Solved Trojan.fakems.ed ?

N8kux · Apr 11, 2016

So recently I got this virus and as soon as I saw it in my system I tried to delete it now. I tried multiple ways of deletion then I searched on google for help and I found a thread on this site ill link it if needed and followed the instructions and then it looked like I removed it but. I still saw some kind of PUP or something like that (scanned from rogue killer) and I decided to see if I can remove that too since it can be a trace or a still active virus. so I also looked at another forum thread about that on this site of course ill link it if needed. I have a the same thing as this person from the forum and im still following on what to do but it looks like the virus is gone or I think so ill see what happens tomorrow (Since its like 11pm here) if its still there and so I need help to see if I did everything right im sorry if my question is stupid,if I didnt give enough details,or if I have bad english since this is my first forum post so I dont know anything but if you can help thank you in advance.if you need logs of course il post em just tell me what you need

N8kux · Apr 11, 2016

Actually im still getting the PUM.Dns warning here is I screenshot

I hope this is fixable

Broni · Apr 11, 2016

Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:

Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
If you're stuck, or you're not sure about certain step, always ask before doing anything else.
Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
Never run more than one scan at a time.
Keep updating me regarding your computer behavior, good, or bad.
The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

N8kux · Apr 12, 2016

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-04-2016 01
durchgeführt von Neku (Administrator) auf LAPTOP-VB720D7I (12-04-2016 14:32:17)
Gestartet von C:\Users\Neku\Desktop
Geladene Profile: Neku (Verfügbare Profile: Neku)
Platform: Windows 10 Home Version 1511 (X64) Sprache: German (Germany)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool:

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Visicom Media Inc.) C:\ProgramData\ManyCam\Service\service.exe
(Amazon Inc.) C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Greatis Software) C:\Program Files (x86)\UnHackMe\hackmon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
() C:\Windows\System32\igfxTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\OEM\Preload\FubTracking\FubTracking.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(IO3O LLC) C:\Program Files (x86)\IO3O LLC\Who Is On My Wifi\mywifi.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Mega Limited) C:\Users\Neku\AppData\Local\MEGAsync\MEGAsync.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(TODO: <Company name>) C:\Program Files\Acer\User Experience Improvement Program\Plugin\AppMonitor\AppMonitorPlugIn.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-20] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-11-23] ()
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-23] (AVAST Software)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318248 2016-01-08] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [888344 2016-02-05] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2732760 2016-01-19] (Acer)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [45056 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23485208 2016-03-30] (Google)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\MountPoints2: H - "H:\Setup.exe"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-03-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-03-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-03-30] (Google)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Neku\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Neku\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Neku\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-11] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Neku\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Neku\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Neku\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Who Is On My Wifi.lnk [2016-04-09]
ShortcutTarget: Who Is On My Wifi.lnk -> C:\Program Files (x86)\IO3O LLC\Who Is On My Wifi\mywifi.exe (IO3O LLC)
Startup: C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-04-10]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Neku\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
BootExecute: autocheck autochk * sdnclean64.exePartizan
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55808 2015-10-30] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\napinsp.dll"
Winsock: Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656 2015-10-30] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656 2015-10-30] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65024 2015-10-30] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160 2015-10-30] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552 2015-10-30] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\winrnr.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{80137d26-7fa4-4b61-b40c-a8d9bbbcbd5b}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-11] (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-29] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-11] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-29] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Neku\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Homepage: hxxp://google.rs/
FF Session Restore: -> ist aktiviert.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-2253936156-139631062-2474235644-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Neku\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-22] (Unity Technologies ApS)
FF Extension: FireGestures - C:\Users\Neku\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\[email protected] [2016-04-11]
FF Extension: MEGA - C:\Users\Neku\AppData\Roaming\Mozilla\Firefox\Profiles\6vqbyy8g.default\Extensions\[email protected] [2016-04-05]
FF Extension: FireGestures - C:\Users\Neku\AppData\Roaming\Mozilla\Firefox\Profiles\6vqbyy8g.default\Extensions\[email protected] [2016-04-08]
FF Extension: English (US) Language Pack - C:\Users\Neku\AppData\Roaming\Mozilla\Firefox\Profiles\6vqbyy8g.default\Extensions\[email protected] [2016-03-20]
FF Extension: MEGA - C:\Users\Neku\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\[email protected] [2016-04-11]
FF Extension: English (US) Language Pack - C:\Users\Neku\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\[email protected] [2016-03-20]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-14]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR Profile: C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-30]
CHR Extension: (Google Docs) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-31]
CHR Extension: (Google Drive) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-31]
CHR Extension: (YouTube) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-31]
CHR Extension: (Google Search) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-31]
CHR Extension: (Google Sheets) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-30]
CHR Extension: (Google Docs Offline) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-02]
CHR Extension: (Avast Online Security) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-09]
CHR Extension: (Kein Name) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-04-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Kein Name) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebgdicanjhnamfmdlmlbcnkgehkkmf [2016-04-10]
CHR Extension: (Gmail) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-31]
CHR HKU\S-1-5-21-2253936156-139631062-2474235644-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2253936156-139631062-2474235644-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ooebgdicanjhnamfmdlmlbcnkgehkkmf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-11]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Amazon 1Button App Service; c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [451072 2016-01-11] (Amazon Inc.) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [323152 2015-05-29] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-11] (AVAST Software)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433688 2016-02-05] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413208 2016-02-05] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [859672 2016-02-05] (BlueStack Systems, Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-01-14] (Acer Incorporated)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-04-09] (SurfRight B.V.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [368552 2016-01-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [Datei ist nicht signiert]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdatesvr.exe [133480 2015-09-01] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [77528 2015-12-15] (Visicom Media Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1284848 2016-03-21] (Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-03-22] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [189248 2016-03-22] ()
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [445240 2015-04-30] ()
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [251232 2015-09-14] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-03-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-11] (AVAST Software)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4301304 2015-05-17] (Qualcomm Atheros Communications, Inc.)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-02-05] (BlueStack Systems)
S2 CamMask; C:\Windows\system32\DRIVERS\cmvcamdrv64.sys [954072 2013-12-23] ()
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-02-05] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-02-05] (Disc Soft Ltd)
R1 epp; C:\Users\Neku\Desktop\security\bin64\epp.sys [124080 2016-02-11] (Emsisoft Ltd)
R3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41984 2015-06-02] (Intel(R) Corporation)
S3 iauarte; C:\Windows\System32\drivers\iauarte.sys [112640 2015-06-02] (Intel(R) Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5759240 2016-01-30] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-12] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2016-04-09] (Greatis Software)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [51368 2015-05-11] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R1 VBoxNetAdp; C:\Windows\System32\drivers\VBoxNetAdp6.sys [117768 2016-01-19] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2016-01-19] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [35880 2016-03-11] (Wellbia.com Co., Ltd.)
S3 X6va062; \??\C:\WINDOWS\SysWOW64\Drivers\X6va062 [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

