54 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignc68a42313d8ab1b1
2016-09-06 14:54 - 2016-09-06 14:54 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignaa2bf3c570699804
2016-09-06 14:54 - 2016-09-06 14:54 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign4b4e211bbee9ce6d
2016-09-06 13:19 - 2016-09-06 13:19 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsigncf53f3c73b53b9f7
2016-09-06 13:19 - 2016-09-06 13:19 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignc4defad17f4320fb
2016-09-06 13:19 - 2016-09-06 13:19 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignad72f59df0cdead9
2016-09-06 13:19 - 2016-09-06 13:19 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign519dc5a4a16efbaf
2016-09-06 12:00 - 2016-09-06 12:00 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignfc553e829efa3b01
2016-09-06 12:00 - 2016-09-06 12:00 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignf5ee937a39777edb
2016-09-06 12:00 - 2016-09-06 12:00 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign9fa5947698bde522
2016-09-06 12:00 - 2016-09-06 12:00 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign25489d06245476fc
2016-09-06 12:00 - 2016-09-06 12:00 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsign0a49e21c79ddeb0f
2016-09-05 21:41 - 2016-09-05 21:41 - 00002544 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2015.3.lnk
2016-09-05 21:33 - 2016-09-05 21:33 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignb1f79cbfa125ef85
2016-09-05 21:33 - 2016-09-05 21:33 - 00000000 ____D C:\Users\Sarah\AppData\Local\Tempzxpsignb12484fcb134c40d
2016-09-05 21:17 - 2016-09-05 21:17 - 00001105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.5.lnk
2016-09-05 19:20 - 2016-09-16 04:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-09-05 19:19 - 2016-09-21 19:58 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-09-05 19:19 - 2016-09-21 19:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-09-05 13:59 - 2016-09-05 13:59 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-09-05 13:59 - 2016-05-04 04:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-09-05 13:59 - 2016-05-04 04:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-09-05 13:59 - 2016-05-04 04:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-09-05 13:59 - 2016-05-04 04:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-09-02 22:02 - 2016-09-02 21:19 - 00000000 ___DC C:\WINDOWS\Panther
2016-09-02 22:00 - 2016-09-02 22:00 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-09-02 22:00 - 2016-09-02 22:00 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-09-02 22:00 - 2016-09-02 22:00 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-02 22:00 - 2016-09-02 22:00 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-02 22:00 - 2016-09-02 22:00 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-09-02 22:00 - 2016-09-02 22:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-09-02 22:00 - 2016-09-02 22:00 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-09-02 22:00 - 2016-09-02 22:00 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-02 22:00 - 2016-09-02 22:00 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-02 22:00 - 2016-09-02 22:00 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-02 22:00 - 2016-09-02 22:00 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-02 22:00 - 2016-09-02 22:00 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-09-02 22:00 - 2016-09-02 22:00 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-09-02 22:00 - 2016-09-02 22:00 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-09-02 22:00 - 2016-09-02 22:00 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-09-02 22:00 - 2016-09-02 22:00 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-09-02 21:53 - 2016-09-02 21:53 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-09-02 21:48 - 2016-09-02 21:48 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-09-02 21:48 - 2016-09-02 21:48 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-09-02 21:48 - 2016-09-02 21:48 - 00000000 ____D C:\Program Files\MSBuild
2016-09-02 21:48 - 2016-09-02 21:48 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-09-02 21:48 - 2016-09-02 21:48 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-09-02 21:48 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-09-02 21:48 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-09-02 21:48 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-09-02 21:48 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-09-02 21:48 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-09-02 21:48 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-09-02 21:47 - 2016-09-02 21:47 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-09-02 21:22 - 2016-09-02 21:22 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-09-02 21:21 - 2016-09-02 21:21 - 00000000 ____D C:\ProgramData\USOShared
2016-09-02 21:20 - 2016-09-05 09:20 - 00000000 ____D C:\Users\Sarah\AppData\Local\ConnectedDevicesPlatform
2016-09-02 21:20 - 2016-09-02 21:20 - 00000020 ___SH C:\Users\Sarah\ntuser.ini
2016-09-02 21:19 - 2016-09-02 21:19 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-09-02 21:19 - 2016-09-02 21:19 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-09-02 21:19 - 2016-09-02 21:19 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-09-02 21:16 - 2016-09-26 21:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-02 21:16 - 2016-09-20 17:24 - 00003508 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2016-09-02 21:16 - 2016-09-18 16:25 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-09-02 21:16 - 2016-09-02 21:16 - 00003742 _____ C:\WINDOWS\System32\Tasks\ACCAgent
2016-09-02 21:16 - 2016-09-02 21:16 - 00003738 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2016-09-02 21:16 - 2016-09-02 21:16 - 00003642 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-09-02 21:16 - 2016-09-02 21:16 - 00003514 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2016-09-02 21:16 - 2016-09-02 21:16 - 00003418 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-09-02 21:16 - 2016-09-02 21:16 - 00003370 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1463674154
2016-09-02 21:16 - 2016-09-02 21:16 - 00003292 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E37D6889-D2AB-4D89-B563-C59DB829CC5C}
2016-09-02 21:16 - 2016-09-02 21:16 - 00003098 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-09-02 21:16 - 2016-09-02 21:16 - 00002822 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-09-02 21:16 - 2016-09-02 21:16 - 00002810 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1742419186-1601379352-809800023-1002
2016-09-02 21:16 - 2016-09-02 21:16 - 00002748 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1742419186-1601379352-809800023-500
2016-09-02 21:16 - 2016-09-02 21:16 - 00002596 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-sarah.mueller88@hotmail.com
2016-09-02 21:16 - 2016-09-02 21:16 - 00002574 _____ C:\WINDOWS\System32\Tasks\UbtFrameworkService
2016-09-02 21:16 - 2016-09-02 21:16 - 00002550 _____ C:\WINDOWS\System32\Tasks\abDocsDllLoader
2016-09-02 21:16 - 2016-09-02 21:16 - 00002310 _____ C:\WINDOWS\System32\Tasks\{F575C47D-0D94-4DFE-91EC-40B5F2E61535}
2016-09-02 21:16 - 2016-09-02 21:16 - 00002186 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2016-09-02 21:16 - 2016-09-02 21:16 - 00002182 _____ C:\WINDOWS\System32\Tasks\Quick Access Quick Launcher
2016-09-02 21:16 - 2016-09-02 21:16 - 00002170 _____ C:\WINDOWS\System32\Tasks\USER_ESRV_SVC_WILLAMETTE
2016-09-02 21:16 - 2016-09-02 21:16 - 00002118 _____ C:\WINDOWS\System32\Tasks\DolbySelectorTask
2016-09-02 21:16 - 2016-09-02 21:16 - 00002096 _____ C:\WINDOWS\System32\Tasks\Power Management
2016-09-02 21:16 - 2016-09-02 21:16 - 00002070 _____ C:\WINDOWS\System32\Tasks\Launch Manager
2016-09-02 21:16 - 2016-09-02 21:16 - 00002062 _____ C:\WINDOWS\System32\Tasks\Quick Access
2016-09-02 21:16 - 2016-09-02 21:16 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel
2016-09-02 21:16 - 2016-09-02 21:16 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2016-09-02 21:16 - 2014-09-16 10:34 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-615273258-2510798667-4273039071-500
2016-09-02 21:16 - 2014-07-25 23:41 - 00003592 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-729939966-155158532-1426229192-500
2016-09-02 21:12 - 2016-09-02 21:12 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-09-02 21:09 - 2016-09-02 21:12 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-09-02 21:08 - 2016-09-24 16:10 - 00000000 ____D C:\Users\Sarah
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\Vorlagen
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\Startmenü
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\Netzwerkumgebung
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\Lokale Einstellungen
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\Eigene Dateien
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\Druckumgebung
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\Documents\Eigene Videos
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\Documents\Eigene Musik
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\Documents\Eigene Bilder
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\AppData\Local\Verlauf
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\AppData\Local\Anwendungsdaten
2016-09-02 21:08 - 2016-09-02 21:08 - 00000000 _SHDL C:\Users\Sarah\Anwendungsdaten
2016-09-02 21:05 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-09-02 21:04 - 2016-09-05 14:04 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-02 21:04 - 2016-09-05 13:58 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-09-02 21:04 - 2016-09-02 21:04 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-09-02 21:04 - 2016-09-02 21:04 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-09-02 21:04 - 2016-09-02 21:04 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-09-02 21:04 - 2016-09-02 21:04 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-09-02 21:04 - 2016-09-02 21:04 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-09-02 21:04 - 2016-09-02 21:04 - 00000000 ____D C:\Program Files\Realtek
2016-09-02 21:04 - 2016-09-02 21:04 - 00000000 ____D C:\Program Files\Elantech
2016-09-02 21:04 - 2016-09-02 21:04 - 00000000 ____D C:\Program Files\Common Files\Atheros
2016-09-02 21:04 - 2016-08-01 14:54 - 06386744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-09-02 21:04 - 2016-08-01 14:54 - 02466360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-09-02 21:04 - 2016-08-01 14:54 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-09-02 21:04 - 2016-08-01 14:54 - 01365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-09-02 21:04 - 2016-08-01 14:54 - 00547896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-09-02 21:04 - 2016-08-01 14:54 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-09-02 21:04 - 2016-08-01 14:54 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-09-02 21:04 - 2016-08-01 14:54 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-09-02 21:04 - 2016-07-28 15:02 - 07242545 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-09-02 21:03 - 2016-09-27 17:48 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-09-02 21:03 - 2016-09-27 07:07 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-02 21:03 - 2016-09-25 19:32 - 00533232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-02 21:03 - 2016-09-02 21:09 - 00000000 ____D C:\Program Files\Intel
2016-09-02 21:03 - 2016-09-02 21:03 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-09-02 21:03 - 2016-09-02 21:03 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-09-02 21:03 - 2015-09-30 20:39 - 00105472 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-09-02 21:03 - 2015-09-30 20:39 - 00099856 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-09-02 17:14 - 2016-09-02 21:09 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2016-09-02 17:14 - 2016-09-02 17:14 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Intel
2016-09-02 17:13 - 2016-09-02 17:13 - 00000000 ____D C:\Users\Sarah\Intel.sav
2016-09-02 17:13 - 2016-09-02 17:13 - 00000000 ____D C:\ProgramData\Intel.sav
2016-09-02 17:13 - 2016-09-02 17:13 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-09-02 17:09 - 2016-09-02 17:09 - 00000000 ____D C:\Users\Sarah\Intel
2016-09-02 17:08 - 2016-09-02 17:08 - 00000724 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk
2016-09-02 17:06 - 2016-09-02 17:06 - 00000000 ____D C:\Users\Sarah\AppData\Local\NVIDIA
2016-09-02 17:01 - 2016-09-02 17:14 - 00000000 ____D C:\Users\Sarah\Documents\Treiber
2016-09-02 15:34 - 2016-09-02 15:34 - 00001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-09-02 10:16 - 2016-09-25 18:22 - 00000000 ___RD C:\Users\Sarah\Dropbox
2016-09-02 10:14 - 2016-09-20 17:09 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-09-02 10:14 - 2016-09-02 17:19 - 00001224 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-09-02 10:14 - 2016-09-02 17:09 - 00001220 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-09-02 10:14 - 2016-09-02 10:16 - 00000000 ____D C:\Users\Sarah\AppData\Local\Dropbox
2016-09-02 10:14 - 2016-09-02 10:14 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Dropbox
2016-09-02 10:14 - 2016-09-02 10:14 - 00000000 ____D C:\ProgramData\Dropbox
2016-08-30 15:47 - 2016-09-02 17:09 - 00000000 ____D C:\Users\Sarah\AppData\Local\Franz
2016-08-30 15:47 - 2016-09-02 15:09 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Franz
2016-08-30 15:47 - 2016-09-02 15:09 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Franz
2016-08-30 15:47 - 2016-08-30 15:47 - 00000000 ____D C:\Users\Sarah\AppData\Local\SquirrelTemp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-27 18:43 - 2016-08-25 17:16 - 00000000 ____D C:\FRST
2016-09-27 17:54 - 2016-04-11 06:10 - 00000000 ____D C:\Users\Sarah\AppData\Local\Packages
2016-09-27 11:28 - 2016-05-03 20:06 - 00001456 _____ C:\Users\Sarah\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-09-27 09:48 - 2016-04-13 03:38 - 00000000 ____D C:\Users\Sarah\AppData\Local\Adobe
2016-09-27 07:07 - 2016-04-11 06:09 - 00000000 __SHD C:\Users\Sarah\IntelGraphicsProfiles
2016-09-26 21:31 - 2016-07-17 00:51 - 00720022 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-26 21:31 - 2016-07-17 00:51 - 00150198 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-26 21:31 - 2016-04-13 19:55 - 01874806 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-26 21:26 - 2016-08-25 17:20 - 00000000 ____D C:\AdwCleaner
2016-09-26 21:26 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2016-09-26 13:26 - 2016-05-19 17:47 - 00000000 ____D C:\Users\Sarah\AppData\Local\ElevatedDiagnostics
2016-09-26 12:40 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-09-26 12:29 - 2015-08-16 13:21 - 00000000 ____D C:\Users\Sarah\Documents\Sonstiges
2016-09-26 12:07 - 2016-08-26 10:45 - 4215401187 _____ C:\WINDOWS\MEMORY.DMP
2016-09-26 11:46 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-25 20:26 - 2016-04-13 03:46 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-09-25 19:32 - 2016-05-19 18:03 - 00000000 ____D C:\ProgramData\AVAST Software
2016-09-25 19:31 - 2016-05-05 10:38 - 00000000 ____D C:\Users\Sarah\AppData\Local\Spotify
2016-09-25 19:31 - 2016-04-11 06:14 - 00000000 __RDO C:\Users\Sarah\OneDrive
2016-09-25 19:29 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-09-25 18:43 - 2016-04-11 06:54 - 00000000 ____D C:\Users\Sarah\AppData\Local\CrashDumps
2016-09-25 18:40 - 2016-04-11 06:10 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Adobe
2016-09-25 18:39 - 2016-04-13 04:19 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-09-25 18:39 - 2016-04-13 04:19 - 00000000 ____D C:\Program Files\Adobe
2016-09-25 18:28 - 2016-05-24 18:21 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\vlc
2016-09-25 18:26 - 2016-05-05 10:38 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Spotify
