Win10 Notebook auf Schadsoftware und Co. prüfen

pinodisole · 23.07.2017, 18:51

Hallo zusammen,

ich hatte vor ein paar Tagen einen PC von einem Bekannten im Netzwerk, bei dem die Netzwerkkarte keine Treiber mehr hatte.

Meine Aufgabe lautetete: Guck mal, ob du das Ding wieder online bekommst. Windows (Home Premium) schien noch nicht lange aufgesetzt zu sein, da auch noch keine Aktivierung vorgenommen war.

Ich habe über Driver Assist von Safebytes installiert und alle Treiber aktualisieren lassen. Danach funktionierte auch die Netzwerkkarte.

Ich habe dann noch Windows aktiviert und es liefen dann ca. 3 Stunden lang 180 Updates.

Nun stellt sich heraus, dass der PC von dem Bekannten wohl ein Zombie sein soll. So zumindest seine Angaben und ich möchte einigermaßen sicher gehen, das mein Notebook nichts abbekommen hat.

Das Notebook (Win10 Pro) verhält sich bisher unauffällig.

Wie gehe ich am besten vor?

Danke und Gruß, Pino

Edit: Google sagt du Driver Assist, dass das wohl auch Malware sein könnte. Damit hatte ich wie gesagt die Treiber aktualisieren lassen und für die Lizenz bezahlt.

M-K-D-B · 23.07.2017, 20:20

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

pinodisole · 23.07.2017, 22:57

Hi Matthias,

vielen Dank für deine Unterstützung.

Hier die Log-Files "FRST.txt" und "Addition.txt".

Gruß Pino

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-07-2017
durchgeführt von pino (Administrator) auf DELL (23-07-2017 23:44:56)
Gestartet von C:\Users\pino\Desktop
Geladene Profile: pino (Verfügbare Profile: defaultuser0 & pino)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Sierra Wireless, Inc.) C:\Program Files\Sierra Wireless Inc\Utils\SwiService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\AuthManager\AuthManSvr.exe
(GN Audio A/S) C:\Program Files (x86)\Jabra\Direct\JabraDirect.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
() C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Don HO don.h@free.fr) C:\Program Files\Notepad++\notepad++.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Pulse Secure, LLC) C:\Users\pino\AppData\Roaming\Pulse Secure\Setup Client\PulseSetupClient.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.8229.2086\OfficeClickToRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [773760 2016-10-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8474880 2015-05-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403800 2015-05-27] (Realtek Semiconductor)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [526648 2016-11-07] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231736 2016-11-07] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-07-12] (Dropbox, Inc.)
HKLM-x32\...\Run: [Jabra Direct] => C:\Program Files (x86)\Jabra\Direct\JabraDirect.exe [1273792 2017-05-02] (GN Audio A/S)
HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\MountPoints2: {0fcff8c3-0bc2-11e7-96a2-8086f2d83e01} - "D:\VmS.exe" 
HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\MountPoints2: {ecb9dff6-370b-11e7-96aa-8086f2d83e01} - "D:\AutoRun.exe" 

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0a501cb2-4b95-489d-8291-c2c4f3832c64}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{167546f3-0743-4e41-8a58-27f68faa5282}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{b297a4e9-5f79-4fbf-aee2-34a81362d97d}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-697847764-2959338102-2115453073-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKU\S-1-5-21-697847764-2959338102-2115453073-1001 -> {2867DB33-23AD-4975-962A-958043E2C207} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-02] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-02] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-06-20] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-07-02] (Microsoft Corporation)
DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab
DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://pbrasweb.postbank.de/dana-cached/sc/PulseSetupClient.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T30L10NSP14EP2-20000/webex/ieatgpc1.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-02] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)

FireFox:
========
FF DefaultProfile: sxbmzu46.default-1492723331066
FF ProfilePath: C:\Users\pino\AppData\Roaming\Mozilla\Firefox\Profiles\sxbmzu46.default-1492723331066 [2017-07-23]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2016-11-07] (Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default [2017-07-23]
CHR Extension: (Google Präsentationen) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-17]
CHR Extension: (Google Docs) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-17]
CHR Extension: (Google Drive) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-17]
CHR Extension: (YouTube) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-17]
CHR Extension: (Cisco WebEx) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\fceempjejlfaadkgdacpfhheknndlcjl [2017-07-14]
CHR Extension: (Google Tabellen) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-17]
CHR Extension: (Google Docs Offline) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-18]
CHR Extension: (IE Tab) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2017-07-14]
CHR Extension: (Cisco WebEx Extension) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibgpnhikmkblcolfmklkbcakhkgmleef [2017-03-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-17]
CHR Extension: (Google Mail) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-17]
CHR Extension: (Chrome Media Router) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-14]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [104744 2016-10-20] (Alps Electric Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4411592 2017-06-23] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-22] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-22] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-07-12] (Dropbox, Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] ()
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373760 2016-10-25] (Intel Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [682072 2015-07-06] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [299776 2015-05-27] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 SwiService; C:\Program Files\Sierra Wireless Inc\Utils\SwiService.exe [1163360 2016-01-25] (Sierra Wireless, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 blackberryncm; C:\WINDOWS\System32\drivers\blackberryncm6_AMD64.sys [36360 2016-04-06] (BlackBerry)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (OSR Open Systems Resources, Inc.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [547840 2015-09-12] (Intel Corporation)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [380800 2015-01-07] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
R3 IntcAzAudAddService; C:\WINDOWS\system32\drivers\RTDVHD64.sys [2540800 2015-05-27] (Realtek Semiconductor Corp.)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-01-02] (Riverbed Technology, Inc.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [146512 2015-07-02] (STMicroelectronics)
S3 swg3kser05; C:\WINDOWS\system32\DRIVERS\swg3kser05.sys [296576 2016-01-28] (Sierra Wireless Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 wmbclass; C:\WINDOWS\System32\drivers\wmbclass.sys [327168 2017-06-20] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-23 23:44 - 2017-07-23 23:45 - 00019164 _____ C:\Users\pino\Desktop\FRST.txt
2017-07-23 23:44 - 2017-07-23 23:44 - 00000000 ____D C:\FRST
2017-07-23 23:26 - 2017-07-23 23:27 - 02382336 _____ (Farbar) C:\Users\pino\Desktop\FRST64.exe
2017-07-23 18:30 - 2017-07-23 18:30 - 00219658 _____ C:\Users\pino\Downloads\FRITZ.Box 7580 153.06.83_23.07.17_1830.export
2017-07-22 22:16 - 2017-07-22 22:17 - 01787592 _____ C:\Users\pino\Downloads\AnyDesk (2).exe
2017-07-22 22:16 - 2017-07-22 22:16 - 01787592 _____ C:\Users\pino\Downloads\AnyDesk (1).exe
2017-07-22 21:58 - 2017-07-22 21:58 - 01787592 _____ C:\Users\pino\Downloads\AnyDesk.exe
2017-07-17 20:21 - 2017-07-17 20:21 - 00000000 ____D C:\Users\pino\Downloads\realtek_pcielan_7_mb
2017-07-17 20:20 - 2017-07-17 20:20 - 10886971 _____ C:\Users\pino\Downloads\realtek_pcielan_7_mb.zip
2017-07-16 20:24 - 2017-07-16 20:24 - 59651896 _____ C:\Users\pino\Downloads\PROWinx64.exe
2017-07-16 12:38 - 2017-07-16 12:38 - 03177096 _____ C:\Users\pino\Downloads\dreamNotificationsDebug.apk
2017-07-15 15:22 - 2017-07-15 15:22 - 00363340 _____ C:\Users\pino\Downloads\302-1541508-1397143.pdf
2017-07-15 15:22 - 2017-07-15 15:22 - 00363340 _____ C:\Users\pino\Downloads\302-1541508-1397143 (1).pdf
2017-07-14 12:30 - 2017-07-14 12:35 - 151278979 _____ C:\Users\pino\Downloads\gigablue.rar
2017-07-14 12:30 - 2017-07-14 12:30 - 00000979 _____ C:\Users\pino\Downloads\Anleitung zum Flashen.txt
2017-07-14 10:47 - 2017-07-14 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-07-14 10:44 - 2017-07-14 10:44 - 00000000 ____D C:\Users\pino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2017-07-12 21:58 - 2017-07-12 21:58 - 00049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-07-12 21:58 - 2017-07-12 21:58 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-07-12 21:58 - 2017-07-12 21:58 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-07-12 21:58 - 2017-07-12 21:58 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-07-12 21:24 - 2017-07-07 09:24 - 00117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-12 21:24 - 2017-07-07 09:20 - 02021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-07-12 21:24 - 2017-07-07 09:13 - 00554392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-07-12 21:24 - 2017-07-07 09:13 - 00336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-07-12 21:24 - 2017-07-07 09:11 - 00094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-07-12 21:24 - 2017-07-07 09:10 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-07-12 21:24 - 2017-07-07 08:57 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-07-12 21:24 - 2017-07-07 08:57 - 00125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2017-07-12 21:24 - 2017-07-07 08:39 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-07-12 21:24 - 2017-07-07 08:39 - 00096128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-07-12 21:24 - 2017-07-07 08:37 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-07-12 21:24 - 2017-07-07 08:37 - 01339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-07-12 21:24 - 2017-07-07 08:31 - 05820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-07-12 21:24 - 2017-07-07 08:31 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-12 21:24 - 2017-07-07 08:31 - 00129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-07-12 21:24 - 2017-07-07 08:30 - 02165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-07-12 21:24 - 2017-07-07 08:30 - 00949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2017-07-12 21:24 - 2017-07-07 08:30 - 00750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-07-12 21:24 - 2017-07-07 08:29 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-07-12 21:24 - 2017-07-07 08:29 - 00123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2017-07-12 21:24 - 2017-07-07 08:27 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-12 21:24 - 2017-07-07 08:26 - 20373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-07-12 21:24 - 2017-07-07 08:26 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-12 21:24 - 2017-07-07 08:26 - 01195240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-07-12 21:24 - 2017-07-07 08:26 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-07-12 21:24 - 2017-07-07 08:25 - 00035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll
2017-07-12 21:24 - 2017-07-07 08:24 - 01517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-07-12 21:24 - 2017-07-07 08:23 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-07-12 21:24 - 2017-07-07 08:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-07-12 21:24 - 2017-07-07 08:19 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-07-12 21:24 - 2017-07-07 08:18 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2017-07-12 21:24 - 2017-07-07 08:14 - 08211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-07-12 21:24 - 2017-07-07 08:14 - 02956800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-07-12 21:24 - 2017-07-07 08:14 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-07-12 21:24 - 2017-07-07 08:14 - 00790016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-07-12 21:24 - 2017-07-07 08:13 - 13839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-07-12 21:24 - 2017-07-07 08:12 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-12 21:24 - 2017-07-07 08:10 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-07-12 21:24 - 2017-07-07 08:10 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll
2017-07-12 21:24 - 2017-07-07 08:09 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-07-12 21:24 - 2017-07-07 08:08 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-07-12 21:24 - 2017-07-07 08:07 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-07-12 21:24 - 2017-07-07 08:07 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2017-07-12 21:24 - 2017-07-07 08:06 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2017-07-12 21:24 - 2017-07-07 08:05 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-07-12 21:24 - 2017-07-07 08:05 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-07-12 21:24 - 2017-07-07 08:05 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-07-12 21:24 - 2017-07-07 08:05 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-12 21:24 - 2017-07-07 08:04 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-12 21:24 - 2017-07-07 08:04 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-07-12 21:24 - 2017-07-07 08:04 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-12 21:24 - 2017-07-07 08:04 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-12 21:24 - 2017-07-07 08:04 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-07-12 21:24 - 2017-07-07 08:03 - 06123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-07-12 21:24 - 2017-07-07 08:03 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-07-12 21:24 - 2017-07-07 08:03 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-07-12 21:24 - 2017-07-07 08:02 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-07-12 21:24 - 2017-07-07 08:01 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 07596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 01565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-07-12 21:24 - 2017-07-07 07:59 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-12 21:24 - 2017-07-07 07:59 - 01494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-07-12 21:24 - 2017-07-07 07:59 - 01355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-07-12 21:24 - 2017-07-07 07:59 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-07-12 21:24 - 2017-07-07 07:58 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-07-12 21:24 - 2017-07-07 07:58 - 02782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-07-12 21:24 - 2017-07-07 07:58 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-07-12 21:24 - 2017-07-07 07:58 - 01237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-12 21:24 - 2017-07-07 07:55 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2017-07-12 21:24 - 2017-07-07 07:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-07-12 21:24 - 2017-07-07 07:53 - 01301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-12 21:24 - 2017-07-07 07:53 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-12 21:24 - 2017-06-20 08:06 - 00279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-07-12 21:24 - 2017-06-20 08:03 - 00820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-07-12 21:24 - 2017-06-20 08:02 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-07-12 21:24 - 2017-06-20 07:57 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-07-12 21:24 - 2017-06-20 07:34 - 00192416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-07-12 21:24 - 2017-06-20 07:15 - 00455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2017-07-12 21:24 - 2017-06-20 07:13 - 00787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-07-12 21:24 - 2017-06-20 07:13 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2017-07-12 21:24 - 2017-06-20 07:12 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-07-12 21:24 - 2017-06-20 07:12 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2017-07-12 21:24 - 2017-06-20 07:12 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2017-07-12 21:24 - 2017-06-20 07:11 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wmbclass.sys
2017-07-12 21:24 - 2017-06-20 07:10 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-07-12 21:24 - 2017-06-20 07:09 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2017-07-12 21:24 - 2017-06-20 07:09 - 00406032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-07-12 21:24 - 2017-06-20 07:08 - 04469840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-12 21:24 - 2017-06-20 07:08 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2017-07-12 21:24 - 2017-06-20 07:08 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-07-12 21:24 - 2017-06-20 07:07 - 02475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-07-12 21:24 - 2017-06-20 07:07 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2017-07-12 21:24 - 2017-06-20 07:07 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-07-12 21:24 - 2017-06-20 07:07 - 00346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-07-12 21:24 - 2017-06-20 07:07 - 00138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-07-12 21:24 - 2017-06-20 07:06 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-07-12 21:24 - 2017-06-20 07:06 - 00754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-12 21:24 - 2017-06-20 07:06 - 00278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-07-12 21:24 - 2017-06-20 07:05 - 00438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-07-12 21:24 - 2017-06-20 07:05 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-07-12 21:24 - 2017-06-20 07:05 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-07-12 21:24 - 2017-06-20 07:05 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-07-12 21:24 - 2017-06-20 07:04 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-12 21:24 - 2017-06-20 07:04 - 01178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-07-12 21:24 - 2017-06-20 07:04 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-07-12 21:24 - 2017-06-20 07:04 - 01077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2017-07-12 21:24 - 2017-06-20 07:04 - 00181656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-07-12 21:24 - 2017-06-20 07:04 - 00049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll
2017-07-12 21:24 - 2017-06-20 07:03 - 05806048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-07-12 21:24 - 2017-06-20 07:03 - 00864240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-07-12 21:24 - 2017-06-20 07:03 - 00443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2017-07-12 21:24 - 2017-06-20 07:02 - 03377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-12 21:24 - 2017-06-20 07:02 - 01121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-12 21:24 - 2017-06-20 07:02 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-07-12 21:24 - 2017-06-20 07:01 - 00176032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-07-12 21:24 - 2017-06-20 07:00 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-12 21:24 - 2017-06-20 06:56 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-07-12 21:24 - 2017-06-20 06:49 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2017-07-12 21:24 - 2017-06-20 06:49 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-07-12 21:24 - 2017-06-20 06:46 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 21:24 - 2017-06-20 06:45 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2017-07-12 21:24 - 2017-06-20 06:43 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-07-12 21:24 - 2017-06-20 06:43 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2017-07-12 21:24 - 2017-06-20 06:43 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2017-07-12 21:24 - 2017-06-20 06:43 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-07-12 21:24 - 2017-06-20 06:43 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2017-07-12 21:24 - 2017-06-20 06:42 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2017-07-12 21:24 - 2017-06-20 06:42 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2017-07-12 21:24 - 2017-06-20 06:42 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-07-12 21:24 - 2017-06-20 06:42 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-07-12 21:24 - 2017-06-20 06:41 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-07-12 21:24 - 2017-06-20 06:41 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2017-07-12 21:24 - 2017-06-20 06:41 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-07-12 21:24 - 2017-06-20 06:41 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-12 21:24 - 2017-06-20 06:41 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-07-12 21:24 - 2017-06-20 06:40 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-07-12 21:24 - 2017-06-20 06:40 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-07-12 21:24 - 2017-06-20 06:40 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-07-12 21:24 - 2017-06-20 06:40 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-07-12 21:24 - 2017-06-20 06:40 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-07-12 21:24 - 2017-06-20 06:40 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-07-12 21:24 - 2017-06-20 06:39 - 02814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2017-07-12 21:24 - 2017-06-20 06:39 - 02671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-12 21:24 - 2017-06-20 06:39 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-07-12 21:24 - 2017-06-20 06:39 - 00646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2017-07-12 21:24 - 2017-06-20 06:39 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2017-07-12 21:24 - 2017-06-20 06:39 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-07-12 21:24 - 2017-06-20 06:38 - 01451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-07-12 21:24 - 2017-06-20 06:38 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-07-12 21:24 - 2017-06-20 06:38 - 01171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-12 21:24 - 2017-06-20 06:38 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-07-12 21:24 - 2017-06-20 06:38 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-07-12 21:24 - 2017-06-20 06:36 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-07-12 21:24 - 2017-06-20 06:35 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-07-12 21:24 - 2017-06-20 06:35 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-12 21:24 - 2017-06-20 06:35 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-07-12 21:24 - 2017-06-20 06:34 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-07-12 21:24 - 2017-06-20 06:34 - 02750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-07-12 21:24 - 2017-06-20 06:34 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-07-12 21:24 - 2017-06-20 06:34 - 01492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-12 21:24 - 2017-06-20 06:34 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-07-12 21:24 - 2017-06-20 06:31 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-07-12 21:24 - 2017-06-20 06:30 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv
2017-07-12 21:24 - 2017-06-20 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-07-12 21:24 - 2017-06-20 06:30 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-12 21:24 - 2017-06-20 06:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-07-12 21:23 - 2017-07-07 16:00 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2017-07-12 21:23 - 2017-07-07 09:27 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-07-12 21:23 - 2017-07-07 09:27 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-07-12 21:23 - 2017-07-07 09:26 - 01065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-07-12 21:23 - 2017-07-07 09:25 - 00899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-07-12 21:23 - 2017-07-07 09:23 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-07-12 21:23 - 2017-07-07 09:22 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-12 21:23 - 2017-07-07 09:22 - 01186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-07-12 21:23 - 2017-07-07 09:21 - 32688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2017-07-12 21:23 - 2017-07-07 09:21 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-12 21:23 - 2017-07-07 09:20 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-07-12 21:23 - 2017-07-07 09:20 - 00519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-12 21:23 - 2017-07-07 09:20 - 00382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-12 21:23 - 2017-07-07 09:14 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-07-12 21:23 - 2017-07-07 09:14 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-07-12 21:23 - 2017-07-07 09:14 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-12 21:23 - 2017-07-07 09:12 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-07-12 21:23 - 2017-07-07 09:12 - 00318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-07-12 21:23 - 2017-07-07 09:10 - 01325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-07-12 21:23 - 2017-07-07 09:10 - 00254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-12 21:23 - 2017-07-07 09:09 - 00041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll
2017-07-12 21:23 - 2017-07-07 09:07 - 01106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-12 21:23 - 2017-07-07 09:07 - 00058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-07-12 21:23 - 2017-07-07 08:40 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-07-12 21:23 - 2017-07-07 08:37 - 31652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2017-07-12 21:23 - 2017-07-07 08:27 - 01050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-07-12 21:23 - 2017-07-07 08:27 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2017-07-12 21:23 - 2017-07-07 08:27 - 00360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-07-12 21:23 - 2017-07-07 08:26 - 17364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-07-12 21:23 - 2017-07-07 08:23 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-07-12 21:23 - 2017-07-07 08:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-07-12 21:23 - 2017-07-07 08:22 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-07-12 21:23 - 2017-07-07 08:21 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-07-12 21:23 - 2017-07-07 08:20 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-12 21:23 - 2017-07-07 08:20 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-07-12 21:23 - 2017-07-07 08:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2017-07-12 21:23 - 2017-07-07 08:19 - 07149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-07-12 21:23 - 2017-07-07 08:19 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-07-12 21:23 - 2017-07-07 08:18 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-12 21:23 - 2017-07-07 08:18 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-12 21:23 - 2017-07-07 08:18 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2017-07-12 21:23 - 2017-07-07 08:17 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-07-12 21:23 - 2017-07-07 08:17 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-07-12 21:23 - 2017-07-07 08:17 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-12 21:23 - 2017-07-07 08:17 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-12 21:23 - 2017-07-07 08:16 - 12786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-12 21:23 - 2017-07-07 08:16 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-07-12 21:23 - 2017-07-07 08:15 - 08238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-07-12 21:23 - 2017-07-07 08:15 - 00922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-12 21:23 - 2017-07-07 08:14 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-07-12 21:23 - 2017-07-07 08:14 - 01802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-12 21:23 - 2017-07-07 08:14 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-07-12 21:23 - 2017-07-07 08:13 - 05892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-07-12 21:23 - 2017-07-07 08:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 04730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 01305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 00706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-12 21:23 - 2017-07-07 08:11 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-07-12 21:23 - 2017-07-07 08:11 - 02649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-07-12 21:23 - 2017-07-07 08:11 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-07-12 21:23 - 2017-07-07 08:11 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-12 21:23 - 2017-07-07 08:10 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-07-12 21:23 - 2017-07-07 08:10 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-12 21:23 - 2017-07-07 08:09 - 20504576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-07-12 21:23 - 2017-07-07 08:06 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-07-12 21:23 - 2017-07-07 08:06 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2017-07-12 21:23 - 2017-07-07 08:05 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-12 21:23 - 2017-07-07 08:05 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-12 21:23 - 2017-07-07 08:04 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2017-07-12 21:23 - 2017-07-07 08:02 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-07-12 21:23 - 2017-07-07 08:01 - 06287360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-07-12 21:23 - 2017-07-07 07:59 - 03656704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-12 21:23 - 2017-07-02 00:52 - 00031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-07-12 21:23 - 2017-06-20 08:17 - 00034720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-07-12 21:23 - 2017-06-20 08:16 - 00335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-07-12 21:23 - 2017-06-20 08:15 - 00233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-12 21:23 - 2017-06-20 08:11 - 01395152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-07-12 21:23 - 2017-06-20 08:11 - 00411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2017-07-12 21:23 - 2017-06-20 08:10 - 02327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-12 21:23 - 2017-06-20 08:10 - 01930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-07-12 21:23 - 2017-06-20 08:08 - 01242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-07-12 21:23 - 2017-06-20 08:05 - 01057832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-07-12 21:23 - 2017-06-20 08:04 - 04847424 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-12 21:23 - 2017-06-20 08:03 - 00102312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe
2017-07-12 21:23 - 2017-06-20 08:02 - 02645688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-07-12 21:23 - 2017-06-20 08:00 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-07-12 21:23 - 2017-06-20 08:00 - 00142752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-07-12 21:23 - 2017-06-20 07:59 - 06554928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-07-12 21:23 - 2017-06-20 07:59 - 01220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-07-12 21:23 - 2017-06-20 07:59 - 00467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-07-12 21:23 - 2017-06-20 07:58 - 00833160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-07-12 21:23 - 2017-06-20 07:57 - 00204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-07-12 21:23 - 2017-06-20 07:15 - 01620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-07-12 21:23 - 2017-06-20 07:14 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-07-12 21:23 - 2017-06-20 07:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-07-12 21:23 - 2017-06-20 07:11 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-07-12 21:23 - 2017-06-20 07:11 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-07-12 21:23 - 2017-06-20 07:10 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-07-12 21:23 - 2017-06-20 07:10 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2017-07-12 21:23 - 2017-06-20 07:10 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-12 21:23 - 2017-06-20 07:09 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2017-07-12 21:23 - 2017-06-20 07:09 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2017-07-12 21:23 - 2017-06-20 07:09 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-07-12 21:23 - 2017-06-20 07:09 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-07-12 21:23 - 2017-06-20 07:09 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-12 21:23 - 2017-06-20 07:08 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-07-12 21:23 - 2017-06-20 07:08 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-12 21:23 - 2017-06-20 07:08 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-12 21:23 - 2017-06-20 07:08 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-07-12 21:23 - 2017-06-20 07:07 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-07-12 21:23 - 2017-06-20 07:07 - 00823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2017-07-12 21:23 - 2017-06-20 07:07 - 00626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-07-12 21:23 - 2017-06-20 07:06 - 00847872 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-07-12 21:23 - 2017-06-20 07:06 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-12 21:23 - 2017-06-20 07:06 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-07-12 21:23 - 2017-06-20 07:06 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-12 21:23 - 2017-06-20 07:05 - 04447744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-07-12 21:23 - 2017-06-20 07:05 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-07-12 21:23 - 2017-06-20 07:05 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-07-12 21:23 - 2017-06-20 07:05 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-07-12 21:23 - 2017-06-20 07:05 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-07-12 21:23 - 2017-06-20 07:04 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-07-12 21:23 - 2017-06-20 07:04 - 01425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-12 21:23 - 2017-06-20 07:04 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-07-12 21:23 - 2017-06-20 07:04 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-07-12 21:23 - 2017-06-20 07:04 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-07-12 21:23 - 2017-06-20 07:03 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-12 21:23 - 2017-06-20 07:02 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-07-12 21:23 - 2017-06-20 07:01 - 04536320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-07-12 21:23 - 2017-06-20 07:01 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-07-12 21:23 - 2017-06-20 07:01 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-07-12 21:23 - 2017-06-20 07:01 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-12 21:23 - 2017-06-20 07:00 - 02171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-07-12 21:23 - 2017-06-20 06:59 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-07-12 21:23 - 2017-06-20 06:59 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-07-12 21:23 - 2017-06-20 06:54 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-07-12 21:23 - 2017-06-20 06:45 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-07-12 21:23 - 2017-06-20 06:43 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-12 21:23 - 2017-06-20 06:43 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-12 21:23 - 2017-06-20 06:42 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-12 21:23 - 2017-06-20 06:42 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-12 21:23 - 2017-06-20 06:38 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-12 21:23 - 2017-06-20 06:37 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-12 21:22 - 2017-07-07 09:27 - 01147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-07-12 21:22 - 2017-07-07 09:27 - 00965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-07-12 21:22 - 2017-07-07 09:27 - 00821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-07-12 21:22 - 2017-07-07 09:22 - 00119384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-07-12 21:22 - 2017-07-07 09:17 - 01017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-07-12 21:22 - 2017-07-07 09:15 - 02444696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-07-12 21:22 - 2017-07-07 09:14 - 01171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2017-07-12 21:22 - 2017-07-07 09:13 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-07-12 21:22 - 2017-07-07 09:13 - 00147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2017-07-12 21:22 - 2017-07-07 09:12 - 00228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-07-12 21:22 - 2017-07-07 09:11 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-07-12 21:22 - 2017-07-07 09:10 - 21353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-07-12 21:22 - 2017-07-07 09:10 - 01337848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-07-12 21:22 - 2017-07-07 09:10 - 00372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 02229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 01693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 01458584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 01100704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00992672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00848280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-07-12 21:22 - 2017-07-07 09:08 - 00844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00506776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-07-12 21:22 - 2017-07-07 08:27 - 03670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-07-12 21:22 - 2017-07-07 08:27 - 01640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-07-12 21:22 - 2017-07-07 08:27 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-07-12 21:22 - 2017-07-07 08:27 - 00577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2017-07-12 21:22 - 2017-07-07 08:27 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-07-12 21:22 - 2017-07-07 08:25 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-07-12 21:22 - 2017-07-07 08:24 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-07-12 21:22 - 2017-07-07 08:23 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-07-12 21:22 - 2017-07-07 08:23 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll
2017-07-12 21:22 - 2017-07-07 08:22 - 00520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-07-12 21:22 - 2017-07-07 08:21 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2017-07-12 21:22 - 2017-07-07 08:19 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-07-12 21:22 - 2017-07-07 08:19 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2017-07-12 21:22 - 2017-07-07 08:18 - 00563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-07-12 21:22 - 2017-07-07 08:17 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-07-12 21:22 - 2017-07-07 08:17 - 00536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-07-12 21:22 - 2017-07-07 08:17 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-07-12 21:22 - 2017-07-07 08:16 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-07-12 21:22 - 2017-07-07 08:14 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-07-12 21:22 - 2017-07-07 08:12 - 02055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-07-12 21:22 - 2017-07-07 08:12 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-07-12 21:22 - 2017-07-07 08:12 - 01420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-07-12 21:22 - 2017-07-07 08:12 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-07-12 21:22 - 2017-07-07 08:11 - 03139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-07-12 21:22 - 2017-07-07 08:11 - 02177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-07-12 21:22 - 2017-07-07 08:11 - 00986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-07-12 21:22 - 2017-07-07 08:11 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-07-12 21:22 - 2017-07-07 08:10 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-07-12 21:22 - 2017-07-07 08:07 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-07-12 21:22 - 2017-07-07 08:07 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2017-07-12 21:22 - 2017-07-07 08:05 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-12 21:22 - 2017-07-07 08:04 - 01703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-07-12 21:22 - 2017-07-07 08:04 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-12 21:22 - 2017-06-20 08:18 - 01564576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-12 21:22 - 2017-06-20 08:18 - 00096672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-12 21:22 - 2017-06-20 08:17 - 00629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-12 21:22 - 2017-06-20 08:17 - 00544160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-12 21:22 - 2017-06-20 08:17 - 00334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-12 21:22 - 2017-06-20 08:17 - 00136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-12 21:22 - 2017-06-20 08:16 - 01214880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-12 21:22 - 2017-06-20 08:04 - 00472728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-07-12 21:22 - 2017-06-20 08:03 - 00179608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-07-12 21:22 - 2017-06-20 08:02 - 00426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-07-12 21:22 - 2017-06-20 08:00 - 00558920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-07-12 21:22 - 2017-06-20 07:59 - 01054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-07-12 21:22 - 2017-06-20 07:59 - 00583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-07-12 21:22 - 2017-06-20 07:58 - 00406072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-07-12 21:22 - 2017-06-20 07:58 - 00203168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-07-12 21:22 - 2017-06-20 07:16 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2017-07-12 21:22 - 2017-06-20 07:16 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-07-12 21:22 - 2017-06-20 07:14 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-07-12 21:22 - 2017-06-20 07:13 - 00216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 21:22 - 2017-06-20 07:13 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2017-07-12 21:22 - 2017-06-20 07:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2017-07-12 21:22 - 2017-06-20 07:12 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-07-12 21:22 - 2017-06-20 07:12 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-07-12 21:22 - 2017-06-20 07:10 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-07-12 21:22 - 2017-06-20 07:10 - 00189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2017-07-12 21:22 - 2017-06-20 07:08 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2017-07-12 21:22 - 2017-06-20 07:08 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-07-12 21:22 - 2017-06-20 07:07 - 00916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-07-12 21:22 - 2017-06-20 07:07 - 00757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-07-12 21:22 - 2017-06-20 07:07 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-07-12 21:22 - 2017-06-20 07:07 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-07-12 21:22 - 2017-06-20 07:06 - 00455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-07-12 21:22 - 2017-06-20 07:06 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-07-12 21:22 - 2017-06-20 07:06 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-07-12 21:22 - 2017-06-20 07:06 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-07-12 21:22 - 2017-06-20 07:05 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2017-07-12 21:22 - 2017-06-20 07:05 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-07-12 21:22 - 2017-06-20 07:05 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2017-07-12 21:22 - 2017-06-20 07:05 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-07-12 21:22 - 2017-06-20 07:04 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-07-12 21:22 - 2017-06-20 07:03 - 01396224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-07-12 21:22 - 2017-06-20 07:02 - 03204096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-07-12 21:22 - 2017-06-20 07:02 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-07-12 21:22 - 2017-06-20 07:02 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-07-12 21:22 - 2017-06-20 07:02 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2017-07-12 21:22 - 2017-06-20 07:01 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-07-12 21:22 - 2017-06-20 07:01 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-07-12 21:22 - 2017-06-20 07:01 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-07-12 21:22 - 2017-06-20 07:01 - 00397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-07-12 21:22 - 2017-06-20 07:00 - 03057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-07-12 21:22 - 2017-06-20 06:59 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-07-12 21:22 - 2017-06-20 06:58 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-07-12 21:22 - 2017-06-20 06:57 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2017-07-12 21:22 - 2017-06-20 06:57 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2017-07-12 21:22 - 2017-06-20 06:56 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-07-12 21:22 - 2017-06-20 06:56 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-23 23:26 - 2017-06-09 13:43 - 00004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F553633F-DBB4-4283-9600-16674BE14575}
2017-07-23 23:22 - 2017-06-09 13:38 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-23 18:53 - 2017-03-17 22:22 - 00000000 ____D C:\Users\pino\AppData\LocalLow\Mozilla
2017-07-23 17:09 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-23 17:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-23 17:08 - 2017-06-09 13:45 - 02282236 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-23 17:08 - 2017-03-20 06:41 - 01038544 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-23 17:08 - 2017-03-20 06:41 - 00227958 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-23 00:32 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-07-22 22:40 - 2017-03-20 19:22 - 00000000 ____D C:\Users\pino\AppData\Local\CrashDumps
2017-07-19 15:11 - 2017-03-18 00:36 - 00000000 ____D C:\Users\pino\AppData\Roaming\FileZilla
2017-07-17 20:41 - 2017-05-10 13:29 - 00000000 ____D C:\ProgramData\firebird
2017-07-17 17:25 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-07-16 12:47 - 2017-03-22 00:19 - 00000000 ___RD C:\Dropbox
2017-07-14 17:10 - 2017-03-19 14:47 - 00000000 ____D C:\Users\pino\.gimp-2.8
2017-07-14 10:47 - 2017-03-22 00:14 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-07-14 10:44 - 2017-03-17 21:59 - 00000000 __SHD C:\Users\pino\IntelGraphicsProfiles
2017-07-14 10:44 - 2017-03-17 21:59 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-13 17:38 - 2017-06-09 13:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-13 17:38 - 2017-06-09 13:38 - 00384840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-13 17:38 - 2017-06-09 13:38 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-07-13 17:38 - 2017-04-20 23:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-13 17:38 - 2017-04-20 23:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-13 17:38 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\migwiz
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-07-12 21:27 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-07-12 21:26 - 2017-03-18 00:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-07-12 21:25 - 2017-03-18 00:43 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-10 18:21 - 2017-03-30 12:45 - 00000000 ____D C:\Users\pino\AppData\Roaming\TeamViewer
2017-07-07 09:42 - 2017-03-20 18:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-07-06 19:20 - 2017-03-17 21:59 - 00000000 ____D C:\Users\pino\AppData\Local\Packages
2017-07-05 14:04 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-05 14:03 - 2017-06-09 13:39 - 00000000 ____D C:\Users\pino
2017-06-30 16:47 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-30 16:47 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-28 21:13 - 2017-06-09 13:38 - 00000000 ____D C:\Program Files\DellTPad
2017-06-27 20:40 - 2017-03-17 23:04 - 00002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-23 23:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-06-15 23:04 - 2017-06-15 23:04 - 0011879 _____ () C:\Users\pino\AppData\Local\recently-used.xbel
2017-03-21 18:34 - 2017-03-21 18:34 - 0000094 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-14 16:43