N8kux · Apr 12, 2016

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-12 14:32 - 2016-04-12 14:33 - 00027509 _____ C:\Users\Neku\Desktop\FRST.txt
2016-04-12 14:30 - 2016-04-12 14:32 - 00000000 ____D C:\FRST
2016-04-12 14:19 - 2016-04-12 14:20 - 00000085 _____ C:\WINDOWS\wininit.ini
2016-04-12 14:16 - 2016-04-12 14:16 - 02375168 _____ (Farbar) C:\Users\Neku\Desktop\FRST64.exe
2016-04-11 17:07 - 2016-04-11 18:04 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-04-11 16:26 - 2016-04-11 16:26 - 03465280 _____ C:\Users\Neku\Desktop\adwcleaner_5.110.exe
2016-04-11 16:18 - 2016-04-11 16:18 - 00000000 ____D C:\Program Files (x86)\ESET
2016-04-11 15:40 - 2016-04-11 15:41 - 24003656 _____ C:\Users\Neku\Downloads\RogueKillerX64.exe
2016-04-10 17:30 - 2016-04-10 17:30 - 00000478 _____ C:\WINDOWS\system32\.crusader
2016-04-10 15:41 - 2016-04-10 16:51 - 00299968 _____ C:\WINDOWS\ntbtlog.txt
2016-04-10 15:41 - 2016-04-10 15:41 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-04-10 15:21 - 2016-04-10 15:23 - 227630056 _____ C:\Users\Neku\Downloads\EmsisoftEmergencyKit.exe
2016-04-10 14:55 - 2015-12-09 05:39 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-10 14:41 - 2016-04-11 16:39 - 00000000 ____D C:\AdwCleaner
2016-04-10 14:05 - 2016-04-10 14:05 - 01610352 _____ (Malwarebytes) C:\Users\Neku\Desktop\JRT.exe
2016-04-10 13:23 - 2016-04-10 13:23 - 00007607 _____ C:\Users\Neku\AppData\Local\Resmon.ResmonCfg
2016-04-10 13:17 - 2016-04-11 22:52 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-04-10 13:17 - 2016-04-10 13:17 - 00000000 ___HD C:\OneDriveTemp
2016-04-10 13:16 - 2016-04-10 14:05 - 00000000 ____D C:\ProgramData\RogueKiller
2016-04-10 13:11 - 2016-04-12 14:20 - 00000000 ____D C:\Users\Neku\Desktop\security
2016-04-10 13:06 - 2016-04-10 13:06 - 00000000 ____D C:\Users\Neku\AppData\Local\VirtualStore
2016-04-10 13:05 - 2016-04-12 14:10 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-04-09 21:52 - 2016-04-12 14:07 - 00000252 _____ C:\WINDOWS\SysWOW64\PARTIZAN.TXT
2016-04-09 21:49 - 2016-04-09 21:49 - 00000000 ____D C:\@RestoreQuarantine
2016-04-09 20:38 - 2016-04-10 16:24 - 00000000 ____D C:\ProgramData\RegRun
2016-04-09 20:38 - 2016-04-09 20:38 - 00040304 _____ (Greatis Software) C:\WINDOWS\SysWOW64\Drivers\Partizan.sys
2016-04-09 20:38 - 2016-04-09 20:38 - 00000002 RSHOT C:\WINDOWS\winstart.bat
2016-04-09 20:38 - 2016-04-09 20:38 - 00000002 RSHOT C:\WINDOWS\SysWOW64\CONFIG.NT
2016-04-09 20:38 - 2016-04-09 20:38 - 00000002 RSHOT C:\WINDOWS\SysWOW64\AUTOEXEC.NT
2016-04-09 20:37 - 2016-04-10 16:32 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2016-04-09 20:37 - 2016-04-10 16:26 - 00000000 ____D C:\Users\Neku\Documents\RegRun2
2016-04-09 20:37 - 2016-04-09 20:41 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2016-04-09 20:37 - 2016-04-09 20:37 - 00003418 _____ C:\WINDOWS\System32\Tasks\UnHackMe Task Scheduler
2016-04-09 20:37 - 2016-04-09 20:37 - 00000000 ____D C:\Users\Neku\Downloads\unhackme
2016-04-09 20:37 - 2016-04-09 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2016-04-09 20:37 - 2016-04-05 15:17 - 00012808 _____ (Greatis Software, LLC.) C:\WINDOWS\SysWOW64\Drivers\UnHackMeDrv.sys
2016-04-09 20:37 - 2015-12-28 11:32 - 00049968 _____ (Greatis Software) C:\WINDOWS\system32\partizan.exe
2016-04-09 20:08 - 2016-04-09 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-04-09 20:08 - 2016-04-09 20:08 - 00000000 ____D C:\Program Files\HitmanPro
2016-04-09 20:07 - 2016-04-10 17:30 - 00000000 ____D C:\ProgramData\HitmanPro
2016-04-09 17:58 - 2016-04-09 17:58 - 00000000 ____D C:\Program Files\Common Files\AV
2016-04-09 17:52 - 2016-04-09 17:52 - 00000000 ____D C:\Users\Neku\Documents\ProcAlyzer Dumps
2016-04-09 17:50 - 2016-04-12 14:20 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-04-09 17:50 - 2016-04-12 14:19 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-04-09 17:50 - 2016-04-09 17:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-04-09 16:49 - 2016-04-09 16:50 - 00000000 ____D C:\ProgramData\Sophos
2016-04-09 16:48 - 2016-04-10 16:54 - 00002781 _____ C:\Users\Neku\Desktop\Sophos Virus Removal Tool.lnk
2016-04-09 16:48 - 2016-04-09 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2016-04-09 16:48 - 2016-04-09 16:48 - 00000000 ____D C:\Program Files (x86)\Sophos
2016-04-09 16:45 - 2016-04-09 16:47 - 147100624 _____ (Sophos Limited) C:\Users\Neku\Downloads\Sophos Virus Removal Tool.exe
2016-04-09 16:31 - 2016-04-09 16:31 - 00000000 ____D C:\NPE
2016-04-09 16:10 - 2016-04-09 16:10 - 00111288 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SMR501.SYS.bak
2016-04-09 16:09 - 2016-04-09 16:58 - 00000000 ____D C:\Users\Neku\AppData\Local\NPE
2016-04-09 16:09 - 2016-04-09 16:10 - 00000000 ____D C:\ProgramData\Norton
2016-04-09 16:09 - 2016-04-09 16:09 - 03088296 _____ (Symantec Corporation) C:\Users\Neku\Downloads\NPE.exe
2016-04-09 15:23 - 2016-04-09 15:23 - 00005120 _____ C:\Users\Neku\AppData\Roaming\GiftBag.db
2016-04-09 15:15 - 2016-04-09 15:16 - 00000000 ____D C:\Users\Neku\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-04-09 15:15 - 2016-04-09 15:15 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-08 20:13 - 2016-04-08 20:13 - 00105322 _____ C:\Users\Neku\Downloads\Arbeitsvertrag_Muster.pdf
2016-04-08 19:19 - 2016-04-12 14:11 - 00000000 ___RD C:\Users\Neku\Google Drive
2016-04-08 19:19 - 2016-04-10 16:54 - 00001769 _____ C:\Users\Neku\Desktop\Google Drive.lnk
2016-04-08 19:16 - 2016-04-08 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-04-08 19:02 - 2016-04-10 16:55 - 00001080 _____ C:\Users\Public\Desktop\Audacity.lnk
2016-04-08 19:02 - 2016-04-09 22:48 - 00001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-04-08 19:02 - 2016-04-08 19:02 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-04-01 19:57 - 2016-04-01 19:57 - 00000000 ____D C:\Users\Neku\AppData\Roaming\SmartSteamEmu
2016-03-31 21:25 - 2016-03-31 21:35 - 00000000 ____D C:\WINDOWS\Minidump
2016-03-31 19:32 - 2016-03-31 19:32 - 00000000 ____D C:\Users\Neku\AppData\Roaming\inkscape
2016-03-29 18:09 - 2016-03-29 18:09 - 00000000 ____D C:\Users\Neku\AppData\LocalLow\SUPERHOT_Team
2016-03-29 18:09 - 2016-03-29 18:09 - 00000000 ____D C:\Users\Neku\AppData\Local\SUPERHOT_Sp_z_o.o
2016-03-29 17:52 - 2016-03-29 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERHOT [GOG.com]
2016-03-29 17:47 - 2016-03-29 17:47 - 00000000 ____D C:\Users\Neku\AppData\LocalLow\SUPERHOT Team
2016-03-28 15:01 - 2016-03-28 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 (2015-10-21)
2016-03-27 14:39 - 2016-03-27 14:39 - 00000000 ____D C:\Users\Neku\AppData\Local\ShootoutInc
2016-03-26 18:35 - 2016-03-26 20:33 - 00000000 ____D C:\Users\Neku\AppData\Local\Soundnode
2016-03-23 23:40 - 2016-03-23 23:40 - 00000000 ____D C:\Users\Neku\Documents\Holotech
2016-03-23 21:18 - 2016-03-23 21:18 - 00000000 ____D C:\ProgramData\Intel Telemetry
2016-03-23 21:16 - 2016-03-23 21:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel
2016-03-23 21:15 - 2016-03-23 21:15 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-03-23 18:00 - 2016-04-09 22:48 - 00001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-03-23 18:00 - 2016-03-23 18:00 - 00003200 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458748831
2016-03-23 17:59 - 2016-03-23 17:59 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-03-22 22:53 - 2016-03-22 22:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-03-22 22:53 - 2016-03-22 22:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2016-03-22 17:40 - 2016-03-22 17:40 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-03-22 17:40 - 2016-03-22 17:40 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-03-22 17:39 - 2016-03-22 17:39 - 00189248 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-03-22 17:39 - 2016-03-22 17:39 - 00189248 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2016-03-22 17:39 - 2016-03-22 17:39 - 00076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-03-22 17:39 - 2016-03-22 17:32 - 03130440 _____ C:\WINDOWS\SysWOW64\pbsvc_blr.exe
2016-03-21 23:49 - 2016-03-21 23:49 - 00000000 ____D C:\Users\Neku\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2016-03-21 23:43 - 2016-03-21 23:43 - 00000000 ____D C:\Users\Neku\AppData\Roaming\PACE Anti-Piracy
2016-03-21 23:43 - 2016-03-21 23:43 - 00000000 ____D C:\Users\Neku\AppData\Local\PACE Anti-Piracy
2016-03-21 23:43 - 2016-03-21 23:43 - 00000000 ____D C:\ProgramData\PACE Anti-Piracy
2016-03-21 21:06 - 2016-03-21 21:06 - 00000000 ____D C:\Program Files\Adobe
2016-03-21 21:01 - 2016-03-21 21:01 - 00000000 ____D C:\Program Files (x86)\Adobe Story
2016-03-21 21:00 - 2009-07-09 04:00 - 00055280 ____N (Sonic Solutions) C:\WINDOWS\system32\Drivers\PxHlpa64.sys
2016-03-21 21:00 - 2009-06-23 04:00 - 00010224 ____N (Sonic Solutions) C:\WINDOWS\system32\Drivers\cdralw2k.sys
2016-03-21 21:00 - 2009-06-23 04:00 - 00010224 ____N (Sonic Solutions) C:\WINDOWS\system32\Drivers\cdr4_xp.sys
2016-03-21 20:59 - 2016-03-21 20:59 - 00000000 ____D C:\Program Files (x86)\My Company Name
2016-03-21 20:56 - 2016-04-09 22:48 - 00001074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-03-21 20:56 - 2016-03-21 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-03-21 20:56 - 2016-03-21 20:56 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-03-21 20:56 - 2016-03-21 20:56 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-03-21 20:50 - 2016-03-21 21:06 - 00000000 ____D C:\Ap
2016-03-20 19:18 - 2016-03-20 19:18 - 00000000 ____D C:\Users\Neku\Downloads\G7 Pics
2016-03-20 01:00 - 2016-04-09 21:40 - 00000000 ____D C:\WINDOWS\AutoKMS
2016-03-20 00:56 - 2016-03-20 00:56 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2016-03-20 00:37 - 2016-03-20 00:37 - 00000000 ____D C:\Users\Neku\AppData\Local\Microsoft Help
2016-03-20 00:36 - 2016-03-20 01:59 - 00000000 ____D C:\Program Files\Microsoft Office
2016-03-19 00:16 - 2016-03-19 00:16 - 00021184 _____ C:\WINDOWS\SysWOW64\Drivers\X6va062_2016.03.18.23.19.34
2016-03-18 19:47 - 2016-03-18 19:47 - 00000000 ____D C:\Users\Neku\AppData\Roaming\com.infinite-interactive.GoW
2016-03-18 19:23 - 2016-03-18 19:23 - 00000000 ____D C:\Users\Neku\AppData\LocalLow\Smartly Dressed Games
2016-03-18 18:32 - 2016-03-18 18:32 - 00000000 ____D C:\Users\Neku\AppData\LocalLow\Jed Games
2016-03-18 16:47 - 2016-03-26 13:53 - 00000000 ____D C:\Users\Neku\BrawlhallaReplays
2016-03-17 20:29 - 2016-03-17 20:29 - 00000000 ____D C:\Users\Neku\AppData\Roaming\BrawlhallaAir
2016-03-17 19:41 - 2016-04-09 15:20 - 00000000 ____D C:\Program Files\Unlocker
2016-03-17 19:41 - 2016-03-17 19:41 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2016-03-17 18:40 - 2016-03-17 18:40 - 00000000 ____D C:\Users\Neku\AppData\LocalLow\Bloober Team
2016-03-17 18:40 - 2016-03-17 18:40 - 00000000 ____D C:\ProgramData\Steam
2016-03-17 17:40 - 2016-03-17 17:40 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-03-16 22:00 - 2016-03-16 22:00 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-03-16 18:50 - 2016-03-16 19:51 - 00000000 ____D C:\Users\Neku\Documents\Mount&Blade Warband Savegames
2016-03-16 18:49 - 2016-03-16 18:49 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Mount&Blade Warband
2016-03-16 18:21 - 2016-03-16 18:21 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mount&Blade Warband
2016-03-15 21:02 - 2016-02-24 11:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-15 21:02 - 2016-02-24 07:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-15 21:02 - 2016-02-24 07:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-15 21:02 - 2016-02-24 07:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-15 21:02 - 2016-02-24 07:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-15 21:02 - 2016-02-24 07:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-15 21:02 - 2016-02-24 07:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-15 21:01 - 2016-03-01 07:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-15 21:01 - 2016-03-01 07:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-15 21:01 - 2016-02-24 11:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-15 21:01 - 2016-02-24 11:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-15 21:01 - 2016-02-24 11:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-15 21:01 - 2016-02-24 11:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-15 21:01 - 2016-02-24 11:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-15 21:01 - 2016-02-24 10:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-15 21:01 - 2016-02-24 10:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-15 21:01 - 2016-02-24 10:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-15 21:01 - 2016-02-24 10:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-15 21:01 - 2016-02-24 10:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-15 21:01 - 2016-02-24 10:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-15 21:01 - 2016-02-24 10:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-15 21:01 - 2016-02-24 10:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-15 21:01 - 2016-02-24 10:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-15 21:01 - 2016-02-24 10:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-15 21:01 - 2016-02-24 10:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-15 21:01 - 2016-02-24 10:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-15 21:01 - 2016-02-24 10:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-15 21:01 - 2016-02-24 10:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-15 21:01 - 2016-02-24 10:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-15 21:01 - 2016-02-24 10:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-15 21:01 - 2016-02-24 10:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-15 21:01 - 2016-02-24 10:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-15 21:01 - 2016-02-24 10:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-15 21:01 - 2016-02-24 10:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-15 21:01 - 2016-02-24 09:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-15 21:01 - 2016-02-24 09:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-15 21:01 - 2016-02-24 09:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-15 21:01 - 2016-02-24 09:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-15 21:01 - 2016-02-24 09:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-15 21:01 - 2016-02-24 09:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-15 21:01 - 2016-02-24 09:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-15 21:01 - 2016-02-24 09:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-15 21:01 - 2016-02-24 09:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-15 21:01 - 2016-02-24 09:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-15 21:01 - 2016-02-24 09:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-15 21:01 - 2016-02-24 09:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-15 21:01 - 2016-02-24 09:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-15 21:01 - 2016-02-24 09:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-15 21:01 - 2016-02-24 09:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-15 21:01 - 2016-02-24 09:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-15 21:01 - 2016-02-24 09:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-15 21:01 - 2016-02-24 08:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-15 21:01 - 2016-02-24 08:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-15 21:01 - 2016-02-24 08:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-15 21:01 - 2016-02-24 08:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-15 21:01 - 2016-02-24 08:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-15 21:01 - 2016-02-24 08:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-15 21:01 - 2016-02-24 08:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-15 21:01 - 2016-02-24 08:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-15 21:01 - 2016-02-24 08:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-15 21:01 - 2016-02-24 08:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-15 21:01 - 2016-02-24 08:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-15 21:01 - 2016-02-24 08:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-15 21:01 - 2016-02-24 08:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-15 21:01 - 2016-02-24 08:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-15 21:01 - 2016-02-24 08:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-15 21:01 - 2016-02-24 08:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-15 21:01 - 2016-02-24 08:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-15 21:01 - 2016-02-24 08:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-15 21:01 - 2016-02-24 08:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-15 21:01 - 2016-02-24 08:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-15 21:01 - 2016-02-24 08:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-15 21:01 - 2016-02-24 08:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-15 21:01 - 2016-02-24 08:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-15 21:01 - 2016-02-24 08:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-15 21:01 - 2016-02-24 08:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-15 21:01 - 2016-02-24 08:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-15 21:01 - 2016-02-24 08:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-15 21:01 - 2016-02-24 08:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-15 21:01 - 2016-02-24 08:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-15 21:01 - 2016-02-24 08:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-15 21:01 - 2016-02-24 08:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-15 21:01 - 2016-02-24 08:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-15 21:01 - 2016-02-24 08:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-15 21:01 - 2016-02-24 08:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-15 21:01 - 2016-02-24 08:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-15 21:01 - 2016-02-24 08:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-15 21:01 - 2016-02-24 08:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-15 21:01 - 2016-02-24 08:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-15 21:01 - 2016-02-24 08:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-15 21:01 - 2016-02-24 08:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-15 21:01 - 2016-02-24 07:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-15 21:01 - 2016-02-24 07:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-15 21:01 - 2016-02-24 07:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-15 21:01 - 2016-02-24 07:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-15 21:01 - 2016-02-24 07:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-15 21:01 - 2016-02-24 07:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-15 21:01 - 2016-02-24 06:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-15 21:01 - 2016-02-24 06:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-15 21:00 - 2016-02-24 11:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-15 21:00 - 2016-02-24 11:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-15 21:00 - 2016-02-24 10:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-15 21:00 - 2016-02-24 09:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-15 21:00 - 2016-02-24 09:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-15 21:00 - 2016-02-24 09:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-15 21:00 - 2016-02-24 09:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-15 21:00 - 2016-02-24 09:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-15 21:00 - 2016-02-24 09:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-15 21:00 - 2016-02-24 09:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-15 21:00 - 2016-02-24 09:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-15 21:00 - 2016-02-24 09:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-15 21:00 - 2016-02-24 09:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-15 21:00 - 2016-02-24 09:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-15 21:00 - 2016-02-24 09:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-15 21:00 - 2016-02-24 09:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-15 21:00 - 2016-02-24 09:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-15 21:00 - 2016-02-24 09:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-15 21:00 - 2016-02-24 09:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-15 21:00 - 2016-02-24 09:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-15 21:00 - 2016-02-24 09:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-15 21:00 - 2016-02-24 09:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-15 21:00 - 2016-02-24 09:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-15 21:00 - 2016-02-24 09:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-15 21:00 - 2016-02-24 09:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-15 21:00 - 2016-02-24 09:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-15 21:00 - 2016-02-24 08:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-15 21:00 - 2016-02-24 08:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-15 21:00 - 2016-02-24 08:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-15 21:00 - 2016-02-24 08:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-15 21:00 - 2016-02-24 08:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-15 21:00 - 2016-02-24 08:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-15 21:00 - 2016-02-24 08:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-15 21:00 - 2016-02-24 08:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-15 21:00 - 2016-02-24 08:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-15 21:00 - 2016-02-24 08:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-15 21:00 - 2016-02-24 08:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-15 21:00 - 2016-02-24 08:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-15 21:00 - 2016-02-24 08:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-15 21:00 - 2016-02-24 08:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-15 21:00 - 2016-02-24 08:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-15 21:00 - 2016-02-24 08:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-15 21:00 - 2016-02-24 08:42 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-03-15 21:00 - 2016-02-24 08:42 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-03-15 21:00 - 2016-02-24 08:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-15 21:00 - 2016-02-24 08:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-15 21:00 - 2016-02-24 08:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-15 21:00 - 2016-02-24 08:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-15 21:00 - 2016-02-24 08:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-15 21:00 - 2016-02-24 08:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-15 21:00 - 2016-02-24 08:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-15 21:00 - 2016-02-24 08:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-15 21:00 - 2016-02-24 08:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-15 21:00 - 2016-02-24 08:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-15 21:00 - 2016-02-24 08:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-15 21:00 - 2016-02-24 07:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-15 20:23 - 2016-03-15 20:23 - 00000000 ____D C:\Users\Neku\AppData\Roaming\PowerISO
2016-03-15 20:22 - 2016-02-10 15:21 - 00137280 _____ (Power Software Ltd) C:\WINDOWS\system32\Drivers\scdemu.sys
2016-03-15 17:33 - 2016-04-10 16:55 - 00001051 _____ C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2016-03-15 17:29 - 2016-03-15 17:29 - 00000000 ____D C:\Users\Neku\AppData\Local\ActiveSync
2016-03-15 17:22 - 2016-03-15 17:22 - 00000020 ___SH C:\Users\Neku\ntuser.ini
2016-03-15 15:54 - 2016-03-15 15:54 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-03-15 15:54 - 2016-03-15 15:54 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-03-15 15:54 - 2016-03-15 15:54 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-03-15 15:54 - 2016-03-15 15:54 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-03-15 15:54 - 2016-03-15 15:54 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-03-15 15:54 - 2016-03-15 15:54 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-03-15 15:54 - 2016-03-15 15:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-03-15 15:54 - 2016-03-15 15:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-03-15 15:54 - 2016-03-15 15:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-03-15 15:54 - 2016-03-15 15:54 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-03-15 15:54 - 2016-03-15 15:54 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-03-15 15:54 - 2016-03-15 15:54 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-03-15 15:54 - 2016-03-15 15:54 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-03-15 15:54 - 2016-03-15 15:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-03-15 15:54 - 2016-03-15 15:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-03-15 15:54 - 2016-03-15 15:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-03-15 15:54 - 2016-03-15 15:54 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-03-15 15:54 - 2016-03-15 15:54 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-03-15 15:54 - 2016-03-15 15:54 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-03-15 15:47 - 2016-04-12 14:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-15 15:35 - 2016-04-09 22:48 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-03-15 15:35 - 2016-03-15 15:35 - 00000000 ____D C:\Users\Default\AppData\Local\Host App Service
2016-03-15 15:35 - 2016-03-15 15:35 - 00000000 ____D C:\Users\Default User\AppData\Local\Host App Service
2016-03-15 15:26 - 2016-03-15 15:38 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-03-15 15:23 - 2016-04-09 00:31 - 00000000 ____D C:\Users\Neku
2016-03-15 15:23 - 2016-03-15 15:23 - 00000000 _SHDL C:\Users\Neku\Vorlagen
2016-03-15 15:23 - 2016-03-15 15:23 - 00000000 _SHDL C:\Users\Neku\Startmenü
2016-03-15 15:23 - 2016-03-15 15:23 - 00000000 _SHDL C:\Users\Neku\Netzwerkumgebung
2016-03-15 15:23 - 2016-03-15 15:23 - 00000000 _SHDL C:\Users\Neku\Lokale Einstellungen
2016-03-15 15:23 - 2016-03-15 15:23 - 00000000 _SHDL C:\Users\Neku\Eigene Dateien
2016-03-15 15:23 - 2016-03-15 15:23 - 00000000 _SHDL C:\Users\Neku\Druckumgebung
2016-03-15 15:23 - 2016-03-15 15:23 - 00000000 _SHDL C:\Users\Neku\Documents\Eigene Videos
2016-03-15 15:23 - 2016-03-15 15:23 - 00000000 _SHDL C:\Users\Neku\Documents\Eigene Musik
2016-03-15 15:23 - 2016-03-15 15:23 - 00000000 _SHDL C:\Users\Neku\Documents\Eigene Bilder
2016-03-15 15:23 - 2016-03-15 15:23 - 00000000 _SHDL C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-03-15 15:23 - 2016-03-15 15:23 - 00000000 _SHDL C:\Users\Neku\AppData\Local\Verlauf
2016-03-15 15:23 - 2016-03-15 15:23 - 00000000 _SHDL C:\Users\Neku\AppData\Local\Anwendungsdaten
2016-03-15 15:23 - 2016-03-15 15:23 - 00000000 _SHDL C:\Users\Neku\Anwendungsdaten
2016-03-15 15:19 - 2016-03-15 15:19 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-03-15 15:18 - 2016-03-15 15:18 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-03-15 15:18 - 2016-03-15 15:18 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-03-15 15:18 - 2016-03-15 15:18 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-03-15 15:18 - 2016-03-15 15:18 - 00000000 ____D C:\Program Files\Realtek
2016-03-15 15:18 - 2016-01-30 20:36 - 00105472 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2016-03-15 15:18 - 2016-01-30 20:36 - 00101376 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2016-03-15 15:17 - 2016-03-15 15:27 - 00000000 ____D C:\Program Files\Intel
2016-03-15 15:16 - 2015-10-30 09:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-03-15 15:12 - 2016-04-09 16:31 - 05094600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-15 15:11 - 2016-03-15 21:35 - 00000000 ___DC C:\WINDOWS\Panther
2016-03-15 15:07 - 2016-03-15 15:07 - 00000000 ____D C:\Windows.old
2016-03-15 15:04 - 2016-03-15 15:04 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-03-15 15:04 - 2016-03-15 15:04 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-03-15 15:04 - 2016-03-15 15:04 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-15 15:04 - 2016-03-15 15:04 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-03-15 15:04 - 2016-03-15 15:04 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-03-15 15:04 - 2016-03-15 15:04 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-15 15:04 - 2016-03-15 15:04 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-03-15 15:04 - 2016-03-15 15:04 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-03-15 15:04 - 2016-03-15 15:04 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-15 15:04 - 2016-03-15 15:04 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-03-15 15:04 - 2016-03-15 15:04 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-15 15:04 - 2016-03-15 15:04 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-03-15 15:04 - 2016-03-15 15:04 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-03-15 15:04 - 2016-03-15 15:04 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-03-15 15:04 - 2016-03-15 15:04 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-03-15 15:04 - 2016-03-15 15:04 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-03-15 15:04 - 2016-03-15 15:04 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll

N8kux · Apr 12, 2016

2016-03-15 15:04 - 2016-03-15 15:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-03-15 15:04 - 2016-03-15 15:04 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-15 15:04 - 2016-03-15 15:04 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-15 15:04 - 2016-03-15 15:04 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-15 15:04 - 2016-03-15 15:04 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-03-15 15:04 - 2016-03-15 15:04 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-15 15:04 - 2016-03-15 15:04 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-03-15 15:04 - 2016-03-15 15:04 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-03-15 15:04 - 2016-03-15 15:04 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-03-15 15:04 - 2016-03-15 15:04 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-03-15 15:04 - 2016-03-15 15:04 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-15 15:04 - 2016-03-15 15:04 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-15 15:04 - 2016-03-15 15:04 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-03-15 15:04 - 2016-03-15 15:04 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-03-15 15:03 - 2016-03-15 15:03 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-03-15 15:03 - 2016-03-15 15:03 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-15 15:03 - 2016-03-15 15:03 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-15 15:03 - 2016-03-15 15:03 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-15 15:03 - 2016-03-15 15:03 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

