FRST
Code:
Alles auswählen Aufklappen ATTFilter
2017-07-17 08:26 - 2017-07-17 08:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-07-17 08:26 - 2017-07-17 08:26 - 00000000 ____D C:\Program Files\VS Revo Group
2017-07-17 08:19 - 2017-07-17 08:19 - 07178424 _____ (VS Revo Group ) C:\Users\Leonie\Downloads\revosetup.exe
2017-07-17 08:05 - 2017-07-17 08:05 - 08740400 _____ (McAfee, Inc.) C:\Users\Leonie\Downloads\MCPR.exe
2017-07-15 17:00 - 2017-07-17 14:37 - 00003176 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-07-15 17:00 - 2017-07-17 08:05 - 00002376 _____ C:\Users\Leonie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-07-15 17:00 - 2017-07-15 17:00 - 00002277 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-07-15 17:00 - 2017-07-15 17:00 - 00002277 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-07-15 17:00 - 2017-07-15 17:00 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2017-07-15 16:59 - 2017-07-17 08:05 - 00003184 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2024283145-1016006098-2825724025-1001
2017-07-15 16:59 - 2017-07-15 16:59 - 00000000 ____D C:\Users\Leonie\AppData\Roaming\Skype
2017-07-15 16:59 - 2017-07-15 16:59 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-07-15 16:57 - 2015-07-17 15:51 - 00063840 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-private-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:51 - 00020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-math-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:51 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:51 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-string-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:51 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:51 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:51 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:51 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-time-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:51 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:51 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-process-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:51 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:51 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:51 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:51 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:51 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:47 - 00066400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:47 - 00022368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:47 - 00019808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:47 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:47 - 00017760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:47 - 00016224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:47 - 00015712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:47 - 00014176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:47 - 00013664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:47 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:47 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:47 - 00012640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:47 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:47 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2017-07-15 16:57 - 2015-07-17 15:47 - 00012128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2017-07-15 16:47 - 2017-04-16 10:54 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-07-15 16:47 - 2017-04-16 10:51 - 02899456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-07-15 16:47 - 2017-04-16 10:37 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2017-07-15 16:47 - 2017-04-16 10:10 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-07-15 16:47 - 2017-04-16 10:03 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-15 16:47 - 2017-04-16 10:02 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-15 16:47 - 2017-04-16 10:00 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-15 16:47 - 2017-04-16 10:00 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-07-15 16:47 - 2017-04-16 09:53 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-07-15 16:47 - 2017-04-16 09:43 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-07-15 16:47 - 2017-04-16 09:40 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-07-15 16:47 - 2017-04-16 09:40 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-15 16:47 - 2017-04-16 09:37 - 02132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-15 16:47 - 2017-04-16 09:29 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-07-15 16:47 - 2017-04-16 09:24 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-15 16:47 - 2017-04-16 09:23 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-15 16:47 - 2017-04-16 09:22 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-15 16:47 - 2017-04-16 09:12 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-07-15 16:47 - 2017-04-16 09:10 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-15 16:47 - 2017-04-16 09:08 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-15 16:47 - 2016-08-27 18:33 - 02881536 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-07-15 16:47 - 2016-08-27 18:11 - 01049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-07-15 16:47 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2017-07-15 16:47 - 2016-02-08 22:29 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2017-07-15 16:47 - 2016-02-08 20:14 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2017-07-15 16:47 - 2015-11-10 02:04 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2017-07-15 16:47 - 2015-09-10 18:51 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2017-07-15 16:47 - 2015-09-10 18:17 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2017-07-15 16:47 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2017-07-15 16:47 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2017-07-15 16:47 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2017-07-15 16:47 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2017-07-15 16:47 