==================== Ende von FRST.txt ============================

pinodisole · 23.07.2017, 23:12

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-07-2017
durchgeführt von pino (23-07-2017 23:45:29)
Gestartet von C:\Users\pino\Desktop
Windows 10 Pro Version 1703 (X64) (2017-06-09 11:46:15)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-697847764-2959338102-2115453073-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-697847764-2959338102-2115453073-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-697847764-2959338102-2115453073-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-697847764-2959338102-2115453073-501 - Limited - Disabled)
pino (S-1-5-21-697847764-2959338102-2115453073-1001 - Administrator - Enabled) => C:\Users\pino

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Avaya IP Integration (HKLM-x32\...\{41E392C5-8253-4ABE-AC55-6A23FB89ED1C}) (Version: 1.0.9987.0 - GN Netcom A/S) Hidden
Avaya one-X Integration (HKLM-x32\...\{0F8D3DE8-29BF-4731-AE55-14C38B19C6C1}) (Version: 3.0.12961.0 - GN Netcom A/S) Hidden
Avaya one-X V3 Integration (HKLM-x32\...\{2EC5D63C-BDD1-44A2-BC7E-290C75EF4757}) (Version: 1.0.472.0 - GN Audio A/S) Hidden
Basic Support (HKLM-x32\...\{1231D39C-47F0-470E-8E6A-155FE61AD0BD}) (Version: 2.0.294.0 - GN Audio A/S) Hidden
BIZ 2300 Family (HKLM-x32\...\{01F8214A-56CA-4E7A-B03C-02426C4E89C5}) (Version: 3.0.14012.0 - GN Netcom A/S) Hidden
BIZ 2400 II (HKLM-x32\...\{088961FA-7493-4E35-A8C0-3D3E933ED0A3}) (Version: 2.0.10316.0 - GN Netcom A/S) Hidden
BIZ1500Setup (HKLM-x32\...\{97540499-E348-4071-B840-697EEB083C3C}) (Version: 1.0.13138.0 - GN Netcom A/S) Hidden
BIZ2400_II_CCSetup (HKLM-x32\...\{31E2438C-6C70-4EE0-B745-BBF2F5773883}) (Version: 2.0.10315.0 - GN Netcom A/S) Hidden
BIZ2400_LINK280 (HKLM-x32\...\{5FD62AB7-8CB2-43BD-A269-9BD4532BEE7D}) (Version: 1.0.9672.0 - GN Netcom A/S) Hidden
Broadsoft Integration (HKLM-x32\...\{792B93D1-6ED1-4410-838E-D2BAA7D5B944}) (Version: 2.0.13949.0 - GN Netcom A/S) Hidden
CallManager (HKLM-x32\...\{1EABEEE7-9F25-4633-A576-C7BC492AE372}) (Version: 2.0.10294.0 - GN) Hidden
Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version:  - )
Cisco IP Communicator Integration (HKLM-x32\...\{0F16E401-66F0-4E51-9881-9294534DE83E}) (Version: 3.0.10584.0 - GN Netcom A/S) Hidden
Cisco Jabber Integration (HKLM-x32\...\{A7A3B557-D9DB-4D47-A228-7A8DA24ADC49}) (Version: 3.0.10654.0 - GN Netcom A/S) Hidden
Cisco UC Integration (HKLM-x32\...\{AFF39F11-859B-4E94-8C44-DFBAB6B95BC4}) (Version: 1.0.9992.0 - GN Netcom A/S) Hidden
Cisco WebEx Connect Integration (HKLM-x32\...\{BDAAFFC6-7D89-4BB1-8879-92B80E488E35}) (Version: 1.0.9993.0 - GN Netcom A/S) Hidden
Cisco WebEx Meetings (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Receiver 4.6 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.6.0.12010 - Citrix Systems, Inc.)
CounterPath Bria Integration (HKLM-x32\...\{130A2A6F-45FB-425C-85A4-9C051A4B1064}) (Version: 3.0.287.0 - GN Audio A/S) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.2207.101.108 - ALPS ELECTRIC CO., LTD.)
DFUDriverSetupX64Setup (HKLM-x32\...\{6A0A9DA3-2173-4CFD-AAF5-05B0BA51C31F}) (Version: 6.2.653.0 - GN Netcom A/S) Hidden
DIAL 550 (HKLM-x32\...\{835C23C0-9F95-442C-BBF5-FD38F5BC4023}) (Version: 1.0.9655.0 - GN Netcom A/S) Hidden
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version:  - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 30.4.22 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
EVOLVE20_LINKSetup (HKLM-x32\...\{ADA8AA1D-6A7F-47FA-A9B4-4DF9F05B5EB5}) (Version: 3.0.414.0 - GN Netcom A/S) Hidden
EVOLVE30_IISetup (HKLM-x32\...\{D6C99D0E-69FD-4693-A53F-5022450A5BC8}) (Version: 4.0.506.0 - GN Audio A/S) Hidden
EVOLVE65Setup (HKLM-x32\...\{D467049A-6418-4D36-BA0B-10382B396353}) (Version: 4.0.616.0 - GN Audio A/S) Hidden
EVOLVE75Setup (HKLM-x32\...\{76DEEC1D-D9D9-4650-AC09-49881A34ED0E}) (Version: 1.0.686.0 - GN Audio A/S) Hidden
FileZilla Client 3.26.2 (HKLM-x32\...\FileZilla Client) (Version: 3.26.2 - Tim Kosse)
FirmwareUpdater (HKLM-x32\...\{86D87E09-E6CB-449C-B688-8C87A023AB0D}) (Version: 6.2.653.0 - GN Audio A/S) Hidden
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
GN2000 Family (HKLM-x32\...\{30CCF236-C34A-4282-B0BF-0974EC415F49}) (Version: 1.0.9657.0 - GN Netcom A/S) Hidden
GO 6470 (HKLM-x32\...\{5B4B9788-ADE8-41D8-98A2-88A057F8A0AA}) (Version: 1.0.9674.0 - GN Netcom A/S) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HANDSET450Setup (HKLM-x32\...\{705D86E1-BDEA-41FE-BE33-F1DC93F320BB}) (Version: 2.0.11048.0 - GN Netcom A/S) Hidden
IBM Sametime Integration (HKLM-x32\...\{20BB76A6-7AF6-48B9-9B75-6408EA5E2C6B}) (Version: 4.0.11289.0 - GN Netcom A/S) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.19.16.55 - Huawei Technologies Co.,Ltd)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
Jabra Direct (HKLM-x32\...\{508c3a72-c776-4128-aaa5-06cd908081a1}) (Version: 3.8.689.0 - GN Audio A/S)
JabraDirect (HKLM-x32\...\{CC2A885E-4581-4256-93D8-D9577F687E2D}) (Version: 3.8.689.0 - GN Audio A/S) Hidden
JpcsSdkDeviceService (HKLM-x32\...\{30081FB6-1DD3-4084-83E5-14B20242A702}) (Version: 1.0.9811.0 - GN Netcom A/S) Hidden
Kodi (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\Kodi) (Version:  - XBMC-Foundation)
LINK 265 (HKLM-x32\...\{F42C3E86-AF7F-4047-8633-0CC870EEF43B}) (Version: 1.0.9879.0 - GN Netcom A/S) Hidden
LINK 30/32/33/41 Setup (HKLM-x32\...\{E2E1BC7A-A89A-4623-803C-CEF4104D5934}) (Version: 1.0.9732.0 - GN Netcom A/S) Hidden
LINK 360 (HKLM-x32\...\{F0D8BA38-E373-406D-BE91-4EE113DE0C64}) (Version: 3.0.665.0 - GN Netcom A/S) Hidden
LINK180aSetup (HKLM-x32\...\{CD79C32D-AEEB-46B1-A370-F99BEA8F460D}) (Version: 1.0.9660.0 - GN Netcom A/S) Hidden
LINK220_220ASetup (HKLM-x32\...\{F3B31FED-91AE-4C15-84BB-9F0FF2BB2BA7}) (Version: 1.0.9675.0 - GN Netcom A/S) Hidden
LINK230_260Setup (HKLM-x32\...\{1AB5D1BA-BC8E-46D2-9F2F-249180213C45}) (Version: 2.0.12955.0 - GN Netcom A/S) Hidden
LINK350Setup (HKLM-x32\...\{66AAB7C3-A2FC-488B-B182-F2EDEED4A72C}) (Version: 1.0.9676.0 - GN Netcom A/S) Hidden
LINK370Setup (HKLM-x32\...\{DE075A6E-35F9-4BB5-9697-4F7979105CF6}) (Version: 2.0.664.0 - GN Audio A/S) Hidden
LINK43Setup (HKLM-x32\...\{EDD1B59B-E5B3-47D5-9F00-9BAEB4F94BDF}) (Version: 1.0.10197.0 - GN Netcom A/S) Hidden
LINK850Setup (HKLM-x32\...\{2CE15BC9-DC51-446E-8929-1E09383D6C6B}) (Version: 2.0.10289.0 - GN Netcom A/S) Hidden
LINK860Setup (HKLM-x32\...\{B09FF355-BE7F-4B61-BF1B-CC46385F414E}) (Version: 1.0.10185.0 - GN Netcom A/S) Hidden
Lync Integration (HKLM-x32\...\{B13B6CFE-69AF-4CF7-8ADD-467B9F29FEB0}) (Version: 5.0.674.0 - GN Audio A/S) Hidden
Maintenance (HKLM-x32\...\{9A1E1C6B-A8D5-42BD-B71B-9728DADB0F20}) (Version: 10.0.0.0 - GN Audio A/S) Hidden
Mein Verein (HKLM-x32\...\{9ACE3A18-EE13-4012-989C-2BCDC95BA6B9}_is1) (Version: 16.0 - Buhl Data Service GmbH)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.8229.2073 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Motion (HKLM-x32\...\{06EA3781-ECDF-45AF-8E75-E623FC171931}) (Version: 2.0.541.0 - GN Netcom A/S) Hidden
MOTIONOFFICE (HKLM-x32\...\{A2CA3AD4-6C07-49C3-9E09-F4EEE6B9BA32}) (Version: 1.0.9677.0 - GN Netcom A/S) Hidden
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
NEC SP 350 Integration (HKLM-x32\...\{A37BF086-D78E-4D1C-BD58-19A725416DB4}) (Version: 2.0.14365.0 - GN Netcom A/S) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2073 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
Online Plug-in (HKLM-x32\...\{9E362141-4BE9-47C3-BD36-638B77AC87AA}) (Version: 14.6.0.12010 - Citrix Systems, Inc.) Hidden
PRO 920 and 930 (HKLM-x32\...\{C145E0B4-7BF7-415F-B100-F32FF9EA169A}) (Version: 1.0.9734.0 - GN Netcom A/S) Hidden
PRO 94X0 Family (HKLM-x32\...\{B3A5BE45-76E7-40ED-8E58-ACF75504DC12}) (Version: 6.0.652.0 - GN Netcom A/S) Hidden
PRO925_935Setup (HKLM-x32\...\{6786309D-B042-4142-A98E-AA05E1071B79}) (Version: 1.0.9678.0 - GN Netcom A/S) Hidden
Pulse Secure Citrix Services Client (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\Pulse_Citrix_Services) (Version: 8.2.6.51693 - Pulse Secure, LLC)
Pulse Secure Host Checker (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\PulseSecure_Host_Checker) (Version: 8.2.6.51693 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\Pulse_Setup_Client) (Version: 8.2.6.977 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Pulse_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6070 - Realtek Semiconductor Corp.)
SDK Integration (HKLM-x32\...\{89095944-96E6-4520-88D6-BE2B224AFE83}) (Version: 1.0.8564.0 - GN Netcom A/S) Hidden
Self-Service Plug-in (HKLM-x32\...\{27B93352-3746-4329-9D16-CE20A1E400C5}) (Version: 4.6.0.14932 - Citrix Systems, Inc.) Hidden
Shoretel Integration (HKLM-x32\...\{36607082-9C1E-4B0D-8F30-F649BE07AF6E}) (Version: 1.0.10047.0 - GN Netcom A/S) Hidden
Sierra Wireless Dell Mobile Broadband INF Package (HKLM-x32\...\SWIDellDrvInstaller) (Version: 16.1.2.7 - Sierra Wireless)
Skype Integration (HKLM-x32\...\{6CF48C72-2923-4F4D-92A6-5A9E8E51E24B}) (Version: 4.0.673.0 - GN Audio A/S) Hidden
SPEAK 510 Family (HKLM-x32\...\{2FDB93C9-93BD-4115-A963-6186300FFF0A}) (Version: 2.0.571.0 - GN Netcom A/S) Hidden
SPEAK410Setup (HKLM-x32\...\{CC733B58-53DB-4613-AD49-1FFB62EC8989}) (Version: 1.0.9636.0 - GN Netcom A/S) Hidden
SPEAK450Setup (HKLM-x32\...\{21B3A5C8-C3E3-477F-9837-E43359C3546F}) (Version: 1.0.9637.0 - GN Netcom A/S) Hidden
SPEAK710Setup (HKLM-x32\...\{3E251A96-88F9-4364-844F-BA5FE399BBCA}) (Version: 1.0.599.0 - GN Audio A/S) Hidden
SPEAK810Setup (HKLM-x32\...\{89097763-7342-41F2-B4E7-76B846AC6BC6}) (Version: 3.0.617.0 - GN Audio A/S) Hidden
STEALTH Setup (HKLM-x32\...\{F07CB43D-352B-4B65-84E3-053C1778C8FB}) (Version: 3.0.538.0 - GN Audio A/S) Hidden
Steuer-Ratgeber 2016-2017 (HKLM-x32\...\{D63B636A-D43E-4BE3-8874-637402130365}) (Version: 17.03.3 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2017  (HKLM-x32\...\{45815686-22F8-4D24-872D-E481A654B230}) (Version: 22.31.75 - Wolters Kluwer Deutschland GmbH)
Supreme (HKLM-x32\...\{51FFEA54-1FB6-4D8D-97D9-5B15C2938DA2}) (Version: 2.0.545.0 - GN Audio A/S) Hidden
UC VOICE A Family (HKLM-x32\...\{4D63AB94-C5BA-48FB-9A3A-C7BC43522CC7}) (Version: 1.0.9669.0 - GN Netcom A/S) Hidden
UC Voice Family (HKLM-x32\...\{87FC5C34-2573-4BFC-AF28-605037BE7B85}) (Version: 1.0.9670.0 - GN Netcom A/S) Hidden
Video Download Capture V6.2.5 (HKLM-x32\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.2.5 - APOWERSOFT LIMITED)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers01: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-03-08] ()
ContextMenuHandlers01: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Keine Datei
ContextMenuHandlers04: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers05: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-10-25] (Intel Corporation)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {011A63D0-337D-4FA8-8782-7DECA722277D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-02] ()
Task: {1B37C35B-5AA2-4E1C-AAA1-B34D5F4DE709} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-07-02] (Microsoft Corporation)
Task: {308CB599-DBB8-4D0D-8C29-A332196082C3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-23] (Microsoft Corporation)
Task: {509CA7DD-7D1E-4F2C-962E-6629E22EE893} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-07-02] (Microsoft Corporation)
Task: {61CF55A5-1765-42FA-B30F-A34CE30E6792} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-05-27] (Realtek Semiconductor)
Task: {67A065B8-483C-4C2E-AC34-65ED736495BA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-22] (Dropbox, Inc.)
Task: {9F3EC1FD-2233-4398-AE67-887D8051CF31} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-06-23] (Microsoft Corporation)
Task: {B085C343-7642-426F-B4E3-13C697078F4C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-02] ()
Task: {C047AC5F-53D2-44A3-9A8C-10B7D252F3C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-17] (Google Inc.)
Task: {D676FDE4-3B0E-4198-BE1A-BAA5898BAFD6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-17] (Google Inc.)
Task: {DEE2FAC8-B611-4742-8598-8A72544A5F5D} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-22] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\pino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Cisco WebEx.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=fceempjejlfaadkgdacpfhheknndlcjl

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-01-15 05:42 - 2014-01-15 05:42 - 00351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2017-03-20 13:11 - 2015-07-06 13:18 - 00682072 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2017-06-12 19:48 - 2017-06-12 19:48 - 00052392 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-08 04:42 - 2017-03-08 04:42 - 00230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2016-10-25 02:08 - 2016-10-25 02:08 - 00401912 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-03-22 00:15 - 2017-07-12 22:01 - 00025408 _____ () C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
2017-07-18 13:04 - 2017-07-18 13:04 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-18 13:04 - 2017-07-18 13:04 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-18 13:04 - 2017-07-18 13:04 - 43573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-18 13:04 - 2017-07-18 13:04 - 02435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2017-07-21 14:01 - 2017-07-21 14:02 - 24054272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.0_x64__8wekyb3d8bbwe\Video.UI.exe
2017-07-21 14:01 - 2017-07-21 14:02 - 09161728 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-06-13 08:21 - 2017-06-13 08:22 - 03500456 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-07-21 14:01 - 2017-07-21 14:02 - 10910208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.0_x64__8wekyb3d8bbwe\EntPlat.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-06-27 20:40 - 2017-06-23 05:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-06-27 20:40 - 2017-06-23 05:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll
2017-07-12 21:18 - 2017-07-12 21:18 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-07-12 21:18 - 2017-07-12 21:18 - 27590144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-07-12 21:18 - 2017-07-12 21:18 - 00428032 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-07-12 21:18 - 2017-07-12 21:18 - 20649984 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-07-12 21:18 - 2017-07-12 21:18 - 02305536 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-07-12 21:18 - 2017-07-12 21:18 - 02856448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-06-06 18:24 - 2017-06-06 18:25 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-06 18:24 - 2017-06-06 18:25 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-03-17 23:37 - 2017-03-17 23:37 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-07-12 21:18 - 2017-07-12 21:18 - 01127936 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-09 08:14 - 2017-05-09 08:14 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2017-03-20 13:11 - 2013-08-16 08:53 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2017-03-20 13:11 - 2014-02-15 09:33 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2017-03-20 13:11 - 2014-02-15 09:31 - 02416640 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2017-03-20 13:11 - 2013-08-16 08:53 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2016-06-21 10:21 - 2016-06-21 10:21 - 01500672 _____ () C:\PROGRAM FILES (X86)\JABRA\DIRECT\BROADSOFTINTEGRATION\CommunicatorApiV2.dll
2017-07-14 10:47 - 2017-07-12 21:58 - 00746816 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-07-14 10:47 - 2017-07-12 21:58 - 01787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-04-16 14:33 - 2017-07-12 21:58 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-04-16 14:33 - 2017-07-12 21:58 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-04-16 14:33 - 2017-07-12 21:58 - 00125904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 01862992 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00020432 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-03-22 00:15 - 2017-07-12 21:58 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-07-14 10:47 - 2017-07-12 21:58 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-05-17 19:53 - 2017-07-12 22:01 - 00082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-07-14 10:47 - 2017-07-12 21:59 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-07-14 10:47 - 2017-07-12 21:59 - 00181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-03-22 00:15 - 2017-07-12 22:01 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-07-14 10:47 - 2017-07-12 21:59 - 01637688 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-03-22 00:15 - 2017-07-12 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.pyd
2017-04-07 20:38 - 2017-07-12 22:01 - 00023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-04-27 08:58 - 2017-07-12 21:58 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 13:47 - 2016-07-16 13:45 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-697847764-2959338102-2115453073-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{EAD01BA2-A39A-4240-9062-A90FB6AFA13A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [UDP Query User{32629BF6-4303-4CB2-B1AF-D9329646DEBB}C:\users\pino\downloads\anydesk.exe] => (Allow) C:\users\pino\downloads\anydesk.exe
FirewallRules: [TCP Query User{080C05B9-4DE5-42B7-9807-E122EF46E40F}C:\users\pino\downloads\anydesk.exe] => (Allow) C:\users\pino\downloads\anydesk.exe
FirewallRules: [{C1A72C66-5F5F-4417-8BB6-D39D8CA309C7}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe
FirewallRules: [{FE21340C-EED1-446D-8DD6-6F9F2FC2CBBB}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe
FirewallRules: [{D203AF8D-344F-422E-A596-D372BDBBEF8C}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe
FirewallRules: [{E16006B5-5786-4A80-A7EA-E18BA5671F7A}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe
FirewallRules: [{1F0904A6-A5E2-4E5D-A8ED-03B70F9CDB38}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{21CE1221-C968-4D51-AAC5-A55A0E9D7DFB}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{DDE1EF13-1C43-4585-A376-455595A9A649}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Unlimited\Apowersoft Unlimited.exe
FirewallRules: [{A38992C3-0BDB-4328-8E59-4C43A7C67A58}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Unlimited\Apowersoft Unlimited.exe
FirewallRules: [{3A1AFFB6-C46E-4939-9551-FEA1DE5FA1AF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{30BBAB3A-4B13-4924-8FF5-9CC0F2F838CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{5BBCCF8E-3E75-4D4E-A6D0-9FAF6AAAEE61}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{BAD3FD50-DE31-443A-BF1E-FE87142465C3}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{D5E1C8B3-4BCF-4B5C-847F-27D5F56C604D}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe
FirewallRules: [TCP Query User{0864A867-1912-4CE3-9E97-426EB38CE5B6}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe
FirewallRules: [{D5EFDD91-E9AF-475B-ADC1-C89AE6191212}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{EBA470EC-C109-444B-8381-9B175A81C505}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{4B0F8C3C-3D7C-42B1-AD92-CB8A944F8513}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B363EA4E-D2BC-48E9-835D-72630F2C1F3B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [UDP Query User{59B14F13-6A5F-4F9D-9E87-9586C78C5D43}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe
FirewallRules: [TCP Query User{14D97455-470C-45C6-826D-C825C371E049}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe
FirewallRules: [TCP Query User{A29C4871-9C9E-4830-87A7-9B9070DE2230}C:\users\pino\downloads\anydesk (2).exe] => (Allow) C:\users\pino\downloads\anydesk (2).exe
FirewallRules: [UDP Query User{580E3069-9401-4AA8-83C9-1D3DF8657596}C:\users\pino\downloads\anydesk (2).exe] => (Allow) C:\users\pino\downloads\anydesk (2).exe
FirewallRules: [{2A7D7719-0505-48AC-BDAE-5E9C7BE3EC9B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5A99D781-E857-4538-A95A-D4ACFBC05C89}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [TCP Query User{293EE330-7E12-415D-83F3-4B794A502CA8}C:\users\pino\downloads\anydesk (1).exe] => (Block) C:\users\pino\downloads\anydesk (1).exe
FirewallRules: [UDP Query User{DC541665-25E9-44DF-8898-E90D4AC921FF}C:\users\pino\downloads\anydesk (1).exe] => (Block) C:\users\pino\downloads\anydesk (1).exe
FirewallRules: [{1209BB15-ED96-4EE1-88BF-8D69D024EFA8}] => (Allow) C:\Users\pino\Desktop\FRST64.exe
FirewallRules: [{903FBE08-310C-4EF2-9AD2-FE37015E2736}] => (Allow) C:\Users\pino\Desktop\FRST64.exe

==================== Wiederherstellungspunkte =========================

08-07-2017 12:44:36 Geplanter Prüfpunkt
12-07-2017 21:25:10 Windows Update
22-07-2017 21:10:27 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Broadcom USH
Description: Broadcom USH
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Integrated Webcam
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Broadcom USH w/swipe sensor
Description: Broadcom USH w/swipe sensor
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Alessia
Description: Bluetooth-Gerät
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Microsoft
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/23/2017 11:23:21 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/23/2017 05:06:54 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/22/2017 10:40:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SearchUI.exe, Version: 10.0.15063.332, Zeitstempel: 0x591fdafc
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.15063.483, Zeitstempel: 0xb0271b92
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000005dac1d
ID des fehlerhaften Prozesses: 0x2d38
Startzeit der fehlerhaften Anwendung: 0x01d2fe61de5697fc
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: 375683f9-abfa-425f-9485-d1edf2da74df
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CortanaUI

Error: (07/22/2017 08:26:47 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/22/2017 06:04:24 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (07/22/2017 06:01:19 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/21/2017 01:58:31 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/20/2017 01:54:07 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/20/2017 12:08:22 AM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/19/2017 10:12:47 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!