N8kux · Apr 12, 2016

2016-03-15 15:03 - 2016-03-15 15:03 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-15 15:03 - 2016-03-15 15:03 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-15 15:03 - 2016-03-15 15:03 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-03-15 15:03 - 2016-03-15 15:03 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-03-15 15:03 - 2016-03-15 15:03 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-15 15:03 - 2016-03-15 15:03 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-03-15 15:03 - 2016-03-15 15:03 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-03-15 15:03 - 2016-03-15 15:03 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-03-15 15:03 - 2016-03-15 15:03 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-03-15 15:03 - 2016-03-15 15:03 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-03-15 15:03 - 2016-03-15 15:03 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-03-15 15:03 - 2016-03-15 15:03 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2016-03-15 15:03 - 2016-03-15 15:03 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-15 15:03 - 2016-03-15 15:03 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-03-15 14:55 - 2015-10-29 20:43 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-03-15 14:55 - 2015-10-29 20:43 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-03-15 14:55 - 2015-10-29 20:41 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2016-03-15 14:55 - 2015-10-29 20:25 - 06359040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-03-15 14:55 - 2015-10-29 20:24 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2016-03-15 14:54 - 2016-03-15 14:54 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-03-15 14:51 - 2016-03-15 14:51 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-03-15 14:51 - 2016-03-15 14:51 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-03-15 14:51 - 2016-03-15 14:51 - 00000000 ____D C:\Program Files\MSBuild
2016-03-15 14:51 - 2016-03-15 14:51 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-03-15 14:51 - 2016-03-15 14:51 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-03-15 14:50 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-03-15 14:50 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-03-15 14:50 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-03-15 14:49 - 2015-10-23 18:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-03-15 14:49 - 2015-10-23 18:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-03-15 14:49 - 2015-10-23 18:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-03-13 15:17 - 2013-01-15 14:51 - 00046080 _____ C:\WINDOWS\system32\WinTab32.dll
2016-03-13 15:17 - 2013-01-15 14:51 - 00043520 _____ C:\WINDOWS\SysWOW64\WinTab32.dll
2016-03-13 15:17 - 2012-02-06 11:14 - 00009728 _____ C:\WINDOWS\system32\gTabletTaskDll.dll

N8kux · Apr 12, 2016

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-12 14:29 - 2016-02-03 17:38 - 00000000 ____D C:\wifidata
2016-04-12 14:27 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-12 14:27 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-12 14:17 - 2016-01-30 22:56 - 00004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E27DC3F2-9B4B-4B5B-8DBD-E97FA14A4DDE}
2016-04-12 14:12 - 2016-01-30 21:23 - 00000000 ___RD C:\Users\Neku\OneDrive
2016-04-12 14:10 - 2016-02-23 19:11 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-12 14:10 - 2016-01-30 21:44 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-12 14:10 - 2016-01-30 21:18 - 00000000 __SHD C:\Users\Neku\IntelGraphicsProfiles
2016-04-11 23:07 - 2016-01-30 21:44 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-11 22:51 - 2016-01-30 23:07 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-11 17:06 - 2016-02-23 19:11 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-04-11 16:33 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-04-10 21:43 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-10 16:55 - 2016-03-08 18:41 - 00001862 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-04-10 16:55 - 2016-03-02 17:51 - 00001746 _____ C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
2016-04-10 16:55 - 2016-02-22 16:38 - 00000911 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-10 16:55 - 2016-02-19 23:07 - 00002640 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-10 16:55 - 2016-02-03 20:42 - 00000545 _____ C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2016-04-10 16:55 - 2016-01-31 12:40 - 00002641 _____ C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-04-10 16:55 - 2016-01-30 21:42 - 00002015 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-04-10 16:55 - 2016-01-30 21:23 - 00002384 _____ C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-10 16:55 - 2016-01-30 21:21 - 00001333 _____ C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk
2016-04-10 16:54 - 2016-02-23 20:26 - 00000651 _____ C:\Users\Neku\Desktop\4K YouTube to MP3.lnk
2016-04-10 16:54 - 2016-02-23 20:25 - 00000679 _____ C:\Users\Neku\Desktop\4K Video Downloader.lnk
2016-04-10 16:54 - 2016-02-20 12:54 - 00000420 _____ C:\Users\Neku\Desktop\My Computer.lnk
2016-04-10 16:52 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-04-10 14:58 - 2016-01-30 21:41 - 00000000 ____D C:\Users\Neku\AppData\Local\CrashDumps
2016-04-09 22:48 - 2016-02-25 19:20 - 00000860 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2016-04-09 22:48 - 2016-02-25 19:19 - 00000805 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2016-04-09 22:48 - 2016-02-25 19:18 - 00000830 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2016-04-09 22:48 - 2016-02-25 19:17 - 00000777 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2016-04-09 22:48 - 2016-02-25 19:12 - 00001560 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2016-04-09 22:48 - 2016-02-25 19:12 - 00000925 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2016-04-09 22:48 - 2016-02-06 14:03 - 00001023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mocha for After Effects CS4.lnk
2016-04-09 22:48 - 2016-02-06 13:54 - 00000921 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS4.lnk
2016-04-09 22:48 - 2016-02-06 13:52 - 00001488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
2016-04-09 22:48 - 2016-02-05 23:26 - 00000643 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2016-04-09 22:48 - 2016-01-30 21:45 - 00002149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-09 22:48 - 2016-01-30 21:42 - 00002027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-04-09 22:48 - 2015-07-16 05:33 - 00001946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-09 22:48 - 2015-03-21 02:28 - 00003274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
2016-04-09 22:46 - 2016-02-14 20:34 - 00000646 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Toribash.lnk
2016-04-09 17:57 - 2016-02-23 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-09 17:57 - 2016-02-23 19:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-09 17:03 - 2016-02-05 15:12 - 00000000 ____D C:\Users\Neku\AppData\Roaming\DAEMON Tools Lite
2016-04-09 17:03 - 2016-01-31 12:38 - 00000000 ____D C:\Users\Neku\AppData\Roaming\uTorrent
2016-04-09 16:58 - 2015-10-30 20:35 - 00781048 _____ C:\WINDOWS\system32\perfh007.dat
2016-04-09 16:58 - 2015-10-30 20:35 - 00159634 _____ C:\WINDOWS\system32\perfc007.dat
2016-04-09 16:58 - 2015-07-16 05:31 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-09 16:35 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-09 16:09 - 2016-02-01 21:09 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Skype
2016-04-09 16:02 - 2016-02-01 21:09 - 00000000 ____D C:\ProgramData\Skype
2016-04-09 16:01 - 2016-02-19 23:07 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-09 15:33 - 2015-09-01 21:29 - 00000000 ____D C:\ProgramData\Temp
2016-04-09 15:31 - 2016-02-23 18:33 - 00000306 __RSH C:\ProgramData\ntuser.pol
2016-04-08 19:53 - 2016-02-03 17:54 - 00000000 ___RD C:\Users\Neku\Desktop\Skola
2016-04-08 19:52 - 2016-01-30 21:41 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-04-08 19:16 - 2016-01-30 21:44 - 00000000 ____D C:\Users\Neku\AppData\Local\Google
2016-04-08 19:16 - 2016-01-30 21:44 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-08 19:14 - 2016-02-06 12:32 - 00000000 ___RD C:\Users\Neku\Desktop\Games
2016-04-08 19:10 - 2016-02-11 20:45 - 00000000 ____D C:\Users\Neku\Desktop\Game Making
2016-04-08 19:09 - 2016-02-10 13:06 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Audacity
2016-04-08 18:02 - 2016-01-30 21:27 - 00000000 ____D C:\Users\Neku\AppData\Local\MicrosoftEdge
2016-04-07 19:51 - 2016-01-30 23:07 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-04-05 18:55 - 2016-03-05 20:36 - 00000000 ____D C:\Users\Neku\Downloads\snes9x-1.53-x64
2016-04-05 17:35 - 2016-02-22 16:38 - 00000000 ____D C:\Program Files\CCleaner
2016-04-04 19:26 - 2016-02-01 18:11 - 00000000 ____D C:\Users\Neku\AppData\Roaming\TS3Client
2016-04-01 20:05 - 2016-03-08 17:40 - 00000000 ____D C:\Users\Neku\AppData\Local\Coin
2016-04-01 18:44 - 2015-09-01 20:46 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-31 13:57 - 2016-01-30 21:18 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Adobe
2016-03-29 18:54 - 2016-01-30 22:49 - 00000000 ____D C:\ProgramData\Oracle
2016-03-29 18:50 - 2016-01-30 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-29 18:50 - 2016-01-30 22:49 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-29 18:09 - 2016-01-30 22:50 - 00000000 ____D C:\Users\Neku\.oracle_jre_usage
2016-03-29 18:08 - 2016-01-30 22:49 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-03-29 13:25 - 2016-02-01 18:10 - 00000000 ____D C:\Users\Neku\AppData\Local\Overwolf
2016-03-29 00:12 - 2016-02-01 18:11 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-03-26 20:40 - 2016-01-30 23:05 - 00000000 ____D C:\Users\Neku\AppData\Local\Adobe
2016-03-26 18:33 - 2016-01-30 21:18 - 00000000 ____D C:\Users\Neku\AppData\Local\Packages
2016-03-24 00:00 - 2016-02-03 15:57 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-03-23 21:16 - 2015-09-01 20:53 - 00000000 ____D C:\Program Files (x86)\Intel
2016-03-23 21:15 - 2015-09-01 20:53 - 00000000 ____D C:\ProgramData\Intel
2016-03-23 17:59 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\AVAST Software
2016-03-23 17:59 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files\AVAST Software
2016-03-23 17:31 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-22 21:03 - 2016-02-23 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2016-03-22 14:53 - 2016-01-30 23:30 - 00000000 ____D C:\Users\Neku\Documents\Sound recordings
2016-03-21 23:43 - 2015-08-24 02:56 - 00000000 ___HD C:\Users\Neku\AppData\Local\RsFnlcmdhR
2016-03-21 23:42 - 2016-02-06 14:02 - 00000000 ____D C:\Users\Neku\Documents\Adobe
2016-03-21 21:07 - 2016-02-25 19:20 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-03-21 21:06 - 2016-02-06 13:53 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-03-21 20:57 - 2016-02-06 13:54 - 00000000 ____D C:\ProgramData\Adobe
2016-03-21 20:56 - 2016-02-06 13:52 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-03-20 22:19 - 2016-02-12 12:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-20 22:19 - 2015-07-16 05:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-20 01:59 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-03-20 01:59 - 2015-09-01 20:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-03-20 01:57 - 2015-10-30 20:44 - 00000000 ____D C:\WINDOWS\ShellNew
2016-03-20 01:56 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-20 01:49 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\System
2016-03-20 01:49 - 2015-07-10 13:04 - 00000108 _____ C:\WINDOWS\win.ini
2016-03-20 01:13 - 2016-01-30 21:21 - 00000000 ____D C:\Users\Neku\AppData\Local\clear.fi
2016-03-18 15:19 - 2016-02-06 12:30 - 00000000 ____D C:\Users\Neku\AppData\Local\MEGAsync
2016-03-18 00:58 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-03-18 00:58 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-03-18 00:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-18 00:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-18 00:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-18 00:58 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-17 17:40 - 2016-02-23 16:25 - 00000000 ____D C:\Users\Neku\AppData\Roaming\.minecraft
2016-03-16 21:07 - 2016-01-31 18:28 - 00000000 ____D C:\Users\Neku\Documents\Bandicam
2016-03-15 18:17 - 2016-01-30 21:54 - 00000000 ____D C:\WINDOWS\SysWOW64\Drivers\en-GB
2016-03-15 18:17 - 2015-10-30 20:35 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-03-15 18:17 - 2015-10-30 20:35 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-03-15 18:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-03-15 18:16 - 2016-01-30 21:53 - 00000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2016-03-15 18:16 - 2016-01-30 21:53 - 00000000 ____D C:\WINDOWS\en-GB
2016-03-15 18:16 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-15 18:16 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-03-15 18:16 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-03-15 18:16 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-03-15 18:16 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-03-15 18:16 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-03-15 18:16 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\servicing
2016-03-15 17:28 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-03-15 17:22 - 2015-07-16 05:28 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-15 15:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-03-15 15:55 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-15 15:54 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows NT
2016-03-15 15:53 - 2015-09-01 22:06 - 00019035 _____ C:\WINDOWS\diagwrn.xml
2016-03-15 15:53 - 2015-09-01 22:06 - 00019035 _____ C:\WINDOWS\diagerr.xml
2016-03-15 15:51 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Registration
2016-03-15 15:50 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-03-15 15:47 - 2016-02-22 16:38 - 00002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-03-15 15:47 - 2016-02-04 12:52 - 00002534 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2016-03-15 15:47 - 2016-02-01 18:11 - 00002668 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task
2016-03-15 15:47 - 2016-01-31 02:08 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-03-15 15:47 - 2016-01-30 21:44 - 00003450 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-03-15 15:47 - 2016-01-30 21:44 - 00003226 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-03-15 15:47 - 2016-01-30 21:26 - 00002550 _____ C:\WINDOWS\System32\Tasks\abDocsDllLoader
2016-03-15 15:47 - 2016-01-30 21:25 - 00002564 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2016-03-15 15:47 - 2015-09-01 21:55 - 00002074 _____ C:\WINDOWS\System32\Tasks\FUBTrackingByPLD
2016-03-15 15:47 - 2015-09-01 21:21 - 00002180 _____ C:\WINDOWS\System32\Tasks\Quick Access
2016-03-15 15:47 - 2015-09-01 21:17 - 00002222 _____ C:\WINDOWS\System32\Tasks\Power Management
2016-03-15 15:47 - 2015-07-16 05:34 - 00002706 _____ C:\WINDOWS\System32\Tasks\UbtFrameworkService
2016-03-15 15:47 - 2015-07-16 05:32 - 00002926 _____ C:\WINDOWS\System32\Tasks\avast! SL Update
2016-03-15 15:47 - 2015-07-16 05:32 - 00002654 _____ C:\WINDOWS\System32\Tasks\Avast SecureLine
2016-03-15 15:47 - 2015-07-16 05:31 - 00004302 _____ C:\WINDOWS\System32\Tasks\Software Update Application
2016-03-15 15:47 - 2015-07-16 05:31 - 00003854 _____ C:\WINDOWS\System32\Tasks\ACCAgent
2016-03-15 15:47 - 2015-07-16 05:31 - 00002328 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2016-03-15 15:46 - 2015-10-30 09:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-03-15 15:38 - 2016-03-12 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls IV Oblivion
2016-03-15 15:38 - 2016-03-09 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Terraria [GOG.com]
2016-03-15 15:38 - 2016-03-08 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-03-15 15:38 - 2016-03-05 22:01 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft Wireless Network Watcher
2016-03-15 15:38 - 2016-03-05 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2016-03-15 15:38 - 2016-03-03 18:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shovel Knight [GOG.com]
2016-03-15 15:38 - 2016-03-01 22:14 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2016-03-15 15:38 - 2016-03-01 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5
2016-03-15 15:38 - 2016-02-24 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1
2016-03-15 15:38 - 2016-02-24 19:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\(Default)
2016-03-15 15:38 - 2016-02-22 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-03-15 15:38 - 2016-02-17 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-03-15 15:38 - 2016-02-13 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Algodoo
2016-03-15 15:38 - 2016-02-12 19:34 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lucent Web Creative
2016-03-15 15:38 - 2016-02-11 20:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dungeon Keeper 2 [GOG.com]
2016-03-15 15:38 - 2016-02-09 23:29 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2016-03-15 15:38 - 2016-02-09 13:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour
2016-03-15 15:38 - 2016-02-06 12:30 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2016-03-15 15:38 - 2016-02-03 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Who Is On My Wifi
2016-03-15 15:38 - 2016-02-03 13:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-03-15 15:38 - 2016-02-03 12:24 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nexon
2016-03-15 15:38 - 2016-02-01 18:10 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-03-15 15:38 - 2016-01-31 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2016-03-15 15:38 - 2016-01-31 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dust - An Elysian Tail [GOG.com]
2016-03-15 15:38 - 2016-01-31 00:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-03-15 15:38 - 2015-07-16 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-03-15 15:35 - 2016-01-31 08:07 - 00000000 ____D C:\Users\Default.migrated
2016-03-15 15:29 - 2016-02-06 13:54 - 00000000 ____D C:\WINDOWS\SysWOW64\spool
2016-03-15 15:29 - 2015-10-30 20:35 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-03-15 15:29 - 2015-10-30 20:35 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-03-15 15:29 - 2015-10-30 20:35 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-03-15 15:29 - 2015-10-30 20:35 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-03-15 15:29 - 2015-10-30 20:35 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-03-15 15:29 - 2015-10-30 20:35 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-03-15 15:29 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-03-15 15:29 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-03-15 15:29 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-03-15 15:29 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-03-15 15:29 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-03-15 15:29 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-03-15 15:29 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-03-15 15:29 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-15 15:29 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\spool
2016-03-15 15:29 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-03-15 15:28 - 2015-10-30 20:36 - 00000000 ____D C:\WINDOWS\OCR
2016-03-15 15:28 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-03-15 15:28 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-03-15 15:28 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\IME
2016-03-15 15:28 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Help
2016-03-15 15:27 - 2016-03-05 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
2016-03-15 15:27 - 2016-03-04 21:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Joycity
2016-03-15 15:27 - 2016-02-19 23:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-03-15 15:27 - 2016-01-31 18:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam
2016-03-15 15:27 - 2016-01-30 23:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-03-15 15:27 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-15 15:27 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-03-15 15:27 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\USOPrivate
2016-03-15 15:27 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-03-15 15:27 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-03-15 15:27 - 2015-09-01 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2016-03-15 15:27 - 2015-09-01 21:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12
2016-03-15 15:27 - 2015-09-01 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WPS Office
2016-03-15 15:27 - 2015-07-16 05:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-03-15 15:27 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-03-15 15:26 - 2015-07-10 13:04 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-03-15 15:25 - 2016-03-09 20:21 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mega Man 2.5D Project Team
2016-03-15 15:25 - 2016-02-01 18:12 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2016-03-15 15:22 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-03-15 15:12 - 2015-10-30 20:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-03-15 15:11 - 2015-10-30 09:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-03-15 15:06 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-15 15:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-15 15:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-15 15:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-03-15 15:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-15 15:06 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-15 15:06 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-03-15 14:51 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-03-15 14:51 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-03-15 14:51 - 2015-10-30 09:17 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-03-15 14:51 - 2015-10-30 09:17 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-03-15 14:51 - 2015-10-30 09:17 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-03-15 14:51 - 2015-10-30 09:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-03-15 14:50 - 2015-10-30 09:17 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-03-15 14:50 - 2015-10-30 09:17 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-03-15 14:50 - 2015-10-30 09:17 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-03-15 14:50 - 2015-10-30 09:17 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-03-15 14:50 - 2015-10-30 09:17 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-03-15 14:50 - 2015-10-30 09:17 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-03-15 14:50 - 2015-10-30 09:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-03-15 14:50 - 2015-10-30 09:17 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-03-15 14:50 - 2015-10-30 09:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-03-15 14:50 - 2015-10-30 09:17 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-03-15 14:50 - 2015-10-30 09:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-03-15 14:50 - 2015-10-30 09:17 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-03-15 14:50 - 2015-10-30 09:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-03-15 14:50 - 2015-10-30 09:17 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-03-15 14:29 - 2015-10-30 21:27 - 00000000 ___HD C:\$WINDOWS.~BT
2016-03-14 17:56 - 2015-09-01 20:50 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-03-13 15:19 - 2016-03-09 19:03 - 00000000 ____D C:\ProgramData\InstallShield