2016-09-25 18:22 - 2016-04-13 03:46 - 00000000 ___RD C:\Users\Sarah\Creative Cloud Files
2016-09-25 11:44 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-24 15:54 - 2016-08-25 20:50 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2016-09-24 15:31 - 2016-06-02 11:29 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Apple Computer
2016-09-24 15:30 - 2016-06-02 11:21 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-09-24 14:39 - 2016-04-11 06:22 - 00002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-24 14:15 - 2016-08-25 20:50 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-09-24 14:06 - 2016-06-02 11:29 - 00000000 ____D C:\Users\Sarah\AppData\Local\Apple Computer
2016-09-24 10:42 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-22 18:50 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-22 18:49 - 2016-05-31 13:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-21 20:01 - 2016-02-13 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-21 19:39 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-21 19:39 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-21 19:39 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-20 17:24 - 2014-07-25 23:57 - 00000000 ___HD C:\OEM
2016-09-20 17:24 - 2014-07-25 23:21 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-09-20 17:24 - 2014-07-25 23:20 - 00000000 ____D C:\Program Files (x86)\Acer
2016-09-20 17:23 - 2016-04-11 06:10 - 00000000 ____D C:\Users\Sarah\AppData\Local\clear.fi
2016-09-20 17:19 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-18 20:24 - 2016-04-14 19:37 - 00000033 _____ C:\Users\Sarah\AppData\Roaming\AdobeWLCMCache.dat
2016-09-14 20:26 - 2016-04-14 15:33 - 144199024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-09-14 20:26 - 2016-04-14 15:33 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-09-13 10:25 - 2016-04-10 19:33 - 00000000 ____D C:\Users\Sarah\Documents\Kunden
2016-09-11 17:44 - 2016-04-14 19:14 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\FileZilla
2016-09-11 15:17 - 2016-04-14 20:35 - 00000600 _____ C:\Users\Sarah\AppData\Local\PUTTY.RND
2016-09-11 13:57 - 2015-08-16 13:20 - 00000000 ____D C:\Users\Sarah\Documents\Studium
2016-09-07 19:24 - 2016-06-23 07:48 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Mozilla
2016-09-07 18:32 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-09-07 18:32 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-05 21:31 - 2016-04-13 04:39 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-09-05 21:17 - 2015-09-30 23:53 - 00000000 ____D C:\Users\Sarah\Documents\Adobe
2016-09-05 09:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-09-02 22:02 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-09-02 22:00 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-02 21:56 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-09-02 21:56 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-09-02 21:56 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-09-02 21:56 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-09-02 21:56 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-09-02 21:56 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-09-02 21:56 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-09-02 21:56 - 2016-07-17 00:50 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-09-02 21:56 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-09-02 21:56 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-09-02 21:56 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-09-02 21:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-09-02 21:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-09-02 21:56 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-09-02 21:56 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-09-02 21:56 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\servicing
2016-09-02 21:48 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-09-02 21:48 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-09-02 21:23 - 2016-04-13 21:11 - 00002422 _____ C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-09-02 21:21 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-09-02 21:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-09-02 21:19 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-09-02 21:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-09-02 21:18 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-09-02 21:16 - 2016-04-13 19:51 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-09-02 21:15 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-09-02 21:12 - 2016-08-25 15:30 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2016-09-02 21:12 - 2016-08-15 10:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-09-02 21:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Help
2016-09-02 21:12 - 2016-05-31 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Network Notepad Professional
2016-09-02 21:12 - 2016-05-31 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\yEd Graph Editor
2016-09-02 21:12 - 2016-05-31 14:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-09-02 21:12 - 2016-05-24 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-09-02 21:12 - 2016-05-19 18:16 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.2
2016-09-02 21:12 - 2016-04-29 09:30 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-09-02 21:12 - 2016-04-29 09:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-09-02 21:12 - 2016-04-16 13:21 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProjectLibre
2016-09-02 21:12 - 2016-04-16 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-09-02 21:12 - 2016-04-14 19:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-09-02 21:12 - 2016-04-14 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-09-02 21:12 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2016-09-02 21:12 - 2014-09-16 10:27 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power Media Player 12
2016-09-02 21:12 - 2014-07-25 23:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\InputMethod
2016-09-02 21:09 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-09-02 21:09 - 2014-07-25 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2016-09-02 21:09 - 2014-07-25 23:23 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
2016-09-02 21:09 - 2014-07-25 23:22 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3
2016-09-02 21:09 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2016-09-02 21:09 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2016-09-02 21:05 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-02 21:05 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-09-02 21:05 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-09-02 17:14 - 2014-07-25 23:00 - 00000000 ____D C:\Users\Administrator
2016-09-02 17:13 - 2016-05-06 21:18 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-09-02 17:13 - 2014-09-16 10:05 - 00000000 ____D C:\ProgramData\Intel
2016-09-02 17:13 - 2014-09-16 09:47 - 00000000 ____D C:\Program Files (x86)\Intel
2016-09-02 17:13 - 2014-07-25 23:21 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-02 17:09 - 2016-04-11 06:21 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-02 17:09 - 2014-09-16 09:49 - 00016878 _____ C:\WINDOWS\system32\results.xml
2016-09-02 17:06 - 2014-09-16 10:07 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-09-02 16:37 - 2016-04-11 06:21 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-02 16:30 - 2016-05-06 21:09 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-02 16:29 - 2015-08-22 14:39 - 00000000 ____D C:\Users\Sarah\Documents\b-public
2016-09-02 15:34 - 2016-04-13 03:41 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-09-02 10:16 - 2016-04-11 06:10 - 00000000 ____D C:\Users\Sarah\AppData\Local\VirtualStore
2016-08-30 13:52 - 2016-04-14 19:16 - 00000000 ____D C:\ProgramData\Skype
2016-08-30 13:51 - 2016-04-14 19:16 - 00000000 ____D C:\Users\Sarah\AppData\Roaming\Skype