Systemfehler:
=============
Error: (07/23/2017 11:23:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/23/2017 11:22:39 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Dell Wireless 5570 HSPA+ (42Mbps) Mobile Broadband Card, {6F47B31A-FD0F-4570-8865-BC1D18329E2D}" ist das Ereignis "71" aufgetreten.

Error: (07/23/2017 05:06:44 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/23/2017 05:06:37 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Dell Wireless 5570 HSPA+ (42Mbps) Mobile Broadband Card, {6F47B31A-FD0F-4570-8865-BC1D18329E2D}" ist das Ereignis "71" aufgetreten.

Error: (07/22/2017 08:26:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/22/2017 08:26:32 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Dell Wireless 5570 HSPA+ (42Mbps) Mobile Broadband Card, {6F47B31A-FD0F-4570-8865-BC1D18329E2D}" ist das Ereignis "71" aufgetreten.

Error: (07/22/2017 06:02:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/21/2017 05:13:59 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Für den Miniport "Dell Wireless 5570 HSPA+ (42Mbps) Mobile Broadband Card, {6F47B31A-FD0F-4570-8865-BC1D18329E2D}" ist das Ereignis "71" aufgetreten.

Error: (07/21/2017 01:58:31 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/20/2017 05:46:13 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT-AUTORITÄT)
Description: Für den Miniport "Dell Wireless 5570 HSPA+ (42Mbps) Mobile Broadband Card, {6F47B31A-FD0F-4570-8865-BC1D18329E2D}" ist das Ereignis "71" aufgetreten.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4300U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8097.43 MB
Verfügbarer physikalischer RAM: 5074.57 MB
Summe virtueller Speicher: 9377.43 MB
Verfügbarer virtueller Speicher: 5709.6 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:237.51 GB) (Free:70.52 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 6DEEFFB3)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=484 MB) - (Type=27)

==================== Ende von Addition.txt ============================

Code:

ATTFilter

00:01:01.0365 0x3270  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
00:01:06.0646 0x3270  ============================================================
00:01:06.0646 0x3270  Current date / time: 2017/07/24 00:01:06.0646
00:01:06.0646 0x3270  SystemInfo:
00:01:06.0646 0x3270  
00:01:06.0646 0x3270  OS Version: 10.0.15063 ServicePack: 0.0
00:01:06.0646 0x3270  Product type: Workstation
00:01:06.0646 0x3270  ComputerName: DELL
00:01:06.0646 0x3270  UserName: pino
00:01:06.0646 0x3270  Windows directory: C:\WINDOWS
00:01:06.0646 0x3270  System windows directory: C:\WINDOWS
00:01:06.0646 0x3270  Running under WOW64
00:01:06.0646 0x3270  Processor architecture: Intel x64
00:01:06.0646 0x3270  Number of processors: 4
00:01:06.0646 0x3270  Page size: 0x1000
00:01:06.0646 0x3270  Boot type: Normal boot
00:01:06.0646 0x3270  CodeIntegrityOptions = 0x00000001
00:01:06.0646 0x3270  ============================================================
00:01:06.0724 0x3270  KLMD registered as C:\WINDOWS\system32\drivers\41640349.sys
00:01:06.0724 0x3270  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
00:01:07.0381 0x3270  System UUID: {17C6CF4F-532A-2AE9-B7A7-FC059E91CF09}
00:01:07.0943 0x3270  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:01:07.0943 0x3270  ============================================================
00:01:07.0943 0x3270  \Device\Harddisk0\DR0:
00:01:07.0943 0x3270  MBR partitions:
00:01:07.0943 0x3270  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
00:01:07.0943 0x3270  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x1DB05240
00:01:07.0943 0x3270  ============================================================
00:01:07.0943 0x3270  Initialize success
00:01:07.0943 0x3270  ============================================================
00:02:30.0294 0x1e94  ============================================================
00:02:30.0294 0x1e94  Scan started
00:02:30.0294 0x1e94  Mode: Manual; SigCheck; TDLFS; 
00:02:30.0294 0x1e94  ============================================================
00:02:30.0294 0x1e94  KSN ping started
00:02:30.0403 0x1e94  KSN ping finished: true
00:02:30.0606 0x1e94  ================ Scan system memory ========================
00:02:30.0606 0x1e94  System memory - ok
00:02:30.0606 0x1e94  ================ Scan services =============================
00:02:30.0637 0x1e94  1394ohci - ok
00:02:30.0653 0x1e94  3ware - ok
00:02:30.0653 0x1e94  ACPI - ok
00:02:30.0669 0x1e94  AcpiDev - ok
00:02:30.0669 0x1e94  acpiex - ok
00:02:30.0684 0x1e94  acpipagr - ok
00:02:30.0684 0x1e94  AcpiPmi - ok
00:02:30.0684 0x1e94  acpitime - ok
00:02:30.0700 0x1e94  ADP80XX - ok
00:02:30.0700 0x1e94  AFD - ok
00:02:30.0700 0x1e94  ahcache - ok
00:02:30.0700 0x1e94  AJRouter - ok
00:02:30.0715 0x1e94  ALG - ok
00:02:30.0715 0x1e94  AmdK8 - ok
00:02:30.0715 0x1e94  AmdPPM - ok
00:02:30.0715 0x1e94  amdsata - ok
00:02:30.0731 0x1e94  amdsbs - ok
00:02:30.0731 0x1e94  amdxata - ok
00:02:30.0731 0x1e94  ApfiltrService - ok
00:02:30.0731 0x1e94  ApHidMonitorService - ok
00:02:30.0731 0x1e94  AppID - ok
00:02:30.0747 0x1e94  AppIDSvc - ok
00:02:30.0747 0x1e94  Appinfo - ok
00:02:30.0747 0x1e94  applockerfltr - ok
00:02:30.0747 0x1e94  AppMgmt - ok
00:02:30.0762 0x1e94  AppReadiness - ok
00:02:30.0762 0x1e94  AppVClient - ok
00:02:30.0762 0x1e94  AppvStrm - ok
00:02:30.0762 0x1e94  AppvVemgr - ok
00:02:30.0778 0x1e94  AppvVfs - ok
00:02:30.0778 0x1e94  AppXSvc - ok
00:02:30.0778 0x1e94  arcsas - ok
00:02:30.0778 0x1e94  AsyncMac - ok
00:02:30.0794 0x1e94  atapi - ok
00:02:30.0794 0x1e94  AudioEndpointBuilder - ok
00:02:30.0794 0x1e94  Audiosrv - ok
00:02:30.0794 0x1e94  AxInstSV - ok
00:02:30.0794 0x1e94  b06bdrv - ok
00:02:30.0809 0x1e94  BasicDisplay - ok
00:02:30.0809 0x1e94  BasicRender - ok
00:02:30.0809 0x1e94  bcmfn2 - ok
00:02:30.0809 0x1e94  BDESVC - ok
00:02:30.0825 0x1e94  Beep - ok
00:02:30.0825 0x1e94  BFE - ok
00:02:30.0825 0x1e94  BITS - ok
00:02:30.0825 0x1e94  blackberryncm - ok
00:02:30.0840 0x1e94  bowser - ok
00:02:30.0840 0x1e94  BrokerInfrastructure - ok
00:02:30.0840 0x1e94  Browser - ok
00:02:30.0840 0x1e94  BthAvrcpTg - ok
00:02:30.0840 0x1e94  BthEnum - ok
00:02:30.0856 0x1e94  BthHFEnum - ok
00:02:30.0856 0x1e94  bthhfhid - ok
00:02:30.0856 0x1e94  BthHFSrv - ok
00:02:30.0856 0x1e94  BthLEEnum - ok
00:02:30.0856 0x1e94  BTHMODEM - ok
00:02:30.0872 0x1e94  BthPan - ok
00:02:30.0872 0x1e94  BTHPORT - ok
00:02:30.0872 0x1e94  bthserv - ok
00:02:30.0872 0x1e94  BTHUSB - ok
00:02:30.0872 0x1e94  buttonconverter - ok
00:02:30.0887 0x1e94  CAD - ok
00:02:30.0887 0x1e94  CapImg - ok
00:02:30.0887 0x1e94  cdfs - ok
00:02:30.0887 0x1e94  CDPSvc - ok
00:02:30.0887 0x1e94  CDPUserSvc - ok
00:02:30.0903 0x1e94  cdrom - ok
00:02:30.0903 0x1e94  CertPropSvc - ok
00:02:30.0903 0x1e94  cht4iscsi - ok
00:02:30.0919 0x1e94  cht4vbd - ok
00:02:30.0919 0x1e94  circlass - ok
00:02:30.0919 0x1e94  CldFlt - ok
00:02:30.0919 0x1e94  CLFS - ok
00:02:30.0919 0x1e94  ClickToRunSvc - ok
00:02:30.0934 0x1e94  ClipSVC - ok
00:02:30.0934 0x1e94  clreg - ok
00:02:30.0934 0x1e94  CmBatt - ok
00:02:30.0934 0x1e94  CNG - ok
00:02:30.0950 0x1e94  cnghwassist - ok
00:02:30.0950 0x1e94  CompositeBus - ok
00:02:30.0950 0x1e94  COMSysApp - ok
00:02:30.0950 0x1e94  condrv - ok
00:02:30.0950 0x1e94  CoreMessagingRegistrar - ok
00:02:30.0965 0x1e94  cphs - ok
00:02:30.0965 0x1e94  CryptSvc - ok
00:02:30.0965 0x1e94  CSC - ok
00:02:30.0981 0x1e94  CscService - ok
00:02:30.0981 0x1e94  ctxusbm - ok
00:02:30.0981 0x1e94  dam - ok
00:02:30.0981 0x1e94  dbupdate - ok
00:02:30.0981 0x1e94  dbupdatem - ok
00:02:30.0981 0x1e94  DbxSvc - ok
00:02:30.0997 0x1e94  DcomLaunch - ok
00:02:30.0997 0x1e94  defragsvc - ok
00:02:30.0997 0x1e94  DellRbtn - ok
00:02:30.0997 0x1e94  DeviceAssociationService - ok
00:02:31.0012 0x1e94  DeviceInstall - ok
00:02:31.0012 0x1e94  DevicesFlowUserSvc - ok
00:02:31.0012 0x1e94  DevQueryBroker - ok
00:02:31.0012 0x1e94  Dfsc - ok
00:02:31.0012 0x1e94  Dhcp - ok
00:02:31.0028 0x1e94  diagnosticshub.standardcollector.service - ok
00:02:31.0028 0x1e94  DiagTrack - ok
00:02:31.0028 0x1e94  Disk - ok
00:02:31.0028 0x1e94  DmEnrollmentSvc - ok
00:02:31.0028 0x1e94  dmvsc - ok
00:02:31.0044 0x1e94  dmwappushservice - ok
00:02:31.0044 0x1e94  Dnscache - ok
00:02:31.0044 0x1e94  dot3svc - ok
00:02:31.0044 0x1e94  DPS - ok
00:02:31.0059 0x1e94  drmkaud - ok
00:02:31.0059 0x1e94  DsmSvc - ok
00:02:31.0059 0x1e94  DsSvc - ok
00:02:31.0059 0x1e94  DusmSvc - ok
00:02:31.0059 0x1e94  DXGKrnl - ok
00:02:31.0075 0x1e94  e1dexpress - ok
00:02:31.0075 0x1e94  EapHost - ok
00:02:31.0075 0x1e94  ebdrv - ok
00:02:31.0075 0x1e94  EFS - ok
00:02:31.0075 0x1e94  EhStorClass - ok
00:02:31.0090 0x1e94  EhStorTcgDrv - ok
00:02:31.0090 0x1e94  embeddedmode - ok
00:02:31.0090 0x1e94  EntAppSvc - ok
00:02:31.0090 0x1e94  ErrDev - ok
00:02:31.0090 0x1e94  EventSystem - ok
00:02:31.0106 0x1e94  ew_hwusbdev - ok
00:02:31.0106 0x1e94  ew_usbenumfilter - ok
00:02:31.0106 0x1e94  exfat - ok
00:02:31.0106 0x1e94  fastfat - ok
00:02:31.0106 0x1e94  Fax - ok
00:02:31.0122 0x1e94  fdc - ok
00:02:31.0122 0x1e94  fdPHost - ok
00:02:31.0122 0x1e94  FDResPub - ok
00:02:31.0122 0x1e94  fhsvc - ok
00:02:31.0122 0x1e94  FileCrypt - ok
00:02:31.0137 0x1e94  FileInfo - ok
00:02:31.0137 0x1e94  Filetrace - ok
00:02:31.0137 0x1e94  flpydisk - ok
00:02:31.0137 0x1e94  FltMgr - ok
00:02:31.0137 0x1e94  FontCache - ok
00:02:31.0153 0x1e94  FontCache3.0.0.0 - ok
00:02:31.0153 0x1e94  FrameServer - ok
00:02:31.0153 0x1e94  FsDepends - ok
00:02:31.0153 0x1e94  Fs_Rec - ok
00:02:31.0153 0x1e94  fvevol - ok
00:02:31.0169 0x1e94  gencounter - ok
00:02:31.0169 0x1e94  genericusbfn - ok
00:02:31.0169 0x1e94  GPIOClx0101 - ok
00:02:31.0169 0x1e94  gpsvc - ok
00:02:31.0169 0x1e94  GpuEnergyDrv - ok
00:02:31.0184 0x1e94  gupdate - ok
00:02:31.0184 0x1e94  gupdatem - ok
00:02:31.0184 0x1e94  HDAudBus - ok
00:02:31.0184 0x1e94  HidBatt - ok
00:02:31.0200 0x1e94  HidBth - ok
00:02:31.0200 0x1e94  hidi2c - ok
00:02:31.0200 0x1e94  hidinterrupt - ok
00:02:31.0200 0x1e94  HidIr - ok
00:02:31.0200 0x1e94  hidserv - ok
00:02:31.0215 0x1e94  HidUsb - ok
00:02:31.0215 0x1e94  HomeGroupListener - ok
00:02:31.0215 0x1e94  HomeGroupProvider - ok
00:02:31.0215 0x1e94  HpSAMD - ok
00:02:31.0215 0x1e94  HTTP - ok
00:02:31.0215 0x1e94  huawei_enumerator - ok
00:02:31.0231 0x1e94  HvHost - ok
00:02:31.0231 0x1e94  hvservice - ok
00:02:31.0231 0x1e94  HWDeviceService64.exe - ok
00:02:31.0231 0x1e94  hwpolicy - ok
00:02:31.0231 0x1e94  hwusb_cdcacm - ok
00:02:31.0247 0x1e94  hwusb_wwanecm - ok
00:02:31.0247 0x1e94  hyperkbd - ok
00:02:31.0247 0x1e94  i8042prt - ok
00:02:31.0247 0x1e94  iagpio - ok
00:02:31.0247 0x1e94  iai2c - ok
00:02:31.0262 0x1e94  iaLPSS2i_GPIO2 - ok
00:02:31.0262 0x1e94  iaLPSS2i_GPIO2_BXT_P - ok
00:02:31.0262 0x1e94  iaLPSS2i_I2C - ok
00:02:31.0262 0x1e94  iaLPSS2i_I2C_BXT_P - ok
00:02:31.0262 0x1e94  iaLPSSi_GPIO - ok
00:02:31.0278 0x1e94  iaLPSSi_I2C - ok
00:02:31.0278 0x1e94  iaStorAV - ok
00:02:31.0278 0x1e94  iaStorV - ok
00:02:31.0278 0x1e94  ibbus - ok
00:02:31.0278 0x1e94  ibtsiva - ok
00:02:31.0294 0x1e94  ibtusb - ok
00:02:31.0294 0x1e94  icssvc - ok
00:02:31.0294 0x1e94  igfx - ok
00:02:31.0294 0x1e94  igfxCUIService2.0.0.0 - ok
00:02:31.0294 0x1e94  IKEEXT - ok
00:02:31.0309 0x1e94  IndirectKmd - ok
00:02:31.0309 0x1e94  IntcAzAudAddService - ok
00:02:31.0309 0x1e94  IntcDAud - ok
00:02:31.0309 0x1e94  intelide - ok
00:02:31.0325 0x1e94  intelpep - ok
00:02:31.0325 0x1e94  intelppm - ok
00:02:31.0325 0x1e94  Internet Manager. RunOuc - ok
00:02:31.0325 0x1e94  iorate - ok
00:02:31.0325 0x1e94  IpFilterDriver - ok
00:02:31.0341 0x1e94  iphlpsvc - ok
00:02:31.0341 0x1e94  IPMIDRV - ok
00:02:31.0341 0x1e94  IPNAT - ok
00:02:31.0341 0x1e94  IpxlatCfgSvc - ok
00:02:31.0341 0x1e94  irda - ok
00:02:31.0356 0x1e94  IRENUM - ok
00:02:31.0356 0x1e94  irmon - ok
00:02:31.0356 0x1e94  isapnp - ok
00:02:31.0356 0x1e94  iScsiPrt - ok
00:02:31.0356 0x1e94  kbdclass - ok
00:02:31.0372 0x1e94  kbdhid - ok
00:02:31.0372 0x1e94  kdnic - ok
00:02:31.0372 0x1e94  KeyIso - ok
00:02:31.0372 0x1e94  KSecDD - ok
00:02:31.0372 0x1e94  KSecPkg - ok
00:02:31.0372 0x1e94  ksthunk - ok
00:02:31.0387 0x1e94  KtmRm - ok
00:02:31.0387 0x1e94  LanmanServer - ok
00:02:31.0387 0x1e94  LanmanWorkstation - ok
00:02:31.0387 0x1e94  lfsvc - ok
00:02:31.0403 0x1e94  LicenseManager - ok
00:02:31.0403 0x1e94  lltdio - ok
00:02:31.0403 0x1e94  lltdsvc - ok
00:02:31.0403 0x1e94  lmhosts - ok
00:02:31.0403 0x1e94  LSI_SAS - ok
00:02:31.0419 0x1e94  LSI_SAS2i - ok
00:02:31.0419 0x1e94  LSI_SAS3i - ok
00:02:31.0419 0x1e94  LSI_SSS - ok
00:02:31.0419 0x1e94  LSM - ok
00:02:31.0419 0x1e94  luafv - ok
00:02:31.0434 0x1e94  MapsBroker - ok
00:02:31.0434 0x1e94  mausbhost - ok
00:02:31.0434 0x1e94  mausbip - ok
00:02:31.0434 0x1e94  megasas - ok
00:02:31.0434 0x1e94  megasas2i - ok
00:02:31.0450 0x1e94  megasr - ok
00:02:31.0450 0x1e94  MEIx64 - ok
00:02:31.0450 0x1e94  MessagingService - ok
00:02:31.0450 0x1e94  mlx4_bus - ok
00:02:31.0450 0x1e94  MMCSS - ok
00:02:31.0466 0x1e94  Modem - ok
00:02:31.0466 0x1e94  monitor - ok
00:02:31.0466 0x1e94  mouclass - ok
00:02:31.0466 0x1e94  mouhid - ok
00:02:31.0481 0x1e94  mountmgr - ok
00:02:31.0481 0x1e94  MozillaMaintenance - ok
00:02:31.0481 0x1e94  mpsdrv - ok
00:02:31.0481 0x1e94  MpsSvc - ok
00:02:31.0481 0x1e94  MRxDAV - ok
00:02:31.0497 0x1e94  mrxsmb - ok
00:02:31.0497 0x1e94  mrxsmb10 - ok
00:02:31.0497 0x1e94  mrxsmb20 - ok
00:02:31.0497 0x1e94  MsBridge - ok
00:02:31.0497 0x1e94  MSDTC - ok
00:02:31.0512 0x1e94  Msfs - ok
00:02:31.0512 0x1e94  msgpiowin32 - ok
00:02:31.0512 0x1e94  mshidkmdf - ok
00:02:31.0512 0x1e94  mshidumdf - ok
00:02:31.0528 0x1e94  msisadrv - ok