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-04-09 15:23 - 2016-04-09 15:23 - 0005120 _____ () C:\Users\Neku\AppData\Roaming\GiftBag.db
2016-02-02 14:46 - 2016-02-02 14:46 - 0000000 ___SH () C:\Users\Neku\AppData\Local\LumaEmu
2016-04-10 13:23 - 2016-04-10 13:23 - 0007607 _____ () C:\Users\Neku\AppData\Local\Resmon.ResmonCfg
2016-03-15 15:18 - 2016-03-15 15:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Neku\AppData\Local\Temp\dllnt_dump.dll

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-04-04 20:16

==================== Ende von FRST.txt ============================
Im sorry its in German since its manufactured like that so I cant change the sistem language

N8kux · Apr 12, 2016

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-04-2016 01
durchgeführt von Neku (2016-04-12 14:35:10)
Gestartet von C:\Users\Neku\Desktop
Windows 10 Home Version 1511 (X64) (2016-03-15 13:55:17)
Start-Modus: Normal
==========================================================

==================== Konten: =============================

Administrator (S-1-5-21-2253936156-139631062-2474235644-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2253936156-139631062-2474235644-503 - Limited - Disabled)
Gast (S-1-5-21-2253936156-139631062-2474235644-501 - Limited - Disabled)
Neku (S-1-5-21-2253936156-139631062-2474235644-1001 - Administrator - Enabled) => C:\Users\Neku

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.)
4K Video Downloader 3.8 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.8.1.1870 - Open Media LLC)
4K YouTube to MP3 3.0 (HKLM-x32\...\4K YouTube to MP3_is1) (Version: 3.0.0.1616 - Open Media LLC)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.09.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.06.2000.22 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3005 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.09.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3005 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.02.3000 - Acer Incorporated)
Adobe After Effects CS4 (HKLM-x32\...\Adobe_3dcb365ab9e01871fb8c6f27b0ea079) (Version: 9 - Adobe Systems Incorporated)
Adobe After Effects CS4 Third Party Content (HKLM-x32\...\Adobe_5aab5a491a3a52ae624fd639f6aaa95) (Version: 9 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.176 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS5.5 (HKLM-x32\...\{0497EAED-70DA-4BBE-BEB3-AF77FD8788EA}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
Algodoo v2.1.0 (HKLM-x32\...\Algodoo_is1) (Version: - Algoryx)
Amazon 1Button App (x32 Version: 2.3.3 - Amazon) Hidden
Amazon 1Button App (x32 Version: 2.3.4 - Amazon) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.15.2000.1 - Acer Incorporated)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.4 - AVAST Software)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.0.2.1014 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
BlueStacks App Player (HKLM-x32\...\{AF0D9073-1AE0-4C21-AA70-41294AEFBDFD}) (Version: 2.0.8.5638 - BlueStack Systems, Inc.)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version: - Blue Mammoth Games)
Brick-Force (HKLM\...\Steam App 335330) (Version: - Exe Games Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version: - Cheat Engine)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
Counter-Strike 1.6 (2015-10-21) (HKLM-x32\...\{271324A4-7514-4BEC-A6A9-EC33FEDF0447}_is1) (Version: - )
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4609.02 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0152 - Disc Soft Ltd)
Double Action: Boogaloo (HKLM\...\Steam App 317360) (Version: - Double Action Factory)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
Dust - An Elysian Tail (HKLM-x32\...\GOGPACKDUSTANELYSIANTAIL_is1) (Version: 2.0.0.2 - GOG.com)
eBay Worldwide (HKLM-x32\...\{3DC26EA7-03E3-4353-9424-EEB7A34A7504}) (Version: 2.5.0427 - OEM)
Epic Games Launcher (HKLM-x32\...\{C34FBCF4-5365-4136-A434-C4E086C9E649}) (Version: 1.1.55.0 - Epic Games, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
FreeStyle2 (HKLM-x32\...\{67E8ED8C-0318-4F6B-BE6F-FC042EE9BD15}) (Version: 1.03.0000 - Joycity)
Game Jolt Client version 0.3.0 (HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\game-jolt-client_is1) (Version: 0.3.0 - Lucen Web Creative, LLC)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Drive (HKLM-x32\...\{B0F1B758-60D6-41F7-93D9-212A448813FE}) (Version: 1.29.1862.0513 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hama uRage Vendetta Gamepad (HKLM-x32\...\{1696CD1C-7C50-4350-83FC-1DA843FDF853}) (Version: 2011.01.19 - Dragon rise)
Happy Wars (HKLM\...\Steam App 246280) (Version: - Toylogic inc.)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.13.258 - SurfRight B.V.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® RealSense™ SDK Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_v7_7.0.23.8048) (Version: 7.0.23.8048 - Intel Corporation)
Intel® RealSense™ SDK Runtime Gold (x86): Core (x32 Version: 7.0.23.8048 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Core: Calibration (x32 Version: 7.0.23.8048 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Data Collector (x32 Version: 7.0.23.8048 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Face Tracking (x32 Version: 7.0.23.8048 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Face Tracking: Models (x32 Version: 7.0.23.8048 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Hand Tracking (x32 Version: 7.0.23.8048 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Hand Tracking: Models (x32 Version: 7.0.23.8048 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Utilities (x32 Version: 7.0.23.8048 - Intel Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{84DB01CB-7EB7-4261-9249-99A32768D991}) (Version: 1.0.0.523 - Intel Corporation)
ioTablet (HKLM-x32\...\{896A285E-2DC4-4C73-BEDA-964244FD658A}) (Version: 1.02.00.02 - KYE)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 5.1.0.3 (HKLM-x32\...\{2F75F86D-8362-4F49-9536-D87DCBF6ABAE}) (Version: 5.1.0.3 - The Document Foundation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
Megaman 2.5D (HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\f92b3552c2c56606) (Version: 4.0.0.1 - Mega Man 2.5D Project Team)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Update 1 (HKLM-x32\...\{1d03ad7c-fa27-4517-91b0-410bb49f94d9}) (Version: 14.0.24720.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft1.8.8 (HKLM-x32\...\Minecraft1.8.8) (Version: - )
Minecraft1.9 (HKLM-x32\...\Minecraft1.9) (Version: - )
Mount&Blade Warband (HKLM-x32\...\Mount&Blade Warband) (Version: - )
Mozilla Firefox 45.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 en-US)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.3.0 - Nexon)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version: - )
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Oracle VM VirtualBox 5.0.14 (HKLM\...\{82022940-639B-48A3-86D9-B139864105F7}) (Version: 5.0.14 - Oracle Corporation)
osu! (HKLM-x32\...\{ce2ddcae-8c64-4c48-beca-a7416e0300b4}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.92.229.0 - Overwolf Ltd.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Prototype (HKLM-x32\...\Prototype_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.0 - Qualcomm Atheros)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.65 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7520 - Realtek Semiconductor Corp.)
Rogue Legacy version 0.0.0.9 (HKLM-x32\...\Rogue Legacy_is1) (Version: 0.0.0.9 - WaLMaRT)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)
SafeZone Stable 1.48.2066.44 (x32 Version: 1.48.2066.44 - Avast Software) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Shovel Knight (HKLM-x32\...\1207664823_is1) (Version: 2.0.0.5 - GOG.com)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.108 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.5 - Sophos Limited)
SpywareBlaster 5.4 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.4.0 - BrightFort LLC)
Sublime Text Build 3083 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
SUPERHOT (HKLM-x32\...\1456141688_is1) (Version: 2.0.0.4 - GOG.com)
System Requirements Lab (HKLM-x32\...\{F89CDED6-B1F1-489F-BA44-698BF6A737C2}) (Version: 6.1.6.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.0.0.1 - GOG.com)
The Elder Scrolls IV Oblivion version 1.2.0416.00 (HKLM-x32\...\The Elder Scrolls IV Oblivion_is1) (Version: 1.2.0416.00 - Mr DJ)
UnHackMe 8.00 (HKLM-x32\...\UnHackMe_is1) (Version: - Greatis Software, LLC.)
Unity Web Player (HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\UnityWebPlayer) (Version: 5.3.2f1 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Unturned (HKLM\...\Steam App 304930) (Version: - Smartly Dressed Games)
Who Is On My Wifi version 3.0.4 (HKLM-x32\...\{010D45A1-093D-4534-8147-4E10E80F81CC}_is1) (Version: 3.0.4 - IO3O LLC)
Windows-Treiberpaket - Intel Corporation (iagpioe) System (05/21/2015 604.10120.2652.361) (HKLM\...\AF9226384B030787C4D0F761A23F48F7649D6D17) (Version: 05/21/2015 604.10120.2652.361 - Intel Corporation)
Windows-Treiberpaket - Intel Corporation (iai2ce) System (05/21/2015 604.10120.2654.367) (HKLM\...\B37036F6A0766DAC3E418F6CAE67005C5F3A8C40) (Version: 05/21/2015 604.10120.2654.367 - Intel Corporation)
Windows-Treiberpaket - Intel Corporation (iauarte) System (05/21/2015 604.10120.2653.391) (HKLM\...\1D4FF76A05A14FF5BA3636A41E0AB237F3A55E14) (Version: 05/21/2015 604.10120.2653.391 - Intel Corporation)
WPS Office (9.1.0.5113) (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5113 - Kingsoft Corp.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2253936156-139631062-2474235644-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Neku\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2253936156-139631062-2474235644-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Neku\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2253936156-139631062-2474235644-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Neku\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {23A2FE03-1510-47FD-9ECC-F72AEA1847FA} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-01-14] (Acer Incorporated)
Task: {2559D0B8-5BD2-4D77-8D0A-9630CFB3AFC1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {59A86D7E-6582-40FF-8D0B-C439DD4095D9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {644DD111-74F2-41F9-91D1-0DBF73397DF9} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2015-04-30] (AVAST Software)
Task: {748C56D9-D949-423A-BAD8-FA08023868C5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-09] (Acer Incorporated)
Task: {78A05DEB-8DCD-48D9-9E01-786ADAC8055C} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {7B2684B7-EE13-44EA-9162-B0BBC771E076} - System32\Tasks\SafeZone scheduled Autoupdate 1458748831 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-02-01] (Avast Software)
Task: {7B36FE06-40C0-486B-BE9B-F9E00A5FE09B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-30] (Google Inc.)
Task: {7F0461B3-662B-48DD-B1D5-A1CB198F2694} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
Task: {8513D7B8-E77B-40F2-A0DA-999864501BF8} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-11-17] (Intel Corporation)
Task: {8BCAD972-842A-4BB8-9715-B0C437347F6F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-30] (Google Inc.)
Task: {91F9D2B6-9405-4B55-8297-BF24C7AD5C78} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-10] ()
Task: {990840B6-1D29-4796-8B6E-5633AB46887E} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2015-04-30] (AVAST Software)
Task: {B071E636-46B0-41CD-9309-3C0DFE70BF39} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-01-19] (Acer)
Task: {C48B4B92-F613-4F67-AFC3-8ED3D1D3E85D} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2015-11-23] ()
Task: {CD6F702C-470B-4241-8589-E1071B89BA8F} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-10] ()
Task: {CE4B86A5-BE0A-480F-84DE-CBAD5D214AD4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-11] (AVAST Software)
Task: {CF69E6C1-27CC-4148-888C-D9203E81E3E2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {D93696B2-C97B-4BFE-BC5E-2CF2A47F4AEF} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-03-21] (Overwolf LTD)
Task: {DE637713-3568-4A04-BD69-F4AF3D89A5DC} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe [2016-04-05] (Greatis Software)
Task: {EE6A08B9-7C78-4572-8C73-C1428A6CFDAB} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {EFBE76E2-E514-45CA-A787-239EC3E1E30E} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-07-09] (Acer Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\Neku\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-02-26 10:12 - 2015-02-26 10:12 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2016-03-22 17:39 - 2016-03-22 17:39 - 00189248 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-03-22 17:39 - 2016-03-22 17:39 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-07-16 05:32 - 2015-04-30 02:04 - 00445240 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2016-03-15 15:03 - 2016-03-15 15:03 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-01 16:13 - 2014-05-01 16:13 - 00470016 _____ () C:\Users\Neku\AppData\Local\MEGAsync\ShellExtX64.dll
2015-07-16 05:41 - 2015-05-08 19:41 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2016-03-15 19:05 - 2016-03-15 19:05 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-01-30 20:36 - 2016-01-30 20:36 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-09-01 21:55 - 2015-05-14 09:10 - 00030976 _____ () C:\OEM\Preload\FubTracking\FubTracking.exe
2016-02-22 16:41 - 2016-02-22 16:29 - 00062168 ____R () C:\Program Files\CCleaner\branding.dll
2015-11-23 19:44 - 2015-11-23 19:44 - 00091488 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2015-02-26 10:12 - 2015-02-26 10:12 - 00330240 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2015-11-23 19:44 - 2015-11-23 19:44 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-07-10 12:38 - 2015-07-10 12:38 - 04580704 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2016-02-11 21:15 - 2016-02-11 21:15 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-02-11 21:15 - 2016-02-11 21:15 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-04-11 14:53 - 2016-04-11 14:53 - 02876416 _____ () C:\Program Files\AVAST Software\Avast\defs\16041100\algo.dll
2016-02-11 21:15 - 2016-02-11 21:15 - 00480760 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-04-12 14:11 - 2016-04-12 14:11 - 02888192 _____ () C:\Program Files\AVAST Software\Avast\defs\16041200\algo.dll
2016-03-13 15:17 - 2013-01-15 14:51 - 00046080 _____ () C:\WINDOWS\system32\wintab32.dll
2014-05-01 16:15 - 2014-05-01 16:15 - 00463360 _____ () C:\Users\Neku\AppData\Local\MEGAsync\ShellExtX32.dll
2016-03-15 19:05 - 2016-03-15 19:05 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-03-15 19:05 - 2016-03-15 19:05 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-02-03 17:38 - 2015-07-09 12:26 - 00839680 _____ () C:\Program Files (x86)\IO3O LLC\Who Is On My Wifi\System.Data.SQLite.dll
2015-11-23 19:44 - 2015-11-23 19:44 - 00277856 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2016-04-12 14:11 - 2016-04-12 14:11 - 00098816 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\win32api.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00110080 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\pywintypes27.dll
2016-04-12 14:11 - 2016-04-12 14:11 - 00364544 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\pythoncom27.dll
2016-04-12 14:11 - 2016-04-12 14:11 - 00320512 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\win32com.shell.shell.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00776704 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\_hashlib.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 01176576 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\wx._core_.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00806400 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\wx._gdi_.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00816128 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\wx._windows_.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 01067008 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\wx._controls_.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00733184 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\wx._misc_.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00682496 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\pysqlite2._sqlite.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00088064 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\_ctypes.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00119808 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\win32file.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00108544 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\win32security.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00007168 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\hashobjs_ext.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00017920 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\thumbnails_ext.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00088064 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\usb_ext.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00167936 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\win32gui.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00018432 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\win32event.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00046080 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\_socket.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 01208320 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\_ssl.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00128512 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\_elementtree.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00127488 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\pyexpat.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00012288 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\common.time34.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00038912 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\win32inet.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00036864 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\_psutil_windows.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00525208 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\windows._lib_cacheinvalidation.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00011264 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\win32crypt.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00077312 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\wx._html2.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00027136 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\_multiprocessing.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00020480 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\_yappi.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00035840 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\win32process.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00686080 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\unicodedata.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00078848 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\wx._animate.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00123392 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\wx._wizard.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00024064 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\win32pipe.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00010240 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\select.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00025600 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\win32pdh.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00017408 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\win32profile.pyd
2016-04-12 14:11 - 2016-04-12 14:11 - 00022528 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI70042\win32ts.pyd
2016-01-16 22:40 - 2016-01-16 22:40 - 00143872 _____ () C:\Users\Neku\AppData\Local\MEGAsync\libuv.dll
2015-11-04 13:40 - 2015-11-04 13:40 - 00052224 _____ () C:\Users\Neku\AppData\Local\MEGAsync\cares.dll
2015-07-16 05:32 - 2015-04-30 02:04 - 38561984 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
2015-11-16 20:56 - 2015-11-16 20:56 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-11-16 20:55 - 2015-11-16 20:55 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-11-16 20:56 - 2015-11-16 20:56 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2015-11-16 20:56 - 2015-11-16 20:56 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2016-03-15 15:27 - 2016-03-15 15:27 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-01-14 18:12 - 2016-01-14 18:12 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-01-14 18:11 - 2016-01-14 18:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-01-19 16:06 - 2016-01-19 16:06 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-01-19 16:06 - 2016-01-19 16:06 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2016-01-30 21:40 - 2016-01-30 21:40 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [270]
AlternateDataStreams: C:\Users\Neku\Cookies:eLzzriPeN1MNFOkejNxqUxTPoNxAY [2136]
AlternateDataStreams: C:\Users\Neku\AppData\Local\Temporary Internet Files:fx18fowBUdLoTEkpDxaPcAEeW [2204]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\amazon.com -> hxxps://amazon.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\1001movie.com -> 1001movie.com

Da befinden sich 6091 mehr Seiten.