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-04-14 19:37 - 2016-09-18 20:24 - 0000033 _____ () C:\Users\Sarah\AppData\Roaming\AdobeWLCMCache.dat
2016-05-03 20:06 - 2016-09-27 11:28 - 0001456 _____ () C:\Users\Sarah\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-04-14 20:35 - 2016-09-11 15:17 - 0000600 _____ () C:\Users\Sarah\AppData\Local\PUTTY.RND
2016-09-02 21:04 - 2016-09-02 21:04 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Sarah\AppData\Local\Temp\libeay32.dll
C:\Users\Sarah\AppData\Local\Temp\msvcr120.dll
C:\Users\Sarah\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-22 18:21

==================== Ende von FRST.txt ============================

lunaris 27.09.2016 17:47
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 25-09-2016
durchgeführt von Sarah (27-09-2016 18:43:57)
Gestartet von C:\Users\Sarah\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-02 19:19:58)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1742419186-1601379352-809800023-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1742419186-1601379352-809800023-503 - Limited - Disabled)
Gast (S-1-5-21-1742419186-1601379352-809800023-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1742419186-1601379352-809800023-1006 - Limited - Enabled)
Sarah (S-1-5-21-1742419186-1601379352-809800023-1002 - Administrator - Enabled) => C:\Users\Sarah