00:02:31.0528 0x1e94  MSiSCSI - ok
00:02:31.0528 0x1e94  msiserver - ok
00:02:31.0528 0x1e94  MSKSSRV - ok
00:02:31.0528 0x1e94  MsLldp - ok
00:02:31.0544 0x1e94  MSPCLOCK - ok
00:02:31.0544 0x1e94  MSPQM - ok
00:02:31.0544 0x1e94  MsRPC - ok
00:02:31.0544 0x1e94  MsSecFlt - ok
00:02:31.0544 0x1e94  mssmbios - ok
00:02:31.0559 0x1e94  MSTEE - ok
00:02:31.0559 0x1e94  MTConfig - ok
00:02:31.0559 0x1e94  Mup - ok
00:02:31.0559 0x1e94  mvumis - ok
00:02:31.0575 0x1e94  NativeWifiP - ok
00:02:31.0575 0x1e94  NaturalAuthentication - ok
00:02:31.0575 0x1e94  NcaSvc - ok
00:02:31.0575 0x1e94  NcbService - ok
00:02:31.0575 0x1e94  NcdAutoSetup - ok
00:02:31.0591 0x1e94  ndfltr - ok
00:02:31.0591 0x1e94  NDIS - ok
00:02:31.0591 0x1e94  NdisCap - ok
00:02:31.0591 0x1e94  NdisImPlatform - ok
00:02:31.0591 0x1e94  NdisTapi - ok
00:02:31.0606 0x1e94  Ndisuio - ok
00:02:31.0606 0x1e94  NdisVirtualBus - ok
00:02:31.0606 0x1e94  NdisWan - ok
00:02:31.0606 0x1e94  ndiswanlegacy - ok
00:02:31.0606 0x1e94  ndproxy - ok
00:02:31.0622 0x1e94  Ndu - ok
00:02:31.0622 0x1e94  NetAdapterCx - ok
00:02:31.0622 0x1e94  NetBIOS - ok
00:02:31.0622 0x1e94  NetBT - ok
00:02:31.0637 0x1e94  Netlogon - ok
00:02:31.0637 0x1e94  Netman - ok
00:02:31.0637 0x1e94  netprofm - ok
00:02:31.0637 0x1e94  NetSetupSvc - ok
00:02:31.0637 0x1e94  NetTcpPortSharing - ok
00:02:31.0653 0x1e94  netvsc - ok
00:02:31.0653 0x1e94  NETwNb64 - ok
00:02:31.0653 0x1e94  NgcCtnrSvc - ok
00:02:31.0653 0x1e94  NgcSvc - ok
00:02:31.0653 0x1e94  NlaSvc - ok
00:02:31.0669 0x1e94  npf - ok
00:02:31.0669 0x1e94  Npfs - ok
00:02:31.0669 0x1e94  npsvctrig - ok
00:02:31.0669 0x1e94  nsi - ok
00:02:31.0669 0x1e94  nsiproxy - ok
00:02:31.0684 0x1e94  NTFS - ok
00:02:31.0684 0x1e94  Null - ok
00:02:31.0684 0x1e94  nvdimmn - ok
00:02:31.0684 0x1e94  nvraid - ok
00:02:31.0684 0x1e94  nvstor - ok
00:02:31.0700 0x1e94  OneSyncSvc - ok
00:02:31.0700 0x1e94  ose - ok
00:02:31.0700 0x1e94  p2pimsvc - ok
00:02:31.0700 0x1e94  p2psvc - ok
00:02:31.0716 0x1e94  Parport - ok
00:02:31.0716 0x1e94  partmgr - ok
00:02:31.0716 0x1e94  PcaSvc - ok
00:02:31.0716 0x1e94  pci - ok
00:02:31.0716 0x1e94  pciide - ok
00:02:31.0731 0x1e94  pcmcia - ok
00:02:31.0731 0x1e94  pcw - ok
00:02:31.0731 0x1e94  pdc - ok
00:02:31.0731 0x1e94  PEAUTH - ok
00:02:31.0731 0x1e94  PeerDistSvc - ok
00:02:31.0747 0x1e94  percsas2i - ok
00:02:31.0747 0x1e94  percsas3i - ok
00:02:31.0747 0x1e94  PerfHost - ok
00:02:31.0762 0x1e94  PhoneSvc - ok
00:02:31.0762 0x1e94  PimIndexMaintenanceSvc - ok
00:02:31.0762 0x1e94  pla - ok
00:02:31.0762 0x1e94  PlugPlay - ok
00:02:31.0762 0x1e94  pmem - ok
00:02:31.0779 0x1e94  PNRPAutoReg - ok
00:02:31.0782 0x1e94  PNRPsvc - ok
00:02:31.0784 0x1e94  PolicyAgent - ok
00:02:31.0789 0x1e94  Power - ok
00:02:31.0792 0x1e94  PptpMiniport - ok
00:02:31.0795 0x1e94  PrintNotify - ok
00:02:31.0798 0x1e94  Processor - ok
00:02:31.0801 0x1e94  ProfSvc - ok
00:02:31.0802 0x1e94  Psched - ok
00:02:31.0802 0x1e94  QWAVE - ok
00:02:31.0802 0x1e94  QWAVEdrv - ok
00:02:31.0802 0x1e94  RasAcd - ok
00:02:31.0802 0x1e94  RasAgileVpn - ok
00:02:31.0818 0x1e94  RasAuto - ok
00:02:31.0818 0x1e94  Rasl2tp - ok
00:02:31.0818 0x1e94  RasMan - ok
00:02:31.0818 0x1e94  RasPppoe - ok
00:02:31.0818 0x1e94  RasSstp - ok
00:02:31.0833 0x1e94  rdbss - ok
00:02:31.0833 0x1e94  rdpbus - ok
00:02:31.0833 0x1e94  RDPDR - ok
00:02:31.0833 0x1e94  RdpVideoMiniport - ok
00:02:31.0849 0x1e94  rdyboost - ok
00:02:31.0849 0x1e94  ReFS - ok
00:02:31.0849 0x1e94  ReFSv1 - ok
00:02:31.0849 0x1e94  RemoteAccess - ok
00:02:31.0865 0x1e94  RemoteRegistry - ok
00:02:31.0865 0x1e94  RetailDemo - ok
00:02:31.0865 0x1e94  RFCOMM - ok
00:02:31.0865 0x1e94  RmSvc - ok
00:02:31.0865 0x1e94  RpcEptMapper - ok
00:02:31.0880 0x1e94  RpcLocator - ok
00:02:31.0880 0x1e94  RpcSs - ok
00:02:31.0880 0x1e94  rspndr - ok
00:02:31.0880 0x1e94  RtkAudioService - ok
00:02:31.0880 0x1e94  s3cap - ok
00:02:31.0896 0x1e94  SamSs - ok
00:02:31.0896 0x1e94  sbp2port - ok
00:02:31.0896 0x1e94  SCardSvr - ok
00:02:31.0896 0x1e94  ScDeviceEnum - ok
00:02:31.0896 0x1e94  scfilter - ok
00:02:31.0912 0x1e94  Schedule - ok
00:02:31.0912 0x1e94  scmbus - ok
00:02:31.0912 0x1e94  SCPolicySvc - ok
00:02:31.0912 0x1e94  sdbus - ok
00:02:31.0912 0x1e94  SDFRd - ok
00:02:31.0912 0x1e94  SDRSVC - ok
00:02:31.0927 0x1e94  sdstor - ok
00:02:31.0927 0x1e94  seclogon - ok
00:02:31.0927 0x1e94  SecurityHealthService - ok
00:02:31.0927 0x1e94  SEMgrSvc - ok
00:02:31.0927 0x1e94  SENS - ok
00:02:31.0943 0x1e94  Sense - ok
00:02:31.0943 0x1e94  SensorDataService - ok
00:02:31.0943 0x1e94  SensorService - ok
00:02:31.0943 0x1e94  SensrSvc - ok
00:02:31.0958 0x1e94  SerCx - ok
00:02:31.0958 0x1e94  SerCx2 - ok
00:02:31.0958 0x1e94  Serenum - ok
00:02:31.0958 0x1e94  Serial - ok
00:02:31.0958 0x1e94  sermouse - ok
00:02:31.0974 0x1e94  SessionEnv - ok
00:02:31.0974 0x1e94  sfloppy - ok
00:02:31.0974 0x1e94  SharedAccess - ok
00:02:31.0990 0x1e94  ShellHWDetection - ok
00:02:31.0990 0x1e94  shpamsvc - ok
00:02:31.0990 0x1e94  SiSRaid2 - ok
00:02:31.0990 0x1e94  SiSRaid4 - ok
00:02:31.0990 0x1e94  smphost - ok
00:02:32.0005 0x1e94  SmsRouter - ok
00:02:32.0005 0x1e94  SNMPTRAP - ok
00:02:32.0005 0x1e94  spaceport - ok
00:02:32.0005 0x1e94  SpatialGraphFilter - ok
00:02:32.0021 0x1e94  SpbCx - ok
00:02:32.0021 0x1e94  spectrum - ok
00:02:32.0021 0x1e94  Spooler - ok
00:02:32.0021 0x1e94  sppsvc - ok
00:02:32.0021 0x1e94  srv - ok
00:02:32.0021 0x1e94  srv2 - ok
00:02:32.0037 0x1e94  srvnet - ok
00:02:32.0037 0x1e94  SSDPSRV - ok
00:02:32.0037 0x1e94  SstpSvc - ok
00:02:32.0037 0x1e94  StateRepository - ok
00:02:32.0037 0x1e94  stdcfltn - ok
00:02:32.0052 0x1e94  stexstor - ok
00:02:32.0052 0x1e94  stisvc - ok
00:02:32.0052 0x1e94  storahci - ok
00:02:32.0052 0x1e94  storflt - ok
00:02:32.0052 0x1e94  stornvme - ok
00:02:32.0068 0x1e94  storqosflt - ok
00:02:32.0068 0x1e94  StorSvc - ok
00:02:32.0068 0x1e94  storufs - ok
00:02:32.0068 0x1e94  storvsc - ok
00:02:32.0083 0x1e94  ST_Accel - ok
00:02:32.0083 0x1e94  svsvc - ok
00:02:32.0083 0x1e94  swenum - ok
00:02:32.0115 0x1e94  swg3kser05 - ok
00:02:32.0115 0x1e94  SwiService - ok
00:02:32.0130 0x1e94  swprv - ok
00:02:32.0130 0x1e94  Synth3dVsc - ok
00:02:32.0146 0x1e94  SysMain - ok
00:02:32.0146 0x1e94  SystemEventsBroker - ok
00:02:32.0146 0x1e94  TabletInputService - ok
00:02:32.0146 0x1e94  TapiSrv - ok
00:02:32.0146 0x1e94  Tcpip - ok
00:02:32.0162 0x1e94  Tcpip6 - ok
00:02:32.0162 0x1e94  tcpipreg - ok
00:02:32.0162 0x1e94  tdx - ok
00:02:32.0162 0x1e94  terminpt - ok
00:02:32.0177 0x1e94  TermService - ok
00:02:32.0177 0x1e94  Themes - ok
00:02:32.0177 0x1e94  TieringEngineService - ok
00:02:32.0177 0x1e94  tiledatamodelsvc - ok
00:02:32.0177 0x1e94  TimeBrokerSvc - ok
00:02:32.0193 0x1e94  TokenBroker - ok
00:02:32.0193 0x1e94  TPM - ok
00:02:32.0193 0x1e94  TrkWks - ok
00:02:32.0193 0x1e94  TrustedInstaller - ok
00:02:32.0208 0x1e94  TsUsbFlt - ok
00:02:32.0208 0x1e94  TsUsbGD - ok
00:02:32.0208 0x1e94  tsusbhub - ok
00:02:32.0208 0x1e94  tunnel - ok
00:02:32.0208 0x1e94  tzautoupdate - ok
00:02:32.0208 0x1e94  UASPStor - ok
00:02:32.0224 0x1e94  UcmCx0101 - ok
00:02:32.0224 0x1e94  UcmTcpciCx0101 - ok
00:02:32.0224 0x1e94  UcmUcsi - ok
00:02:32.0224 0x1e94  Ucx01000 - ok
00:02:32.0224 0x1e94  UdeCx - ok
00:02:32.0240 0x1e94  udfs - ok
00:02:32.0240 0x1e94  UEFI - ok
00:02:32.0240 0x1e94  UevAgentDriver - ok
00:02:32.0240 0x1e94  UevAgentService - ok
00:02:32.0240 0x1e94  Ufx01000 - ok
00:02:32.0255 0x1e94  UfxChipidea - ok
00:02:32.0255 0x1e94  ufxsynopsys - ok
00:02:32.0255 0x1e94  UI0Detect - ok
00:02:32.0255 0x1e94  umbus - ok
00:02:32.0271 0x1e94  UmPass - ok
00:02:32.0271 0x1e94  UmRdpService - ok
00:02:32.0271 0x1e94  UnistoreSvc - ok
00:02:32.0271 0x1e94  upnphost - ok
00:02:32.0271 0x1e94  UrsChipidea - ok
00:02:32.0287 0x1e94  UrsCx01000 - ok
00:02:32.0287 0x1e94  UrsSynopsys - ok
00:02:32.0287 0x1e94  usbccgp - ok
00:02:32.0287 0x1e94  usbcir - ok
00:02:32.0302 0x1e94  usbehci - ok
00:02:32.0302 0x1e94  usbhub - ok
00:02:32.0302 0x1e94  USBHUB3 - ok
00:02:32.0302 0x1e94  usbohci - ok
00:02:32.0302 0x1e94  usbprint - ok
00:02:32.0302 0x1e94  usbser - ok
00:02:32.0318 0x1e94  USBSTOR - ok
00:02:32.0318 0x1e94  usbuhci - ok
00:02:32.0318 0x1e94  usbvideo - ok
00:02:32.0318 0x1e94  USBXHCI - ok
00:02:32.0318 0x1e94  UserDataSvc - ok
00:02:32.0333 0x1e94  UserManager - ok
00:02:32.0333 0x1e94  UsoSvc - ok
00:02:32.0333 0x1e94  VaultSvc - ok
00:02:32.0333 0x1e94  vdrvroot - ok
00:02:32.0333 0x1e94  vds - ok
00:02:32.0349 0x1e94  VerifierExt - ok
00:02:32.0349 0x1e94  vhdmp - ok
00:02:32.0349 0x1e94  vhf - ok
00:02:32.0349 0x1e94  vmbus - ok
00:02:32.0349 0x1e94  VMBusHID - ok
00:02:32.0365 0x1e94  vmgid - ok
00:02:32.0365 0x1e94  vmicguestinterface - ok
00:02:32.0365 0x1e94  vmicheartbeat - ok
00:02:32.0365 0x1e94  vmickvpexchange - ok
00:02:32.0365 0x1e94  vmicrdv - ok
00:02:32.0380 0x1e94  vmicshutdown - ok
00:02:32.0380 0x1e94  vmictimesync - ok
00:02:32.0380 0x1e94  vmicvmsession - ok
00:02:32.0380 0x1e94  vmicvss - ok
00:02:32.0380 0x1e94  volmgr - ok
00:02:32.0396 0x1e94  volmgrx - ok
00:02:32.0396 0x1e94  volsnap - ok
00:02:32.0396 0x1e94  volume - ok
00:02:32.0396 0x1e94  vpci - ok
00:02:32.0396 0x1e94  vsmraid - ok
00:02:32.0412 0x1e94  VSS - ok
00:02:32.0412 0x1e94  VSTXRAID - ok
00:02:32.0412 0x1e94  vwifibus - ok
00:02:32.0412 0x1e94  vwififlt - ok
00:02:32.0412 0x1e94  vwifimp - ok
00:02:32.0427 0x1e94  W32Time - ok
00:02:32.0427 0x1e94  WacomPen - ok
00:02:32.0427 0x1e94  WalletService - ok
00:02:32.0427 0x1e94  wanarp - ok
00:02:32.0443 0x1e94  wanarpv6 - ok
00:02:32.0443 0x1e94  wbengine - ok
00:02:32.0443 0x1e94  WbioSrvc - ok
00:02:32.0443 0x1e94  wcifs - ok
00:02:32.0443 0x1e94  Wcmsvc - ok
00:02:32.0458 0x1e94  wcncsvc - ok
00:02:32.0458 0x1e94  wcnfs - ok
00:02:32.0458 0x1e94  WdBoot - ok
00:02:32.0458 0x1e94  Wdf01000 - ok
00:02:32.0458 0x1e94  WdFilter - ok
00:02:32.0458 0x1e94  WdiServiceHost - ok
00:02:32.0474 0x1e94  WdiSystemHost - ok
00:02:32.0474 0x1e94  wdiwifi - ok
00:02:32.0474 0x1e94  WdNisDrv - ok
00:02:32.0474 0x1e94  WdNisSvc - ok
00:02:32.0474 0x1e94  WebClient - ok
00:02:32.0490 0x1e94  Wecsvc - ok
00:02:32.0490 0x1e94  WEPHOSTSVC - ok
00:02:32.0490 0x1e94  wercplsupport - ok
00:02:32.0490 0x1e94  WerSvc - ok
00:02:32.0490 0x1e94  WFDSConMgrSvc - ok
00:02:32.0505 0x1e94  WFPLWFS - ok
00:02:32.0505 0x1e94  WiaRpc - ok
00:02:32.0505 0x1e94  WIMMount - ok
00:02:32.0505 0x1e94  WinDefend - ok
00:02:32.0521 0x1e94  WindowsTrustedRT - ok
00:02:32.0521 0x1e94  WindowsTrustedRTProxy - ok
00:02:32.0521 0x1e94  WinHttpAutoProxySvc - ok
00:02:32.0521 0x1e94  WinMad - ok
00:02:32.0521 0x1e94  Winmgmt - ok
00:02:32.0537 0x1e94  WinNat - ok
00:02:32.0537 0x1e94  WinRM - ok
00:02:32.0537 0x1e94  WINUSB - ok
00:02:32.0537 0x1e94  WinVerbs - ok
00:02:32.0552 0x1e94  wisvc - ok
00:02:32.0552 0x1e94  WlanSvc - ok
00:02:32.0552 0x1e94  wlidsvc - ok
00:02:32.0552 0x1e94  wlpasvc - ok
00:02:32.0552 0x1e94  wmbclass - ok
00:02:32.0568 0x1e94  WmiAcpi - ok
00:02:32.0568 0x1e94  wmiApSrv - ok
00:02:32.0568 0x1e94  WMPNetworkSvc - ok
00:02:32.0568 0x1e94  Wof - ok
00:02:32.0583 0x1e94  workfolderssvc - ok
00:02:32.0583 0x1e94  WPDBusEnum - ok
00:02:32.0583 0x1e94  WpdUpFltr - ok
00:02:32.0583 0x1e94  WpnService - ok
00:02:32.0583 0x1e94  WpnUserService - ok
00:02:32.0599 0x1e94  ws2ifsl - ok
00:02:32.0599 0x1e94  wscsvc - ok
00:02:32.0599 0x1e94  WSDPrintDevice - ok
00:02:32.0599 0x1e94  WSDScan - ok
00:02:32.0599 0x1e94  WSearch - ok
00:02:32.0615 0x1e94  wuauserv - ok
00:02:32.0615 0x1e94  WudfPf - ok
00:02:32.0615 0x1e94  WUDFRd - ok
00:02:32.0615 0x1e94  wudfsvc - ok
00:02:32.0630 0x1e94  WUDFWpdFs - ok
00:02:32.0630 0x1e94  WUDFWpdMtp - ok
00:02:32.0630 0x1e94  WwanSvc - ok
00:02:32.0630 0x1e94  xbgm - ok
00:02:32.0630 0x1e94  XblAuthManager - ok
00:02:32.0646 0x1e94  XblGameSave - ok
00:02:32.0646 0x1e94  xboxgip - ok
00:02:32.0646 0x1e94  XboxGipSvc - ok
00:02:32.0646 0x1e94  XboxNetApiSvc - ok
00:02:32.0662 0x1e94  xinputhid - ok
00:02:32.0662 0x1e94  ================ Scan global ===============================
00:02:32.0662 0x1e94  [ Global ] - ok
00:02:32.0662 0x1e94  ================ Scan MBR ==================================
00:02:32.0662 0x1e94  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:02:32.0724 0x1e94  \Device\Harddisk0\DR0 - ok
00:02:32.0724 0x1e94  ================ Scan VBR ==================================
00:02:32.0740 0x1e94  [ DB98B3A5C03864B1B0EAC46C83F3B019 ] \Device\Harddisk0\DR0\Partition1
00:02:32.0740 0x1e94  \Device\Harddisk0\DR0\Partition1 - ok
00:02:32.0740 0x1e94  [ 88246742136D1317EB9F5B769A30C6D5 ] \Device\Harddisk0\DR0\Partition2
00:02:32.0740 0x1e94  \Device\Harddisk0\DR0\Partition2 - ok
00:02:32.0740 0x1e94  ================ Scan generic autorun ======================
00:02:32.0740 0x1e94  SecurityHealth - ok
00:02:32.0740 0x1e94  Apoint - ok
00:02:32.0740 0x1e94  RtHDVCpl - ok
00:02:32.0740 0x1e94  RtHDVBg - ok
00:02:32.0740 0x1e94  ConnectionCenter - ok
00:02:32.0740 0x1e94  Redirector - ok
00:02:32.0740 0x1e94  Dropbox - ok
00:02:32.0740 0x1e94  Jabra Direct - ok
00:02:32.0755 0x1e94  OneDriveSetup - ok
00:02:32.0755 0x1e94  OneDriveSetup - ok
00:02:32.0755 0x1e94  OneDriveSetup - ok
00:02:32.0755 0x1e94  WAB Migrate - ok
00:02:32.0771 0x1e94  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.332 ), 0x61100 ( enabled : updated )
00:02:32.0787 0x1e94  Win FW state via NFP2: enabled ( trusted )
00:02:32.0927 0x1e94  ============================================================
00:02:32.0927 0x1e94  Scan finished
00:02:32.0927 0x1e94  ============================================================
00:02:32.0943 0x11f4  Detected object count: 0
00:02:32.0943 0x11f4  Actual detected object count: 0