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-07-15 16:47 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-07-15 16:47 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2017-07-15 16:44 - 2017-06-02 14:15 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-07-15 16:44 - 2017-06-02 14:12 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-07-15 16:44 - 2017-06-02 14:12 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-07-15 16:44 - 2017-06-02 14:06 - 01001984 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-07-15 16:44 - 2017-06-02 14:01 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-07-15 16:44 - 2017-06-02 13:03 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-07-15 16:44 - 2017-06-02 12:25 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-07-15 16:44 - 2017-06-02 12:24 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2017-07-15 16:44 - 2017-06-02 12:17 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2017-07-15 16:44 - 2017-06-02 11:43 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-07-15 16:44 - 2017-05-15 21:58 - 00121184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-07-15 16:44 - 2017-05-14 22:42 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-07-15 16:44 - 2017-05-14 22:19 - 01364040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2017-07-15 16:44 - 2017-05-14 21:04 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-07-15 16:44 - 2017-05-14 21:03 - 00373080 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-07-15 16:44 - 2017-05-14 20:13 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-07-15 16:44 - 2017-05-14 20:06 - 01737600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-07-15 16:44 - 2017-05-14 20:06 - 01502000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-07-15 16:44 - 2017-05-12 19:05 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-07-15 16:44 - 2017-05-12 18:16 - 01084928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-07-15 16:44 - 2017-05-12 18:13 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-07-15 16:44 - 2017-05-12 17:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2017-07-15 16:44 - 2017-05-12 17:48 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-07-15 16:44 - 2017-05-12 06:10 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-07-15 16:44 - 2017-05-12 04:58 - 01985536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-07-15 16:44 - 2017-05-12 04:48 - 01377792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-07-15 16:44 - 2017-05-12 04:18 - 03714560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-07-15 16:44 - 2017-05-12 04:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2017-07-15 16:44 - 2017-05-12 04:06 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-07-15 16:44 - 2017-05-12 01:36 - 22361848 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-07-15 16:44 - 2017-05-10 20:19 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2017-07-15 16:44 - 2017-05-06 18:05 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-07-15 16:44 - 2017-05-06 18:04 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-07-15 16:44 - 2017-02-11 20:18 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-07-15 16:44 - 2017-02-11 18:49 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-07-15 16:44 - 2017-02-11 18:42 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-07-15 16:43 - 2017-05-12 17:50 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2017-07-15 16:43 - 2017-05-12 17:47 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-07-15 16:43 - 2017-05-12 04:10 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2017-07-15 16:43 - 2017-05-12 04:07 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2017-07-15 16:43 - 2017-05-12 04:04 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-07-15 16:43 - 2017-05-12 04:00 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2017-07-15 16:43 - 2017-05-12 01:32 - 19788672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-07-15 16:42 - 2017-04-16 12:23 - 02176584 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-07-15 16:42 - 2017-04-16 12:23 - 01662096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-07-15 16:42 - 2017-04-16 12:23 - 01063464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-07-15 16:42 - 2017-04-16 12:18 - 01135288 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-07-15 16:42 - 2017-04-16 12:18 - 00803192 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-07-15 16:42 - 2017-04-16 11:07 - 01566032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-15 16:42 - 2017-04-16 11:07 - 01213792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-07-15 16:42 - 2017-04-16 11:07 - 00548032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-07-15 16:42 - 2017-04-16 11:05 - 00612096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-07-15 16:42 - 2017-04-16 10:16 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-07-15 16:42 - 2017-04-16 09:22 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-07-15 16:42 - 2017-04-16 09:02 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2017-07-15 16:42 - 2017-04-10 00:00 - 01548640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-07-15 16:42 - 2017-04-10 00:00 - 00388448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-07-15 16:42 - 2017-04-01 01:16 - 01968408 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-07-15 16:42 - 2017-03-31 23:59 - 01612504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-07-15 16:39 - 2017-07-17 12:03 - 00029975 _____ C:\Users\Leonie\Downloads\Addition.txt
2017-07-15 16:38 - 2017-07-18 13:14 - 00016026 _____ C:\Users\Leonie\Downloads\FRST.txt
2017-07-15 16:38 - 2017-03-30 15:15 - 00875712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2017-07-15 16:38 - 2017-03-30 15:15 - 00869568 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-07-15 16:38 - 2017-03-30 15:15 - 00678592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-07-15 16:38 - 2017-03-30 15:15 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2017-07-15 16:37 - 2017-07-18 13:13 - 00000000 ____D C:\FRST