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.10.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3006 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.8.0.310 - Adobe Systems Incorporated)
Adobe Dreamweaver CC 2015 (HKLM-x32\...\{EE2A0AA8-0386-11E5-8603-BC82F5DB1A71}) (Version: 16.1.3 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015.3 (HKLM-x32\...\ILST_20_1_0) (Version: 20.1.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2015 (HKLM-x32\...\{DBFD0312-6E55-1014-8952-E78D43BC0147}) (Version: 11.4.1.102 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015.3 (HKLM-x32\...\AME_10_4_0) (Version: 10.4.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0_1) (Version: 17.0.1 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.4218 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 10.4.26 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.47.1 - Dropbox, Inc.) Hidden
ELAN HIDI2C Filter Driver X64 13.6.1.1_WHQL (HKLM\...\Elantech) (Version: 13.6.1.1 - ELAN Microelectronic Corp.)
EPSON XP-432 435 Series Printer Uninstall (HKLM\...\EPSON XP-432 435 Series) (Version:  - Seiko Epson Corporation)
Farm to Fork Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
FileZilla Client 3.17.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.17.0.1 - Tim Kosse)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.28.831 - Digital Wave Ltd)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 11.0.0.7 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 11.0.0.7 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden
iCloud (HKLM\...\{724A887F-2B55-4306-B6F9-8F0E7A04B1B5}) (Version: 5.2.2.87 - Apple Inc.)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.5.146.1 - Intel Security)
Intel(R) Driver Update Utility 2.4 (x32 Version: 2.4.0.15 - Intel) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) Product Improvement Program (x32 Version: 2.1.27.3 - Intel) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{1b09c4de-9cae-4122-b17c-65d395062b50}) (Version: 2.4.0.15 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden
King Oddball (x32 Version: 3.0.2.48 - WildTangent) Hidden
LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.376.2 - McAfee, Inc.)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7167.2060 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.7167.2060 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 - de-de (HKLM\...\VisioProRetail - de-de) (Version: 16.0.7167.2060 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version:  - )
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla)
My Swisscom Assistant (HKLM-x32\...\My Swisscom Assistant) (Version: 2.15.3.2514 - Swisscom (Schweiz) AG)
Network Notepad Professional Edition (HKLM-x32\...\DotNetPad_is1) (Version:  - Jason Green)
NVIDIA Grafiktreiber 369.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 369.09 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7167.2060 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.59 - WildTangent) Hidden
ProjectLibre (HKLM-x32\...\{8E2A530F-ABE9-45B4-B4EA-B9DF56698376}) (Version: 1.6.2.0 - ProjectLibre)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.21277 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.25.108.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7203 - Realtek Semiconductor Corp.)
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
The Chronicles of Emerland Solitaire (x32 Version: 3.0.2.51 - WildTangent) Hidden
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.13 - WildTangent) Hidden
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
yEd Graph Editor 3.15.0.2 (HKLM-x32\...\3309-7404-0599-8908) (Version: 3.15.0.2 - yWorks GmbH)
Zuma's Revenge (x32 Version: 2.2.0.97 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1742419186-1601379352-809800023-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Sarah\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1742419186-1601379352-809800023-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01102F16-64A4-4078-A5BC-6EC6784C96BE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-02] (Dropbox, Inc.)
Task: {08CC4D92-5144-4EAB-816C-26E59F9073F5} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {17FE7975-5BA7-4E78-B89E-EE8E60C52955} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-09-13] (Microsoft Corporation)
Task: {1DBB39FA-D817-4E58-A0E1-CBD63D3C4131} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {1DC5C606-21A6-41B5-A4EB-D5E19BC511EA} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {1EC40B2B-0882-4702-9C05-BF24A04350C7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {31665744-B4D5-41C0-A69E-2606ABDE779B} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe
Task: {37B2B24B-FBD9-4293-9E26-76F558E36F1F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13] (Adobe Systems Incorporated)
Task: {3B07D30B-F2D1-43B2-A67D-72DBC64A1D65} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {4CB44732-DE2A-4C13-9C81-33E1CDE669EE} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {4D0F8159-7FA9-41A0-B0E7-FBC76BB073E9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-09-13] (Microsoft Corporation)
Task: {6F7A477C-19ED-418B-B5C7-FC5F47518338} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {766049C9-83ED-47A9-B285-B46E1A3B9AED} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-17] ()
Task: {7AD080D4-126A-47DB-8C5A-3F67B3C957D3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {7C2E5688-AD88-42ED-B445-C407775BDCDD} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {8019D117-35DB-4178-B012-B7D5AA489BA2} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {80FF5C13-D961-40F2-B892-BD65AAE8FE98} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-08-30] (Acer Incorporated)
Task: {836C7542-6DBC-4DE4-AD2D-87964E72B325} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-11] (Google Inc.)
Task: {8A6476D3-8858-41DB-8CA1-07845695313A} - System32\Tasks\EPSON XP-432 435 Series Update {E2701DEA-B8FE-4B92-B821-3B31EF5B091F} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPDE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {90E4AAEE-214F-4FE7-885E-DACBC0A26950} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-11] (Google Inc.)
Task: {96098DA8-4640-4247-B4A5-FC6A673AEAA8} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-02] (Dropbox, Inc.)
Task: {97E1F9CF-24F0-4180-8880-EBBA78D91724} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-09-05] (Microsoft Corporation)
Task: {99360872-D2C9-484C-8082-B53EF443B37F} - System32\Tasks\SafeZone scheduled Autoupdate 1463674154 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {9BD20DB4-DA4C-466D-8FDB-D8527B47F082} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-sarah.mueller88@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {9D3DFB64-9ED7-4E55-9C2A-5FB5C3B292D8} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Sarah\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-27] (Microsoft Corporation)
Task: {B20C0BB1-70E4-4BA1-B4AA-0FF27BACBBC2} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2016-08-15] ()
Task: {C9911319-3E2C-46C8-B9B9-4A24AB74AB49} - System32\Tasks\{F575C47D-0D94-4DFE-91EC-40B5F2E61535} => Chrome.exe hxxp://ui.skype.com/ui/0/7.24.0.104/de/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {D6F9FB7F-98FE-4BE7-AA87-98F8F6331D01} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {DA0F7C93-2B62-4FFB-8F77-03363DE7EE09} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-17] ()