Zitat:

Zitat von M-K-D-B

...
Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

Hi Matthias,

die Log-Datei von TDSS-Killer haben ich gefunden. Hier der Content:

Code:

ATTFilter

00:01:01.0365 0x3270  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
00:01:06.0646 0x3270  ============================================================
00:01:06.0646 0x3270  Current date / time: 2017/07/24 00:01:06.0646
00:01:06.0646 0x3270  SystemInfo:
00:01:06.0646 0x3270  
00:01:06.0646 0x3270  OS Version: 10.0.15063 ServicePack: 0.0
00:01:06.0646 0x3270  Product type: Workstation
00:01:06.0646 0x3270  ComputerName: DELL
00:01:06.0646 0x3270  UserName: pino
00:01:06.0646 0x3270  Windows directory: C:\WINDOWS
00:01:06.0646 0x3270  System windows directory: C:\WINDOWS
00:01:06.0646 0x3270  Running under WOW64
00:01:06.0646 0x3270  Processor architecture: Intel x64
00:01:06.0646 0x3270  Number of processors: 4
00:01:06.0646 0x3270  Page size: 0x1000
00:01:06.0646 0x3270  Boot type: Normal boot
00:01:06.0646 0x3270  CodeIntegrityOptions = 0x00000001
00:01:06.0646 0x3270  ============================================================
00:01:06.0724 0x3270  KLMD registered as C:\WINDOWS\system32\drivers\41640349.sys
00:01:06.0724 0x3270  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
00:01:07.0381 0x3270  System UUID: {17C6CF4F-532A-2AE9-B7A7-FC059E91CF09}
00:01:07.0943 0x3270  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:01:07.0943 0x3270  ============================================================
00:01:07.0943 0x3270  \Device\Harddisk0\DR0:
00:01:07.0943 0x3270  MBR partitions:
00:01:07.0943 0x3270  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
00:01:07.0943 0x3270  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x1DB05240
00:01:07.0943 0x3270  ============================================================
00:01:07.0943 0x3270  Initialize success
00:01:07.0943 0x3270  ============================================================
00:02:30.0294 0x1e94  ============================================================
00:02:30.0294 0x1e94  Scan started
00:02:30.0294 0x1e94  Mode: Manual; SigCheck; TDLFS; 
00:02:30.0294 0x1e94  ============================================================
00:02:30.0294 0x1e94  KSN ping started
00:02:30.0403 0x1e94  KSN ping finished: true
00:02:30.0606 0x1e94  ================ Scan system memory ========================
00:02:30.0606 0x1e94  System memory - ok
00:02:30.0606 0x1e94  ================ Scan services =============================
00:02:30.0637 0x1e94  1394ohci - ok
00:02:30.0653 0x1e94  3ware - ok
00:02:30.0653 0x1e94  ACPI - ok
00:02:30.0669 0x1e94  AcpiDev - ok
00:02:30.0669 0x1e94  acpiex - ok
00:02:30.0684 0x1e94  acpipagr - ok
00:02:30.0684 0x1e94  AcpiPmi - ok
00:02:30.0684 0x1e94  acpitime - ok
00:02:30.0700 0x1e94  ADP80XX - ok
00:02:30.0700 0x1e94  AFD - ok
00:02:30.0700 0x1e94  ahcache - ok
00:02:30.0700 0x1e94  AJRouter - ok
00:02:30.0715 0x1e94  ALG - ok
00:02:30.0715 0x1e94  AmdK8 - ok
00:02:30.0715 0x1e94  AmdPPM - ok
00:02:30.0715 0x1e94  amdsata - ok
00:02:30.0731 0x1e94  amdsbs - ok
00:02:30.0731 0x1e94  amdxata - ok
00:02:30.0731 0x1e94  ApfiltrService - ok
00:02:30.0731 0x1e94  ApHidMonitorService - ok
00:02:30.0731 0x1e94  AppID - ok
00:02:30.0747 0x1e94  AppIDSvc - ok
00:02:30.0747 0x1e94  Appinfo - ok
00:02:30.0747 0x1e94  applockerfltr - ok
00:02:30.0747 0x1e94  AppMgmt - ok
00:02:30.0762 0x1e94  AppReadiness - ok
00:02:30.0762 0x1e94  AppVClient - ok
00:02:30.0762 0x1e94  AppvStrm - ok
00:02:30.0762 0x1e94  AppvVemgr - ok
00:02:30.0778 0x1e94  AppvVfs - ok
00:02:30.0778 0x1e94  AppXSvc - ok
00:02:30.0778 0x1e94  arcsas - ok
00:02:30.0778 0x1e94  AsyncMac - ok
00:02:30.0794 0x1e94  atapi - ok
00:02:30.0794 0x1e94  AudioEndpointBuilder - ok
00:02:30.0794 0x1e94  Audiosrv - ok
00:02:30.0794 0x1e94  AxInstSV - ok
00:02:30.0794 0x1e94  b06bdrv - ok
00:02:30.0809 0x1e94  BasicDisplay - ok
00:02:30.0809 0x1e94  BasicRender - ok
00:02:30.0809 0x1e94  bcmfn2 - ok
00:02:30.0809 0x1e94  BDESVC - ok
00:02:30.0825 0x1e94  Beep - ok
00:02:30.0825 0x1e94  BFE - ok
00:02:30.0825 0x1e94  BITS - ok
00:02:30.0825 0x1e94  blackberryncm - ok
00:02:30.0840 0x1e94  bowser - ok
00:02:30.0840 0x1e94  BrokerInfrastructure - ok
00:02:30.0840 0x1e94  Browser - ok
00:02:30.0840 0x1e94  BthAvrcpTg - ok
00:02:30.0840 0x1e94  BthEnum - ok
00:02:30.0856 0x1e94  BthHFEnum - ok
00:02:30.0856 0x1e94  bthhfhid - ok
00:02:30.0856 0x1e94  BthHFSrv - ok
00:02:30.0856 0x1e94  BthLEEnum - ok
00:02:30.0856 0x1e94  BTHMODEM - ok
00:02:30.0872 0x1e94  BthPan - ok
00:02:30.0872 0x1e94  BTHPORT - ok
00:02:30.0872 0x1e94  bthserv - ok
00:02:30.0872 0x1e94  BTHUSB - ok
00:02:30.0872 0x1e94  buttonconverter - ok
00:02:30.0887 0x1e94  CAD - ok
00:02:30.0887 0x1e94  CapImg - ok
00:02:30.0887 0x1e94  cdfs - ok
00:02:30.0887 0x1e94  CDPSvc - ok
00:02:30.0887 0x1e94  CDPUserSvc - ok
00:02:30.0903 0x1e94  cdrom - ok
00:02:30.0903 0x1e94  CertPropSvc - ok
00:02:30.0903 0x1e94  cht4iscsi - ok
00:02:30.0919 0x1e94  cht4vbd - ok
00:02:30.0919 0x1e94  circlass - ok
00:02:30.0919 0x1e94  CldFlt - ok
00:02:30.0919 0x1e94  CLFS - ok
00:02:30.0919 0x1e94  ClickToRunSvc - ok
00:02:30.0934 0x1e94  ClipSVC - ok
00:02:30.0934 0x1e94  clreg - ok
00:02:30.0934 0x1e94  CmBatt - ok
00:02:30.0934 0x1e94  CNG - ok
00:02:30.0950 0x1e94  cnghwassist - ok
00:02:30.0950 0x1e94  CompositeBus - ok
00:02:30.0950 0x1e94  COMSysApp - ok
00:02:30.0950 0x1e94  condrv - ok
00:02:30.0950 0x1e94  CoreMessagingRegistrar - ok
00:02:30.0965 0x1e94  cphs - ok
00:02:30.0965 0x1e94  CryptSvc - ok
00:02:30.0965 0x1e94  CSC - ok
00:02:30.0981 0x1e94  CscService - ok
00:02:30.0981 0x1e94  ctxusbm - ok
00:02:30.0981 0x1e94  dam - ok
00:02:30.0981 0x1e94  dbupdate - ok
00:02:30.0981 0x1e94  dbupdatem - ok
00:02:30.0981 0x1e94  DbxSvc - ok
00:02:30.0997 0x1e94  DcomLaunch - ok
00:02:30.0997 0x1e94  defragsvc - ok
00:02:30.0997 0x1e94  DellRbtn - ok
00:02:30.0997 0x1e94  DeviceAssociationService - ok
00:02:31.0012 0x1e94  DeviceInstall - ok
00:02:31.0012 0x1e94  DevicesFlowUserSvc - ok
00:02:31.0012 0x1e94  DevQueryBroker - ok
00:02:31.0012 0x1e94  Dfsc - ok
00:02:31.0012 0x1e94  Dhcp - ok
00:02:31.0028 0x1e94  diagnosticshub.standardcollector.service - ok
00:02:31.0028 0x1e94  DiagTrack - ok
00:02:31.0028 0x1e94  Disk - ok
00:02:31.0028 0x1e94  DmEnrollmentSvc - ok
00:02:31.0028 0x1e94  dmvsc - ok
00:02:31.0044 0x1e94  dmwappushservice - ok
00:02:31.0044 0x1e94  Dnscache - ok
00:02:31.0044 0x1e94  dot3svc - ok
00:02:31.0044 0x1e94  DPS - ok
00:02:31.0059 0x1e94  drmkaud - ok
00:02:31.0059 0x1e94  DsmSvc - ok
00:02:31.0059 0x1e94  DsSvc - ok
00:02:31.0059 0x1e94  DusmSvc - ok
00:02:31.0059 0x1e94  DXGKrnl - ok
00:02:31.0075 0x1e94  e1dexpress - ok
00:02:31.0075 0x1e94  EapHost - ok
00:02:31.0075 0x1e94  ebdrv - ok
00:02:31.0075 0x1e94  EFS - ok
00:02:31.0075 0x1e94  EhStorClass - ok
00:02:31.0090 0x1e94  EhStorTcgDrv - ok
00:02:31.0090 0x1e94  embeddedmode - ok
00:02:31.0090 0x1e94  EntAppSvc - ok
00:02:31.0090 0x1e94  ErrDev - ok
00:02:31.0090 0x1e94  EventSystem - ok
00:02:31.0106 0x1e94  ew_hwusbdev - ok
00:02:31.0106 0x1e94  ew_usbenumfilter - ok
00:02:31.0106 0x1e94  exfat - ok
00:02:31.0106 0x1e94  fastfat - ok
00:02:31.0106 0x1e94  Fax - ok
00:02:31.0122 0x1e94  fdc - ok
00:02:31.0122 0x1e94  fdPHost - ok
00:02:31.0122 0x1e94  FDResPub - ok
00:02:31.0122 0x1e94  fhsvc - ok
00:02:31.0122 0x1e94  FileCrypt - ok
00:02:31.0137 0x1e94  FileInfo - ok
00:02:31.0137 0x1e94  Filetrace - ok
00:02:31.0137 0x1e94  flpydisk - ok
00:02:31.0137 0x1e94  FltMgr - ok
00:02:31.0137 0x1e94  FontCache - ok
00:02:31.0153 0x1e94  FontCache3.0.0.0 - ok
00:02:31.0153 0x1e94  FrameServer - ok
00:02:31.0153 0x1e94  FsDepends - ok
00:02:31.0153 0x1e94  Fs_Rec - ok
00:02:31.0153 0x1e94  fvevol - ok
00:02:31.0169 0x1e94  gencounter - ok
00:02:31.0169 0x1e94  genericusbfn - ok
00:02:31.0169 0x1e94  GPIOClx0101 - ok
00:02:31.0169 0x1e94  gpsvc - ok
00:02:31.0169 0x1e94  GpuEnergyDrv - ok
00:02:31.0184 0x1e94  gupdate - ok
00:02:31.0184 0x1e94  gupdatem - ok
00:02:31.0184 0x1e94  HDAudBus - ok
00:02:31.0184 0x1e94  HidBatt - ok
00:02:31.0200 0x1e94  HidBth - ok
00:02:31.0200 0x1e94  hidi2c - ok
00:02:31.0200 0x1e94  hidinterrupt - ok
00:02:31.0200 0x1e94  HidIr - ok
00:02:31.0200 0x1e94  hidserv - ok
00:02:31.0215 0x1e94  HidUsb - ok
00:02:31.0215 0x1e94  HomeGroupListener - ok
00:02:31.0215 0x1e94  HomeGroupProvider - ok
00:02:31.0215 0x1e94  HpSAMD - ok
00:02:31.0215 0x1e94  HTTP - ok
00:02:31.0215 0x1e94  huawei_enumerator - ok
00:02:31.0231 0x1e94  HvHost - ok
00:02:31.0231 0x1e94  hvservice - ok
00:02:31.0231 0x1e94  HWDeviceService64.exe - ok
00:02:31.0231 0x1e94  hwpolicy - ok
00:02:31.0231 0x1e94  hwusb_cdcacm - ok
00:02:31.0247 0x1e94  hwusb_wwanecm - ok
00:02:31.0247 0x1e94  hyperkbd - ok
00:02:31.0247 0x1e94  i8042prt - ok
00:02:31.0247 0x1e94  iagpio - ok
00:02:31.0247 0x1e94  iai2c - ok
00:02:31.0262 0x1e94  iaLPSS2i_GPIO2 - ok
00:02:31.0262 0x1e94  iaLPSS2i_GPIO2_BXT_P - ok
00:02:31.0262 0x1e94  iaLPSS2i_I2C - ok
00:02:31.0262 0x1e94  iaLPSS2i_I2C_BXT_P - ok
00:02:31.0262 0x1e94  iaLPSSi_GPIO - ok
00:02:31.0278 0x1e94  iaLPSSi_I2C - ok
00:02:31.0278 0x1e94  iaStorAV - ok
00:02:31.0278 0x1e94  iaStorV - ok
00:02:31.0278 0x1e94  ibbus - ok
00:02:31.0278 0x1e94  ibtsiva - ok
00:02:31.0294 0x1e94  ibtusb - ok
00:02:31.0294 0x1e94  icssvc - ok
00:02:31.0294 0x1e94  igfx - ok
00:02:31.0294 0x1e94  igfxCUIService2.0.0.0 - ok
00:02:31.0294 0x1e94  IKEEXT - ok
00:02:31.0309 0x1e94  IndirectKmd - ok
00:02:31.0309 0x1e94  IntcAzAudAddService - ok
00:02:31.0309 0x1e94  IntcDAud - ok
00:02:31.0309 0x1e94  intelide - ok
00:02:31.0325 0x1e94  intelpep - ok
00:02:31.0325 0x1e94  intelppm - ok
00:02:31.0325 0x1e94  Internet Manager. RunOuc - ok
00:02:31.0325 0x1e94  iorate - ok
00:02:31.0325 0x1e94  IpFilterDriver - ok
00:02:31.0341 0x1e94  iphlpsvc - ok
00:02:31.0341 0x1e94  IPMIDRV - ok
00:02:31.0341 0x1e94  IPNAT - ok
00:02:31.0341 0x1e94  IpxlatCfgSvc - ok
00:02:31.0341 0x1e94  irda - ok
00:02:31.0356 0x1e94  IRENUM - ok
00:02:31.0356 0x1e94  irmon - ok
00:02:31.0356 0x1e94  isapnp - ok
00:02:31.0356 0x1e94  iScsiPrt - ok
00:02:31.0356 0x1e94  kbdclass - ok
00:02:31.0372 0x1e94  kbdhid - ok
00:02:31.0372 0x1e94  kdnic - ok
00:02:31.0372 0x1e94  KeyIso - ok
00:02:31.0372 0x1e94  KSecDD - ok
00:02:31.0372 0x1e94  KSecPkg - ok
00:02:31.0372 0x1e94  ksthunk - ok
00:02:31.0387 0x1e94  KtmRm - ok
00:02:31.0387 0x1e94  LanmanServer - ok
00:02:31.0387 0x1e94  LanmanWorkstation - ok
00:02:31.0387 0x1e94  lfsvc - ok
00:02:31.0403 0x1e94  LicenseManager - ok
00:02:31.0403 0x1e94  lltdio - ok
00:02:31.0403 0x1e94  lltdsvc - ok
00:02:31.0403 0x1e94  lmhosts - ok
00:02:31.0403 0x1e94  LSI_SAS - ok
00:02:31.0419 0x1e94  LSI_SAS2i - ok
00:02:31.0419 0x1e94  LSI_SAS3i - ok
00:02:31.0419 0x1e94  LSI_SSS - ok
00:02:31.0419 0x1e94  LSM - ok
00:02:31.0419 0x1e94  luafv - ok
00:02:31.0434 0x1e94  MapsBroker - ok
00:02:31.0434 0x1e94  mausbhost - ok
00:02:31.0434 0x1e94  mausbip - ok
00:02:31.0434 0x1e94  megasas - ok
00:02:31.0434 0x1e94  megasas2i - ok
00:02:31.0450 0x1e94  megasr - ok
00:02:31.0450 0x1e94  MEIx64 - ok
00:02:31.0450 0x1e94  MessagingService - ok
00:02:31.0450 0x1e94  mlx4_bus - ok
00:02:31.0450 0x1e94  MMCSS - ok
00:02:31.0466 0x1e94  Modem - ok
00:02:31.0466 0x1e94  monitor - ok
00:02:31.0466 0x1e94  mouclass - ok
00:02:31.0466 0x1e94  mouhid - ok
00:02:31.0481 0x1e94  mountmgr - ok
00:02:31.0481 0x1e94  MozillaMaintenance - ok
00:02:31.0481 0x1e94  mpsdrv - ok
00:02:31.0481 0x1e94  MpsSvc - ok
00:02:31.0481 0x1e94  MRxDAV - ok
00:02:31.0497 0x1e94  mrxsmb - ok
00:02:31.0497 0x1e94  mrxsmb10 - ok
00:02:31.0497 0x1e94  mrxsmb20 - ok
00:02:31.0497 0x1e94  MsBridge - ok
00:02:31.0497 0x1e94  MSDTC - ok
00:02:31.0512 0x1e94  Msfs - ok
00:02:31.0512 0x1e94  msgpiowin32 - ok
00:02:31.0512 0x1e94  mshidkmdf - ok
00:02:31.0512 0x1e94  mshidumdf - ok
00:02:31.0528 0x1e94  msisadrv - ok
00:02:31.0528 0x1e94  MSiSCSI - ok
00:02:31.0528 0x1e94  msiserver - ok
00:02:31.0528 0x1e94  MSKSSRV - ok
00:02:31.0528 0x1e94  MsLldp - ok
00:02:31.0544 0x1e94  MSPCLOCK - ok
00:02:31.0544 0x1e94  MSPQM - ok
00:02:31.0544 0x1e94  MsRPC - ok
00:02:31.0544 0x1e94  MsSecFlt - ok
00:02:31.0544 0x1e94  mssmbios - ok
00:02:31.0559 0x1e94  MSTEE - ok
00:02:31.0559 0x1e94  MTConfig - ok
00:02:31.0559 0x1e94  Mup - ok
00:02:31.0559 0x1e94  mvumis - ok
00:02:31.0575 0x1e94  NativeWifiP - ok
00:02:31.0575 0x1e94  NaturalAuthentication - ok
00:02:31.0575 0x1e94  NcaSvc - ok
00:02:31.0575 0x1e94  NcbService - ok
00:02:31.0575 0x1e94  NcdAutoSetup - ok
00:02:31.0591 0x1e94  ndfltr - ok
00:02:31.0591 0x1e94  NDIS - ok
00:02:31.0591 0x1e94  NdisCap - ok
00:02:31.0591 0x1e94  NdisImPlatform - ok
00:02:31.0591 0x1e94  NdisTapi - ok
00:02:31.0606 0x1e94  Ndisuio - ok
00:02:31.0606 0x1e94  NdisVirtualBus - ok
00:02:31.0606 0x1e94  NdisWan - ok
00:02:31.0606 0x1e94  ndiswanlegacy - ok
00:02:31.0606 0x1e94  ndproxy - ok
00:02:31.0622 0x1e94  Ndu - ok
00:02:31.0622 0x1e94  NetAdapterCx - ok
00:02:31.0622 0x1e94  NetBIOS - ok
00:02:31.0622 0x1e94  NetBT - ok
00:02:31.0637 0x1e94  Netlogon - ok
00:02:31.0637 0x1e94  Netman - ok
00:02:31.0637 0x1e94  netprofm - ok
00:02:31.0637 0x1e94  NetSetupSvc - ok
00:02:31.0637 0x1e94  NetTcpPortSharing - ok
00:02:31.0653 0x1e94  netvsc - ok
00:02:31.0653 0x1e94  NETwNb64 - ok
00:02:31.0653 0x1e94  NgcCtnrSvc - ok
00:02:31.0653 0x1e94  NgcSvc - ok
00:02:31.0653 0x1e94  NlaSvc - ok
00:02:31.0669 0x1e94  npf - ok
00:02:31.0669 0x1e94  Npfs - ok
00:02:31.0669 0x1e94  npsvctrig - ok
00:02:31.0669 0x1e94  nsi - ok
00:02:31.0669 0x1e94  nsiproxy - ok
00:02:31.0684 0x1e94  NTFS - ok
00:02:31.0684 0x1e94  Null - ok
00:02:31.0684 0x1e94  nvdimmn - ok
00:02:31.0684 0x1e94  nvraid - ok
00:02:31.0684 0x1e94  nvstor - ok
00:02:31.0700 0x1e94  OneSyncSvc - ok
00:02:31.0700 0x1e94  ose - ok
00:02:31.0700 0x1e94  p2pimsvc - ok
00:02:31.0700 0x1e94  p2psvc - ok
00:02:31.0716 0x1e94  Parport - ok
00:02:31.0716 0x1e94  partmgr - ok
00:02:31.0716 0x1e94  PcaSvc - ok
00:02:31.0716 0x1e94  pci - ok
00:02:31.0716 0x1e94  pciide - ok
00:02:31.0731 0x1e94  pcmcia - ok
00:02:31.0731 0x1e94  pcw - ok
00:02:31.0731 0x1e94  pdc - ok
00:02:31.0731 0x1e94  PEAUTH - ok
00:02:31.0731 0x1e94  PeerDistSvc - ok
00:02:31.0747 0x1e94  percsas2i - ok
00:02:31.0747 0x1e94  percsas3i - ok
00:02:31.0747 0x1e94  PerfHost - ok
00:02:31.0762 0x1e94  PhoneSvc - ok
00:02:31.0762 0x1e94  PimIndexMaintenanceSvc - ok
00:02:31.0762 0x1e94  pla - ok
00:02:31.0762 0x1e94  PlugPlay - ok
00:02:31.0762 0x1e94  pmem - ok
00:02:31.0779 0x1e94  PNRPAutoReg - ok
00:02:31.0782 0x1e94  PNRPsvc - ok
00:02:31.0784 0x1e94  PolicyAgent - ok
00:02:31.0789 0x1e94  Power - ok
00:02:31.0792 0x1e94  PptpMiniport - ok
00:02:31.0795 0x1e94  PrintNotify - ok
00:02:31.0798 0x1e94  Processor - ok
00:02:31.0801 0x1e94  ProfSvc - ok
00:02:31.0802 0x1e94  Psched - ok
00:02:31.0802 0x1e94  QWAVE - ok
00:02:31.0802 0x1e94  QWAVEdrv - ok
00:02:31.0802 0x1e94  RasAcd - ok
00:02:31.0802 0x1e94  RasAgileVpn - ok
00:02:31.0818 0x1e94  RasAuto - ok
00:02:31.0818 0x1e94  Rasl2tp - ok
00:02:31.0818 0x1e94  RasMan - ok
00:02:31.0818 0x1e94  RasPppoe - ok
00:02:31.0818 0x1e94  RasSstp - ok
00:02:31.0833 0x1e94  rdbss - ok
00:02:31.0833 0x1e94  rdpbus - ok
00:02:31.0833 0x1e94  RDPDR - ok
00:02:31.0833 0x1e94  RdpVideoMiniport - ok
00:02:31.0849 0x1e94  rdyboost - ok
00:02:31.0849 0x1e94  ReFS - ok
00:02:31.0849 0x1e94  ReFSv1 - ok
00:02:31.0849 0x1e94  RemoteAccess - ok
00:02:31.0865 0x1e94  RemoteRegistry - ok
00:02:31.0865 0x1e94  RetailDemo - ok
00:02:31.0865 0x1e94  RFCOMM - ok
00:02:31.0865 0x1e94  RmSvc - ok
00:02:31.0865 0x1e94  RpcEptMapper - ok
00:02:31.0880 0x1e94  RpcLocator - ok
00:02:31.0880 0x1e94  RpcSs - ok
00:02:31.0880 0x1e94  rspndr - ok
00:02:31.0880 0x1e94  RtkAudioService - ok
00:02:31.0880 0x1e94  s3cap - ok
00:02:31.0896 0x1e94  SamSs - ok
00:02:31.0896 0x1e94  sbp2port - ok
00:02:31.0896 0x1e94  SCardSvr - ok
00:02:31.0896 0x1e94  ScDeviceEnum - ok
00:02:31.0896 0x1e94  scfilter - ok
00:02:31.0912 0x1e94  Schedule - ok
00:02:31.0912 0x1e94  scmbus - ok
00:02:31.0912 0x1e94  SCPolicySvc - ok
00:02:31.0912 0x1e94  sdbus - ok
00:02:31.0912 0x1e94  SDFRd - ok
00:02:31.0912 0x1e94  SDRSVC - ok
00:02:31.0927 0x1e94  sdstor - ok
00:02:31.0927 0x1e94  seclogon - ok
00:02:31.0927 0x1e94  SecurityHealthService - ok
00:02:31.0927 0x1e94  SEMgrSvc - ok
00:02:31.0927 0x1e94  SENS - ok
00:02:31.0943 0x1e94  Sense - ok
00:02:31.0943 0x1e94  SensorDataService - ok
00:02:31.0943 0x1e94  SensorService - ok
00:02:31.0943 0x1e94  SensrSvc - ok
00:02:31.0958 0x1e94  SerCx - ok
00:02:31.0958 0x1e94  SerCx2 - ok
00:02:31.0958 0x1e94  Serenum - ok
00:02:31.0958 0x1e94  Serial - ok
00:02:31.0958 0x1e94  sermouse - ok
00:02:31.0974 0x1e94  SessionEnv - ok
00:02:31.0974 0x1e94  sfloppy - ok
00:02:31.0974 0x1e94  SharedAccess - ok
00:02:31.0990 0x1e94  ShellHWDetection - ok
00:02:31.0990 0x1e94  shpamsvc - ok
00:02:31.0990 0x1e94  SiSRaid2 - ok
00:02:31.0990 0x1e94  SiSRaid4 - ok
00:02:31.0990 0x1e94  smphost - ok
00:02:32.0005 0x1e94  SmsRouter - ok
00:02:32.0005 0x1e94  SNMPTRAP - ok
00:02:32.0005 0x1e94  spaceport - ok
00:02:32.0005 0x1e94  SpatialGraphFilter - ok
00:02:32.0021 0x1e94  SpbCx - ok
00:02:32.0021 0x1e94  spectrum - ok
00:02:32.0021 0x1e94  Spooler - ok
00:02:32.0021 0x1e94  sppsvc - ok
00:02:32.0021 0x1e94  srv - ok
00:02:32.0021 0x1e94  srv2 - ok
00:02:32.0037 0x1e94  srvnet - ok
00:02:32.0037 0x1e94  SSDPSRV - ok
00:02:32.0037 0x1e94  SstpSvc - ok
00:02:32.0037 0x1e94  StateRepository - ok
00:02:32.0037 0x1e94  stdcfltn - ok
00:02:32.0052 0x1e94  stexstor - ok
00:02:32.0052 0x1e94  stisvc - ok
00:02:32.0052 0x1e94  storahci - ok
00:02:32.0052 0x1e94  storflt - ok
00:02:32.0052 0x1e94  stornvme - ok
00:02:32.0068 0x1e94  storqosflt - ok
00:02:32.0068 0x1e94  StorSvc - ok
00:02:32.0068 0x1e94  storufs - ok
00:02:32.0068 0x1e94  storvsc - ok
00:02:32.0083 0x1e94  ST_Accel - ok
00:02:32.0083 0x1e94  svsvc - ok
00:02:32.0083 0x1e94  swenum - ok
00:02:32.0115 0x1e94  swg3kser05 - ok
00:02:32.0115 0x1e94  SwiService - ok
00:02:32.0130 0x1e94  swprv - ok
00:02:32.0130 0x1e94  Synth3dVsc - ok
00:02:32.0146 0x1e94  SysMain - ok
00:02:32.0146 0x1e94  SystemEventsBroker - ok
00:02:32.0146 0x1e94  TabletInputService - ok
00:02:32.0146 0x1e94  TapiSrv - ok
00:02:32.0146 0x1e94  Tcpip - ok
00:02:32.0162 0x1e94  Tcpip6 - ok
00:02:32.0162 0x1e94  tcpipreg - ok
00:02:32.0162 0x1e94  tdx - ok
00:02:32.0162 0x1e94  terminpt - ok
00:02:32.0177 0x1e94  TermService - ok
00:02:32.0177 0x1e94  Themes - ok
00:02:32.0177 0x1e94  TieringEngineService - ok
00:02:32.0177 0x1e94  tiledatamodelsvc - ok
00:02:32.0177 0x1e94  TimeBrokerSvc - ok
00:02:32.0193 0x1e94  TokenBroker - ok
00:02:32.0193 0x1e94  TPM - ok
00:02:32.0193 0x1e94  TrkWks - ok
00:02:32.0193 0x1e94  TrustedInstaller - ok
00:02:32.0208 0x1e94  TsUsbFlt - ok
00:02:32.0208 0x1e94  TsUsbGD - ok
00:02:32.0208 0x1e94  tsusbhub - ok
00:02:32.0208 0x1e94  tunnel - ok
00:02:32.0208 0x1e94  tzautoupdate - ok
00:02:32.0208 0x1e94  UASPStor - ok
00:02:32.0224 0x1e94  UcmCx0101 - ok
00:02:32.0224 0x1e94  UcmTcpciCx0101 - ok
00:02:32.0224 0x1e94  UcmUcsi - ok
00:02:32.0224 0x1e94  Ucx01000 - ok
00:02:32.0224 0x1e94  UdeCx - ok
00:02:32.0240 0x1e94  udfs - ok
00:02:32.0240 0x1e94  UEFI - ok
00:02:32.0240 0x1e94  UevAgentDriver - ok
00:02:32.0240 0x1e94  UevAgentService - ok
00:02:32.0240 0x1e94  Ufx01000 - ok
00:02:32.0255 0x1e94  UfxChipidea - ok
00:02:32.0255 0x1e94  ufxsynopsys - ok
00:02:32.0255 0x1e94  UI0Detect - ok
00:02:32.0255 0x1e94  umbus - ok
00:02:32.0271 0x1e94  UmPass - ok
00:02:32.0271 0x1e94  UmRdpService - ok
00:02:32.0271 0x1e94  UnistoreSvc - ok
00:02:32.0271 0x1e94  upnphost - ok
00:02:32.0271 0x1e94  UrsChipidea - ok
00:02:32.0287 0x1e94  UrsCx01000 - ok
00:02:32.0287 0x1e94  UrsSynopsys - ok
00:02:32.0287 0x1e94  usbccgp - ok
00:02:32.0287 0x1e94  usbcir - ok
00:02:32.0302 0x1e94  usbehci - ok
00:02:32.0302 0x1e94  usbhub - ok
00:02:32.0302 0x1e94  USBHUB3 - ok
00:02:32.0302 0x1e94  usbohci - ok
00:02:32.0302 0x1e94  usbprint - ok
00:02:32.0302 0x1e94  usbser - ok
00:02:32.0318 0x1e94  USBSTOR - ok
00:02:32.0318 0x1e94  usbuhci - ok
00:02:32.0318 0x1e94  usbvideo - ok
00:02:32.0318 0x1e94  USBXHCI - ok
00:02:32.0318 0x1e94  UserDataSvc - ok
00:02:32.0333 0x1e94  UserManager - ok
00:02:32.0333 0x1e94  UsoSvc - ok
00:02:32.0333 0x1e94  VaultSvc - ok
00:02:32.0333 0x1e94  vdrvroot - ok
00:02:32.0333 0x1e94  vds - ok
00:02:32.0349 0x1e94  VerifierExt - ok
00:02:32.0349 0x1e94  vhdmp - ok
00:02:32.0349 0x1e94  vhf - ok
00:02:32.0349 0x1e94  vmbus - ok
00:02:32.0349 0x1e94  VMBusHID - ok
00:02:32.0365 0x1e94  vmgid - ok
00:02:32.0365 0x1e94  vmicguestinterface - ok
00:02:32.0365 0x1e94  vmicheartbeat - ok
00:02:32.0365 0x1e94  vmickvpexchange - ok
00:02:32.0365 0x1e94  vmicrdv - ok
00:02:32.0380 0x1e94  vmicshutdown - ok
00:02:32.0380 0x1e94  vmictimesync - ok
00:02:32.0380 0x1e94  vmicvmsession - ok
00:02:32.0380 0x1e94  vmicvss - ok
00:02:32.0380 0x1e94  volmgr - ok
00:02:32.0396 0x1e94  volmgrx - ok
00:02:32.0396 0x1e94  volsnap - ok
00:02:32.0396 0x1e94  volume - ok
00:02:32.0396 0x1e94  vpci - ok
00:02:32.0396 0x1e94  vsmraid - ok
00:02:32.0412 0x1e94  VSS - ok
00:02:32.0412 0x1e94  VSTXRAID - ok
00:02:32.0412 0x1e94  vwifibus - ok
00:02:32.0412 0x1e94  vwififlt - ok
00:02:32.0412 0x1e94  vwifimp - ok
00:02:32.0427 0x1e94  W32Time - ok
00:02:32.0427 0x1e94  WacomPen - ok
00:02:32.0427 0x1e94  WalletService - ok
00:02:32.0427 0x1e94  wanarp - ok
00:02:32.0443 0x1e94  wanarpv6 - ok
00:02:32.0443 0x1e94  wbengine - ok
00:02:32.0443 0x1e94  WbioSrvc - ok
00:02:32.0443 0x1e94  wcifs - ok
00:02:32.0443 0x1e94  Wcmsvc - ok
00:02:32.0458 0x1e94  wcncsvc - ok
00:02:32.0458 0x1e94  wcnfs - ok
00:02:32.0458 0x1e94  WdBoot - ok
00:02:32.0458 0x1e94  Wdf01000 - ok
00:02:32.0458 0x1e94  WdFilter - ok
00:02:32.0458 0x1e94  WdiServiceHost - ok
00:02:32.0474 0x1e94  WdiSystemHost - ok
00:02:32.0474 0x1e94  wdiwifi - ok
00:02:32.0474 0x1e94  WdNisDrv - ok
00:02:32.0474 0x1e94  WdNisSvc - ok
00:02:32.0474 0x1e94  WebClient - ok
00:02:32.0490 0x1e94  Wecsvc - ok
00:02:32.0490 0x1e94  WEPHOSTSVC - ok
00:02:32.0490 0x1e94  wercplsupport - ok
00:02:32.0490 0x1e94  WerSvc - ok
00:02:32.0490 0x1e94  WFDSConMgrSvc - ok
00:02:32.0505 0x1e94  WFPLWFS - ok
00:02:32.0505 0x1e94  WiaRpc - ok
00:02:32.0505 0x1e94  WIMMount - ok
00:02:32.0505 0x1e94  WinDefend - ok
00:02:32.0521 0x1e94  WindowsTrustedRT - ok
00:02:32.0521 0x1e94  WindowsTrustedRTProxy - ok
00:02:32.0521 0x1e94  WinHttpAutoProxySvc - ok
00:02:32.0521 0x1e94  WinMad - ok
00:02:32.0521 0x1e94  Winmgmt - ok
00:02:32.0537 0x1e94  WinNat - ok
00:02:32.0537 0x1e94  WinRM - ok
00:02:32.0537 0x1e94  WINUSB - ok
00:02:32.0537 0x1e94  WinVerbs - ok
00:02:32.0552 0x1e94  wisvc - ok
00:02:32.0552 0x1e94  WlanSvc - ok
00:02:32.0552 0x1e94  wlidsvc - ok
00:02:32.0552 0x1e94  wlpasvc - ok
00:02:32.0552 0x1e94  wmbclass - ok
00:02:32.0568 0x1e94  WmiAcpi - ok
00:02:32.0568 0x1e94  wmiApSrv - ok
00:02:32.0568 0x1e94  WMPNetworkSvc - ok
00:02:32.0568 0x1e94  Wof - ok
00:02:32.0583 0x1e94  workfolderssvc - ok
00:02:32.0583 0x1e94  WPDBusEnum - ok
00:02:32.0583 0x1e94  WpdUpFltr - ok
00:02:32.0583 0x1e94  WpnService - ok
00:02:32.0583 0x1e94  WpnUserService - ok
00:02:32.0599 0x1e94  ws2ifsl - ok
00:02:32.0599 0x1e94  wscsvc - ok
00:02:32.0599 0x1e94  WSDPrintDevice - ok
00:02:32.0599 0x1e94  WSDScan - ok
00:02:32.0599 0x1e94  WSearch - ok
00:02:32.0615 0x1e94  wuauserv - ok
00:02:32.0615 0x1e94  WudfPf - ok
00:02:32.0615 0x1e94  WUDFRd - ok
00:02:32.0615 0x1e94  wudfsvc - ok
00:02:32.0630 0x1e94  WUDFWpdFs - ok
00:02:32.0630 0x1e94  WUDFWpdMtp - ok
00:02:32.0630 0x1e94  WwanSvc - ok
00:02:32.0630 0x1e94  xbgm - ok
00:02:32.0630 0x1e94  XblAuthManager - ok
00:02:32.0646 0x1e94  XblGameSave - ok
00:02:32.0646 0x1e94  xboxgip - ok
00:02:32.0646 0x1e94  XboxGipSvc - ok
00:02:32.0646 0x1e94  XboxNetApiSvc - ok
00:02:32.0662 0x1e94  xinputhid - ok
00:02:32.0662 0x1e94  ================ Scan global ===============================
00:02:32.0662 0x1e94  [ Global ] - ok
00:02:32.0662 0x1e94  ================ Scan MBR ==================================
00:02:32.0662 0x1e94  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:02:32.0724 0x1e94  \Device\Harddisk0\DR0 - ok
00:02:32.0724 0x1e94  ================ Scan VBR ==================================
00:02:32.0740 0x1e94  [ DB98B3A5C03864B1B0EAC46C83F3B019 ] \Device\Harddisk0\DR0\Partition1
00:02:32.0740 0x1e94  \Device\Harddisk0\DR0\Partition1 - ok
00:02:32.0740 0x1e94  [ 88246742136D1317EB9F5B769A30C6D5 ] \Device\Harddisk0\DR0\Partition2
00:02:32.0740 0x1e94  \Device\Harddisk0\DR0\Partition2 - ok
00:02:32.0740 0x1e94  ================ Scan generic autorun ======================
00:02:32.0740 0x1e94  SecurityHealth - ok
00:02:32.0740 0x1e94  Apoint - ok
00:02:32.0740 0x1e94  RtHDVCpl - ok
00:02:32.0740 0x1e94  RtHDVBg - ok
00:02:32.0740 0x1e94  ConnectionCenter - ok
00:02:32.0740 0x1e94  Redirector - ok
00:02:32.0740 0x1e94  Dropbox - ok
00:02:32.0740 0x1e94  Jabra Direct - ok
00:02:32.0755 0x1e94  OneDriveSetup - ok
00:02:32.0755 0x1e94  OneDriveSetup - ok
00:02:32.0755 0x1e94  OneDriveSetup - ok
00:02:32.0755 0x1e94  WAB Migrate - ok
00:02:32.0771 0x1e94  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.332 ), 0x61100 ( enabled : updated )
00:02:32.0787 0x1e94  Win FW state via NFP2: enabled ( trusted )
00:02:32.0927 0x1e94  ============================================================
00:02:32.0927 0x1e94  Scan finished
00:02:32.0927 0x1e94  ============================================================
00:02:32.0943 0x11f4  Detected object count: 0
00:02:32.0943 0x11f4  Actual detected object count: 0
00:05:07.0654 0x1624  Deinitialize success

Neue "FRST.txt" und "Addition.txt" habe ich nicht gefunden. Oder wurden die bisherigen Files überschrieben?