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2253936156-139631062-2474235644-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Neku\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\colorful_abstract_3d_art-wallpaper-1920x1080.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "AdobeCS5.5ServiceManager"
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\StartupApproved\Run: => "AcerPortal"
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\StartupApproved\Run: => "GameJoltClient"
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\StartupApproved\Run: => "ManyCam"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{4E446E57-CB71-4872-AB56-E9FD083A80AC}C:\users\neku\downloads\rtc075c\bizhawk\autokillswitch.exe] => (Allow) C:\users\neku\downloads\rtc075c\bizhawk\autokillswitch.exe
FirewallRules: [TCP Query User{21309AC1-DEB2-465B-8471-416C44BE258C}C:\users\neku\downloads\rtc075c\bizhawk\autokillswitch.exe] => (Allow) C:\users\neku\downloads\rtc075c\bizhawk\autokillswitch.exe
FirewallRules: [UDP Query User{7EB52ECB-A3C8-489D-88D1-DE3E2EE0529E}C:\users\neku\downloads\rtc075c\bizhawk\emuhawk.exe] => (Allow) C:\users\neku\downloads\rtc075c\bizhawk\emuhawk.exe
FirewallRules: [TCP Query User{47B85C7D-A6DC-4ABC-848F-A36C162E3D46}C:\users\neku\downloads\rtc075c\bizhawk\emuhawk.exe] => (Allow) C:\users\neku\downloads\rtc075c\bizhawk\emuhawk.exe
FirewallRules: [UDP Query User{A6E09A02-B095-42C7-9974-8D1081238293}F:\gamekiss\freestyle2\freestyle2.exe] => (Allow) F:\gamekiss\freestyle2\freestyle2.exe
FirewallRules: [TCP Query User{0BD89E8A-F814-4162-A225-4F5F506305B6}F:\gamekiss\freestyle2\freestyle2.exe] => (Allow) F:\gamekiss\freestyle2\freestyle2.exe
FirewallRules: [UDP Query User{BBAC63ED-52E8-41DD-94D7-2D08BEE60BB9}F:\counter-strike source\hl2.exe] => (Allow) F:\counter-strike source\hl2.exe
FirewallRules: [TCP Query User{3ACE1E8D-5CA7-4AFA-B9D1-9D6555B0D112}F:\counter-strike source\hl2.exe] => (Allow) F:\counter-strike source\hl2.exe
FirewallRules: [{E0A88ABF-DFB9-46B5-ACDE-8C6C1BC02AC7}] => (Allow) F:\Assasin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{2A5EAD2A-F5B3-4374-8ECA-0859AB4C7DF5}] => (Allow) F:\Assasin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{D1E9F7A4-1F89-4EC1-9060-90BD9A3FC4E3}] => (Allow) F:\Assasin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{208D2376-459B-43BC-8879-68F1FF49604B}] => (Allow) F:\Assasin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{01F18386-ABDB-4003-A207-30E4176EA271}] => (Allow) F:\Assasin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{1C15ECDF-F9AB-47D0-AED6-94168D2E8D03}] => (Allow) F:\Assasin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{5221D51A-EAD3-46C8-9ACC-657D358EB43C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{8860086B-E44B-4946-A12A-6B32936C5F83}C:\users\neku\appdata\local\game-jolt-client\games\plan-be-86295\default-188591\plan be\plan be.exe] => (Allow) C:\users\neku\appdata\local\game-jolt-client\games\plan-be-86295\default-188591\plan be\plan be.exe
FirewallRules: [TCP Query User{1F90AEA7-4ED3-408A-AA86-342453B290B4}C:\users\neku\appdata\local\game-jolt-client\games\plan-be-86295\default-188591\plan be\plan be.exe] => (Allow) C:\users\neku\appdata\local\game-jolt-client\games\plan-be-86295\default-188591\plan be\plan be.exe
FirewallRules: [{17BC20F3-1410-421D-AB00-64694116A28C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{675E7071-4517-4A5D-B14D-1D6D6F28CB0E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{150CCD57-8C35-4011-899D-16B6CFEC73B2}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{03CC8B61-E5DD-471E-9C6A-25EDE673CCAE}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{76FB4048-63B8-420C-9538-DF764CDAF2B9}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{6A649720-8B75-458D-9F99-AFC275D1DC39}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{D0D636AD-D793-492C-B78B-7D88CE2C0108}] => (Allow) C:\Users\Neku\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5F7A3516-CF83-48BA-8DE3-4359473F0DA0}] => (Allow) C:\Users\Neku\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D1CDF8DA-6965-4CE3-8496-DA15A9DF7B47}] => (Allow) C:\Users\Neku\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{388EF662-FE9D-45F6-A0ED-7D88AE493757}] => (Allow) C:\Users\Neku\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1ABDA077-BC0F-4972-ABA4-85D81DD88D31}] => (Allow) C:\Users\Neku\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{435104E8-D9D6-479A-8952-FA2D56CF8994}] => (Allow) C:\Users\Neku\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{684B0110-FA1E-48D8-B647-4B3F5FF27BE4}C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [TCP Query User{239E79F5-B57E-40C4-BD45-D37D0B99D448}C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [{79335C2F-97B2-40AA-8478-EC22FE191C2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{77047FE5-5BE3-46C4-9880-2EDCA9AD130E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{90DCACF2-AD29-4E57-BC3B-9517855EA057}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{8A51B2ED-B3C9-491A-9BE7-0BF196CCC4FB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{AC4F09D0-A1A1-491B-A6C8-7B850DA5B4AB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{030AD213-B01A-4478-8883-98ACC90362D1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{EC3208F3-2858-4033-948B-9FC0C05D4036}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{7456B177-F3A4-4680-BA3F-C029A641E7C8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{BE80E928-3459-46C0-90FB-93E4B0CC701A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{0975B1B7-2088-4DE4-BA9B-972C7C5AB731}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{8515A834-F84E-4227-A48F-F7993A8B0DFD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{F43687B8-AE0B-47AA-AA91-39D6BA149537}] => (Allow) F:\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{76A317DF-7A61-4F2D-B775-EC9F1934AF26}] => (Allow) F:\Steam\steamapps\common\Brawlhalla\Brawlhalla.exe
FirewallRules: [{F360040E-1E42-4DBF-8D0E-3E2032814350}] => (Allow) F:\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{9B563F35-8F9E-4B40-A77A-9BEE995CEB2D}] => (Allow) F:\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{D70107F7-9849-4463-914A-75148F38A7B4}] => (Allow) F:\Steam\steamapps\common\Brick-Force ROW\InfernumLogin.exe
FirewallRules: [{E350EDC0-91B6-4F96-A7A1-236788A67F3D}] => (Allow) F:\Steam\steamapps\common\Brick-Force ROW\InfernumLogin.exe
FirewallRules: [TCP Query User{BE0239B4-09A6-4A3B-983D-FFE24ED785FD}F:\steam\steamapps\common\brick-force row\brickforce.exe] => (Allow) F:\steam\steamapps\common\brick-force row\brickforce.exe
FirewallRules: [UDP Query User{132BE23F-B7D3-40E0-80BD-C624498E11B7}F:\steam\steamapps\common\brick-force row\brickforce.exe] => (Allow) F:\steam\steamapps\common\brick-force row\brickforce.exe
FirewallRules: [{000A4184-F64C-4586-AC52-E4F3E485CF99}] => (Allow) F:\Steam\steamapps\common\Double Action\hl2.exe
FirewallRules: [{C49C7420-2A2B-4079-9EEF-2C680E59F2F3}] => (Allow) F:\Steam\steamapps\common\Double Action\hl2.exe
FirewallRules: [{CCA7B11A-6A4F-4590-9CB5-0E6B9D3AE3F8}] => (Allow) F:\Steam\steamapps\common\Double Action\bin\hammer.exe
FirewallRules: [{C40CCABD-357B-4807-AD47-E360BDC1377D}] => (Allow) F:\Steam\steamapps\common\Double Action\bin\hammer.exe
FirewallRules: [TCP Query User{8CCA3E7F-4D16-4DED-AB12-F3C86938516E}F:\steam\steamapps\common\happywars\happywars.exe] => (Allow) F:\steam\steamapps\common\happywars\happywars.exe
FirewallRules: [UDP Query User{0E9F0083-883C-4DDA-B532-26C64B2B8531}F:\steam\steamapps\common\happywars\happywars.exe] => (Allow) F:\steam\steamapps\common\happywars\happywars.exe
FirewallRules: [{813E9FEF-8E3E-46E5-BE96-2AB3BDBA42B0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{689F5E91-5867-478F-90FD-35BE6C9CD056}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{9B9A4EF2-7EFB-42F4-BBB1-C780AA6F7DD4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{89757EB3-6C38-466B-B8B0-F7F909B0CB75}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{DB6E169A-181E-4395-90B3-CF1761071E7A}F:\counter-strike 1.6 (2015-10-21)\hl.exe] => (Allow) F:\counter-strike 1.6 (2015-10-21)\hl.exe
FirewallRules: [UDP Query User{22F37DCD-6744-467A-9F9A-82B7FB1401C4}F:\counter-strike 1.6 (2015-10-21)\hl.exe] => (Allow) F:\counter-strike 1.6 (2015-10-21)\hl.exe
FirewallRules: [TCP Query User{306E84E2-E918-45CA-8688-66D691CD8FE4}F:\torrents\coin.crypt.sea.and.sky.expansion\coin.crypt.sea.and.sky.expansion\coincrypt-win.exe] => (Allow) F:\torrents\coin.crypt.sea.and.sky.expansion\coin.crypt.sea.and.sky.expansion\coincrypt-win.exe
FirewallRules: [UDP Query User{F28DA13C-043A-4F0D-9C3A-33AD59EA541D}F:\torrents\coin.crypt.sea.and.sky.expansion\coin.crypt.sea.and.sky.expansion\coincrypt-win.exe] => (Allow) F:\torrents\coin.crypt.sea.and.sky.expansion\coin.crypt.sea.and.sky.expansion\coincrypt-win.exe
FirewallRules: [{05E96E42-FF5C-4961-BF99-2B8FAD6E048B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{B2CA5A32-2C59-4B3B-9333-6FF28BE11942}C:\users\neku\appdata\local\temp\70088484\download\minithunderplatform.exe] => (Block) C:\users\neku\appdata\local\temp\70088484\download\minithunderplatform.exe
FirewallRules: [UDP Query User{65A6F9D7-0600-4D0D-95B8-E7261557CFC6}C:\users\neku\appdata\local\temp\70088484\download\minithunderplatform.exe] => (Block) C:\users\neku\appdata\local\temp\70088484\download\minithunderplatform.exe

==================== Wiederherstellungspunkte =========================

01-04-2016 18:40:10 Installed DirectX
09-04-2016 15:55:17 ASU_MSI_TRAN
10-04-2016 14:54:52 JRT Pre-Junkware Removal
11-04-2016 16:45:42 JRT Pre-Junkware Removal

N8kux · Apr 12, 2016

==================== Fehlerhafte Geräte im Gerätemanager =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/11/2016 06:05:48 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (04/11/2016 06:05:30 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (04/11/2016 04:46:06 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (04/11/2016 04:32:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-VB720D7I)
Description: Activation of application Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (04/11/2016 04:27:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (04/11/2016 04:18:42 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (04/11/2016 02:59:21 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (04/10/2016 03:42:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-VB720D7I)
Description: Activation of application Microsoft.Getstarted_3.5.11.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (04/10/2016 02:57:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 45.0.1.5918, time stamp: 0x56e8b7df
Faulting module name: mozglue.dll, version: 45.0.1.5918, time stamp: 0x56e8a981
Exception code: 0x80000003
Fault offset: 0x0000f0ea
Faulting process ID: 0x2de8
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report ID: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5

Error: (04/10/2016 02:55:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Systemfehler:
=============
Error: (04/12/2016 02:08:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Kingsoft_WPS_UpdateService service failed to start due to the following error:
%%1053

Error: (04/12/2016 02:08:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Kingsoft_WPS_UpdateService service to connect.

Error: (04/12/2016 02:08:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The CamMask service failed to start due to the following error:
%%1058

Error: (04/12/2016 02:08:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The BstHdDrv service failed to start due to the following error:
%%2

Error: (04/12/2016 02:08:04 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 23:06:17 on ‎11.‎04.‎2016 was unexpected.

Error: (04/12/2016 02:07:43 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256841094496

Error: (04/11/2016 11:11:13 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-VB720D7I)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (04/11/2016 11:11:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Benutzerdatenzugriff_37611 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Neustart des Diensts.

Error: (04/11/2016 11:11:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Benutzerdatenspeicher _37611 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Neustart des Diensts.

Error: (04/11/2016 11:11:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Kontaktdaten_37611 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Neustart des Diensts.

CodeIntegrity:
===================================
Date: 2016-03-23 17:00:55.784
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-22 17:07:55.519
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-21 20:14:24.908
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-20 00:54:39.108
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-20 00:06:24.550
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-20 00:05:02.316
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-20 00:04:50.884
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-20 00:02:02.601
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-19 23:46:46.057
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-03-18 22:01:57.374
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\efswrt.dll because the set of per-page image hashes could not be found on the system.

==================== Speicherinformationen ===========================

Prozessor: Intel(R) Pentium(R) CPU N3700 @ 1.60GHz
Prozentuale Nutzung des RAM: 59%
Installierter physikalischer RAM: 4010.02 MB
Verfügbarer physikalischer RAM: 1639.05 MB
Summe virtueller Speicher: 5162.02 MB
Verfügbarer virtueller Speicher: 2308.36 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:234.41 GB) (Free:153.51 GB) NTFS
Drive f: (New Volume) (Fixed) (Total:230.75 GB) (Free:159.33 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 0911E2FF)

Partition: GPT.

==================== Ende von Addition.txt ============================

Broni · Apr 12, 2016

Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

Close all the running programs
Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
Otherwise just double-click on RogueKiller.exe
Pre-scan will start. Let it finish.
Click on SCAN button.
Wait until the Status box shows Scan Finished
Click on Delete.
Wait until the Status box shows Deleting Finished.
Click on Report and copy/paste the content of the Notepad into your next reply.
RKreport.txt could also be found on your desktop.
If more than one log is produced post all logs.
If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

Please download Malwarebytes Anti-Malware (MBAM) to your desktop.
NOTE. If you already have MBAM 2.0 installed scroll down.

Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:
Launch Malwarebytes Anti-Malware
A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.
On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

If you already have MBAM 2.0 installed:

On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs:
(Export log to save as txt)

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the Scan Log which shows the Date and time of the scan just performed.
Click 'Export'.
Click 'Text file (*.txt)'
In the Save File dialog box which appears, click on Desktop.
In the File name: box type a name for your scan log.
A message box named 'File Saved' should appear stating "Your file has been successfully exported".
Click Ok
Attach that saved log to your next reply.

(Copy to clipboard for pasting into forum replies or tickets)

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the Scan Log which shows the Date and time of the scan just performed.
Click 'Copy to Clipboard'
Paste the contents of the clipboard into your reply.

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Scan button.
When the scan has finished click on Clean button.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

N8kux · Apr 15, 2016

RogueKiller V12.1.2.0 (x64) [Apr 11 2016] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.10586) 64 bits version
Started in : Normal mode
User : Neku [Administrator]
Started from : C:\Users\Neku\Downloads\RogueKillerX64.exe
Mode : Delete -- Date : 04/15/2016 15:14:46

¤¤¤ Processes : 1 ¤¤¤
[Suspicious.Path] MEGAsync.exe(4792) -- C:\Users\Neku\AppData\Local\MEGAsync\MEGAsync.exe[7] -> Killed [TermProc]

¤¤¤ Registry : 5 ¤¤¤
[Hidden.From.SCM] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Partizan (system32\drivers\Partizan.sys) -> Deleted
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.1 0.0.0.0 ([-][X]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.1 0.0.0.0 ([-][X]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{80137d26-7fa4-4b61-b40c-a8d9bbbcbd5b} | DhcpNameServer : 192.168.1.1 0.0.0.0 ([-][X]) -> Replaced ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{80137d26-7fa4-4b61-b40c-a8d9bbbcbd5b} | DhcpNameServer : 192.168.1.1 0.0.0.0 ([-][X]) -> Replaced ()

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 1 ¤¤¤
[Suspicious.Path][File] C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [LNK@] C:\Users\Neku\AppData\Local\MEGAsync\MEGAsync.exe -> Deleted

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MQ01ABF050 +++++
--- User ---
[MBR] e5895b29d111454f32479cbd13e7cba5
[BSP] 90efff3602ac0bbcf129baf49547f585 : Empty MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 100 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 206848 | Size: 16 MB
2 - Basic data partition | Offset (sectors): 239616 | Size: 240036 MB
3 - Basic data partition | Offset (sectors): 491833344 | Size: 236286 MB
4 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 975749120 | Size: 500 MB
User = LL1 ... OK
User = LL2 ... OK

N8kux · Apr 15, 2016

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2016-04-15
Scan Time: 3:19 PM
Logfile: l.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.04.15.03
Rootkit Database: v2016.04.09.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: Neku

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 402522
Time Elapsed: 36 min, 24 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

N8kux · Apr 15, 2016

# AdwCleaner v5.111 - Bericht erstellt am 15/04/2016 um 18:38:26
# Aktualisiert am 14/04/2016 von Xplode
# Datenbank : 2016-04-11.4 [Server]
# Betriebssystem : Windows 10 Home (X64)
# Benutzername : Neku - LAPTOP-VB720D7I
# Gestartet von : C:\Users\Neku\Desktop\AdwCleaner.exe
# Option : Suchlauf
# Unterstützung : http://toolslib.net/forum

***** [ Dienste ] *****

***** [ Ordner ] *****

***** [ Dateien ] *****

***** [ DLL ] *****

***** [ Verknüpfungen ] *****

***** [ Aufgabenplanung ] *****

***** [ Registrierungsdatenbank ] *****

***** [ Internetbrowser ] *****

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4240 Bytes] - [10/04/2016 14:45:45]
C:\AdwCleaner\AdwCleaner[C2].txt - [1651 Bytes] - [11/04/2016 16:32:31]
C:\AdwCleaner\AdwCleaner[S1].txt - [4447 Bytes] - [10/04/2016 14:42:14]
C:\AdwCleaner\AdwCleaner[S2].txt - [949 Bytes] - [10/04/2016 16:20:37]
C:\AdwCleaner\AdwCleaner[S3].txt - [1430 Bytes] - [11/04/2016 16:29:08]
C:\AdwCleaner\AdwCleaner[S4].txt - [1169 Bytes] - [11/04/2016 16:39:12]
C:\AdwCleaner\AdwCleaner[S5].txt - [1085 Bytes] - [15/04/2016 18:38:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1158 Bytes] ##########

N8kux · Apr 15, 2016

Hello Again and thank you for helping me im sorry im replying so late since im gonna move out soon into a new apartment I hope you stay with me here and I have a question what do I disable before running JRT and is there a way to see if I got a DNS virus in my router since im not using my pc without cleaning the viruses and I noticed when I use my phone and tablet its kinda slow or some pages say having trouble loading and sometimes I cant load the page for like 10 minutes and its kinda slowish sometimes (bear in mind that I have a fast net connection) now this may be a virus or something but I dont know so thats why im asking you im sorry for my bad English and im so great full you are helping me

N8kux · Apr 15, 2016

Also I dont know if these pum.dns are to fault but im asking since I saw this and I know im panicking but other people use that net too soo yea I dont want to eather lose my data or get my personal data stolen or theirs I know I know im boring and asking questions like this.