2017-07-15 16:36 - 2017-07-15 16:37 - 02435584 _____ (Farbar) C:\Users\Leonie\Downloads\FRST64.exe
2017-07-15 16:35 - 2017-03-12 17:04 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-07-15 16:35 - 2017-03-11 05:59 - 01763888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-15 16:35 - 2017-03-11 05:56 - 01489608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-15 16:35 - 2017-03-04 21:24 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-07-15 16:35 - 2017-03-04 21:06 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-07-15 16:35 - 2017-03-04 20:15 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-07-15 16:35 - 2017-03-04 18:37 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-07-15 16:35 - 2017-03-03 17:11 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-07-15 16:35 - 2017-03-03 17:10 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-07-15 16:35 - 2017-03-03 17:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-07-15 16:35 - 2017-03-03 17:04 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-07-15 16:35 - 2016-04-06 23:13 - 00137976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2017-07-15 16:35 - 2016-04-06 19:49 - 00120384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2017-07-15 16:35 - 2015-11-20 20:18 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2017-07-15 16:35 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-07-15 16:35 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-07-15 16:35 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2017-07-15 16:35 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2017-07-15 16:35 - 2014-10-18 08:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2017-07-15 16:22 - 2016-10-20 15:14 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2017-07-15 16:22 - 2016-10-20 15:10 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2017-07-15 16:20 - 2017-02-09 16:59 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-07-15 16:20 - 2017-02-09 16:58 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-07-15 16:20 - 2017-02-09 16:58 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-07-15 16:20 - 2017-02-04 21:32 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2017-07-15 16:20 - 2017-02-04 21:30 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-07-15 16:20 - 2017-02-04 19:50 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-07-15 16:20 - 2017-02-04 19:40 - 01754112 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-07-15 16:20 - 2017-02-04 19:32 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2017-07-15 16:20 - 2017-02-04 19:17 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2017-07-15 16:20 - 2017-02-04 19:10 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-07-15 16:20 - 2017-02-04 19:05 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2017-07-15 16:20 - 2017-01-21 23:37 - 00567152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-07-15 16:20 - 2017-01-21 21:27 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2017-07-15 16:20 - 2017-01-21 21:27 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msobjs.dll
2017-07-15 16:20 - 2017-01-21 20:40 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2017-07-15 16:20 - 2017-01-21 20:40 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msobjs.dll
2017-07-15 16:20 - 2017-01-14 19:49 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-07-15 16:20 - 2016-11-19 23:24 - 00152856 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-07-15 16:20 - 2016-11-19 19:22 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-07-15 16:19 - 2016-08-21 00:55 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-07-15 16:18 - 2016-08-22 18:06 - 00179248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-07-15 16:18 - 2016-08-22 18:06 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-07-15 16:18 - 2016-08-13 02:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2017-07-15 16:18 - 2016-05-19 01:18 - 00397232 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-07-15 16:18 - 2016-05-19 01:16 - 00178016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-07-15 16:18 - 2016-05-19 00:28 - 00340880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-07-15 16:17 - 2016-08-11 18:26 - 01156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-07-15 16:17 - 2016-08-11 18:17 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-07-15 16:17 - 2016-08-11 18:16 - 00455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-07-15 16:16 - 2016-06-25 20:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-07-15 16:16 - 2016-06-25 18:24 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-07-15 16:16 - 2016-06-25 18:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-07-15 16:16 - 2016-01-30 21:00 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-07-15 16:16 - 2016-01-30 20:18 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-07-15 16:16 - 2016-01-30 19:48 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2017-07-15 16:16 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2017-07-15 16:15 - 2016-05-06 17:45 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-07-15 16:15 - 2016-05-06 17:23 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-07-15 16:14 - 2016-05-14 22:01 - 00363104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2017-07-15 16:14 - 2016-05-14 22:01 - 00320720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2017-07-15 16:14 - 2016-05-14 01:07 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-07-15 16:14 - 2016-05-13 23:58 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2017-07-15 16:14 - 2016-05-13 23:45 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-07-15 16:14 - 2016-05-13 23:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2017-07-15 16:14 - 2016-05-13 23:26 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-07-15 16:13 - 2016-04-11 08:21 - 00074584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2017-07-15 16:13 - 2016-04-09 23:58 - 00534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-07-15 16:13 - 2016-04-09 23:50 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-07-15 16:12 - 2016-03-31 08:50 - 