Danke und Gruß Pino

M-K-D-B · 24.07.2017, 13:24

Servus,

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Tracing Schlüssel
- Prefetch Dateien
- Proxy
- Winsock
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Klicke am Ende der Bereinigung auf Jetzt neu starten. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware 3 (Bebilderte Anleitung)

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die zwei neuen Logdateien von FRST.

pinodisole · 24.07.2017, 13:46

Code:

ATTFilter

# AdwCleaner 7.0.0.0 - Logfile created on Mon Jul 24 12:30:59 2017
# Updated on 2017/17/07 by Malwarebytes 
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\ProgramData\Application Data\lavasoft\web companion


***** [ Files ] *****

Deleted: C:\Windows\System32\lavasofttcpservice.dll
Deleted: C:\Windows\System32\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysNative\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysNative\LavasoftTcpService64.dll


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [2273 B] - [2017/7/24 12:30:10]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 24.07.17
Scan-Zeit: 14:36
Protokolldatei: mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.160
Version des Aktualisierungspakets: 1.0.2425
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 15063.483)
CPU: x64
Dateisystem: NTFS
Benutzer: DELL\pino

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 398350
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 2 Min., 32 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-07-2017
durchgeführt von pino (Administrator) auf DELL (24-07-2017 14:44:12)
Gestartet von C:\Users\pino\Desktop
Geladene Profile: pino (Verfügbare Profile: defaultuser0 & pino)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Sierra Wireless, Inc.) C:\Program Files\Sierra Wireless Inc\Utils\SwiService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(GN Audio A/S) C:\Program Files (x86)\Jabra\Direct\JabraDirect.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [773760 2016-10-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8474880 2015-05-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403800 2015-05-27] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [526648 2016-11-07] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231736 2016-11-07] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-07-12] (Dropbox, Inc.)
HKLM-x32\...\Run: [Jabra Direct] => C:\Program Files (x86)\Jabra\Direct\JabraDirect.exe [1273792 2017-05-02] (GN Audio A/S)
HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\MountPoints2: {0fcff8c3-0bc2-11e7-96a2-8086f2d83e01} - "D:\VmS.exe" 
HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\MountPoints2: {ecb9dff6-370b-11e7-96aa-8086f2d83e01} - "D:\AutoRun.exe" 

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0a501cb2-4b95-489d-8291-c2c4f3832c64}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{167546f3-0743-4e41-8a58-27f68faa5282}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{b297a4e9-5f79-4fbf-aee2-34a81362d97d}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-697847764-2959338102-2115453073-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKU\S-1-5-21-697847764-2959338102-2115453073-1001 -> {2867DB33-23AD-4975-962A-958043E2C207} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-02] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-18] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-06-20] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-07-18] (Microsoft Corporation)
DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab
DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://pbrasweb.postbank.de/dana-cached/sc/PulseSetupClient.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T30L10NSP14EP2-20000/webex/ieatgpc1.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-02] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)

FireFox:
========
FF DefaultProfile: sxbmzu46.default-1492723331066
FF ProfilePath: C:\Users\pino\AppData\Roaming\Mozilla\Firefox\Profiles\sxbmzu46.default-1492723331066 [2017-07-24]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2016-11-07] (Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default [2017-07-24]
CHR Extension: (Google Präsentationen) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-17]
CHR Extension: (Google Docs) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-17]
CHR Extension: (Google Drive) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-17]
CHR Extension: (YouTube) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-17]
CHR Extension: (Cisco WebEx) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\fceempjejlfaadkgdacpfhheknndlcjl [2017-07-24]
CHR Extension: (Google Tabellen) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-17]
CHR Extension: (Google Docs Offline) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-18]
CHR Extension: (IE Tab) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2017-07-14]
CHR Extension: (Cisco WebEx Extension) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibgpnhikmkblcolfmklkbcakhkgmleef [2017-03-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-17]
CHR Extension: (Google Mail) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-17]
CHR Extension: (Chrome Media Router) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-14]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [104744 2016-10-20] (Alps Electric Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4411584 2017-07-02] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-22] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-22] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-07-12] (Dropbox, Inc.)
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] ()
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373760 2016-10-25] (Intel Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [682072 2015-07-06] ()
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [299776 2015-05-27] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 SwiService; C:\Program Files\Sierra Wireless Inc\Utils\SwiService.exe [1163360 2016-01-25] (Sierra Wireless, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 blackberryncm; C:\WINDOWS\System32\drivers\blackberryncm6_AMD64.sys [36360 2016-04-06] (BlackBerry)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (OSR Open Systems Resources, Inc.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [547840 2015-09-12] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] ()
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [380800 2015-01-07] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
R3 IntcAzAudAddService; C:\WINDOWS\system32\drivers\RTDVHD64.sys [2540800 2015-05-27] (Realtek Semiconductor Corp.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-07-24] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-07-24] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-07-24] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-24] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-07-24] (Malwarebytes)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-01-02] (Riverbed Technology, Inc.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [146512 2015-07-02] (STMicroelectronics)
S3 swg3kser05; C:\WINDOWS\system32\DRIVERS\swg3kser05.sys [296576 2016-01-28] (Sierra Wireless Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 wmbclass; C:\WINDOWS\System32\drivers\wmbclass.sys [327168 2017-06-20] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-24 14:44 - 2017-07-24 14:44 - 00018399 _____ C:\Users\pino\Desktop\FRST.txt
2017-07-24 14:43 - 2017-07-24 14:43 - 00000000 ____D C:\Users\pino\Desktop\Neuer Ordner
2017-07-24 14:41 - 2017-07-24 14:41 - 00001396 _____ C:\Users\pino\Desktop\mbam.txt
2017-07-24 14:36 - 2017-07-24 14:36 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-24 14:36 - 2017-07-24 14:36 - 00188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-07-24 14:36 - 2017-07-24 14:36 - 00101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-07-24 14:36 - 2017-07-24 14:36 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-07-24 14:36 - 2017-07-24 14:36 - 00045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-07-24 14:36 - 2017-07-24 14:36 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-24 14:36 - 2017-07-24 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-24 14:36 - 2017-07-24 14:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-24 14:36 - 2017-07-24 14:36 - 00000000 ____D C:\Program Files\Malwarebytes
2017-07-24 14:36 - 2017-06-27 12:06 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-24 14:34 - 2017-07-24 14:35 - 65033984 _____ (Malwarebytes ) C:\Users\pino\Desktop\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-24 14:31 - 2017-07-24 14:31 - 00000000 ____D C:\Users\pino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2017-07-24 14:28 - 2017-07-24 14:30 - 00000000 ____D C:\AdwCleaner
2017-07-24 14:26 - 2017-07-24 14:26 - 08162248 _____ (Malwarebytes) C:\Users\pino\Desktop\adwcleaner_7.0.0.0.exe
2017-07-24 00:15 - 2017-07-24 00:05 - 00053106 _____ C:\Users\pino\Desktop\TDSSKiller.3.1.0.15_24.07.2017_00.01.01_log.txt
2017-07-24 00:01 - 2017-07-24 00:05 - 00053106 _____ C:\TDSSKiller.3.1.0.15_24.07.2017_00.01.01_log.txt
2017-07-23 23:59 - 2017-07-23 23:59 - 04922400 _____ (AO Kaspersky Lab) C:\Users\pino\Desktop\tdsskiller.exe
2017-07-23 23:44 - 2017-07-24 14:44 - 00000000 ____D C:\FRST
2017-07-23 23:26 - 2017-07-23 23:27 - 02382336 _____ (Farbar) C:\Users\pino\Desktop\FRST64.exe
2017-07-23 18:30 - 2017-07-23 18:30 - 00219658 _____ C:\Users\pino\Downloads\FRITZ.Box 7580 153.06.83_23.07.17_1830.export
2017-07-22 22:16 - 2017-07-22 22:17 - 01787592 _____ C:\Users\pino\Downloads\AnyDesk (2).exe
2017-07-22 22:16 - 2017-07-22 22:16 - 01787592 _____ C:\Users\pino\Downloads\AnyDesk (1).exe
2017-07-22 21:58 - 2017-07-22 21:58 - 01787592 _____ C:\Users\pino\Downloads\AnyDesk.exe
2017-07-17 20:21 - 2017-07-17 20:21 - 00000000 ____D C:\Users\pino\Downloads\realtek_pcielan_7_mb
2017-07-17 20:20 - 2017-07-17 20:20 - 10886971 _____ C:\Users\pino\Downloads\realtek_pcielan_7_mb.zip
2017-07-16 20:24 - 2017-07-16 20:24 - 59651896 _____ C:\Users\pino\Downloads\PROWinx64.exe
2017-07-16 12:38 - 2017-07-16 12:38 - 03177096 _____ C:\Users\pino\Downloads\dreamNotificationsDebug.apk
2017-07-15 15:22 - 2017-07-15 15:22 - 00363340 _____ C:\Users\pino\Downloads\302-1541508-1397143.pdf
2017-07-15 15:22 - 2017-07-15 15:22 - 00363340 _____ C:\Users\pino\Downloads\302-1541508-1397143 (1).pdf
2017-07-14 12:30 - 2017-07-14 12:35 - 151278979 _____ C:\Users\pino\Downloads\gigablue.rar
2017-07-14 12:30 - 2017-07-14 12:30 - 00000979 _____ C:\Users\pino\Downloads\Anleitung zum Flashen.txt
2017-07-14 10:47 - 2017-07-14 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-07-12 21:58 - 2017-07-12 21:58 - 00049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-07-12 21:58 - 2017-07-12 21:58 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-07-12 21:58 - 2017-07-12 21:58 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-07-12 21:58 - 2017-07-12 21:58 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-07-12 21:24 - 2017-07-07 09:24 - 00117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-12 21:24 - 2017-07-07 09:20 - 02021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-07-12 21:24 - 2017-07-07 09:13 - 00554392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-07-12 21:24 - 2017-07-07 09:13 - 00336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-07-12 21:24 - 2017-07-07 09:11 - 00094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-07-12 21:24 - 2017-07-07 09:10 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-07-12 21:24 - 2017-07-07 08:57 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-07-12 21:24 - 2017-07-07 08:57 - 00125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2017-07-12 21:24 - 2017-07-07 08:39 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-07-12 21:24 - 2017-07-07 08:39 - 00096128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-07-12 21:24 - 2017-07-07 08:37 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-07-12 21:24 - 2017-07-07 08:37 - 01339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-07-12 21:24 - 2017-07-07 08:31 - 05820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-07-12 21:24 - 2017-07-07 08:31 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-12 21:24 - 2017-07-07 08:31 - 00129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-07-12 21:24 - 2017-07-07 08:30 - 02165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-07-12 21:24 - 2017-07-07 08:30 - 00949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2017-07-12 21:24 - 2017-07-07 08:30 - 00750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-07-12 21:24 - 2017-07-07 08:29 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-07-12 21:24 - 2017-07-07 08:29 - 00123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2017-07-12 21:24 - 2017-07-07 08:27 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-12 21:24 - 2017-07-07 08:26 - 20373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-07-12 21:24 - 2017-07-07 08:26 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-12 21:24 - 2017-07-07 08:26 - 01195240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-07-12 21:24 - 2017-07-07 08:26 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-07-12 21:24 - 2017-07-07 08:25 - 00035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll
2017-07-12 21:24 - 2017-07-07 08:24 - 01517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-07-12 21:24 - 2017-07-07 08:23 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-07-12 21:24 - 2017-07-07 08:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-07-12 21:24 - 2017-07-07 08:19 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-07-12 21:24 - 2017-07-07 08:18 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2017-07-12 21:24 - 2017-07-07 08:14 - 08211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-07-12 21:24 - 2017-07-07 08:14 - 02956800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-07-12 21:24 - 2017-07-07 08:14 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-07-12 21:24 - 2017-07-07 08:14 - 00790016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-07-12 21:24 - 2017-07-07 08:13 - 13839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-07-12 21:24 - 2017-07-07 08:12 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-12 21:24 - 2017-07-07 08:10 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-07-12 21:24 - 2017-07-07 08:10 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll
2017-07-12 21:24 - 2017-07-07 08:09 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-07-12 21:24 - 2017-07-07 08:08 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-07-12 21:24 - 2017-07-07 08:07 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-07-12 21:24 - 2017-07-07 08:07 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2017-07-12 21:24 - 2017-07-07 08:06 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2017-07-12 21:24 - 2017-07-07 08:05 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-07-12 21:24 - 2017-07-07 08:05 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-07-12 21:24 - 2017-07-07 08:05 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-07-12 21:24 - 2017-07-07 08:05 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-12 21:24 - 2017-07-07 08:04 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-12 21:24 - 2017-07-07 08:04 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-07-12 21:24 - 2017-07-07 08:04 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-12 21:24 - 2017-07-07 08:04 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-12 21:24 - 2017-07-07 08:04 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-07-12 21:24 - 2017-07-07 08:03 - 06123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-07-12 21:24 - 2017-07-07 08:03 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-07-12 21:24 - 2017-07-07 08:03 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-07-12 21:24 - 2017-07-07 08:02 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-07-12 21:24 - 2017-07-07 08:01 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 07596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 01565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-07-12 21:24 - 2017-07-07 07:59 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-12 21:24 - 2017-07-07 07:59 - 01494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-07-12 21:24 - 2017-07-07 07:59 - 01355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-07-12 21:24 - 2017-07-07 07:59 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-07-12 21:24 - 2017-07-07 07:58 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-07-12 21:24 - 2017-07-07 07:58 - 02782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-07-12 21:24 - 2017-07-07 07:58 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-07-12 21:24 - 2017-07-07 07:58 - 01237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-12 21:24 - 2017-07-07 07:55 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2017-07-12 21:24 - 2017-07-07 07:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-07-12 21:24 - 2017-07-07 07:53 - 01301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-12 21:24 - 2017-07-07 07:53 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-12 21:24 - 2017-06-20 08:06 - 00279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-07-12 21:24 - 2017-06-20 08:03 - 00820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-07-12 21:24 - 2017-06-20 08:02 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-07-12 21:24 - 2017-06-20 07:57 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-07-12 21:24 - 2017-06-20 07:34 - 00192416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-07-12 21:24 - 2017-06-20 07:15 - 00455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2017-07-12 21:24 - 2017-06-20 07:13 - 00787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-07-12 21:24 - 2017-06-20 07:13 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2017-07-12 21:24 - 2017-06-20 07:12 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-07-12 21:24 - 2017-06-20 07:12 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2017-07-12 21:24 - 2017-06-20 07:12 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2017-07-12 21:24 - 2017-06-20 07:11 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wmbclass.sys
2017-07-12 21:24 - 2017-06-20 07:10 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-07-12 21:24 - 2017-06-20 07:09 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2017-07-12 21:24 - 2017-06-20 07:09 - 00406032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-07-12 21:24 - 2017-06-20 07:08 - 04469840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-12 21:24 - 2017-06-20 07:08 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2017-07-12 21:24 - 2017-06-20 07:08 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-07-12 21:24 - 2017-06-20 07:07 - 02475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-07-12 21:24 - 2017-06-20 07:07 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2017-07-12 21:24 - 2017-06-20 07:07 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-07-12 21:24 - 2017-06-20 07:07 - 00346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-07-12 21:24 - 2017-06-20 07:07 - 00138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-07-12 21:24 - 2017-06-20 07:06 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-07-12 21:24 - 2017-06-20 07:06 - 00754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-12 21:24 - 2017-06-20 07:06 - 00278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-07-12 21:24 - 2017-06-20 07:05 - 00438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-07-12 21:24 - 2017-06-20 07:05 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-07-12 21:24 - 2017-06-20 07:05 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-07-12 21:24 - 2017-06-20 07:05 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-07-12 21:24 - 2017-06-20 07:04 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-12 21:24 - 2017-06-20 07:04 - 01178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-07-12 21:24 - 2017-06-20 07:04 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-07-12 21:24 - 2017-06-20 07:04 - 01077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2017-07-12 21:24 - 2017-06-20 07:04 - 00181656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-07-12 21:24 - 2017-06-20 07:04 - 00049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll
2017-07-12 21:24 - 2017-06-20 07:03 - 05806048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-07-12 21:24 - 2017-06-20 07:03 - 00864240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-07-12 21:24 - 2017-06-20 07:03 - 00443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2017-07-12 21:24 - 2017-06-20 07:02 - 03377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-12 21:24 - 2017-06-20 07:02 - 01121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-12 21:24 - 2017-06-20 07:02 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-07-12 21:24 - 2017-06-20 07:01 - 00176032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-07-12 21:24 - 2017-06-20 07:00 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-12 21:24 - 2017-06-20 06:56 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-07-12 21:24 - 2017-06-20 06:49 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2017-07-12 21:24 - 2017-06-20 06:49 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-07-12 21:24 - 2017-06-20 06:46 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 21:24 - 2017-06-20 06:45 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2017-07-12 21:24 - 2017-06-20 06:43 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-07-12 21:24 - 2017-06-20 06:43 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2017-07-12 21:24 - 2017-06-20 06:43 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2017-07-12 21:24 - 2017-06-20 06:43 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-07-12 21:24 - 2017-06-20 06:43 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2017-07-12 21:24 - 2017-06-20 06:42 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2017-07-12 21:24 - 2017-06-20 06:42 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2017-07-12 21:24 - 2017-06-20 06:42 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-07-12 21:24 - 2017-06-20 06:42 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-07-12 21:24 - 2017-06-20 06:41 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-07-12 21:24 - 2017-06-20 06:41 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2017-07-12 21:24 - 2017-06-20 06:41 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-07-12 21:24 - 2017-06-20 06:41 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-12 21:24 - 2017-06-20 06:41 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-07-12 21:24 - 2017-06-20 06:40 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-07-12 21:24 - 2017-06-20 06:40 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-07-12 21:24 - 2017-06-20 06:40 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-07-12 21:24 - 2017-06-20 06:40 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-07-12 21:24 - 2017-06-20 06:40 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-07-12 21:24 - 2017-06-20 06:40 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-07-12 21:24 - 2017-06-20 06:39 - 02814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2017-07-12 21:24 - 2017-06-20 06:39 - 02671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-12 21:24 - 2017-06-20 06:39 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-07-12 21:24 - 2017-06-20 06:39 - 00646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2017-07-12 21:24 - 2017-06-20 06:39 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2017-07-12 21:24 - 2017-06-20 06:39 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-07-12 21:24 - 2017-06-20 06:38 - 01451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-07-12 21:24 - 2017-06-20 06:38 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-07-12 21:24 - 2017-06-20 06:38 - 01171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-12 21:24 - 2017-06-20 06:38 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-07-12 21:24 - 2017-06-20 06:38 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-07-12 21:24 - 2017-06-20 06:36 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-07-12 21:24 - 2017-06-20 06:35 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-07-12 21:24 - 2017-06-20 06:35 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-12 21:24 - 2017-06-20 06:35 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-07-12 21:24 - 2017-06-20 06:34 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-07-12 21:24 - 2017-06-20 06:34 - 02750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-07-12 21:24 - 2017-06-20 06:34 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-07-12 21:24 - 2017-06-20 06:34 - 01492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-12 21:24 - 2017-06-20 06:34 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-07-12 21:24 - 2017-06-20 06:31 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-07-12 21:24 - 2017-06-20 06:30 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv
2017-07-12 21:24 - 2017-06-20 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-07-12 21:24 - 2017-06-20 06:30 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-12 21:24 - 2017-06-20 06:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-07-12 21:23 - 2017-07-07 16:00 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2017-07-12 21:23 - 2017-07-07 09:27 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-07-12 21:23 - 2017-07-07 09:27 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-07-12 21:23 - 2017-07-07 09:26 - 01065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-07-12 21:23 - 2017-07-07 09:25 - 00899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-07-12 21:23 - 2017-07-07 09:23 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-07-12 21:23 - 2017-07-07 09:22 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-12 21:23 - 2017-07-07 09:22 - 01186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-07-12 21:23 - 2017-07-07 09:21 - 32688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2017-07-12 21:23 - 2017-07-07 09:21 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-12 21:23 - 2017-07-07 09:20 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-07-12 21:23 - 2017-07-07 09:20 - 00519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-12 21:23 - 2017-07-07 09:20 - 00382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-12 21:23 - 2017-07-07 09:14 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-07-12 21:23 - 2017-07-07 09:14 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-07-12 21:23 - 2017-07-07 09:14 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-12 21:23 - 2017-07-07 09:12 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-07-12 21:23 - 2017-07-07 09:12 - 00318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-07-12 21:23 - 2017-07-07 09:10 - 01325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-07-12 21:23 - 2017-07-07 09:10 - 00254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-12 21:23 - 2017-07-07 09:09 - 00041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll
2017-07-12 21:23 - 2017-07-07 09:07 - 01106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-12 21:23 - 2017-07-07 09:07 - 00058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-07-12 21:23 - 2017-07-07 08:40 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-07-12 21:23 - 2017-07-07 08:37 - 31652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2017-07-12 21:23 - 2017-07-07 08:27 - 01050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-07-12 21:23 - 2017-07-07 08:27 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2017-07-12 21:23 - 2017-07-07 08:27 - 00360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-07-12 21:23 - 2017-07-07 08:26 - 17364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-07-12 21:23 - 2017-07-07 08:23 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-07-12 21:23 - 2017-07-07 08:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-07-12 21:23 - 2017-07-07 08:22 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-07-12 21:23 - 2017-07-07 08:21 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-07-12 21:23 - 2017-07-07 08:20 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-12 21:23 - 2017-07-07 08:20 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-07-12 21:23 - 2017-07-07 08:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2017-07-12 21:23 - 2017-07-07 08:19 - 07149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-07-12 21:23 - 2017-07-07 08:19 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-07-12 21:23 - 2017-07-07 08:18 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-12 21:23 - 2017-07-07 08:18 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-12 21:23 - 2017-07-07 08:18 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2017-07-12 21:23 - 2017-07-07 08:17 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-07-12 21:23 - 2017-07-07 08:17 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-07-12 21:23 - 2017-07-07 08:17 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-12 21:23 - 2017-07-07 08:17 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-12 21:23 - 2017-07-07 08:16 - 12786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-12 21:23 - 2017-07-07 08:16 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-07-12 21:23 - 2017-07-07 08:15 - 08238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-07-12 21:23 - 2017-07-07 08:15 - 00922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-12 21:23 - 2017-07-07 08:14 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-07-12 21:23 - 2017-07-07 08:14 - 01802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-12 21:23 - 2017-07-07 08:14 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-07-12 21:23 - 2017-07-07 08:13 - 05892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-07-12 21:23 - 2017-07-07 08:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 04730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 01305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 00706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-12 21:23 - 2017-07-07 08:11 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-07-12 21:23 - 2017-07-07 08:11 - 02649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-07-12 21:23 - 2017-07-07 08:11 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-07-12 21:23 - 2017-07-07 08:11 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-12 21:23 - 2017-07-07 08:10 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-07-12 21:23 - 2017-07-07 08:10 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-12 21:23 - 2017-07-07 08:09 - 20504576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-07-12 21:23 - 2017-07-07 08:06 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-07-12 21:23 - 2017-07-07 08:06 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2017-07-12 21:23 - 2017-07-07 08:05 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-12 21:23 - 2017-07-07 08:05 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-12 21:23 - 2017-07-07 08:04 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2017-07-12 21:23 - 2017-07-07 08:02 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-07-12 21:23 - 2017-07-07 08:01 - 06287360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-07-12 21:23 - 2017-07-07 07:59 - 03656704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-12 21:23 - 2017-07-02 00:52 - 00031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-07-12 21:23 - 2017-06-20 08:17 - 00034720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-07-12 21:23 - 2017-06-20 08:16 - 00335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-07-12 21:23 - 2017-06-20 08:15 - 00233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-12 21:23 - 2017-06-20 08:11 - 01395152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-07-12 21:23 - 2017-06-20 08:11 - 00411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2017-07-12 21:23 - 2017-06-20 08:10 - 02327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-12 21:23 - 2017-06-20 08:10 - 01930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-07-12 21:23 - 2017-06-20 08:08 - 01242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-07-12 21:23 - 2017-06-20 08:05 - 01057832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-07-12 21:23 - 2017-06-20 08:04 - 04847424 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-12 21:23 - 2017-06-20 08:03 - 00102312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe
2017-07-12 21:23 - 2017-06-20 08:02 - 02645688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-07-12 21:23 - 2017-06-20 08:00 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-07-12 21:23 - 2017-06-20 08:00 - 00142752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-07-12 21:23 - 2017-06-20 07:59 - 06554928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-07-12 21:23 - 2017-06-20 07:59 - 01220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-07-12 21:23 - 2017-06-20 07:59 - 00467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-07-12 21:23 - 2017-06-20 07:58 - 00833160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-07-12 21:23 - 2017-06-20 07:57 - 00204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-07-12 21:23 - 2017-06-20 07:15 - 01620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-07-12 21:23 - 2017-06-20 07:14 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-07-12 21:23 - 2017-06-20 07:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-07-12 21:23 - 2017-06-20 07:11 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-07-12 21:23 - 2017-06-20 07:11 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-07-12 21:23 - 2017-06-20 07:10 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-07-12 21:23 - 2017-06-20 07:10 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2017-07-12 21:23 - 2017-06-20 07:10 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-12 21:23 - 2017-06-20 07:09 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2017-07-12 21:23 - 2017-06-20 07:09 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2017-07-12 21:23 - 2017-06-20 07:09 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-07-12 21:23 - 2017-06-20 07:09 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-07-12 21:23 - 2017-06-20 07:09 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-12 21:23 - 2017-06-20 07:08 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-07-12 21:23 - 2017-06-20 07:08 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-12 21:23 - 2017-06-20 07:08 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-12 21:23 - 2017-06-20 07:08 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-07-12 21:23 - 2017-06-20 07:07 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-07-12 21:23 - 2017-06-20 07:07 - 00823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2017-07-12 21:23 - 2017-06-20 07:07 - 00626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-07-12 21:23 - 2017-06-20 07:06 - 00847872 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-07-12 21:23 - 2017-06-20 07:06 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-12 21:23 - 2017-06-20 07:06 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-07-12 21:23 - 2017-06-20 07:06 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-12 21:23 - 2017-06-20 07:05 - 04447744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-07-12 21:23 - 2017-06-20 07:05 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-07-12 21:23 - 2017-06-20 07:05 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-07-12 21:23 - 2017-06-20 07:05 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-07-12 21:23 - 2017-06-20 07:05 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-07-12 21:23 - 2017-06-20 07:04 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-07-12 21:23 - 2017-06-20 07:04 - 01425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-12 21:23 - 2017-06-20 07:04 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-07-12 21:23 - 2017-06-20 07:04 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-07-12 21:23 - 2017-06-20 07:04 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-07-12 21:23 - 2017-06-20 07:03 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-12 21:23 - 2017-06-20 07:02 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-07-12 21:23 - 2017-06-20 07:01 - 04536320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-07-12 21:23 - 2017-06-20 07:01 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-07-12 21:23 - 2017-06-20 07:01 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-07-12 21:23 - 2017-06-20 07:01 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-12 21:23 - 2017-06-20 07:00 - 02171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-07-12 21:23 - 2017-06-20 06:59 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-07-12 21:23 - 2017-06-20 06:59 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-07-12 21:23 - 2017-06-20 06:54 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-07-12 21:23 - 2017-06-20 06:45 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-07-12 21:23 - 2017-06-20 06:43 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-12 21:23 - 2017-06-20 06:43 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-12 21:23 - 2017-06-20 06:42 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-12 21:23 - 2017-06-20 06:42 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-12 21:23 - 2017-06-20 06:38 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-12 21:23 - 2017-06-20 06:37 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-12 21:22 - 2017-07-07 09:27 - 01147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-07-12 21:22 - 2017-07-07 09:27 - 00965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-07-12 21:22 - 2017-07-07 09:27 - 00821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-07-12 21:22 - 2017-07-07 09:22 - 00119384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-07-12 21:22 - 2017-07-07 09:17 - 01017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-07-12 21:22 - 2017-07-07 09:15 - 02444696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-07-12 21:22 - 2017-07-07 09:14 - 01171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2017-07-12 21:22 - 2017-07-07 09:13 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-07-12 21:22 - 2017-07-07 09:13 - 00147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2017-07-12 21:22 - 2017-07-07 09:12 - 00228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-07-12 21:22 - 2017-07-07 09:11 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-07-12 21:22 - 2017-07-07 09:10 - 21353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-07-12 21:22 - 2017-07-07 09:10 - 01337848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-07-12 21:22 - 2017-07-07 09:10 - 00372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 02229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 01693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 01458584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 01100704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00992672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00848280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-07-12 21:22 - 2017-07-07 09:08 - 00844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00506776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-07-12 21:22 - 2017-07-07 08:27 - 03670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-07-12 21:22 - 2017-07-07 08:27 - 01640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-07-12 21:22 - 2017-07-07 08:27 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-07-12 21:22 - 2017-07-07 08:27 - 00577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2017-07-12 21:22 - 2017-07-07 08:27 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-07-12 21:22 - 2017-07-07 08:25 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-07-12 21:22 - 2017-07-07 08:24 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-07-12 21:22 - 2017-07-07 08:23 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-07-12 21:22 - 2017-07-07 08:23 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll
2017-07-12 21:22 - 2017-07-07 08:22 - 00520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-07-12 21:22 - 2017-07-07 08:21 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2017-07-12 21:22 - 2017-07-07 08:19 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-07-12 21:22 - 2017-07-07 08:19 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2017-07-12 21:22 - 2017-07-07 08:18 - 00563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-07-12 21:22 - 2017-07-07 08:17 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-07-12 21:22 - 2017-07-07 08:17 - 00536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-07-12 21:22 - 2017-07-07 08:17 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-07-12 21:22 - 2017-07-07 08:16 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-07-12 21:22 - 2017-07-07 08:14 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-07-12 21:22 - 2017-07-07 08:12 - 02055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-07-12 21:22 - 2017-07-07 08:12 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-07-12 21:22 - 2017-07-07 08:12 - 01420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-07-12 21:22 - 2017-07-07 08:12 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-07-12 21:22 - 2017-07-07 08:11 - 03139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-07-12 21:22 - 2017-07-07 08:11 - 02177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-07-12 21:22 - 2017-07-07 08:11 - 00986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-07-12 21:22 - 2017-07-07 08:11 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-07-12 21:22 - 2017-07-07 08:10 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-07-12 21:22 - 2017-07-07 08:07 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-07-12 21:22 - 2017-07-07 08:07 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2017-07-12 21:22 - 2017-07-07 08:05 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-12 21:22 - 2017-07-07 08:04 - 01703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-07-12 21:22 - 2017-07-07 08:04 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-12 21:22 - 2017-06-20 08:18 - 01564576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-12 21:22 - 2017-06-20 08:18 - 00096672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-12 21:22 - 2017-06-20 08:17 - 00629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-12 21:22 - 2017-06-20 08:17 - 00544160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-12 21:22 - 2017-06-20 08:17 - 00334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-12 21:22 - 2017-06-20 08:17 - 00136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-12 21:22 - 2017-06-20 08:16 - 01214880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-12 21:22 - 2017-06-20 08:04 - 00472728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-07-12 21:22 - 2017-06-20 08:03 - 00179608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-07-12 21:22 - 2017-06-20 08:02 - 00426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-07-12 21:22 - 2017-06-20 08:00 - 00558920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-07-12 21:22 - 2017-06-20 07:59 - 01054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-07-12 21:22 - 2017-06-20 07:59 - 00583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-07-12 21:22 - 2017-06-20 07:58 - 00406072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-07-12 21:22 - 2017-06-20 07:58 - 00203168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-07-12 21:22 - 2017-06-20 07:16 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2017-07-12 21:22 - 2017-06-20 07:16 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-07-12 21:22 - 2017-06-20 07:14 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-07-12 21:22 - 2017-06-20 07:13 - 00216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 21:22 - 2017-06-20 07:13 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2017-07-12 21:22 - 2017-06-20 07:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2017-07-12 21:22 - 2017-06-20 07:12 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-07-12 21:22 - 2017-06-20 07:12 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-07-12 21:22 - 2017-06-20 07:10 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-07-12 21:22 - 2017-06-20 07:10 - 00189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2017-07-12 21:22 - 2017-06-20 07:08 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2017-07-12 21:22 - 2017-06-20 07:08 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-07-12 21:22 - 2017-06-20 07:07 - 00916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-07-12 21:22 - 2017-06-20 07:07 - 00757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-07-12 21:22 - 2017-06-20 07:07 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-07-12 21:22 - 2017-06-20 07:07 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-07-12 21:22 - 2017-06-20 07:06 - 00455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-07-12 21:22 - 2017-06-20 07:06 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-07-12 21:22 - 2017-06-20 07:06 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-07-12 21:22 - 2017-06-20 07:06 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-07-12 21:22 - 2017-06-20 07:05 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2017-07-12 21:22 - 2017-06-20 07:05 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-07-12 21:22 - 2017-06-20 07:05 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2017-07-12 21:22 - 2017-06-20 07:05 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-07-12 21:22 - 2017-06-20 07:04 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-07-12 21:22 - 2017-06-20 07:03 - 01396224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-07-12 21:22 - 2017-06-20 07:02 - 03204096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-07-12 21:22 - 2017-06-20 07:02 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-07-12 21:22 - 2017-06-20 07:02 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-07-12 21:22 - 2017-06-20 07:02 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2017-07-12 21:22 - 2017-06-20 07:01 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-07-12 21:22 - 2017-06-20 07:01 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-07-12 21:22 - 2017-06-20 07:01 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-07-12 21:22 - 2017-06-20 07:01 - 00397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-07-12 21:22 - 2017-06-20 07:00 - 03057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-07-12 21:22 - 2017-06-20 06:59 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-07-12 21:22 - 2017-06-20 06:58 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-07-12 21:22 - 2017-06-20 06:57 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2017-07-12 21:22 - 2017-06-20 06:57 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2017-07-12 21:22 - 2017-06-20 06:56 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-07-12 21:22 - 2017-06-20 06:56 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-24 14:36 - 2017-06-09 13:45 - 02375626 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-24 14:36 - 2017-03-20 06:41 - 01089370 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-24 14:36 - 2017-03-20 06:41 - 00242166 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-24 14:31 - 2017-06-09 13:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-24 14:31 - 2017-06-09 13:38 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-07-24 14:31 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-07-24 14:31 - 2017-03-17 21:59 - 00000000 __SHD C:\Users\pino\IntelGraphicsProfiles
2017-07-24 13:42 - 2017-03-17 22:22 - 00000000 ____D C:\Users\pino\AppData\LocalLow\Mozilla
2017-07-24 13:32 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-24 13:28 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-24 13:27 - 2017-03-20 18:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-07-24 11:25 - 2017-06-09 13:38 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-24 08:22 - 2017-06-09 13:43 - 00004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F553633F-DBB4-4283-9600-16674BE14575}
2017-07-23 17:09 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-23 00:32 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-07-22 22:40 - 2017-03-20 19:22 - 00000000 ____D C:\Users\pino\AppData\Local\CrashDumps
2017-07-19 15:11 - 2017-03-18 00:36 - 00000000 ____D C:\Users\pino\AppData\Roaming\FileZilla
2017-07-17 20:41 - 2017-05-10 13:29 - 00000000 ____D C:\ProgramData\firebird
2017-07-17 17:25 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-07-16 12:47 - 2017-03-22 00:19 - 00000000 ___RD C:\Dropbox
2017-07-14 17:10 - 2017-03-19 14:47 - 00000000 ____D C:\Users\pino\.gimp-2.8
2017-07-14 10:47 - 2017-03-22 00:14 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-07-14 10:44 - 2017-03-17 21:59 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-13 17:38 - 2017-06-09 13:38 - 00384840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-13 17:38 - 2017-04-20 23:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-13 17:38 - 2017-04-20 23:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\migwiz
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-07-12 21:27 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-07-12 21:26 - 2017-03-18 00:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-07-12 21:25 - 2017-03-18 00:43 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-10 18:21 - 2017-03-30 12:45 - 00000000 ____D C:\Users\pino\AppData\Roaming\TeamViewer
2017-07-06 19:20 - 2017-03-17 21:59 - 00000000 ____D C:\Users\pino\AppData\Local\Packages
2017-07-05 14:03 - 2017-06-09 13:39 - 00000000 ____D C:\Users\pino
2017-06-30 16:47 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-30 16:47 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-28 21:13 - 2017-06-09 13:38 - 00000000 ____D C:\Program Files\DellTPad
2017-06-27 20:40 - 2017-03-17 23:04 - 00002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-06-15 23:04 - 2017-06-15 23:04 - 0011879 _____ () C:\Users\pino\AppData\Local\recently-used.xbel
2017-03-21 18:34 - 2017-03-21 18:34 - 0000094 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-14 16:43