Broni · Apr 15, 2016

To run JRT just disable your AV program.

N8kux · Apr 18, 2016

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 10 Home x64
Ran by Neku (Administrator) on 2016-04-18 at 13:19:50.36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 1

Successfully deleted: C:\WINDOWS\wininit.ini (File)

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2016-04-18 at 13:29:15.74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

N8kux · Apr 18, 2016

I hope that is what you asked
right

N8kux · Apr 18, 2016

Just to ask do these 0.0.0.0 on my ip matter since I think I didnt have that maybe I dont know

Broni · Apr 18, 2016

That's fine.

Re-run Farbar Recovery Scan Tool (FRST/FRST64) you ran at the very beginning of this topic.

Double click to run it.
Make sure you checkmark Addition.txt box.
Press Scan button.
Scan will create two logs, FRST.txt and Addition.txt in the same directory the tool is run. Please copy and paste them to your reply.

N8kux · Apr 19, 2016

Hey ya know about JRT and how I needed to disable the antvirus and realtime protection well I cant turn on win defender I dunno if its that important or good at all but I still cant enable it

N8kux · Apr 19, 2016

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-04-2016 01
durchgeführt von Neku (Administrator) auf LAPTOP-VB720D7I (19-04-2016 16:50:08)
Gestartet von C:\Users\Neku\Desktop
Geladene Profile: Neku & (Verfügbare Profile: Neku)
Platform: Windows 10 Home Version 1511 (X64) Sprache: German (Germany)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool:

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Amazon Inc.) C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Visicom Media Inc.) C:\ProgramData\ManyCam\Service\service.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
() C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(SurfRight B.V.) C:\Program Files\HitmanPro\HitmanPro.exe
(Greatis Software) C:\Program Files (x86)\UnHackMe\hackmon.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\OEM\Preload\FubTracking\FubTracking.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(IO3O LLC) C:\Program Files (x86)\IO3O LLC\Who Is On My Wifi\mywifi.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Greatis Software) C:\Program Files (x86)\UnHackMe\Unhackme.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
(Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-20] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-11-23] ()
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7139256 2016-03-23] (AVAST Software)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318248 2016-01-08] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [888344 2016-02-05] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2732760 2016-01-19] (Acer)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [45056 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23485208 2016-03-30] (Google)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-02-26] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\MountPoints2: H - "H:\Setup.exe"
HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2732760 2016-01-19] (Acer)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [45056 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4290240 2016-03-01] (Disc Soft Ltd)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23485208 2016-03-30] (Google)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-02-26] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: H - "H:\Setup.exe"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-03-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-03-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-03-30] (Google)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Neku\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Neku\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Neku\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-11] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Neku\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Neku\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Neku\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Who Is On My Wifi.lnk [2016-04-09]
ShortcutTarget: Who Is On My Wifi.lnk -> C:\Program Files (x86)\IO3O LLC\Who Is On My Wifi\mywifi.exe (IO3O LLC)
BootExecute: autocheck autochk * sdnclean64.exePartizan
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55808 2015-10-30] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\napinsp.dll"
Winsock: Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656 2015-10-30] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656 2015-10-30] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65024 2015-10-30] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160 2015-10-30] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552 2015-10-30] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\winrnr.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{80137d26-7fa4-4b61-b40c-a8d9bbbcbd5b}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-11] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-29] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-11] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-29] (Oracle Corporation)

N8kux · Apr 19, 2016

FireFox:
========
FF ProfilePath: C:\Users\Neku\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Homepage: hxxp://google.rs/
FF Session Restore: -> ist aktiviert.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-2253936156-139631062-2474235644-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Neku\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-22] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Neku\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-01-22] (Unity Technologies ApS)
FF Extension: FireGestures - C:\Users\Neku\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\[email protected] [2016-04-11]
FF Extension: MEGA - C:\Users\Neku\AppData\Roaming\Mozilla\Firefox\Profiles\6vqbyy8g.default\Extensions\[email protected] [2016-04-05]
FF Extension: FireGestures - C:\Users\Neku\AppData\Roaming\Mozilla\Firefox\Profiles\6vqbyy8g.default\Extensions\[email protected] [2016-04-08]
FF Extension: English (US) Language Pack - C:\Users\Neku\AppData\Roaming\Mozilla\Firefox\Profiles\6vqbyy8g.default\Extensions\[email protected] [2016-03-20]
FF Extension: MEGA - C:\Users\Neku\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\[email protected] [2016-04-11]
FF Extension: English (US) Language Pack - C:\Users\Neku\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\[email protected] [2016-03-20]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-02-14]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR Profile: C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-30]
CHR Extension: (Google Docs) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-31]
CHR Extension: (Google Drive) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-31]
CHR Extension: (YouTube) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-31]
CHR Extension: (Google Search) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-31]
CHR Extension: (Google Sheets) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-30]
CHR Extension: (Google Docs Offline) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-02]
CHR Extension: (Avast Online Security) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-09]
CHR Extension: (Kein Name) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-04-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Kein Name) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebgdicanjhnamfmdlmlbcnkgehkkmf [2016-04-10]
CHR Extension: (Gmail) - C:\Users\Neku\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-31]
CHR HKU\S-1-5-21-2253936156-139631062-2474235644-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2253936156-139631062-2474235644-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ooebgdicanjhnamfmdlmlbcnkgehkkmf] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ooebgdicanjhnamfmdlmlbcnkgehkkmf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-11]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Amazon 1Button App Service; c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [451072 2016-01-11] (Amazon Inc.) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [323152 2015-05-29] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-11] (AVAST Software)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433688 2016-02-05] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413208 2016-02-05] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [859672 2016-02-05] (BlueStack Systems, Inc.)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-01-14] (Acer Incorporated)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1444544 2016-03-01] (Disc Soft Ltd)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-04-09] (SurfRight B.V.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [368552 2016-01-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdatesvr.exe [133480 2015-09-01] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\service.exe [77528 2015-12-15] (Visicom Media Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1286896 2016-04-05] (Overwolf LTD)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2016-03-22] ()
R2 PnkBstrB; C:\WINDOWS\SysWOW64\PnkBstrB.exe [189248 2016-03-22] ()
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187024 2016-02-26] (Sandboxie Holdings, LLC)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [445240 2015-04-30] ()
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [251232 2015-09-14] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-11] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-03-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-11] (AVAST Software)
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4301304 2015-05-17] (Qualcomm Atheros Communications, Inc.)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-02-05] (BlueStack Systems)
S2 CamMask; C:\Windows\system32\DRIVERS\cmvcamdrv64.sys [954072 2013-12-23] ()
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-02-05] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-02-05] (Disc Soft Ltd)
R1 epp; C:\Users\Neku\Desktop\security\bin64\epp.sys [124080 2016-02-11] (Emsisoft Ltd)
R3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [49584 2016-04-19] ()
R3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41984 2015-06-02] (Intel(R) Corporation)
S3 iauarte; C:\Windows\System32\drivers\iauarte.sys [112640 2015-06-02] (Intel(R) Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5759240 2016-01-30] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-19] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [40304 2016-04-09] (Greatis Software)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-02-26] (Sandboxie Holdings, LLC)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [51368 2015-05-11] (Synaptics Incorporated)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R1 VBoxNetAdp; C:\Windows\System32\drivers\VBoxNetAdp6.sys [117768 2016-01-19] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2016-01-19] (Oracle Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\Windows\xhunter1.sys [35880 2016-03-11] (Wellbia.com Co., Ltd.)
S3 X6va062; \??\C:\WINDOWS\SysWOW64\Drivers\X6va062 [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-19 16:50 - 2016-04-19 16:50 - 00031876 _____ C:\Users\Neku\Desktop\FRST.txt
2016-04-19 16:47 - 2016-04-19 16:47 - 00049584 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2016-04-18 16:42 - 2016-04-18 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2016-04-18 16:42 - 2016-04-18 16:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-04-18 16:40 - 2016-04-18 16:40 - 00000000 ____D C:\WINDOWS\PCHEALTH
2016-04-18 16:40 - 2016-04-18 16:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2016-04-18 16:40 - 2016-04-18 16:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2016-04-18 16:40 - 2016-04-18 16:40 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-04-18 16:38 - 2016-04-18 16:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-04-18 16:36 - 2016-04-18 16:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2016-04-18 16:35 - 2016-04-18 16:35 - 00000000 __RHD C:\MSOCache
2016-04-18 16:35 - 2016-04-18 16:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-04-18 16:07 - 2016-04-18 16:07 - 00000000 ___RD C:\Sandbox
2016-04-18 16:04 - 2016-04-19 16:45 - 00001772 _____ C:\WINDOWS\Sandboxie.ini
2016-04-18 16:04 - 2016-04-18 16:02 - 00000941 _____ C:\Users\Neku\Desktop\Sandboxed Web Browser.lnk
2016-04-18 16:02 - 2016-04-18 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2016-04-18 16:02 - 2016-04-18 16:02 - 00000000 ____D C:\Program Files\Sandboxie
2016-04-18 16:01 - 2016-04-18 16:01 - 08584848 _____ (Sandboxie Holdings, LLC) C:\Users\Neku\Downloads\SandboxieInstall.exe
2016-04-18 14:09 - 2016-04-18 14:20 - 785858560 _____ C:\Users\Neku\Downloads\_Getintopc.com_Microsoft_Office_Proffesional_Plus_2010.iso
2016-04-18 13:11 - 2016-04-18 13:11 - 00000000 ___HD C:\OneDriveTemp
2016-04-15 18:36 - 2016-04-15 18:37 - 03677760 _____ C:\Users\Neku\Desktop\AdwCleaner.exe
2016-04-12 14:46 - 2016-04-12 14:46 - 00000000 _____ C:\Users\Neku\Desktop\New Text Document.txt
2016-04-12 14:41 - 2016-04-15 19:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-12 14:30 - 2016-04-19 16:50 - 00000000 ____D C:\FRST
2016-04-12 14:16 - 2016-04-12 14:16 - 02375168 _____ (Farbar) C:\Users\Neku\Desktop\FRST64.exe
2016-04-11 17:07 - 2016-04-11 18:04 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-04-11 16:26 - 2016-04-11 16:26 - 03465280 _____ C:\Users\Neku\Desktop\adwcleaner_5.110.exe
2016-04-11 16:18 - 2016-04-11 16:18 - 00000000 ____D C:\Program Files (x86)\ESET
2016-04-11 15:40 - 2016-04-11 15:41 - 24003656 _____ C:\Users\Neku\Downloads\RogueKillerX64.exe
2016-04-10 17:30 - 2016-04-10 17:30 - 00000478 _____ C:\WINDOWS\system32\.crusader
2016-04-10 15:41 - 2016-04-10 15:41 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-04-10 15:21 - 2016-04-10 15:23 - 227630056 _____ C:\Users\Neku\Downloads\EmsisoftEmergencyKit.exe
2016-04-10 14:55 - 2015-12-09 05:39 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-10 14:41 - 2016-04-15 18:42 - 00000000 ____D C:\AdwCleaner
2016-04-10 14:05 - 2016-04-10 14:05 - 01610352 _____ (Malwarebytes) C:\Users\Neku\Desktop\JRT.exe
2016-04-10 13:23 - 2016-04-10 13:23 - 00007607 _____ C:\Users\Neku\AppData\Local\Resmon.ResmonCfg
2016-04-10 13:17 - 2016-04-15 13:59 - 00028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2016-04-10 13:16 - 2016-04-10 14:05 - 00000000 ____D C:\ProgramData\RogueKiller
2016-04-10 13:11 - 2016-04-19 16:47 - 00000000 ____D C:\Users\Neku\Desktop\security
2016-04-10 13:06 - 2016-04-10 13:06 - 00000000 ____D C:\Users\Neku\AppData\Local\VirtualStore
2016-04-10 13:05 - 2016-04-19 16:42 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-04-09 21:52 - 2016-04-18 13:08 - 00000252 _____ C:\WINDOWS\SysWOW64\PARTIZAN.TXT
2016-04-09 21:49 - 2016-04-09 21:49 - 00000000 ____D C:\@RestoreQuarantine
2016-04-09 20:38 - 2016-04-10 16:24 - 00000000 ____D C:\ProgramData\RegRun
2016-04-09 20:38 - 2016-04-09 20:38 - 00040304 _____ (Greatis Software) C:\WINDOWS\SysWOW64\Drivers\Partizan.sys
2016-04-09 20:38 - 2016-04-09 20:38 - 00000002 RSHOT C:\WINDOWS\winstart.bat
2016-04-09 20:38 - 2016-04-09 20:38 - 00000002 RSHOT C:\WINDOWS\SysWOW64\CONFIG.NT
2016-04-09 20:38 - 2016-04-09 20:38 - 00000002 RSHOT C:\WINDOWS\SysWOW64\AUTOEXEC.NT
2016-04-09 20:37 - 2016-04-18 13:14 - 00000000 ____D C:\Program Files (x86)\UnHackMe
2016-04-09 20:37 - 2016-04-10 16:32 - 00000000 ____D C:\Users\Public\Documents\regruninfo
2016-04-09 20:37 - 2016-04-10 16:26 - 00000000 ____D C:\Users\Neku\Documents\RegRun2
2016-04-09 20:37 - 2016-04-09 20:37 - 00003418 _____ C:\WINDOWS\System32\Tasks\UnHackMe Task Scheduler
2016-04-09 20:37 - 2016-04-09 20:37 - 00000000 ____D C:\Users\Neku\Downloads\unhackme
2016-04-09 20:37 - 2016-04-09 20:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
2016-04-09 20:37 - 2016-04-05 15:17 - 00012808 _____ (Greatis Software, LLC.) C:\WINDOWS\SysWOW64\Drivers\UnHackMeDrv.sys
2016-04-09 20:37 - 2015-12-28 11:32 - 00049968 _____ (Greatis Software) C:\WINDOWS\system32\partizan.exe
2016-04-09 20:08 - 2016-04-09 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-04-09 20:08 - 2016-04-09 20:08 - 00000000 ____D C:\Program Files\HitmanPro
2016-04-09 20:07 - 2016-04-10 17:30 - 00000000 ____D C:\ProgramData\HitmanPro
2016-04-09 17:58 - 2016-04-09 17:58 - 00000000 ____D C:\Program Files\Common Files\AV
2016-04-09 17:52 - 2016-04-09 17:52 - 00000000 ____D C:\Users\Neku\Documents\ProcAlyzer Dumps
2016-04-09 17:50 - 2016-04-15 19:04 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-04-09 17:50 - 2016-04-12 14:19 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-04-09 17:50 - 2016-04-09 17:50 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-04-09 16:49 - 2016-04-09 16:50 - 00000000 ____D C:\ProgramData\Sophos
2016-04-09 16:48 - 2016-04-10 16:54 - 00002781 _____ C:\Users\Neku\Desktop\Sophos Virus Removal Tool.lnk
2016-04-09 16:48 - 2016-04-09 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2016-04-09 16:48 - 2016-04-09 16:48 - 00000000 ____D C:\Program Files (x86)\Sophos
2016-04-09 16:45 - 2016-04-09 16:47 - 147100624 _____ (Sophos Limited) C:\Users\Neku\Downloads\Sophos Virus Removal Tool.exe
2016-04-09 16:31 - 2016-04-09 16:31 - 00000000 ____D C:\NPE
2016-04-09 16:10 - 2016-04-09 16:10 - 00111288 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SMR501.SYS.bak
2016-04-09 16:09 - 2016-04-09 16:58 - 00000000 ____D C:\Users\Neku\AppData\Local\NPE
2016-04-09 16:09 - 2016-04-09 16:10 - 00000000 ____D C:\ProgramData\Norton
2016-04-09 16:09 - 2016-04-09 16:09 - 03088296 _____ (Symantec Corporation) C:\Users\Neku\Downloads\NPE.exe
2016-04-09 15:23 - 2016-04-09 15:23 - 00005120 _____ C:\Users\Neku\AppData\Roaming\GiftBag.db
2016-04-09 15:15 - 2016-04-09 15:16 - 00000000 ____D C:\Users\Neku\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-04-09 15:15 - 2016-04-09 15:15 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-04-08 20:13 - 2016-04-08 20:13 - 00105322 _____ C:\Users\Neku\Downloads\Arbeitsvertrag_Muster.pdf
2016-04-08 19:19 - 2016-04-19 16:45 - 00000000 ___RD C:\Users\Neku\Google Drive
2016-04-08 19:19 - 2016-04-10 16:54 - 00001769 _____ C:\Users\Neku\Desktop\Google Drive.lnk
2016-04-08 19:16 - 2016-04-08 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-04-08 19:02 - 2016-04-10 16:55 - 00001080 _____ C:\Users\Public\Desktop\Audacity.lnk
2016-04-08 19:02 - 2016-04-09 22:48 - 00001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-04-08 19:02 - 2016-04-08 19:02 - 00000000 ____D C:\Program Files (x86)\Audacity
2016-04-01 19:57 - 2016-04-01 19:57 - 00000000 ____D C:\Users\Neku\AppData\Roaming\SmartSteamEmu
2016-03-31 21:25 - 2016-03-31 21:35 - 00000000 ____D C:\WINDOWS\Minidump
2016-03-31 19:32 - 2016-03-31 19:32 - 00000000 ____D C:\Users\Neku\AppData\Roaming\inkscape
2016-03-29 18:09 - 2016-03-29 18:09 - 00000000 ____D C:\Users\Neku\AppData\LocalLow\SUPERHOT_Team
2016-03-29 18:09 - 2016-03-29 18:09 - 00000000 ____D C:\Users\Neku\AppData\Local\SUPERHOT_Sp_z_o.o
2016-03-29 17:52 - 2016-03-29 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERHOT [GOG.com]
2016-03-29 17:47 - 2016-03-29 17:47 - 00000000 ____D C:\Users\Neku\AppData\LocalLow\SUPERHOT Team
2016-03-28 15:01 - 2016-03-28 15:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6 (2015-10-21)
2016-03-27 14:39 - 2016-03-27 14:39 - 00000000 ____D C:\Users\Neku\AppData\Local\ShootoutInc
2016-03-26 18:35 - 2016-03-26 20:33 - 00000000 ____D C:\Users\Neku\AppData\Local\Soundnode
2016-03-23 23:40 - 2016-03-23 23:40 - 00000000 ____D C:\Users\Neku\Documents\Holotech
2016-03-23 21:18 - 2016-03-23 21:18 - 00000000 ____D C:\ProgramData\Intel Telemetry
2016-03-23 21:16 - 2016-03-23 21:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel
2016-03-23 21:15 - 2016-03-23 21:15 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-03-23 18:00 - 2016-04-09 22:48 - 00001226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-03-23 18:00 - 2016-03-23 18:00 - 00003200 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1458748831
2016-03-23 17:59 - 2016-03-23 17:59 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-03-22 22:53 - 2016-03-22 22:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-03-22 22:53 - 2016-03-22 22:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2016-03-22 17:40 - 2016-03-22 17:40 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-03-22 17:40 - 2016-03-22 17:40 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-03-22 17:39 - 2016-03-22 17:39 - 00189248 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-03-22 17:39 - 2016-03-22 17:39 - 00189248 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2016-03-22 17:39 - 2016-03-22 17:39 - 00076888 _____ C:\WINDOWS\SysWOW64\PnkBstrA.exe
2016-03-22 17:39 - 2016-03-22 17:32 - 03130440 _____ C:\WINDOWS\SysWOW64\pbsvc_blr.exe
2016-03-21 23:49 - 2016-03-21 23:49 - 00000000 ____D C:\Users\Neku\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2016-03-21 23:43 - 2016-03-21 23:43 - 00000000 ____D C:\Users\Neku\AppData\Roaming\PACE Anti-Piracy
2016-03-21 23:43 - 2016-03-21 23:43 - 00000000 ____D C:\Users\Neku\AppData\Local\PACE Anti-Piracy
2016-03-21 23:43 - 2016-03-21 23:43 - 00000000 ____D C:\ProgramData\PACE Anti-Piracy
2016-03-21 21:06 - 2016-03-21 21:06 - 00000000 ____D C:\Program Files\Adobe
2016-03-21 21:01 - 2016-03-21 21:01 - 00000000 ____D C:\Program Files (x86)\Adobe Story
2016-03-21 21:00 - 2009-07-09 04:00 - 00055280 ____N (Sonic Solutions) C:\WINDOWS\system32\Drivers\PxHlpa64.sys
2016-03-21 21:00 - 2009-06-23 04:00 - 00010224 ____N (Sonic Solutions) C:\WINDOWS\system32\Drivers\cdralw2k.sys
2016-03-21 21:00 - 2009-06-23 04:00 - 00010224 ____N (Sonic Solutions) C:\WINDOWS\system32\Drivers\cdr4_xp.sys
2016-03-21 20:59 - 2016-03-21 20:59 - 00000000 ____D C:\Program Files (x86)\My Company Name
2016-03-21 20:56 - 2016-04-09 22:48 - 00001074 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2016-03-21 20:56 - 2016-03-21 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2016-03-21 20:56 - 2016-03-21 20:56 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-03-21 20:56 - 2016-03-21 20:56 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-03-21 20:50 - 2016-03-21 21:06 - 00000000 ____D C:\Ap
2016-03-20 19:18 - 2016-03-20 19:18 - 00000000 ____D C:\Users\Neku\Downloads\G7 Pics
2016-03-20 01:00 - 2016-04-09 21:40 - 00000000 ____D C:\WINDOWS\AutoKMS
2016-03-20 00:56 - 2016-03-20 00:56 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2016-03-20 00:37 - 2016-04-18 17:47 - 00000000 ____D C:\Users\Neku\AppData\Local\Microsoft Help
2016-03-20 00:36 - 2016-04-18 16:36 - 00000000 ____D C:\Program Files\Microsoft Office