01307328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-07-15 16:12 - 2016-03-31 05:40 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-07-15 16:11 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2017-07-15 16:10 - 2016-02-06 20:08 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2017-07-15 16:10 - 2016-01-31 21:16 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2017-07-15 16:09 - 2016-02-04 19:24 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-07-15 16:09 - 2016-02-04 19:02 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-07-15 16:07 - 2016-01-10 19:50 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2017-07-15 16:07 - 2016-01-10 19:16 - 00898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-07-15 16:07 - 2016-01-10 19:14 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2017-07-15 16:07 - 2016-01-10 19:12 - 00532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2017-07-15 16:07 - 2016-01-10 18:51 - 00702976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-07-15 16:07 - 2016-01-10 18:49 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EncDec.dll
2017-07-15 16:06 - 2015-12-28 23:42 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSync.dll
2017-07-15 16:06 - 2015-12-28 22:31 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSync.dll
2017-07-15 16:05 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2017-07-15 16:05 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2017-07-15 16:03 - 2015-12-08 21:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2017-07-15 16:03 - 2015-12-08 21:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2017-07-15 16:02 - 2015-12-05 07:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-07-15 16:02 - 2015-12-05 07:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-07-15 16:02 - 2015-12-05 07:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2017-07-15 16:02 - 2015-12-05 07:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2017-07-15 16:02 - 2015-12-05 07:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-07-15 16:02 - 2015-12-05 07:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-07-15 16:02 - 2015-12-05 07:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-07-15 16:02 - 2015-12-05 07:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-07-15 16:02 - 2015-12-05 07:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-07-15 16:02 - 2015-12-05 07:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-07-15 16:02 - 2015-12-05 07:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-15 16:02 - 2015-12-05 07:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2017-07-15 16:02 - 2015-12-05 07:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2017-07-15 16:02 - 2015-12-05 07:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2017-07-15 16:02 - 2015-12-05 07:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2017-07-15 16:02 - 2015-12-05 07:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2017-07-15 16:02 - 2015-12-05 07:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2017-07-15 16:02 - 2015-12-03 20:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2017-07-15 16:02 - 2015-12-03 20:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2017-07-15 16:02 - 2015-12-03 20:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2017-07-15 16:02 - 2015-12-03 20:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2017-07-15 16:02 - 2015-12-03 20:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2017-07-15 16:02 - 2015-12-03 19:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2017-07-15 16:02 - 2015-12-03 19:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2017-07-15 16:02 - 2015-12-03 19:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2017-07-15 16:02 - 2015-12-03 19:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2017-07-15 16:02 - 2015-12-03 19:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2017-07-15 16:02 - 2015-12-03 19:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2017-07-15 16:02 - 2015-12-03 19:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2017-07-15 16:02 - 2015-12-03 18:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2017-07-15 16:02 - 2015-12-03 18:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2017-07-15 16:02 - 2015-12-02 17:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2017-07-15 16:02 - 2015-12-02 17:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2017-07-15 16:01 - 2015-11-05 10:59 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2017-07-15 16:00 - 2015-11-21 20:32 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2017-07-15 16:00 - 2015-11-21 19:50 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2017-07-15 16:00 - 2015-11-21 18:47 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2017-07-15 16:00 - 2015-11-21 18:40 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2017-07-15 16:00 - 2014-11-10 20:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2017-07-15 15:58 - 2015-10-13 19:10 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-07-15 15:57 - 2015-09-24 18:42 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2017-07-15 15:57 - 2015-09-24 18:40 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-07-15 15:57 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2017-07-15 15:57 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2017-07-15 15:57 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-07-15 15:57 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2017-07-15 15:57 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2017-07-15 15:57 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-07-15 15:57 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-07-15 15:54 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2017-07-15 15:54 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2017-07-15 15:54 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-07-15 15:54 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-07-15 15:54 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2017-07-15 15:54 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2017-07-15 15:54 