==================== Ende von FRST.txt ============================

pinodisole · 24.07.2017, 13:48

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-07-2017
durchgeführt von pino (24-07-2017 14:44:42)
Gestartet von C:\Users\pino\Desktop
Windows 10 Pro Version 1703 (X64) (2017-06-09 11:46:15)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-697847764-2959338102-2115453073-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-697847764-2959338102-2115453073-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-697847764-2959338102-2115453073-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-697847764-2959338102-2115453073-501 - Limited - Disabled)
pino (S-1-5-21-697847764-2959338102-2115453073-1001 - Administrator - Enabled) => C:\Users\pino

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Avaya IP Integration (HKLM-x32\...\{41E392C5-8253-4ABE-AC55-6A23FB89ED1C}) (Version: 1.0.9987.0 - GN Netcom A/S) Hidden
Avaya one-X Integration (HKLM-x32\...\{0F8D3DE8-29BF-4731-AE55-14C38B19C6C1}) (Version: 3.0.12961.0 - GN Netcom A/S) Hidden
Avaya one-X V3 Integration (HKLM-x32\...\{2EC5D63C-BDD1-44A2-BC7E-290C75EF4757}) (Version: 1.0.472.0 - GN Audio A/S) Hidden
Basic Support (HKLM-x32\...\{1231D39C-47F0-470E-8E6A-155FE61AD0BD}) (Version: 2.0.294.0 - GN Audio A/S) Hidden
BIZ 2300 Family (HKLM-x32\...\{01F8214A-56CA-4E7A-B03C-02426C4E89C5}) (Version: 3.0.14012.0 - GN Netcom A/S) Hidden
BIZ 2400 II (HKLM-x32\...\{088961FA-7493-4E35-A8C0-3D3E933ED0A3}) (Version: 2.0.10316.0 - GN Netcom A/S) Hidden
BIZ1500Setup (HKLM-x32\...\{97540499-E348-4071-B840-697EEB083C3C}) (Version: 1.0.13138.0 - GN Netcom A/S) Hidden
BIZ2400_II_CCSetup (HKLM-x32\...\{31E2438C-6C70-4EE0-B745-BBF2F5773883}) (Version: 2.0.10315.0 - GN Netcom A/S) Hidden
BIZ2400_LINK280 (HKLM-x32\...\{5FD62AB7-8CB2-43BD-A269-9BD4532BEE7D}) (Version: 1.0.9672.0 - GN Netcom A/S) Hidden
Broadsoft Integration (HKLM-x32\...\{792B93D1-6ED1-4410-838E-D2BAA7D5B944}) (Version: 2.0.13949.0 - GN Netcom A/S) Hidden
CallManager (HKLM-x32\...\{1EABEEE7-9F25-4633-A576-C7BC492AE372}) (Version: 2.0.10294.0 - GN) Hidden
Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version:  - )
Cisco IP Communicator Integration (HKLM-x32\...\{0F16E401-66F0-4E51-9881-9294534DE83E}) (Version: 3.0.10584.0 - GN Netcom A/S) Hidden
Cisco Jabber Integration (HKLM-x32\...\{A7A3B557-D9DB-4D47-A228-7A8DA24ADC49}) (Version: 3.0.10654.0 - GN Netcom A/S) Hidden
Cisco UC Integration (HKLM-x32\...\{AFF39F11-859B-4E94-8C44-DFBAB6B95BC4}) (Version: 1.0.9992.0 - GN Netcom A/S) Hidden
Cisco WebEx Connect Integration (HKLM-x32\...\{BDAAFFC6-7D89-4BB1-8879-92B80E488E35}) (Version: 1.0.9993.0 - GN Netcom A/S) Hidden
Cisco WebEx Meetings (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Receiver 4.6 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.6.0.12010 - Citrix Systems, Inc.)
CounterPath Bria Integration (HKLM-x32\...\{130A2A6F-45FB-425C-85A4-9C051A4B1064}) (Version: 3.0.287.0 - GN Audio A/S) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.2207.101.108 - ALPS ELECTRIC CO., LTD.)
DFUDriverSetupX64Setup (HKLM-x32\...\{6A0A9DA3-2173-4CFD-AAF5-05B0BA51C31F}) (Version: 6.2.653.0 - GN Netcom A/S) Hidden
DIAL 550 (HKLM-x32\...\{835C23C0-9F95-442C-BBF5-FD38F5BC4023}) (Version: 1.0.9655.0 - GN Netcom A/S) Hidden
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version:  - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 30.4.22 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
EVOLVE20_LINKSetup (HKLM-x32\...\{ADA8AA1D-6A7F-47FA-A9B4-4DF9F05B5EB5}) (Version: 3.0.414.0 - GN Netcom A/S) Hidden
EVOLVE30_IISetup (HKLM-x32\...\{D6C99D0E-69FD-4693-A53F-5022450A5BC8}) (Version: 4.0.506.0 - GN Audio A/S) Hidden
EVOLVE65Setup (HKLM-x32\...\{D467049A-6418-4D36-BA0B-10382B396353}) (Version: 4.0.616.0 - GN Audio A/S) Hidden
EVOLVE75Setup (HKLM-x32\...\{76DEEC1D-D9D9-4650-AC09-49881A34ED0E}) (Version: 1.0.686.0 - GN Audio A/S) Hidden
FileZilla Client 3.26.2 (HKLM-x32\...\FileZilla Client) (Version: 3.26.2 - Tim Kosse)
FirmwareUpdater (HKLM-x32\...\{86D87E09-E6CB-449C-B688-8C87A023AB0D}) (Version: 6.2.653.0 - GN Audio A/S) Hidden
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
GN2000 Family (HKLM-x32\...\{30CCF236-C34A-4282-B0BF-0974EC415F49}) (Version: 1.0.9657.0 - GN Netcom A/S) Hidden
GO 6470 (HKLM-x32\...\{5B4B9788-ADE8-41D8-98A2-88A057F8A0AA}) (Version: 1.0.9674.0 - GN Netcom A/S) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HANDSET450Setup (HKLM-x32\...\{705D86E1-BDEA-41FE-BE33-F1DC93F320BB}) (Version: 2.0.11048.0 - GN Netcom A/S) Hidden
IBM Sametime Integration (HKLM-x32\...\{20BB76A6-7AF6-48B9-9B75-6408EA5E2C6B}) (Version: 4.0.11289.0 - GN Netcom A/S) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.19.16.55 - Huawei Technologies Co.,Ltd)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
Jabra Direct (HKLM-x32\...\{508c3a72-c776-4128-aaa5-06cd908081a1}) (Version: 3.8.689.0 - GN Audio A/S)
JabraDirect (HKLM-x32\...\{CC2A885E-4581-4256-93D8-D9577F687E2D}) (Version: 3.8.689.0 - GN Audio A/S) Hidden
JpcsSdkDeviceService (HKLM-x32\...\{30081FB6-1DD3-4084-83E5-14B20242A702}) (Version: 1.0.9811.0 - GN Netcom A/S) Hidden
Kodi (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\Kodi) (Version:  - XBMC-Foundation)
LINK 265 (HKLM-x32\...\{F42C3E86-AF7F-4047-8633-0CC870EEF43B}) (Version: 1.0.9879.0 - GN Netcom A/S) Hidden
LINK 30/32/33/41 Setup (HKLM-x32\...\{E2E1BC7A-A89A-4623-803C-CEF4104D5934}) (Version: 1.0.9732.0 - GN Netcom A/S) Hidden
LINK 360 (HKLM-x32\...\{F0D8BA38-E373-406D-BE91-4EE113DE0C64}) (Version: 3.0.665.0 - GN Netcom A/S) Hidden
LINK180aSetup (HKLM-x32\...\{CD79C32D-AEEB-46B1-A370-F99BEA8F460D}) (Version: 1.0.9660.0 - GN Netcom A/S) Hidden
LINK220_220ASetup (HKLM-x32\...\{F3B31FED-91AE-4C15-84BB-9F0FF2BB2BA7}) (Version: 1.0.9675.0 - GN Netcom A/S) Hidden
LINK230_260Setup (HKLM-x32\...\{1AB5D1BA-BC8E-46D2-9F2F-249180213C45}) (Version: 2.0.12955.0 - GN Netcom A/S) Hidden
LINK350Setup (HKLM-x32\...\{66AAB7C3-A2FC-488B-B182-F2EDEED4A72C}) (Version: 1.0.9676.0 - GN Netcom A/S) Hidden
LINK370Setup (HKLM-x32\...\{DE075A6E-35F9-4BB5-9697-4F7979105CF6}) (Version: 2.0.664.0 - GN Audio A/S) Hidden
LINK43Setup (HKLM-x32\...\{EDD1B59B-E5B3-47D5-9F00-9BAEB4F94BDF}) (Version: 1.0.10197.0 - GN Netcom A/S) Hidden
LINK850Setup (HKLM-x32\...\{2CE15BC9-DC51-446E-8929-1E09383D6C6B}) (Version: 2.0.10289.0 - GN Netcom A/S) Hidden
LINK860Setup (HKLM-x32\...\{B09FF355-BE7F-4B61-BF1B-CC46385F414E}) (Version: 1.0.10185.0 - GN Netcom A/S) Hidden
Lync Integration (HKLM-x32\...\{B13B6CFE-69AF-4CF7-8ADD-467B9F29FEB0}) (Version: 5.0.674.0 - GN Audio A/S) Hidden
Maintenance (HKLM-x32\...\{9A1E1C6B-A8D5-42BD-B71B-9728DADB0F20}) (Version: 10.0.0.0 - GN Audio A/S) Hidden
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Mein Verein (HKLM-x32\...\{9ACE3A18-EE13-4012-989C-2BCDC95BA6B9}_is1) (Version: 16.0 - Buhl Data Service GmbH)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.8229.2086 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Motion (HKLM-x32\...\{06EA3781-ECDF-45AF-8E75-E623FC171931}) (Version: 2.0.541.0 - GN Netcom A/S) Hidden
MOTIONOFFICE (HKLM-x32\...\{A2CA3AD4-6C07-49C3-9E09-F4EEE6B9BA32}) (Version: 1.0.9677.0 - GN Netcom A/S) Hidden
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
NEC SP 350 Integration (HKLM-x32\...\{A37BF086-D78E-4D1C-BD58-19A725416DB4}) (Version: 2.0.14365.0 - GN Netcom A/S) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8229.2086 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2086 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2086 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
Online Plug-in (HKLM-x32\...\{9E362141-4BE9-47C3-BD36-638B77AC87AA}) (Version: 14.6.0.12010 - Citrix Systems, Inc.) Hidden
PRO 920 and 930 (HKLM-x32\...\{C145E0B4-7BF7-415F-B100-F32FF9EA169A}) (Version: 1.0.9734.0 - GN Netcom A/S) Hidden
PRO 94X0 Family (HKLM-x32\...\{B3A5BE45-76E7-40ED-8E58-ACF75504DC12}) (Version: 6.0.652.0 - GN Netcom A/S) Hidden
PRO925_935Setup (HKLM-x32\...\{6786309D-B042-4142-A98E-AA05E1071B79}) (Version: 1.0.9678.0 - GN Netcom A/S) Hidden
Pulse Secure Citrix Services Client (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\Pulse_Citrix_Services) (Version: 8.2.6.51693 - Pulse Secure, LLC)
Pulse Secure Host Checker (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\PulseSecure_Host_Checker) (Version: 8.2.6.51693 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\Pulse_Setup_Client) (Version: 8.2.6.977 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Pulse_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6070 - Realtek Semiconductor Corp.)
SDK Integration (HKLM-x32\...\{89095944-96E6-4520-88D6-BE2B224AFE83}) (Version: 1.0.8564.0 - GN Netcom A/S) Hidden
Self-Service Plug-in (HKLM-x32\...\{27B93352-3746-4329-9D16-CE20A1E400C5}) (Version: 4.6.0.14932 - Citrix Systems, Inc.) Hidden
Shoretel Integration (HKLM-x32\...\{36607082-9C1E-4B0D-8F30-F649BE07AF6E}) (Version: 1.0.10047.0 - GN Netcom A/S) Hidden
Sierra Wireless Dell Mobile Broadband INF Package (HKLM-x32\...\SWIDellDrvInstaller) (Version: 16.1.2.7 - Sierra Wireless)
Skype Integration (HKLM-x32\...\{6CF48C72-2923-4F4D-92A6-5A9E8E51E24B}) (Version: 4.0.673.0 - GN Audio A/S) Hidden
SPEAK 510 Family (HKLM-x32\...\{2FDB93C9-93BD-4115-A963-6186300FFF0A}) (Version: 2.0.571.0 - GN Netcom A/S) Hidden
SPEAK410Setup (HKLM-x32\...\{CC733B58-53DB-4613-AD49-1FFB62EC8989}) (Version: 1.0.9636.0 - GN Netcom A/S) Hidden
SPEAK450Setup (HKLM-x32\...\{21B3A5C8-C3E3-477F-9837-E43359C3546F}) (Version: 1.0.9637.0 - GN Netcom A/S) Hidden
SPEAK710Setup (HKLM-x32\...\{3E251A96-88F9-4364-844F-BA5FE399BBCA}) (Version: 1.0.599.0 - GN Audio A/S) Hidden
SPEAK810Setup (HKLM-x32\...\{89097763-7342-41F2-B4E7-76B846AC6BC6}) (Version: 3.0.617.0 - GN Audio A/S) Hidden
STEALTH Setup (HKLM-x32\...\{F07CB43D-352B-4B65-84E3-053C1778C8FB}) (Version: 3.0.538.0 - GN Audio A/S) Hidden
Steuer-Ratgeber 2016-2017 (HKLM-x32\...\{D63B636A-D43E-4BE3-8874-637402130365}) (Version: 17.03.3 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2017  (HKLM-x32\...\{45815686-22F8-4D24-872D-E481A654B230}) (Version: 22.31.75 - Wolters Kluwer Deutschland GmbH)
Supreme (HKLM-x32\...\{51FFEA54-1FB6-4D8D-97D9-5B15C2938DA2}) (Version: 2.0.545.0 - GN Audio A/S) Hidden
UC VOICE A Family (HKLM-x32\...\{4D63AB94-C5BA-48FB-9A3A-C7BC43522CC7}) (Version: 1.0.9669.0 - GN Netcom A/S) Hidden
UC Voice Family (HKLM-x32\...\{87FC5C34-2573-4BFC-AF28-605037BE7B85}) (Version: 1.0.9670.0 - GN Netcom A/S) Hidden
Video Download Capture V6.2.5 (HKLM-x32\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.2.5 - APOWERSOFT LIMITED)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers01: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-03-08] ()
ContextMenuHandlers01: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Keine Datei
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers04: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers05: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-10-25] (Intel Corporation)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03D53AB5-6B76-4A3D-B806-BAD30A07ECA2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-07-18] (Microsoft Corporation)
Task: {61CF55A5-1765-42FA-B30F-A34CE30E6792} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-05-27] (Realtek Semiconductor)
Task: {67A065B8-483C-4C2E-AC34-65ED736495BA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-22] (Dropbox, Inc.)
Task: {7A3C4739-7DB9-4FA8-A8E4-3150D1AEE448} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-02] ()
Task: {7FA49473-9CCC-43D2-A055-D860C2BE9DC9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-02] ()
Task: {C047AC5F-53D2-44A3-9A8C-10B7D252F3C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-17] (Google Inc.)
Task: {D628DCD6-59DC-4AE9-AF83-1BE26AAD7F24} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-07-18] (Microsoft Corporation)
Task: {D676FDE4-3B0E-4198-BE1A-BAA5898BAFD6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-17] (Google Inc.)
Task: {DEE2FAC8-B611-4742-8598-8A72544A5F5D} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-22] (Dropbox, Inc.)
Task: {E092861E-8C16-4DF4-BE8E-77354A7CBFE3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-02] (Microsoft Corporation)
Task: {E3B88FFF-4E97-41EE-97BF-7087FE2F89C0} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-02] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\pino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Cisco WebEx.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=fceempjejlfaadkgdacpfhheknndlcjl