Task: {DF71E165-635D-4DDA-88B3-4561462FD52B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {E418ED44-D79C-476F-9438-85F9A8353316} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-09-05] (Microsoft Corporation)
Task: {EDF4F705-2502-423E-A35C-997D185A2814} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {F69239AC-BF10-463C-8CAE-7FD508923AE7} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {F9228382-42AC-4428-918C-222927615477} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-09-09] (Acer)
Task: {FDD1237C-3C61-4917-95E5-D8477B878B50} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-09-13] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\EPSON XP-432 435 Series Update {E2701DEA-B8FE-4B92-B821-3B31EF5B091F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSPDE.EXE:/EXE:{E2701DEA-B8FE-4B92-B821-3B31EF5B091F} /F:UpdateWORKGROUP\SARAH$
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Chrome Apps & Extensions Developer Tool.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 4" --app-id=ohmmkhmmmpcnpikjeljgnaoabkaalbgc
ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 4" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Sarah - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Sarah\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Privat - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-09 20:43 - 2016-03-09 20:43 - 00118424 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2014-07-25 23:23 - 2012-04-24 12:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-16 04:38 - 2016-09-07 07:44 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-02 21:04 - 2016-08-01 14:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-16 04:38 - 2016-09-07 07:44 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 20:39 - 2015-09-30 20:39 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-09-16 04:38 - 2016-09-07 07:44 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-02 21:22 - 2016-09-02 21:22 - 01864384 _____ () C:\Users\Sarah\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-07-25 23:27 - 2014-07-01 23:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-05-09 09:22 - 2016-05-09 09:22 - 00052912 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-09-16 04:38 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-16 04:35 - 2016-09-07 06:57 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-05 13:36 - 2016-09-05 13:43 - 00071168 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-09-05 13:36 - 2016-09-05 13:43 - 00178176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-09-05 13:36 - 2016-09-05 13:43 - 35288064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-09-05 13:36 - 2016-09-05 13:43 - 00181760 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\Microsoft.Skype.ImageTool.dll
2016-09-05 13:36 - 2016-09-05 13:43 - 00108544 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.7.113.0_x64__kzf8qxf38zg5c\SkypeHost.Proxies.dll
2016-08-15 15:24 - 2016-08-15 15:24 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2016-08-15 15:24 - 2016-08-15 15:24 - 00091488 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2015-07-17 14:39 - 2015-07-17 14:39 - 04612448 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2016-09-16 04:38 - 2016-09-07 06:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-16 04:38 - 2016-09-07 06:35 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-16 04:34 - 2016-09-07 06:35 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-16 04:38 - 2016-09-07 06:35 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-16 04:34 - 2016-09-07 06:40 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-16 08:38 - 2016-08-16 08:38 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-08-16 08:38 - 2016-08-16 08:38 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-03 19:46 - 2016-06-03 19:47 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-04-13 21:43 - 2016-04-13 21:43 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-08-25 07:57 - 2016-08-25 07:57 - 03763712 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe
2016-09-24 15:05 - 2016-08-31 19:55 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-09-24 15:05 - 2016-08-31 19:55 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-09-24 15:05 - 2016-08-31 19:55 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-09-24 15:05 - 2016-08-31 19:55 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2016-08-15 18:03 - 2016-08-15 18:03 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-08-15 18:05 - 2016-08-15 18:05 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-08-15 18:05 - 2016-08-15 18:05 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-08-15 18:04 - 2016-08-15 18:04 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2016-09-20 17:24 - 2016-09-20 17:24 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-08-30 15:09 - 2016-08-30 15:09 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-08-30 15:05 - 2016-08-30 15:05 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-09-09 10:51 - 2016-09-09 10:51 - 00202456 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-09-09 10:51 - 2016-09-09 10:51 - 00119000 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2016-08-15 15:24 - 2016-08-15 15:24 - 00277856 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2016-09-11 16:08 - 2016-09-21 20:17 - 03598536 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\gfx.dll
2015-11-04 18:36 - 2015-11-04 18:36 - 00246488 _____ () C:\Program Files (x86)\Acer\abDocs Office AddIn\AcerExcelAddin.dll
2016-09-02 21:22 - 2016-09-02 21:22 - 01383616 _____ () C:\Users\Sarah\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-11 16:08 - 2016-09-21 20:17 - 03598536 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\gfx.dll
2015-11-04 18:36 - 2015-11-04 18:36 - 00149720 _____ () C:\Program Files (x86)\Acer\abDocs Office AddIn\AcerWordAddin.dll
2014-07-25 23:27 - 2014-07-01 23:13 - 00090368 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2016-05-09 09:22 - 2016-05-09 09:22 - 00048816 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 00141312 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\de_de\PDFMaker\PDFMOutlookAddin.DEU
2016-06-30 13:55 - 2016-06-30 13:55 - 05919416 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\PDFMaker\Common\AdobePDFMakerX.dll
2015-12-18 17:42 - 2015-12-18 17:42 - 03385856 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2016-09-11 16:08 - 2016-09-05 15:40 - 01063624 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll
2016-05-03 16:41 - 2016-05-03 16:41 - 02099896 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\PDFMaker\Common\SendAsLinkX.dll
2015-12-18 17:42 - 2015-12-18 17:42 - 00230912 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Locale\de_DE\Adobe Send\SendAsLinkX.DEU
2016-09-11 16:12 - 2016-09-21 20:19 - 00521920 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\msfad.dll
2016-09-24 14:39 - 2016-09-14 02:38 - 01806152 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-24 14:39 - 2016-09-14 02:38 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll
2016-09-11 16:09 - 2016-09-21 20:17 - 00158400 _____ () C:\Program Files (x86)\Microsoft Office\root\Office16\JitV.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2016-05-09 17:10 - 00000853 ____A C:\WINDOWS\system32\Drivers\etc\hosts