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2017-07-15 15:54 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2017-07-15 15:53 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-07-15 15:53 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-07-15 15:52 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-07-15 15:52 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2017-07-15 15:52 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2017-07-15 15:52 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2017-07-15 15:51 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-07-15 15:51 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-07-15 15:51 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2017-07-15 15:50 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-07-15 15:49 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2017-07-15 15:49 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2017-07-15 15:49 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2017-07-15 15:49 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2017-07-15 15:49 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2017-07-15 15:48 - 2015-01-28 03:31 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2017-07-15 15:48 - 2015-01-28 03:11 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2017-07-15 15:47 - 2015-01-31 01:20 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-07-15 15:47 - 2014-12-09 05:45 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2017-07-15 15:47 - 2014-12-09 03:56 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2017-07-15 15:46 - 2017-07-15 15:46 - 00002537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2017-07-15 15:46 - 2017-07-15 15:46 - 00002533 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2017-07-15 15:46 - 2017-07-15 15:46 - 00002512 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2017-07-15 15:46 - 2017-07-15 15:46 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2017-07-15 15:46 - 2017-07-15 15:46 - 00002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2017-07-15 15:46 - 2017-07-15 15:46 - 00002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2017-07-15 15:46 - 2017-07-15 15:46 - 00002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2017-07-15 15:46 - 2017-07-15 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2017-07-15 15:46 - 2015-01-10 11:25 - 00112960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2017-07-15 15:46 - 2015-01-10 10:21 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-07-15 15:46 - 2014-10-29 03:15 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2017-07-15 15:46 - 2014-10-29 03:14 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2017-07-15 15:46 - 2014-10-29 03:13 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2017-07-15 15:46 - 2014-10-29 03:13 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2017-07-15 15:45 - 2014-12-12 04:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2017-07-15 15:43 - 2017-07-15 15:43 - 01446792 _____ C:\Users\Leonie\Downloads\SteamSetup.exe
2017-07-15 15:39 - 2017-07-15 15:40 - 03190256 _____ (Blizzard Entertainment) C:\Users\Leonie\Downloads\World-of-Warcraft-Setup.exe
2017-07-15 15:39 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-07-15 15:39 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-07-15 15:36 - 2017-07-15 15:36 - 00013312 ___SH C:\Users\Leonie\Downloads\Thumbs.db
2017-07-15 15:22 - 2017-07-18 12:28 - 00000000 ____D C:\Users\Leonie\AppData\Local\Adobe
2017-07-15 15:05 - 2017-07-15 15:05 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-07-15 15:03 - 2017-07-17 10:39 - 00000000 ____D C:\ProgramData\360Quarant
2017-07-15 15:03 - 2017-07-15 15:03 - 00000000 ____D C:\WINDOWS\Tasks\360Disabled
2017-07-15 15:01 - 2017-07-15 15:01 - 04217656 _____ (Microsoft Corporation) C:\Users\Leonie\Downloads\Setup.X86.de-DE_O365HomePremRetail_0700d9ea-bc84-4dc7-bf40-1ee5f9746c41_TX_DB_.exe
2017-07-15 14:54 - 2017-07-15 14:54 - 00000000 ____D C:\Users\Leonie\AppData\Local\CEF
2017-07-15 14:53 - 2017-07-18 11:44 - 00000000 ____D C:\Program Files (x86)\360
2017-07-15 14:53 - 2017-07-10 10:44 - 00086248 _____ (360.cn) C:\WINDOWS\SysWOW64\Drivers\360AvFlt.sys
2017-07-15 14:48 - 2017-07-15 14:52 - 72154216 _____ C:\Users\Leonie\Downloads\360TS_Setup.exe
2017-07-15 14:48 - 2017-07-15 14:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ldiagio_uefi_01009.Wdf
2017-07-15 14:48 - 2017-07-15 14:48 - 00000000 ____D C:\Users\Leonie\AppData\Roaming\LSC
2017-07-15 14:46 - 2017-07-15 14:46 - 01477032 _____ (QIHU 360 SOFTWARE CO. LIMITED) C:\Users\Leonie\Downloads\360TS_Setup_Mini.exe
2017-07-15 13:51 - 2017-07-18 10:38 - 00003938 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{67C0DD8C-AB99-42B6-99B4-E76CEBD73C3C}
2017-07-15 13:51 - 2017-07-15 13:51 - 00000000 __SHD C:\Users\Leonie\AppData\Local\EmieUserList
2017-07-15 13:51 - 2017-07-15 13:51 - 00000000 __SHD C:\Users\Leonie\AppData\Local\EmieSiteList
2017-07-15 13:51 - 2017-07-15 13:51 - 00000000 __SHD C:\Users\Leonie\AppData\Local\EmieBrowserModeList
2017-07-15 13:51 - 2017-07-15 12:51 - 00000000 __SHD C:\Users\Leonie\AppData\LocalLow\EmieSiteList
2017-07-15 13:01 - 2017-07-17 14:37 - 00003850 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1500116492
2017-07-15 13:01 - 2017-07-15 13:01 - 00001120 _____ C:\Users\Public\Desktop\Opera-Browser.lnk
2017-07-15 13:01 - 2017-07-15 13:01 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera-Browser.lnk
2017-07-15 13:01 - 2017-07-15 13:01 - 00000000 ____D C:\Users\Leonie\AppData\Roaming\Opera Software
2017-07-15 13:01 - 2017-07-15 13:01 - 00000000 ____D C:\Users\Leonie\AppData\Local\Opera Software
2017-07-15 12:58 - 2017-07-15 13:02 - 00000000 ____D C:\Program Files\Opera
2017-07-15 12:52 - 2017-07-18 11:40 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2024283145-1016006098-2825724025-1001
2017-07-15 12:51 - 2017-07-15 14:42 - 00000000 ____D C:\Users\Leonie\AppData\Local\Lenovo
2017-07-15 12:51 - 2017-07-15 12:51 - 00000000 __SHD C:\Users\Leonie\AppData\LocalLow\EmieUserList
2017-07-15 12:51 - 2017-07-15 12:51 - 00000000 __SHD C:\Users\Leonie\AppData\LocalLow\EmieBrowserModeList