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-19 16:51 - 2016-01-30 23:07 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-19 16:50 - 2016-02-03 17:38 - 00000000 ____D C:\wifidata
2016-04-19 16:43 - 2016-02-23 19:11 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-04-19 16:43 - 2016-01-30 21:23 - 00000000 ___RD C:\Users\Neku\OneDrive
2016-04-19 16:42 - 2016-01-30 21:44 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-19 16:42 - 2016-01-30 21:18 - 00000000 __SHD C:\Users\Neku\IntelGraphicsProfiles
2016-04-18 19:52 - 2016-01-30 22:56 - 00004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E27DC3F2-9B4B-4B5B-8DBD-E97FA14A4DDE}
2016-04-18 19:38 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-18 19:31 - 2016-01-30 21:41 - 00000000 ____D C:\Users\Neku\AppData\Local\CrashDumps
2016-04-18 19:07 - 2016-01-30 21:44 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-18 18:12 - 2016-02-01 18:11 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-04-18 18:03 - 2016-03-15 15:07 - 00000000 ____D C:\Windows.old
2016-04-18 16:55 - 2016-01-30 21:21 - 00000000 ____D C:\Users\Neku\AppData\Local\clear.fi
2016-04-18 16:50 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-18 16:50 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-18 16:42 - 2015-10-30 20:44 - 00000000 ____D C:\WINDOWS\ShellNew
2016-04-18 16:41 - 2016-03-15 14:51 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-04-18 16:40 - 2015-09-01 20:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-04-18 16:37 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-18 16:36 - 2015-07-10 13:04 - 00000199 _____ C:\WINDOWS\win.ini
2016-04-18 15:56 - 2016-02-05 15:12 - 00000000 ____D C:\Users\Neku\AppData\Roaming\DAEMON Tools Lite
2016-04-18 15:16 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-04-18 14:05 - 2016-02-06 12:32 - 00000000 ___RD C:\Users\Neku\Desktop\Games
2016-04-18 13:08 - 2016-03-15 15:47 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-15 19:05 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-04-15 19:04 - 2015-07-16 05:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-15 17:50 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-15 15:41 - 2016-01-30 21:18 - 00000000 ____D C:\Users\Neku\AppData\Local\Packages
2016-04-15 13:57 - 2016-02-06 12:30 - 00000000 ____D C:\Users\Neku\AppData\Local\MEGAsync
2016-04-11 17:06 - 2016-02-23 19:11 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-04-10 16:55 - 2016-03-15 17:33 - 00001051 _____ C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2016-04-10 16:55 - 2016-03-08 18:41 - 00001862 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-04-10 16:55 - 2016-03-02 17:51 - 00001746 _____ C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
2016-04-10 16:55 - 2016-02-22 16:38 - 00000911 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-10 16:55 - 2016-02-19 23:07 - 00002640 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-10 16:55 - 2016-02-03 20:42 - 00000545 _____ C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2016-04-10 16:55 - 2016-01-31 12:40 - 00002641 _____ C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-04-10 16:55 - 2016-01-30 21:42 - 00002015 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-04-10 16:55 - 2016-01-30 21:23 - 00002384 _____ C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-04-10 16:55 - 2016-01-30 21:21 - 00001333 _____ C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk
2016-04-10 16:54 - 2016-02-23 20:26 - 00000651 _____ C:\Users\Neku\Desktop\4K YouTube to MP3.lnk
2016-04-10 16:54 - 2016-02-23 20:25 - 00000679 _____ C:\Users\Neku\Desktop\4K Video Downloader.lnk
2016-04-10 16:54 - 2016-02-20 12:54 - 00000420 _____ C:\Users\Neku\Desktop\My Computer.lnk
2016-04-10 16:52 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-04-09 22:48 - 2016-03-15 15:35 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-04-09 22:48 - 2016-02-25 19:20 - 00000860 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
2016-04-09 22:48 - 2016-02-25 19:19 - 00000805 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
2016-04-09 22:48 - 2016-02-25 19:18 - 00000830 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
2016-04-09 22:48 - 2016-02-25 19:17 - 00000777 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
2016-04-09 22:48 - 2016-02-25 19:12 - 00001560 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
2016-04-09 22:48 - 2016-02-25 19:12 - 00000925 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
2016-04-09 22:48 - 2016-02-06 14:03 - 00001023 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mocha for After Effects CS4.lnk
2016-04-09 22:48 - 2016-02-06 13:54 - 00000921 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CS4.lnk
2016-04-09 22:48 - 2016-02-06 13:52 - 00001488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS4.lnk
2016-04-09 22:48 - 2016-02-05 23:26 - 00000643 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2016-04-09 22:48 - 2016-01-30 21:45 - 00002149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-09 22:48 - 2016-01-30 21:42 - 00002027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-04-09 22:48 - 2015-07-16 05:33 - 00001946 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-04-09 22:48 - 2015-03-21 02:28 - 00003274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
2016-04-09 22:46 - 2016-02-14 20:34 - 00000646 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Toribash.lnk
2016-04-09 17:57 - 2016-02-23 19:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-09 17:57 - 2016-02-23 19:11 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-09 17:03 - 2016-01-31 12:38 - 00000000 ____D C:\Users\Neku\AppData\Roaming\uTorrent
2016-04-09 16:58 - 2015-10-30 20:35 - 00781048 _____ C:\WINDOWS\system32\perfh007.dat
2016-04-09 16:58 - 2015-10-30 20:35 - 00159634 _____ C:\WINDOWS\system32\perfc007.dat
2016-04-09 16:58 - 2015-07-16 05:31 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-09 16:35 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-09 16:31 - 2016-03-15 15:12 - 05094600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-09 16:09 - 2016-02-01 21:09 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Skype
2016-04-09 16:02 - 2016-02-01 21:09 - 00000000 ____D C:\ProgramData\Skype
2016-04-09 16:01 - 2016-02-19 23:07 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-09 15:33 - 2015-09-01 21:29 - 00000000 ____D C:\ProgramData\Temp
2016-04-09 15:31 - 2016-02-23 18:33 - 00000306 __RSH C:\ProgramData\ntuser.pol
2016-04-09 15:20 - 2016-03-17 19:41 - 00000000 ____D C:\Program Files\Unlocker
2016-04-09 00:31 - 2016-03-15 15:23 - 00000000 ____D C:\Users\Neku
2016-04-08 19:53 - 2016-02-03 17:54 - 00000000 ___RD C:\Users\Neku\Desktop\Skola
2016-04-08 19:52 - 2016-01-30 21:41 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-04-08 19:16 - 2016-01-30 21:44 - 00000000 ____D C:\Users\Neku\AppData\Local\Google
2016-04-08 19:16 - 2016-01-30 21:44 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-08 19:10 - 2016-02-11 20:45 - 00000000 ____D C:\Users\Neku\Desktop\Game Making
2016-04-08 19:09 - 2016-02-10 13:06 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Audacity
2016-04-08 18:02 - 2016-01-30 21:27 - 00000000 ____D C:\Users\Neku\AppData\Local\MicrosoftEdge
2016-04-07 19:51 - 2016-01-30 23:07 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-04-05 18:55 - 2016-03-05 20:36 - 00000000 ____D C:\Users\Neku\Downloads\snes9x-1.53-x64
2016-04-05 17:35 - 2016-02-22 16:38 - 00000000 ____D C:\Program Files\CCleaner
2016-04-04 19:26 - 2016-02-01 18:11 - 00000000 ____D C:\Users\Neku\AppData\Roaming\TS3Client
2016-04-01 20:05 - 2016-03-08 17:40 - 00000000 ____D C:\Users\Neku\AppData\Local\Coin
2016-04-01 18:44 - 2015-09-01 20:46 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-31 13:57 - 2016-01-30 21:18 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Adobe
2016-03-29 18:54 - 2016-01-30 22:49 - 00000000 ____D C:\ProgramData\Oracle
2016-03-29 18:50 - 2016-01-30 22:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-29 18:50 - 2016-01-30 22:49 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-29 18:09 - 2016-01-30 22:50 - 00000000 ____D C:\Users\Neku\.oracle_jre_usage
2016-03-29 18:08 - 2016-01-30 22:49 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-03-29 13:25 - 2016-02-01 18:10 - 00000000 ____D C:\Users\Neku\AppData\Local\Overwolf
2016-03-26 20:40 - 2016-01-30 23:05 - 00000000 ____D C:\Users\Neku\AppData\Local\Adobe
2016-03-26 13:53 - 2016-03-18 16:47 - 00000000 ____D C:\Users\Neku\BrawlhallaReplays
2016-03-24 00:00 - 2016-02-03 15:57 - 00000000 ____D C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-03-23 21:16 - 2015-09-01 20:53 - 00000000 ____D C:\Program Files (x86)\Intel
2016-03-23 21:15 - 2015-09-01 20:53 - 00000000 ____D C:\ProgramData\Intel
2016-03-23 17:59 - 2015-07-16 05:32 - 00000000 ____D C:\ProgramData\AVAST Software
2016-03-23 17:59 - 2015-07-16 05:32 - 00000000 ____D C:\Program Files\AVAST Software
2016-03-23 17:31 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-22 21:03 - 2016-02-23 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2016-03-22 14:53 - 2016-01-30 23:30 - 00000000 ____D C:\Users\Neku\Documents\Sound recordings
2016-03-21 23:43 - 2015-08-24 02:56 - 00000000 ___HD C:\Users\Neku\AppData\Local\RsFnlcmdhR
2016-03-21 23:42 - 2016-02-06 14:02 - 00000000 ____D C:\Users\Neku\Documents\Adobe
2016-03-21 21:07 - 2016-02-25 19:20 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-03-21 21:06 - 2016-02-06 13:53 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-03-21 20:57 - 2016-02-06 13:54 - 00000000 ____D C:\ProgramData\Adobe
2016-03-21 20:56 - 2016-02-06 13:52 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-03-20 01:56 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-03-20 01:49 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\System

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-04-09 15:23 - 2016-04-09 15:23 - 0005120 _____ () C:\Users\Neku\AppData\Roaming\GiftBag.db
2016-02-02 14:46 - 2016-02-02 14:46 - 0000000 ___SH () C:\Users\Neku\AppData\Local\LumaEmu
2016-04-10 13:23 - 2016-04-10 13:23 - 0007607 _____ () C:\Users\Neku\AppData\Local\Resmon.ResmonCfg
2016-03-15 15:18 - 2016-03-15 15:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Neku\AppData\Local\Temp\ose00000.exe

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-04-15 15:58

==================== Ende von FRST.txt ============================

N8kux · Apr 19, 2016

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-04-2016 01
durchgeführt von Neku (2016-04-19 16:53:25)
Gestartet von C:\Users\Neku\Desktop
Windows 10 Home Version 1511 (X64) (2016-03-15 13:55:17)
Start-Modus: Normal
==========================================================

==================== Konten: =============================

Administrator (S-1-5-21-2253936156-139631062-2474235644-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2253936156-139631062-2474235644-503 - Limited - Disabled)
Gast (S-1-5-21-2253936156-139631062-2474235644-501 - Limited - Disabled)
Neku (S-1-5-21-2253936156-139631062-2474235644-1001 - Administrator - Enabled) => C:\Users\Neku