0.0.0.1        mssplus.mcafee.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1742419186-1601379352-809800023-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Sarah\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\tumblr_n944intfop1rmw9ado2_1280.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Exploit"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "AcerPortal"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "MailStylerWarmup"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1742419186-1601379352-809800023-1002\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{BEF4869F-E898-4111-9E30-02FB421E5B5F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{5E871996-732C-4888-86E9-400F21A63389}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{6E1E81DF-1A88-4B2E-B525-15176D1F836E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9C7B871F-E85A-4482-8C21-D7B22C783D8D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7BE51D4C-5769-407F-9273-6F578528EFDB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{843B6FE3-59DB-48B0-8927-AD5DBF3C03C2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{698B4D4D-0644-4525-9473-AC4C61EA53F5}C:\users\sarah\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sarah\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{399479EF-AB73-406A-8AC9-E56591FB1261}C:\users\sarah\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sarah\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B62E87F4-059D-426F-9810-51654207C962}C:\users\sarah\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sarah\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{02E1E182-EF20-408D-93F9-D7E55ABE8F7D}C:\users\sarah\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sarah\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{7C3F9A14-27B0-402D-8D8D-3BFBA207B5BC}C:\program files (x86)\spotify\spotify.exe] => (Allow) C:\program files (x86)\spotify\spotify.exe
FirewallRules: [TCP Query User{8F0A5414-09AC-4EA3-8D99-4ED7744211A2}C:\program files (x86)\spotify\spotify.exe] => (Allow) C:\program files (x86)\spotify\spotify.exe
FirewallRules: [{08C23BF5-D36D-4777-8E9E-37BB3FCE826B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{C797F0F8-2AD0-42F9-86BA-C98E48201FF7}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{9E908B0B-EA1B-489D-ACC2-7E0F050E9717}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{419C7DFC-8D29-42B3-BE19-1A3DE34E4A39}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{719B08D9-C2E4-421F-9D75-FBA8685E2CCF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{C4FDA8DC-1A00-4587-ADE8-5F3A6CB4EF25}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{31F1F27A-4FB2-407C-9BB5-59C175CE34B3}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F4F88768-5EEA-407A-B634-B00CE17CD973}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{0A20BDB2-3A22-4C8B-A174-0307ED73048D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{6B04AB04-A2A8-4C44-AD62-DFBE5F7C8CCA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{2EA69E2E-4249-4721-9591-66DB1CB31741}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{05FB242C-6370-4FB6-8BA6-BD7354BF5106}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{3F14814A-6654-4502-BAE3-2DB1FEF910BF}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{2589C329-AB2F-46F6-8E8D-9248B56CE344}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{D6EF0449-6107-48A0-95A8-EF40668E33BC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{F464C4BB-0BDC-43B9-BFC5-5E6583599744}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{A887D22E-D816-4E22-9ED0-B28FE8F6AE12}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{80386162-F41D-4031-83F2-073C9E49FD26}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{1624C36E-444C-42D3-832D-31A4D3F3FB78}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{6A455835-09DD-43E5-B7B5-A67B7071D38B}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{D70B1843-F150-406F-BA86-18CEC577FE45}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{849A04A8-8D39-48E6-8193-B337070D0BB0}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{07542B01-8AE5-4995-8592-E0182729CF62}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{CCE2DE8C-7A61-4F61-9BFD-0BFF6CF9F129}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Play.exe
FirewallRules: [{95C70AC9-B34B-4E82-A378-3B18D0368995}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{444CF3C0-AB61-4BE2-BC0B-26AB9F4A9D57}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{03FFD20E-30BF-4D18-A57C-1DA5BA05D539}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{33D88064-9A0E-4F27-AE9E-10A9482A8040}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{57445F65-1D41-4575-A3B0-8506302ED8AA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{8A028987-6FE1-470D-A62E-2E855393DEEC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{503E1E78-7AB7-4E1B-B912-D36C3AA8ECC9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{E078B810-7646-439E-A187-3E625525D143}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F4A9B08B-8C6B-493F-9048-6B16381DEC83}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BF4281CF-6DDF-41E9-B135-E5384FEE8BEE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BABEB67B-31CA-470C-803F-7F848DA1324B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A38369D5-29D8-400F-A3B5-F4E662BD8904}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{FEC3D5C3-5D88-458A-A809-191A07A12D28}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{822738EA-6D1F-4F3A-A76F-7389F08E851B}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{3EF104BA-A084-4C85-8E10-F5F85B2D8D51}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{12741BF9-B8FF-4F19-B229-514F5E1F9A04}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{49E0315D-C1ED-4624-88F9-BA4E1B00ECD4}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{4DDC6548-EC2B-4788-8209-D8565FE41C15}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{5D5F1636-CF99-40F4-AAA3-1A9260C66B07}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{446DC3AA-6132-4501-A511-47046C890C4F}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{E620DC92-C9B5-4A51-953E-D8D21C9BAE43}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{CA17D121-56F4-462F-8C4B-AD7DED6A6166}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{86944D29-D5FC-47F6-9CFA-027F0AE63DEE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{F2AC009A-026E-4AE3-8C8F-F18794E81B2A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5567E216-C27A-4A74-9221-48F930BFD4E6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D6C4C87D-54F0-4345-8FAC-CF36808E822B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{3D57D84F-F43C-416D-BEE1-597546A61121}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{08750F6A-F010-4765-A6C4-21F743B95E1B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{63E7CEF4-A57C-45BF-B01D-1784BAAAF7F3}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
FirewallRules: [{F2DC9F98-CC96-4CE1-B80C-3C533D34D03F}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
FirewallRules: [{07D49CD4-8763-4DA9-8B42-CA44207F1EDC}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Repair.exe
FirewallRules: [{C413F1A6-E927-458B-A3F8-A75E38D98BAC}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Repair.exe
FirewallRules: [{79F58359-8A69-4A16-AB1D-A532E57C4BFA}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant.exe
FirewallRules: [{39CA660B-BF54-4DCE-9AA0-14D30C1842CB}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant.exe
FirewallRules: [{B1BDE86B-74F7-406C-A898-C47022662FDC}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\Update\M2Updater.exe
FirewallRules: [{CB2077A0-626C-40F4-A778-80105E139E80}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\Update\M2Updater.exe
FirewallRules: [{1A16E8A3-E76D-4805-A2AE-9215481FDB7B}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\PDF_Viewer\m2PDFViewer.exe
FirewallRules: [{597BAD28-DCCE-4C97-8DDC-35603991C561}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\PDF_Viewer\m2PDFViewer.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/26/2016 10:04:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31187