2017-07-14 17:12 - 2017-07-14 17:12 - 00000000 ____D C:\Users\Leonie\AppData\Roaming\Intel Corporation
2017-07-14 17:11 - 2017-07-14 17:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-07-14 17:11 - 2017-07-14 17:11 - 00000000 ____D C:\Users\Leonie\Documents\Meine empfangenen Dateien
2017-07-14 17:11 - 2017-07-14 17:11 - 00000000 ____D C:\Users\Leonie\AppData\Roaming\ATI
2017-07-14 17:11 - 2017-07-14 17:11 - 00000000 ____D C:\Users\Leonie\AppData\Local\Power2Go8
2017-07-14 17:11 - 2017-07-14 17:11 - 00000000 ____D C:\Users\Leonie\AppData\Local\ATI
2017-07-14 17:10 - 2017-07-17 12:07 - 00000000 ____D C:\Users\Leonie\AppData\Local\Packages
2017-07-14 17:10 - 2017-07-17 10:39 - 00000000 ____D C:\Users\Leonie\AppData\Roaming\Adobe
2017-07-14 17:10 - 2017-07-14 17:10 - 00001465 _____ C:\Users\Leonie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-07-14 17:10 - 2017-07-14 17:10 - 00000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-07-14 17:10 - 2017-07-14 17:10 - 00000020 ___SH C:\Users\Leonie\ntuser.ini
2017-07-14 17:10 - 2017-07-14 17:10 - 00000000 _SHDL C:\Users\Leonie\Vorlagen
2017-07-14 17:10 - 2017-07-14 17:10 - 00000000 _SHDL C:\Users\Leonie\Startmenü
2017-07-14 17:10 - 2017-07-14 17:10 - 00000000 _SHDL C:\Users\Leonie\Netzwerkumgebung
2017-07-14 17:10 - 2017-07-14 17:10 - 00000000 _SHDL C:\Users\Leonie\Lokale Einstellungen
2017-07-14 17:10 - 2017-07-14 17:10 - 00000000 _SHDL C:\Users\Leonie\Eigene Dateien
2017-07-14 17:10 - 2017-07-14 17:10 - 00000000 _SHDL C:\Users\Leonie\Druckumgebung
2017-07-14 17:10 - 2017-07-14 17:10 - 00000000 _SHDL C:\Users\Leonie\Documents\Eigene Videos
2017-07-14 17:10 - 2017-07-14 17:10 - 00000000 _SHDL C:\Users\Leonie\Documents\Eigene Musik
2017-07-14 17:10 - 2017-07-14 17:10 - 00000000 _SHDL C:\Users\Leonie\Documents\Eigene Bilder
2017-07-14 17:10 - 2017-07-14 17:10 - 00000000 _SHDL C:\Users\Leonie\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-07-14 17:10 - 2017-07-14 17:10 - 00000000 _SHDL C:\Users\Leonie\AppData\Local\Verlauf
2017-07-14 17:10 - 2017-07-14 17:10 - 00000000 _SHDL C:\Users\Leonie\AppData\Local\Anwendungsdaten
2017-07-14 17:10 - 2017-07-14 17:10 - 00000000 _SHDL C:\Users\Leonie\Anwendungsdaten
2017-07-14 17:10 - 2017-07-14 17:10 - 00000000 __SHD C:\Users\Leonie\IntelGraphicsProfiles
2017-07-14 17:10 - 2017-07-14 17:10 - 00000000 ____D C:\Users\Leonie\AppData\Roaming\Intel
2017-07-14 17:10 - 2017-07-14 17:10 - 00000000 ____D C:\Users\Leonie\AppData\Local\VirtualStore
2017-07-14 17:10 - 2014-03-18 11:55 - 00000369 _____ C:\Users\Leonie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2017-07-14 17:10 - 2014-03-18 11:55 - 00000369 _____ C:\Users\Leonie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2017-07-14 17:09 - 2017-07-17 11:58 - 00000000 ____D C:\Users\Leonie
2017-07-14 17:09 - 2017-07-14 17:09 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-14 17:09 - 2015-03-14 08:01 - 00000000 ____D C:\Users\Leonie\AppData\Roaming\Macromedia
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Default\Vorlagen
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Default\Startmenü
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Programme
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\ProgramData\Vorlagen
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\ProgramData\Startmenü
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\ProgramData\Dokumente
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2017-07-14 17:03 - 2017-07-14 17:03 - 00000000 _SHDL C:\Dokumente und Einstellungen
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-18 12:25 - 2015-03-14 14:54 - 00766620 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-18 12:25 - 2015-03-14 14:54 - 00159902 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-18 12:25 - 2014-03-18 11:53 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-18 12:25 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2017-07-18 12:21 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-18 11:10 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-07-18 11:09 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2017-07-18 11:06 - 2015-03-14 07:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-07-18 10:43 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-17 14:43 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-07-17 14:37 - 2015-03-14 08:03 - 00003056 _____ C:\WINDOWS\System32\Tasks\PDVDServ Task
2017-07-17 12:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-17 12:09 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-17 11:50 - 2013-08-22 16:44 - 00486208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-17 11:47 - 2015-03-14 06:48 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2017-07-17 11:47 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2017-07-17 11:47 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-07-17 11:47 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2017-07-17 11:47 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-07-17 11:47 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\setup
2017-07-17 11:47 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2017-07-17 11:47 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-07-17 11:47 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-07-17 11:47 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-07-17 11:47 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2017-07-17 09:49 - 2015-03-14 08:01 - 00000000 ____D C:\ProgramData\Adobe
2017-07-17 09:34 - 2015-03-14 06:59 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-17 09:30 - 2015-03-14 08:01 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-07-17 08:08 - 2013-08-22 17:36 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-07-17 07:50 - 2015-03-14 07:53 - 00000000 ____D C:\Program Files (x86)\Lenovo
2017-07-15 17:15 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-07-15 16:59 - 2015-03-14 08:08 - 00000000 ____D C:\ProgramData\Office2013
2017-07-15 15:24 - 2015-03-14 07:54 - 00000000 ____D C:\Program Files\lenovo