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.6.42094 - BitTorrent Inc.)
4K Video Downloader 3.8 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.8.1.1870 - Open Media LLC)
4K YouTube to MP3 3.0 (HKLM-x32\...\4K YouTube to MP3_is1) (Version: 3.0.0.1616 - Open Media LLC)
7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.09.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.06.2000.22 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3005 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.09.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3005 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.02.3000 - Acer Incorporated)
Adobe After Effects CS4 (HKLM-x32\...\Adobe_3dcb365ab9e01871fb8c6f27b0ea079) (Version: 9 - Adobe Systems Incorporated)
Adobe After Effects CS4 Third Party Content (HKLM-x32\...\Adobe_5aab5a491a3a52ae624fd639f6aaa95) (Version: 9 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.176 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS5.5 (HKLM-x32\...\{0497EAED-70DA-4BBE-BEB3-AF77FD8788EA}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
Algodoo v2.1.0 (HKLM-x32\...\Algodoo_is1) (Version: - Algoryx)
Amazon 1Button App (x32 Version: 2.3.3 - Amazon) Hidden
Amazon 1Button App (x32 Version: 2.3.4 - Amazon) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.15.2000.1 - Acer Incorporated)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2253 - AVAST Software)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.4 - AVAST Software)
Bandicam (HKLM-x32\...\Bandicam) (Version: 3.0.2.1014 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
BlueStacks App Player (HKLM-x32\...\{AF0D9073-1AE0-4C21-AA70-41294AEFBDFD}) (Version: 2.0.8.5638 - BlueStack Systems, Inc.)
Bonjour (HKLM-x32\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
Brawlhalla (HKLM-x32\...\Steam App 291550) (Version: - Blue Mammoth Games)
Brick-Force (HKLM\...\Steam App 335330) (Version: - Exe Games Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version: - Cheat Engine)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
Counter-Strike 1.6 (2015-10-21) (HKLM-x32\...\{271324A4-7514-4BEC-A6A9-EC33FEDF0447}_is1) (Version: - )
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4609.02 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0152 - Disc Soft Ltd)
Double Action: Boogaloo (HKLM\...\Steam App 317360) (Version: - Double Action Factory)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
Dungeon Keeper 2 (HKLM-x32\...\GOGPACKDUNGEONKEEPER2_is1) (Version: 2.0.0.32 - GOG.com)
Dust - An Elysian Tail (HKLM-x32\...\GOGPACKDUSTANELYSIANTAIL_is1) (Version: 2.0.0.2 - GOG.com)
eBay Worldwide (HKLM-x32\...\{3DC26EA7-03E3-4353-9424-EEB7A34A7504}) (Version: 2.5.0427 - OEM)
Epic Games Launcher (HKLM-x32\...\{C34FBCF4-5365-4136-A434-C4E086C9E649}) (Version: 1.1.55.0 - Epic Games, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
FreeStyle2 (HKLM-x32\...\{67E8ED8C-0318-4F6B-BE6F-FC042EE9BD15}) (Version: 1.03.0000 - Joycity)
Game Jolt Client version 0.3.0 (HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\game-jolt-client_is1) (Version: 0.3.0 - Lucen Web Creative, LLC)
Game Jolt Client version 0.3.0 (HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\game-jolt-client_is1) (Version: 0.3.0 - Lucen Web Creative, LLC)
GOG.com Dungeon Keeper 2 (HKLM\...\{b6462b67-caf5-4a74-99df-cc2811bd1957}.sdb) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Drive (HKLM-x32\...\{B0F1B758-60D6-41F7-93D9-212A448813FE}) (Version: 1.29.1862.0513 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hama uRage Vendetta Gamepad (HKLM-x32\...\{1696CD1C-7C50-4350-83FC-1DA843FDF853}) (Version: 2011.01.19 - Dragon rise)
Happy Wars (HKLM\...\Steam App 246280) (Version: - Toylogic inc.)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.13.258 - SurfRight B.V.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® RealSense™ SDK Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_v7_7.0.23.8048) (Version: 7.0.23.8048 - Intel Corporation)
Intel® RealSense™ SDK Runtime Gold (x86): Core (x32 Version: 7.0.23.8048 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Core: Calibration (x32 Version: 7.0.23.8048 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Data Collector (x32 Version: 7.0.23.8048 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Face Tracking (x32 Version: 7.0.23.8048 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Face Tracking: Models (x32 Version: 7.0.23.8048 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Hand Tracking (x32 Version: 7.0.23.8048 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Hand Tracking: Models (x32 Version: 7.0.23.8048 - Intel Corporation) Hidden
Intel® RealSense™ SDK Runtime Gold (x86): Utilities (x32 Version: 7.0.23.8048 - Intel Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{84DB01CB-7EB7-4261-9249-99A32768D991}) (Version: 1.0.0.523 - Intel Corporation)
ioTablet (HKLM-x32\...\{896A285E-2DC4-4C73-BEDA-964244FD658A}) (Version: 1.02.00.02 - KYE)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LibreOffice 5.1.0.3 (HKLM-x32\...\{2F75F86D-8362-4F49-9536-D87DCBF6ABAE}) (Version: 5.1.0.3 - The Document Foundation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
ManyCam 5.1.0 (HKLM-x32\...\ManyCam) (Version: 5.1.0 - Visicom Media Inc.)
Megaman 2.5D (HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\f92b3552c2c56606) (Version: 4.0.0.1 - Mega Man 2.5D Project Team)
Megaman 2.5D (HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\f92b3552c2c56606) (Version: 4.0.0.1 - Mega Man 2.5D Project Team)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Update 1 (HKLM-x32\...\{1d03ad7c-fa27-4517-91b0-410bb49f94d9}) (Version: 14.0.24720.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft1.8.8 (HKLM-x32\...\Minecraft1.8.8) (Version: - )
Minecraft1.9 (HKLM-x32\...\Minecraft1.9) (Version: - )
Mount&Blade Warband (HKLM-x32\...\Mount&Blade Warband) (Version: - )
Mozilla Firefox 45.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 en-US)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.3.0 - Nexon)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version: - )
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Oracle VM VirtualBox 5.0.14 (HKLM\...\{82022940-639B-48A3-86D9-B139864105F7}) (Version: 5.0.14 - Oracle Corporation)
osu! (HKLM-x32\...\{ce2ddcae-8c64-4c48-beca-a7416e0300b4}) (Version: latest - ppy Pty Ltd)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.93.20.0 - Overwolf Ltd.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Prototype (HKLM-x32\...\Prototype_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.0 - Qualcomm Atheros)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.65 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7520 - Realtek Semiconductor Corp.)
Rogue Legacy version 0.0.0.9 (HKLM-x32\...\Rogue Legacy_is1) (Version: 0.0.0.9 - WaLMaRT)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - Atari)
SafeZone Stable 1.48.2066.44 (x32 Version: 1.48.2066.44 - Avast Software) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Sandboxie 5.10 (64-bit) (HKLM\...\Sandboxie) (Version: 5.10 - Sandboxie Holdings, LLC)
Shovel Knight (HKLM-x32\...\1207664823_is1) (Version: 2.0.0.5 - GOG.com)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.108 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.5 - Sophos Limited)
SpywareBlaster 5.4 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.4.0 - BrightFort LLC)
Sublime Text Build 3083 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
SUPERHOT (HKLM-x32\...\1456141688_is1) (Version: 2.0.0.4 - GOG.com)
System Requirements Lab (HKLM-x32\...\{F89CDED6-B1F1-489F-BA44-698BF6A737C2}) (Version: 6.1.6.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\1207665503_is1) (Version: 2.0.0.1 - GOG.com)
The Elder Scrolls IV Oblivion version 1.2.0416.00 (HKLM-x32\...\The Elder Scrolls IV Oblivion_is1) (Version: 1.2.0416.00 - Mr DJ)
UnHackMe 8.00 (HKLM-x32\...\UnHackMe_is1) (Version: - Greatis Software, LLC.)
Unity Web Player (HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\UnityWebPlayer) (Version: 5.3.2f1 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 5.3.2f1 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Unturned (HKLM\...\Steam App 304930) (Version: - Smartly Dressed Games)
Who Is On My Wifi version 3.0.4 (HKLM-x32\...\{010D45A1-093D-4534-8147-4E10E80F81CC}_is1) (Version: 3.0.4 - IO3O LLC)
Windows-Treiberpaket - Intel Corporation (iagpioe) System (05/21/2015 604.10120.2652.361) (HKLM\...\AF9226384B030787C4D0F761A23F48F7649D6D17) (Version: 05/21/2015 604.10120.2652.361 - Intel Corporation)
Windows-Treiberpaket - Intel Corporation (iai2ce) System (05/21/2015 604.10120.2654.367) (HKLM\...\B37036F6A0766DAC3E418F6CAE67005C5F3A8C40) (Version: 05/21/2015 604.10120.2654.367 - Intel Corporation)
Windows-Treiberpaket - Intel Corporation (iauarte) System (05/21/2015 604.10120.2653.391) (HKLM\...\1D4FF76A05A14FF5BA3636A41E0AB237F3A55E14) (Version: 05/21/2015 604.10120.2653.391 - Intel Corporation)
WPS Office (9.1.0.5113) (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5113 - Kingsoft Corp.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Neku\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Neku\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Neku\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2253936156-139631062-2474235644-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Neku\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2253936156-139631062-2474235644-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Neku\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2253936156-139631062-2474235644-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Neku\AppData\Local\Microsoft\OneDrive\17.3.6302.0225_1\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {23A2FE03-1510-47FD-9ECC-F72AEA1847FA} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-01-14] (Acer Incorporated)
Task: {2559D0B8-5BD2-4D77-8D0A-9630CFB3AFC1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {59A86D7E-6582-40FF-8D0B-C439DD4095D9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {644DD111-74F2-41F9-91D1-0DBF73397DF9} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2015-04-30] (AVAST Software)
Task: {748C56D9-D949-423A-BAD8-FA08023868C5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-09] (Acer Incorporated)
Task: {78A05DEB-8DCD-48D9-9E01-786ADAC8055C} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {7B2684B7-EE13-44EA-9162-B0BBC771E076} - System32\Tasks\SafeZone scheduled Autoupdate 1458748831 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-02-01] (Avast Software)
Task: {7B36FE06-40C0-486B-BE9B-F9E00A5FE09B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-30] (Google Inc.)
Task: {7F0461B3-662B-48DD-B1D5-A1CB198F2694} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
Task: {8513D7B8-E77B-40F2-A0DA-999864501BF8} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-11-17] (Intel Corporation)
Task: {8BCAD972-842A-4BB8-9715-B0C437347F6F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-30] (Google Inc.)
Task: {91F9D2B6-9405-4B55-8297-BF24C7AD5C78} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-10] ()
Task: {990840B6-1D29-4796-8B6E-5633AB46887E} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2015-04-30] (AVAST Software)
Task: {B071E636-46B0-41CD-9309-3C0DFE70BF39} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-01-19] (Acer)
Task: {C48B4B92-F613-4F67-AFC3-8ED3D1D3E85D} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2015-11-23] ()
Task: {CD6F702C-470B-4241-8589-E1071B89BA8F} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-10] ()
Task: {CE4B86A5-BE0A-480F-84DE-CBAD5D214AD4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-02-11] (AVAST Software)
Task: {CF69E6C1-27CC-4148-888C-D9203E81E3E2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {D93696B2-C97B-4BFE-BC5E-2CF2A47F4AEF} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-04-05] (Overwolf LTD)
Task: {DE637713-3568-4A04-BD69-F4AF3D89A5DC} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe [2016-04-05] (Greatis Software)
Task: {EE6A08B9-7C78-4572-8C73-C1428A6CFDAB} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {EFBE76E2-E514-45CA-A787-239EC3E1E30E} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-07-09] (Acer Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Neku\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\Neku\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:17 - 2015-10-30 09:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2016-03-22 17:39 - 2016-03-22 17:39 - 00189248 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-03-22 17:39 - 2016-03-22 17:39 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-07-16 05:32 - 2015-04-30 02:04 - 00445240 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2015-02-26 10:12 - 2015-02-26 10:12 - 00330240 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-15 15:03 - 2016-03-15 15:03 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-05-01 16:13 - 2014-05-01 16:13 - 00470016 _____ () C:\Users\Neku\AppData\Local\MEGAsync\ShellExtX64.dll
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 21:38 - 2010-03-24 21:38 - 08794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-01-30 20:36 - 2016-01-30 20:36 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-03-15 15:04 - 2016-03-15 15:04 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-03-15 15:04 - 2016-03-15 15:04 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-02-22 16:41 - 2016-02-22 16:29 - 00062168 ____R () C:\Program Files\CCleaner\branding.dll
2015-09-01 21:55 - 2015-05-14 09:10 - 00030976 _____ () C:\OEM\Preload\FubTracking\FubTracking.exe
2015-11-23 19:44 - 2015-11-23 19:44 - 00091488 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2015-11-23 19:44 - 2015-11-23 19:44 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2016-03-15 19:05 - 2016-03-15 19:05 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-07-10 12:38 - 2015-07-10 12:38 - 04580704 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2016-02-11 21:15 - 2016-02-11 21:15 - 00113496 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-02-11 21:15 - 2016-02-11 21:15 - 00133768 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-04-15 16:20 - 2016-04-15 16:20 - 02890240 _____ () C:\Program Files\AVAST Software\Avast\defs\16041500\algo.dll
2016-04-15 14:52 - 2016-04-15 14:47 - 00509344 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-04-18 13:11 - 2016-04-18 13:11 - 02890240 _____ () C:\Program Files\AVAST Software\Avast\defs\16041800\algo.dll
2016-04-19 16:43 - 2016-04-19 16:43 - 02890240 _____ () C:\Program Files\AVAST Software\Avast\defs\16041900\algo.dll
2016-03-13 15:17 - 2013-01-15 14:51 - 00046080 _____ () C:\WINDOWS\system32\wintab32.dll
2014-05-01 16:15 - 2014-05-01 16:15 - 00463360 _____ () C:\Users\Neku\AppData\Local\MEGAsync\ShellExtX32.dll
2010-01-30 02:41 - 2010-01-30 02:41 - 04254560 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 21:17 - 2010-03-24 21:17 - 08794464 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-04-19 16:43 - 2016-04-19 16:43 - 00098816 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\win32api.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00110080 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\pywintypes27.dll
2016-04-19 16:43 - 2016-04-19 16:43 - 00364544 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\pythoncom27.dll
2016-04-19 16:43 - 2016-04-19 16:43 - 00320512 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\win32com.shell.shell.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00776704 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\_hashlib.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 01176576 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\wx._core_.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00806400 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\wx._gdi_.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00816128 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\wx._windows_.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 01067008 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\wx._controls_.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00733184 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\wx._misc_.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00682496 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\pysqlite2._sqlite.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00088064 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\_ctypes.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00119808 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\win32file.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00108544 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\win32security.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00007168 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\hashobjs_ext.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00017920 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\thumbnails_ext.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00088064 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\usb_ext.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00167936 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\win32gui.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00018432 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\win32event.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00046080 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\_socket.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 01208320 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\_ssl.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00128512 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\_elementtree.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00127488 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\pyexpat.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00012288 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\common.time34.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00038912 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\win32inet.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00036864 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\_psutil_windows.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00525208 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\windows._lib_cacheinvalidation.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00011264 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\win32crypt.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00077312 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\wx._html2.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00027136 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\_multiprocessing.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00020480 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\_yappi.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00035840 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\win32process.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00686080 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\unicodedata.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00078848 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\wx._animate.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00123392 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\wx._wizard.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00024064 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\win32pipe.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00010240 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\select.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00025600 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\win32pdh.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00017408 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\win32profile.pyd
2016-04-19 16:43 - 2016-04-19 16:43 - 00022528 ____R () C:\Users\Neku\AppData\Local\Temp\_MEI93562\win32ts.pyd
2016-02-03 17:38 - 2015-07-09 12:26 - 00839680 _____ () C:\Program Files (x86)\IO3O LLC\Who Is On My Wifi\System.Data.SQLite.dll
2015-11-23 19:44 - 2015-11-23 19:44 - 00277856 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2015-11-16 20:56 - 2015-11-16 20:56 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2015-11-16 20:55 - 2015-11-16 20:55 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-11-16 20:56 - 2015-11-16 20:56 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-11-16 20:56 - 2015-11-16 20:56 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2016-03-15 15:27 - 2016-03-15 15:27 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-01-14 18:12 - 2016-01-14 18:12 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-01-14 18:11 - 2016-01-14 18:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-01-19 16:06 - 2016-01-19 16:06 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-01-19 16:06 - 2016-01-19 16:06 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2015-07-16 05:32 - 2015-04-30 02:04 - 38561984 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
2016-03-15 19:05 - 2016-03-15 19:05 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-03-15 19:05 - 2016-03-15 19:05 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-01-30 21:40 - 2016-01-30 21:40 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [270]
AlternateDataStreams: C:\Users\Neku\Cookies:eLzzriPeN1MNFOkejNxqUxTPoNxAY [2136]
AlternateDataStreams: C:\Users\Neku\AppData\Local\Temporary Internet Files:fx18fowBUdLoTEkpDxaPcAEeW [2204]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\amazon.com -> hxxps://amazon.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\1001movie.com -> 1001movie.com

Da befinden sich 6091 mehr Seiten.

IE trusted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\amazon.com -> hxxps://amazon.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001movie.com -> 1001movie.com

Da befinden sich 6091 mehr Seiten.

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2253936156-139631062-2474235644-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Neku\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\colorful_abstract_3d_art-wallpaper-1920x1080.jpg
HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Neku\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\colorful_abstract_3d_art-wallpaper-1920x1080.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "AdobeCS5.5ServiceManager"
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\StartupApproved\Run: => "AcerPortal"
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\StartupApproved\Run: => "GameJoltClient"
HKU\S-1-5-21-2253936156-139631062-2474235644-1001\...\StartupApproved\Run: => "ManyCam"
HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "AcerPortal"
HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "GameJoltClient"
HKU\S-1-5-21-2253936156-139631062-2474235644-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "ManyCam"

Solved Trojan.fakems.ed ?

Posts: 72 +0

Posts: 72 +0

Posts: 56,041 +517

Posts: 72 +0

Posts: 72 +0

Posts: 72 +0

Posts: 72 +0

Posts: 72 +0

Posts: 72 +0

Posts: 72 +0

Posts: 56,041 +517

Posts: 72 +0

Posts: 72 +0

Posts: 72 +0

Posts: 72 +0

Posts: 72 +0

Posts: 56,041 +517

Posts: 72 +0

Posts: 72 +0

Posts: 72 +0

Posts: 56,041 +517

Posts: 72 +0

Posts: 72 +0

Posts: 72 +0

Posts: 72 +0

Similar threads