Error: (09/26/2016 10:04:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 31187

Error: (09/26/2016 10:04:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/26/2016 10:04:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15593

Error: (09/26/2016 10:04:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15593

Error: (09/26/2016 10:04:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/26/2016 01:16:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SARAH)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/26/2016 01:16:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SARAH)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/26/2016 01:16:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SARAH)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/26/2016 01:16:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SARAH)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (09/27/2016 06:21:02 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "m2 Update Service (F8F8565687B043BDB2BA3B7982C22B5E)" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (09/27/2016 03:14:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/27/2016 01:57:44 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/27/2016 11:03:04 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{F3B4E234-7A68-4E43-B813-E4BA55A065F6}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/27/2016 09:47:59 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst stisvc erreicht.

Error: (09/27/2016 09:47:29 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst stisvc erreicht.

Error: (09/27/2016 09:46:41 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.

Error: (09/27/2016 07:07:49 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/27/2016 07:07:49 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/27/2016 07:07:48 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2016-09-26 14:04:02.829
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-26 14:04:02.784
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-26 14:04:02.685
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-26 14:04:02.605
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-26 14:04:02.513
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-26 14:04:02.480
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-26 14:04:02.444
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-26 14:04:02.389
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-26 14:04:02.357
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-26 14:04:02.324
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 16307.27 MB
Verfügbarer physikalischer RAM: 12149.16 MB
Summe virtueller Speicher: 33715.27 MB
Verfügbarer virtueller Speicher: 28785.4 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:206.51 GB) (Free:101.88 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: B9F9A14D)

Partition: GPT.

==================== Ende von Addition.txt ============================

Das sind die Files die ich hab.:wtf:


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:00 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131