2017-07-15 15:23 - 2015-03-14 07:53 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-07-15 15:20 - 2015-03-14 08:03 - 00002560 _____ C:\WINDOWS\system32\VfService.trf
2017-07-15 15:20 - 2015-03-14 07:54 - 00000000 ____D C:\ProgramData\Lenovo
2017-07-15 15:20 - 2015-03-14 07:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-07-15 15:15 - 2015-03-14 07:05 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-07-15 13:51 - 2015-03-14 08:03 - 00000000 ____D C:\ProgramData\CyberLink
2017-07-15 13:50 - 2015-03-14 08:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Photo Master
2017-07-15 02:01 - 2013-08-22 17:36 - 00262144 _____ C:\WINDOWS\system32\config\BCD-Template
2017-07-14 17:14 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2017-07-14 17:11 - 2014-04-03 21:15 - 00000000 ____D C:\WINDOWS\Panther
2017-07-14 17:04 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2017-07-14 17:03 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows NT
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-03-14 07:07 - 2015-03-14 07:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2014-07-22 06:23 - 2014-07-22 06:23 - 0191901 _____ (ClientConnect LTD) C:\Users\Leonie\AppData\Local\Temp\nsrECFB.exe
2017-07-15 12:51 - 2017-07-15 12:56 - 64118864 _____ (SweetLabs,Inc.) C:\Users\Leonie\AppData\Local\Temp\oct42D9.tmp.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2014-08-23 23:30
==================== Ende von FRST.txt ============================
Addition
Code:
Alles auswählen Aufklappen ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-07-2017
durchgeführt von Leonie (18-07-2017 13:15:28)
Gestartet von C:\Users\Leonie\Downloads
Windows 8.1 (Update) (X64) (2017-07-14 15:09:29)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2024283145-1016006098-2825724025-500 - Administrator - Disabled)
Gast (S-1-5-21-2024283145-1016006098-2825724025-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2024283145-1016006098-2825724025-1003 - Limited - Enabled)
Leonie (S-1-5-21-2024283145-1016006098-2825724025-1001 - Administrator - Enabled) => C:\Users\Leonie
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.1.1.202 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{6E2E5B9E-BCCC-066F-BBB5-4DCA7289E2CD}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM-x32\...\{1D2682EA-75DD-44B6-BF2D-CD3C49EAD012}) (Version: 1.6.38.01 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4ABFEC28-1554-493D-A84D-BEA21D8E6D6F}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3910 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1431.1) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{eff1d9d1-41fa-49ef-a986-082bfe49c293}) (Version: 16.8.0 - Intel Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.38.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.1.12.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.8229.2086 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2024283145-1016006098-2825724025-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Nitro Pro 9 (HKLM\...\{4C32F7E8-A65F-4D3C-9153-9F3B57CB6872}) (Version: 9.0.5.9 - Nitro)
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Ihr Firmenname)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8229.2086 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2086 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2086 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
Opera Stable 46.0.2597.46 (HKLM-x32\...\Opera 46.0.2597.46) (Version: 46.0.2597.46 - Opera Software)
PX Profile Update (HKLM-x32\...\{954CFDDE-AF07-2AF9-9600-706E798D42BA}) (Version: 1.00.1. - AMD) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39052 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.74 - Synaptics Incorporated)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2024283145-1016006098-2825724025-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Leonie\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2024283145-1016006098-2825724025-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ContextMenuHandlers01: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers01: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
ContextMenuHandlers01: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Common Files\Nitro\Pro\9.0\NPShellExtension64.dll [2013-12-12] (Nitro PDF)
ContextMenuHandlers04: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers05: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-03-11] (Advanced Micro Devices, Inc.)
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2014-08-20] (Intel Corporation)
ContextMenuHandlers06: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers06: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2017-05-26] ()
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01955706-A3FE-41BC-BEFC-44598FD3AE0A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-02] (Microsoft Corporation)
Task: {16B3F0EE-5455-4308-BD19-A72D1632B640} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-02] (Microsoft Corporation)
Task: {61B119BA-F912-4B48-ACAD-1ED9E9E6D9F3} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-12-14] ()
Task: {7857713D-FFA9-416B-824F-348008638377} - System32\Tasks\Opera scheduled Autoupdate 1500116492 => C:\Program Files\Opera\launcher.exe [2017-07-11] (Opera Software)
Task: {91A9CA6D-D0AD-42EA-BABE-8C6F20FA0446} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-18] ()
Task: {93F9173A-646D-4BA4-A9F0-17C8ABB2D166} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {BAC61B64-F57C-4530-998F-21248CEC2D7D} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2017-07-15] (Lenovo)
Task: {C2669278-02A9-4C1C-8C80-C7332DBB3634} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-18] ()
Task: {C4248A3F-AA18-49A6-8325-E3EBDC52FB44} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {DE75D11E-114C-4E4B-9849-FB65403602D0} - System32\Tasks\AdobeAAMUpdater-1.0-Lenovo-PC-Leonie => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {EF008665-58C9-450A-9CAB-A93E223CE796} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-08-18] (Lenovo)
Task: {F392E9B4-724E-4EB0-89CF-B29678CEDE5E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-07-18] (Microsoft Corporation)
Task: {FF11677E-6E66-45E2-B42E-4DE43FF907CA} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-03-14 07:53 - 2014-07-09 18:19 - 00592880 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
2017-05-26 03:18 - 2017-05-26 03:18 - 00492112 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-03-14 07:07 - 2010-10-26 06:40 - 00049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2017-07-15 13:01 - 2017-07-11 06:40 - 89009752 _____ () C:\Program Files\Opera\46.0.2597.46\opera_browser.dll
2017-07-15 13:01 - 2017-07-11 06:40 - 03930712 _____ () C:\Program Files\Opera\46.0.2597.46\libglesv2.dll
2017-07-15 13:01 - 2017-07-11 06:40 - 00100440 _____ () C:\Program Files\Opera\46.0.2597.46\libegl.dll
2017-05-15 02:38 - 2017-05-15 02:38 - 34957896 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-03-14 07:06 - 2013-09-16 21:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-06-04 07:19 - 2017-06-04 07:19 - 52051552 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-05-18 09:02 - 2017-05-18 09:02 - 40524400 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll
2017-05-30 01:39 - 2017-05-30 01:39 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-05-30 01:39 - 2017-05-30 01:39 - 00214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-05-30 01:38 - 2017-05-30 01:38 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-05-30 01:39 - 2017-05-30 01:39 - 00125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-06-04 07:47 - 2017-06-04 07:47 - 00099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-05-30 01:39 - 2017-05-30 01:39 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-05-19 23:49 - 2017-05-19 23:49 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-05-19 23:49 - 2017-05-19 23:49 - 00117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2017-05-19 23:49 - 2017-05-19 23:49 - 00125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-05-19 23:50 - 2017-05-19 23:50 - 00214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-06-04 07:43 - 2017-06-04 07:43 - 00099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-05-19 23:49 - 2017-05-19 23:49 - 00098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2017-05-19 23:50 - 2017-05-19 23:50 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:nlsPreferences [386]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2017-07-18 12:20 - 00000830 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2024283145-1016006098-2825724025-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Leonie\Downloads\csm_e2-SERVING-HEROES-3040x1188px_8b0906af2f.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
15-07-2017 13:48:53 Konfiguriert Lenovo Photo Master
17-07-2017 09:31:44 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
17-07-2017 09:32:58 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
17-07-2017 10:39:27 Revo Uninstaller's restore point - 360 Total Security
17-07-2017 14:47:26 JRT Pre-Junkware Removal
17-07-2017 14:50:15 JRT Pre-Junkware Removal
18-07-2017 10:48:59 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/18/2017 10:34:17 AM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Fehler beim Laden des Protokollhandlers OneIndex16. Fehlerbeschreibung: (HRESULT : 0x800700c1).
Error: (07/17/2017 02:52:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe CEF Helper.exe, Version: 4.1.1.202, Zeitstempel: 0x5934127c
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2704.1434.0, Zeitstempel: 0x5798eeba
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00be5ccd
ID des fehlerhaften Prozesses: 0x720
Startzeit der fehlerhaften Anwendung: 0x01d2fefa9790eaf3
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
Berichtskennung: bc74c3ce-6aee-11e7-8265-f406696d334a
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (07/17/2017 01:18:27 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Fehler beim Laden des Protokollhandlers OneIndex16. Fehlerbeschreibung: (HRESULT : 0x800700c1).
Error: (07/17/2017 12:18:25 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Fehler beim Laden des Protokollhandlers OneIndex16. Fehlerbeschreibung: (HRESULT : 0x800700c1).
Error: (07/17/2017 08:01:30 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {16259051-3E97-4E1F-85DD-0FBF524D1200}
Error: (07/17/2017 08:01:30 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {16259051-3E97-4E1F-85DD-0FBF524D1200}
Error: (07/15/2017 05:13:35 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {7D0CCFD7-11AD-44D4-BF16-87186D9E32DB}
Error: (07/15/2017 03:20:52 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT-AUTORITÄT)
Description: a7f42014
Error: (07/15/2017 03:20:33 PM) (Source: AVLogEvent) (EventID: 5005) (User: NT-AUTORITÄT)
Description: a7f42014
Systemfehler:
=============
Error: (07/18/2017 12:20:43 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll
Error: (07/18/2017 12:20:43 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll
Error: (07/18/2017 12:20:41 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll
Error: (07/18/2017 12:20:19 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (07/18/2017 12:19:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/18/2017 12:19:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Event Log" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/18/2017 12:19:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Lenovo WiFiHotspot Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/18/2017 12:19:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/18/2017 12:19:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CCSDK" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/18/2017 12:19:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 8084.27 MB
Verfügbarer physikalischer RAM: 5567.02 MB
Summe virtueller Speicher: 10004.27 MB
Verfügbarer virtueller Speicher: 7417.11 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:889.47 GB) (Free:839.39 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:24.93 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 420B625A)
Partition: GPT.
==================== Ende von Addition.txt ============================
18.07.2017, 12:21
Baum-Darstellung