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-03-20 13:11 - 2015-07-06 13:18 - 00682072 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2017-06-12 19:48 - 2017-06-12 19:48 - 00052392 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-10-25 02:08 - 2016-10-25 02:08 - 00401912 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-22 00:15 - 2017-07-12 22:01 - 00025408 _____ () C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
2017-07-24 14:36 - 2017-06-27 12:06 - 02260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-20 13:11 - 2013-08-16 08:53 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2017-03-20 13:11 - 2013-08-16 08:53 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2017-03-20 13:11 - 2014-02-15 09:31 - 02416640 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2017-03-20 13:11 - 2014-02-15 09:33 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2017-07-14 10:47 - 2017-07-12 21:58 - 00746816 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-07-14 10:47 - 2017-07-12 21:58 - 01787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-04-16 14:33 - 2017-07-12 21:58 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-04-16 14:33 - 2017-07-12 21:58 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-04-16 14:33 - 2017-07-12 21:58 - 00125904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 01862992 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00020432 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-03-22 00:15 - 2017-07-12 21:58 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-07-14 10:47 - 2017-07-12 21:58 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-05-17 19:53 - 2017-07-12 22:01 - 00082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-07-14 10:47 - 2017-07-12 21:59 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-07-14 10:47 - 2017-07-12 21:59 - 00181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-03-22 00:15 - 2017-07-12 22:01 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-07-14 10:47 - 2017-07-12 21:59 - 01637688 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-03-22 00:15 - 2017-07-12 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.pyd
2017-04-07 20:38 - 2017-07-12 22:01 - 00023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-06-21 10:21 - 2016-06-21 10:21 - 01500672 _____ () C:\PROGRAM FILES (X86)\JABRA\DIRECT\BROADSOFTINTEGRATION\CommunicatorApiV2.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 13:47 - 2016-07-16 13:45 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-697847764-2959338102-2115453073-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{EAD01BA2-A39A-4240-9062-A90FB6AFA13A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [UDP Query User{32629BF6-4303-4CB2-B1AF-D9329646DEBB}C:\users\pino\downloads\anydesk.exe] => (Allow) C:\users\pino\downloads\anydesk.exe
FirewallRules: [TCP Query User{080C05B9-4DE5-42B7-9807-E122EF46E40F}C:\users\pino\downloads\anydesk.exe] => (Allow) C:\users\pino\downloads\anydesk.exe
FirewallRules: [{C1A72C66-5F5F-4417-8BB6-D39D8CA309C7}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe
FirewallRules: [{FE21340C-EED1-446D-8DD6-6F9F2FC2CBBB}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe
FirewallRules: [{D203AF8D-344F-422E-A596-D372BDBBEF8C}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe
FirewallRules: [{E16006B5-5786-4A80-A7EA-E18BA5671F7A}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe
FirewallRules: [{1F0904A6-A5E2-4E5D-A8ED-03B70F9CDB38}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{21CE1221-C968-4D51-AAC5-A55A0E9D7DFB}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{DDE1EF13-1C43-4585-A376-455595A9A649}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Unlimited\Apowersoft Unlimited.exe
FirewallRules: [{A38992C3-0BDB-4328-8E59-4C43A7C67A58}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Unlimited\Apowersoft Unlimited.exe
FirewallRules: [{3A1AFFB6-C46E-4939-9551-FEA1DE5FA1AF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{30BBAB3A-4B13-4924-8FF5-9CC0F2F838CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{5BBCCF8E-3E75-4D4E-A6D0-9FAF6AAAEE61}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{BAD3FD50-DE31-443A-BF1E-FE87142465C3}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{D5E1C8B3-4BCF-4B5C-847F-27D5F56C604D}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe
FirewallRules: [TCP Query User{0864A867-1912-4CE3-9E97-426EB38CE5B6}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe
FirewallRules: [{D5EFDD91-E9AF-475B-ADC1-C89AE6191212}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{EBA470EC-C109-444B-8381-9B175A81C505}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{4B0F8C3C-3D7C-42B1-AD92-CB8A944F8513}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B363EA4E-D2BC-48E9-835D-72630F2C1F3B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [UDP Query User{59B14F13-6A5F-4F9D-9E87-9586C78C5D43}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe
FirewallRules: [TCP Query User{14D97455-470C-45C6-826D-C825C371E049}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe
FirewallRules: [TCP Query User{A29C4871-9C9E-4830-87A7-9B9070DE2230}C:\users\pino\downloads\anydesk (2).exe] => (Allow) C:\users\pino\downloads\anydesk (2).exe
FirewallRules: [UDP Query User{580E3069-9401-4AA8-83C9-1D3DF8657596}C:\users\pino\downloads\anydesk (2).exe] => (Allow) C:\users\pino\downloads\anydesk (2).exe
FirewallRules: [{2A7D7719-0505-48AC-BDAE-5E9C7BE3EC9B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5A99D781-E857-4538-A95A-D4ACFBC05C89}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [TCP Query User{293EE330-7E12-415D-83F3-4B794A502CA8}C:\users\pino\downloads\anydesk (1).exe] => (Block) C:\users\pino\downloads\anydesk (1).exe
FirewallRules: [UDP Query User{DC541665-25E9-44DF-8898-E90D4AC921FF}C:\users\pino\downloads\anydesk (1).exe] => (Block) C:\users\pino\downloads\anydesk (1).exe
FirewallRules: [{1209BB15-ED96-4EE1-88BF-8D69D024EFA8}] => (Allow) C:\Users\pino\Desktop\FRST64.exe
FirewallRules: [{903FBE08-310C-4EF2-9AD2-FE37015E2736}] => (Allow) C:\Users\pino\Desktop\FRST64.exe

==================== Wiederherstellungspunkte =========================

08-07-2017 12:44:36 Geplanter Prüfpunkt
12-07-2017 21:25:10 Windows Update
22-07-2017 21:10:27 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Broadcom USH
Description: Broadcom USH
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Integrated Webcam
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Broadcom USH w/swipe sensor
Description: Broadcom USH w/swipe sensor
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Alessia
Description: Bluetooth-Gerät
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Microsoft
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/24/2017 02:43:28 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (07/24/2017 02:38:47 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (07/24/2017 02:31:23 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/24/2017 02:30:48 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/24/2017 01:27:08 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/24/2017 11:25:33 AM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/24/2017 08:19:37 AM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/23/2017 11:23:21 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/23/2017 05:06:54 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/22/2017 10:40:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SearchUI.exe, Version: 10.0.15063.332, Zeitstempel: 0x591fdafc
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.15063.483, Zeitstempel: 0xb0271b92
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000005dac1d
ID des fehlerhaften Prozesses: 0x2d38
Startzeit der fehlerhaften Anwendung: 0x01d2fe61de5697fc
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: 375683f9-abfa-425f-9485-d1edf2da74df
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CortanaUI


Systemfehler:
=============
Error: (07/24/2017 02:36:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HWDeviceService64.exe" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/24/2017 02:31:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/24/2017 02:31:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/24/2017 02:31:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/24/2017 02:31:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/24/2017 02:31:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. RunOuc" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (07/24/2017 02:31:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. RunOuc erreicht.

Error: (07/24/2017 02:31:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (07/24/2017 02:30:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/24/2017 02:30:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Sierra Wireless Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4300U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 8097.43 MB
Verfügbarer physikalischer RAM: 5792.16 MB
Summe virtueller Speicher: 9377.43 MB
Verfügbarer virtueller Speicher: 7095.29 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:237.51 GB) (Free:70.43 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 6DEEFFB3)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=484 MB) - (Type=27)

==================== Ende von Addition.txt ============================

M-K-D-B · 24.07.2017, 20:36

Servus,

Schritt 1

Kopiere den Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
CloseProcesses:
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
CMD: dir "C:\"
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
End::

Starte nun FRST und klicke den Entfernen Button.
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt 2

Starte FRST erneut.
Kopiere den Inhalt der folgenden Code-Box in die Zeile "Suche":
Code:
ATTFilter
```
web companion;webcompanion;
         
```
Drücke auf Registry-Suche.
FRST beginnt mit dem Suchlauf. Dies kann einige Zeit dauern.
Am Ende erstellt FRST eine Textdatei SearchReg.txt.
Poste mir deren Inhalt mit deiner nächsten Antwort.

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei der Registry-Suche von FRST (RegSearch.txt),
die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

pinodisole · 24.07.2017, 21:00

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-07-2017
durchgeführt von pino (Administrator) auf DELL (24-07-2017 21:54:37)
Gestartet von C:\Users\pino\Desktop
Geladene Profile: pino (Verfügbare Profile: defaultuser0 & pino)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Sierra Wireless, Inc.) C:\Program Files\Sierra Wireless Inc\Utils\SwiService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(GN Audio A/S) C:\Program Files (x86)\Jabra\Direct\JabraDirect.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [773760 2016-10-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8474880 2015-05-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403800 2015-05-27] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [526648 2016-11-07] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231736 2016-11-07] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-07-12] (Dropbox, Inc.)
HKLM-x32\...\Run: [Jabra Direct] => C:\Program Files (x86)\Jabra\Direct\JabraDirect.exe [1273792 2017-05-02] (GN Audio A/S)
HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\MountPoints2: {0fcff8c3-0bc2-11e7-96a2-8086f2d83e01} - "D:\VmS.exe" 
HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\MountPoints2: {ecb9dff6-370b-11e7-96aa-8086f2d83e01} - "D:\AutoRun.exe" 

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0a501cb2-4b95-489d-8291-c2c4f3832c64}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{167546f3-0743-4e41-8a58-27f68faa5282}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{b297a4e9-5f79-4fbf-aee2-34a81362d97d}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-697847764-2959338102-2115453073-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKU\S-1-5-21-697847764-2959338102-2115453073-1001 -> {2867DB33-23AD-4975-962A-958043E2C207} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-02] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-18] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-06-20] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-07-18] (Microsoft Corporation)
DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab
DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://pbrasweb.postbank.de/dana-cached/sc/PulseSetupClient.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T30L10NSP14EP2-20000/webex/ieatgpc1.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-02] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)

FireFox:
========
FF DefaultProfile: sxbmzu46.default-1492723331066
FF ProfilePath: C:\Users\pino\AppData\Roaming\Mozilla\Firefox\Profiles\sxbmzu46.default-1492723331066 [2017-07-24]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2016-11-07] (Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default [2017-07-24]
CHR Extension: (Google Präsentationen) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-17]
CHR Extension: (Google Docs) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-17]
CHR Extension: (Google Drive) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-17]
CHR Extension: (YouTube) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-17]
CHR Extension: (Cisco WebEx) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\fceempjejlfaadkgdacpfhheknndlcjl [2017-07-24]
CHR Extension: (Google Tabellen) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-17]
CHR Extension: (Google Docs Offline) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-18]
CHR Extension: (IE Tab) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2017-07-14]
CHR Extension: (Cisco WebEx Extension) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibgpnhikmkblcolfmklkbcakhkgmleef [2017-03-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-17]
CHR Extension: (Google Mail) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-17]
CHR Extension: (Chrome Media Router) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-14]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [104744 2016-10-20] (Alps Electric Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4411584 2017-07-02] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-22] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-22] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-07-12] (Dropbox, Inc.)
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] ()
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373760 2016-10-25] (Intel Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [682072 2015-07-06] ()
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [299776 2015-05-27] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 SwiService; C:\Program Files\Sierra Wireless Inc\Utils\SwiService.exe [1163360 2016-01-25] (Sierra Wireless, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 blackberryncm; C:\WINDOWS\System32\drivers\blackberryncm6_AMD64.sys [36360 2016-04-06] (BlackBerry)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (OSR Open Systems Resources, Inc.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [547840 2015-09-12] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] ()
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [380800 2015-01-07] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
R3 IntcAzAudAddService; C:\WINDOWS\system32\drivers\RTDVHD64.sys [2540800 2015-05-27] (Realtek Semiconductor Corp.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-07-24] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-07-24] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-07-24] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-24] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-07-24] (Malwarebytes)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-01-02] (Riverbed Technology, Inc.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [146512 2015-07-02] (STMicroelectronics)
S3 swg3kser05; C:\WINDOWS\system32\DRIVERS\swg3kser05.sys [296576 2016-01-28] (Sierra Wireless Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 wmbclass; C:\WINDOWS\System32\drivers\wmbclass.sys [327168 2017-06-20] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-24 21:54 - 2017-07-24 21:54 - 00018937 _____ C:\Users\pino\Desktop\FRST.txt
2017-07-24 21:52 - 2017-07-24 21:52 - 00001435 _____ C:\Users\pino\Desktop\SearchReg.txt
2017-07-24 21:47 - 2017-07-24 21:47 - 00000000 ____D C:\Users\pino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2017-07-24 21:45 - 2017-07-24 21:46 - 00014980 _____ C:\Users\pino\Desktop\Fixlog.txt
2017-07-24 21:45 - 2017-07-24 21:45 - 00000000 ____D C:\Users\pino\Desktop\Neuer Ordner (2)
2017-07-24 14:43 - 2017-07-24 14:43 - 00000000 ____D C:\Users\pino\Desktop\Neuer Ordner
2017-07-24 14:36 - 2017-07-24 21:47 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-24 14:36 - 2017-07-24 21:47 - 00101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-07-24 14:36 - 2017-07-24 21:47 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-07-24 14:36 - 2017-07-24 21:47 - 00045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-07-24 14:36 - 2017-07-24 14:36 - 00188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-07-24 14:36 - 2017-07-24 14:36 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-24 14:36 - 2017-07-24 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-24 14:36 - 2017-07-24 14:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-24 14:36 - 2017-07-24 14:36 - 00000000 ____D C:\Program Files\Malwarebytes
2017-07-24 14:36 - 2017-06-27 12:06 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-24 14:34 - 2017-07-24 14:35 - 65033984 _____ (Malwarebytes ) C:\Users\pino\Desktop\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-24 14:28 - 2017-07-24 14:30 - 00000000 ____D C:\AdwCleaner
2017-07-24 14:26 - 2017-07-24 14:26 - 08162248 _____ (Malwarebytes) C:\Users\pino\Desktop\adwcleaner_7.0.0.0.exe
2017-07-24 00:01 - 2017-07-24 00:05 - 00053106 _____ C:\TDSSKiller.3.1.0.15_24.07.2017_00.01.01_log.txt
2017-07-23 23:59 - 2017-07-23 23:59 - 04922400 _____ (AO Kaspersky Lab) C:\Users\pino\Desktop\tdsskiller.exe
2017-07-23 23:44 - 2017-07-24 21:54 - 00000000 ____D C:\FRST
2017-07-23 23:26 - 2017-07-23 23:27 - 02382336 _____ (Farbar) C:\Users\pino\Desktop\FRST64.exe
2017-07-23 18:30 - 2017-07-23 18:30 - 00219658 _____ C:\Users\pino\Downloads\FRITZ.Box 7580 153.06.83_23.07.17_1830.export
2017-07-22 22:16 - 2017-07-22 22:17 - 01787592 _____ C:\Users\pino\Downloads\AnyDesk (2).exe
2017-07-22 22:16 - 2017-07-22 22:16 - 01787592 _____ C:\Users\pino\Downloads\AnyDesk (1).exe
2017-07-22 21:58 - 2017-07-22 21:58 - 01787592 _____ C:\Users\pino\Downloads\AnyDesk.exe
2017-07-17 20:21 - 2017-07-17 20:21 - 00000000 ____D C:\Users\pino\Downloads\realtek_pcielan_7_mb
2017-07-17 20:20 - 2017-07-17 20:20 - 10886971 _____ C:\Users\pino\Downloads\realtek_pcielan_7_mb.zip
2017-07-16 20:24 - 2017-07-16 20:24 - 59651896 _____ C:\Users\pino\Downloads\PROWinx64.exe
2017-07-16 12:38 - 2017-07-16 12:38 - 03177096 _____ C:\Users\pino\Downloads\dreamNotificationsDebug.apk
2017-07-15 15:22 - 2017-07-15 15:22 - 00363340 _____ C:\Users\pino\Downloads\302-1541508-1397143.pdf
2017-07-15 15:22 - 2017-07-15 15:22 - 00363340 _____ C:\Users\pino\Downloads\302-1541508-1397143 (1).pdf
2017-07-14 12:30 - 2017-07-14 12:35 - 151278979 _____ C:\Users\pino\Downloads\gigablue.rar
2017-07-14 12:30 - 2017-07-14 12:30 - 00000979 _____ C:\Users\pino\Downloads\Anleitung zum Flashen.txt
2017-07-14 10:47 - 2017-07-14 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-07-12 21:58 - 2017-07-12 21:58 - 00049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-07-12 21:58 - 2017-07-12 21:58 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-07-12 21:58 - 2017-07-12 21:58 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-07-12 21:58 - 2017-07-12 21:58 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-07-12 21:24 - 2017-07-07 09:24 - 00117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-12 21:24 - 2017-07-07 09:20 - 02021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-07-12 21:24 - 2017-07-07 09:13 - 00554392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-07-12 21:24 - 2017-07-07 09:13 - 00336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-07-12 21:24 - 2017-07-07 09:11 - 00094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-07-12 21:24 - 2017-07-07 09:10 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-07-12 21:24 - 2017-07-07 08:57 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-07-12 21:24 - 2017-07-07 08:57 - 00125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2017-07-12 21:24 - 2017-07-07 08:39 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-07-12 21:24 - 2017-07-07 08:39 - 00096128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-07-12 21:24 - 2017-07-07 08:37 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-07-12 21:24 - 2017-07-07 08:37 - 01339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-07-12 21:24 - 2017-07-07 08:31 - 05820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-07-12 21:24 - 2017-07-07 08:31 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-12 21:24 - 2017-07-07 08:31 - 00129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-07-12 21:24 - 2017-07-07 08:30 - 02165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-07-12 21:24 - 2017-07-07 08:30 - 00949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2017-07-12 21:24 - 2017-07-07 08:30 - 00750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-07-12 21:24 - 2017-07-07 08:29 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-07-12 21:24 - 2017-07-07 08:29 - 00123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2017-07-12 21:24 - 2017-07-07 08:27 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-12 21:24 - 2017-07-07 08:26 - 20373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-07-12 21:24 - 2017-07-07 08:26 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-12 21:24 - 2017-07-07 08:26 - 01195240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-07-12 21:24 - 2017-07-07 08:26 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-07-12 21:24 - 2017-07-07 08:25 - 00035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll
2017-07-12 21:24 - 2017-07-07 08:24 - 01517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-07-12 21:24 - 2017-07-07 08:23 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-07-12 21:24 - 2017-07-07 08:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-07-12 21:24 - 2017-07-07 08:19 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-07-12 21:24 - 2017-07-07 08:18 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2017-07-12 21:24 - 2017-07-07 08:14 - 08211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-07-12 21:24 - 2017-07-07 08:14 - 02956800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-07-12 21:24 - 2017-07-07 08:14 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-07-12 21:24 - 2017-07-07 08:14 - 00790016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-07-12 21:24 - 2017-07-07 08:13 - 13839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-07-12 21:24 - 2017-07-07 08:12 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-12 21:24 - 2017-07-07 08:10 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-07-12 21:24 - 2017-07-07 08:10 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll
2017-07-12 21:24 - 2017-07-07 08:09 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-07-12 21:24 - 2017-07-07 08:08 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-07-12 21:24 - 2017-07-07 08:07 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-07-12 21:24 - 2017-07-07 08:07 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2017-07-12 21:24 - 2017-07-07 08:06 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2017-07-12 21:24 - 2017-07-07 08:05 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-07-12 21:24 - 2017-07-07 08:05 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-07-12 21:24 - 2017-07-07 08:05 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-07-12 21:24 - 2017-07-07 08:05 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-12 21:24 - 2017-07-07 08:04 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-12 21:24 - 2017-07-07 08:04 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-07-12 21:24 - 2017-07-07 08:04 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-12 21:24 - 2017-07-07 08:04 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-12 21:24 - 2017-07-07 08:04 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-07-12 21:24 - 2017-07-07 08:03 - 06123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-07-12 21:24 - 2017-07-07 08:03 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-07-12 21:24 - 2017-07-07 08:03 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-07-12 21:24 - 2017-07-07 08:02 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-07-12 21:24 - 2017-07-07 08:01 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 07596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 01565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-07-12 21:24 - 2017-07-07 07:59 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-12 21:24 - 2017-07-07 07:59 - 01494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-07-12 21:24 - 2017-07-07 07:59 - 01355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-07-12 21:24 - 2017-07-07 07:59 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-07-12 21:24 - 2017-07-07 07:58 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-07-12 21:24 - 2017-07-07 07:58 - 02782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-07-12 21:24 - 2017-07-07 07:58 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-07-12 21:24 - 2017-07-07 07:58 - 01237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-12 21:24 - 2017-07-07 07:55 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2017-07-12 21:24 - 2017-07-07 07:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-07-12 21:24 - 2017-07-07 07:53 - 01301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-12 21:24 - 2017-07-07 07:53 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-12 21:24 - 2017-06-20 08:06 - 00279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-07-12 21:24 - 2017-06-20 08:03 - 00820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-07-12 21:24 - 2017-06-20 08:02 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-07-12 21:24 - 2017-06-20 07:57 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-07-12 21:24 - 2017-06-20 07:34 - 00192416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-07-12 21:24 - 2017-06-20 07:15 - 00455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2017-07-12 21:24 - 2017-06-20 07:13 - 00787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-07-12 21:24 - 2017-06-20 07:13 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2017-07-12 21:24 - 2017-06-20 07:12 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-07-12 21:24 - 2017-06-20 07:12 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2017-07-12 21:24 - 2017-06-20 07:12 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2017-07-12 21:24 - 2017-06-20 07:11 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wmbclass.sys
2017-07-12 21:24 - 2017-06-20 07:10 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-07-12 21:24 - 2017-06-20 07:09 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2017-07-12 21:24 - 2017-06-20 07:09 - 00406032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-07-12 21:24 - 2017-06-20 07:08 - 04469840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-12 21:24 - 2017-06-20 07:08 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2017-07-12 21:24 - 2017-06-20 07:08 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-07-12 21:24 - 2017-06-20 07:07 - 02475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-07-12 21:24 - 2017-06-20 07:07 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2017-07-12 21:24 - 2017-06-20 07:07 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-07-12 21:24 - 2017-06-20 07:07 - 00346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-07-12 21:24 - 2017-06-20 07:07 - 00138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-07-12 21:24 - 2017-06-20 07:06 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-07-12 21:24 - 2017-06-20 07:06 - 00754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-12 21:24 - 2017-06-20 07:06 - 00278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-07-12 21:24 - 2017-06-20 07:05 - 00438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-07-12 21:24 - 2017-06-20 07:05 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-07-12 21:24 - 2017-06-20 07:05 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-07-12 21:24 - 2017-06-20 07:05 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-07-12 21:24 - 2017-06-20 07:04 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-12 21:24 - 2017-06-20 07:04 - 01178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-07-12 21:24 - 2017-06-20 07:04 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-07-12 21:24 - 2017-06-20 07:04 - 01077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2017-07-12 21:24 - 2017-06-20 07:04 - 00181656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-07-12 21:24 - 2017-06-20 07:04 - 00049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll
2017-07-12 21:24 - 2017-06-20 07:03 - 05806048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-07-12 21:24 - 2017-06-20 07:03 - 00864240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-07-12 21:24 - 2017-06-20 07:03 - 00443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2017-07-12 21:24 - 2017-06-20 07:02 - 03377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-12 21:24 - 2017-06-20 07:02 - 01121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-12 21:24 - 2017-06-20 07:02 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-07-12 21:24 - 2017-06-20 07:01 - 00176032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-07-12 21:24 - 2017-06-20 07:00 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-12 21:24 - 2017-06-20 06:56 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-07-12 21:24 - 2017-06-20 06:49 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2017-07-12 21:24 - 2017-06-20 06:49 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-07-12 21:24 - 2017-06-20 06:46 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 21:24 - 2017-06-20 06:45 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2017-07-12 21:24 - 2017-06-20 06:43 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-07-12 21:24 - 2017-06-20 06:43 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2017-07-12 21:24 - 2017-06-20 06:43 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2017-07-12 21:24 - 2017-06-20 06:43 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-07-12 21:24 - 2017-06-20 06:43 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2017-07-12 21:24 - 2017-06-20 06:42 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2017-07-12 21:24 - 2017-06-20 06:42 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2017-07-12 21:24 - 2017-06-20 06:42 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-07-12 21:24 - 2017-06-20 06:42 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-07-12 21:24 - 2017-06-20 06:41 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-07-12 21:24 - 2017-06-20 06:41 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2017-07-12 21:24 - 2017-06-20 06:41 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-07-12 21:24 - 2017-06-20 06:41 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-12 21:24 - 2017-06-20 06:41 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-07-12 21:24 - 2017-06-20 06:40 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-07-12 21:24 - 2017-06-20 06:40 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-07-12 21:24 - 2017-06-20 06:40 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-07-12 21:24 - 2017-06-20 06:40 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-07-12 21:24 - 2017-06-20 06:40 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-07-12 21:24 - 2017-06-20 06:40 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-07-12 21:24 - 2017-06-20 06:39 - 02814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2017-07-12 21:24 - 2017-06-20 06:39 - 02671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-12 21:24 - 2017-06-20 06:39 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-07-12 21:24 - 2017-06-20 06:39 - 00646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2017-07-12 21:24 - 2017-06-20 06:39 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2017-07-12 21:24 - 2017-06-20 06:39 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-07-12 21:24 - 2017-06-20 06:38 - 01451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-07-12 21:24 - 2017-06-20 06:38 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-07-12 21:24 - 2017-06-20 06:38 - 01171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-12 21:24 - 2017-06-20 06:38 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-07-12 21:24 - 2017-06-20 06:38 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-07-12 21:24 - 2017-06-20 06:36 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-07-12 21:24 - 2017-06-20 06:35 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-07-12 21:24 - 2017-06-20 06:35 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-12 21:24 - 2017-06-20 06:35 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-07-12 21:24 - 2017-06-20 06:34 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-07-12 21:24 - 2017-06-20 06:34 - 02750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-07-12 21:24 - 2017-06-20 06:34 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-07-12 21:24 - 2017-06-20 06:34 - 01492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-12 21:24 - 2017-06-20 06:34 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-07-12 21:24 - 2017-06-20 06:31 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-07-12 21:24 - 2017-06-20 06:30 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv
2017-07-12 21:24 - 2017-06-20 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-07-12 21:24 - 2017-06-20 06:30 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-12 21:24 - 2017-06-20 06:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-07-12 21:23 - 2017-07-07 16:00 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2017-07-12 21:23 - 2017-07-07 09:27 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-07-12 21:23 - 2017-07-07 09:27 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-07-12 21:23 - 2017-07-07 09:26 - 01065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-07-12 21:23 - 2017-07-07 09:25 - 00899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-07-12 21:23 - 2017-07-07 09:23 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-07-12 21:23 - 2017-07-07 09:22 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-12 21:23 - 2017-07-07 09:22 - 01186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-07-12 21:23 - 2017-07-07 09:21 - 32688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2017-07-12 21:23 - 2017-07-07 09:21 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-12 21:23 - 2017-07-07 09:20 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-07-12 21:23 - 2017-07-07 09:20 - 00519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-12 21:23 - 2017-07-07 09:20 - 00382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-12 21:23 - 2017-07-07 09:14 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-07-12 21:23 - 2017-07-07 09:14 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-07-12 21:23 - 2017-07-07 09:14 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-12 21:23 - 2017-07-07 09:12 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-07-12 21:23 - 2017-07-07 09:12 - 00318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-07-12 21:23 - 2017-07-07 09:10 - 01325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-07-12 21:23 - 2017-07-07 09:10 - 00254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-12 21:23 - 2017-07-07 09:09 - 00041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll
2017-07-12 21:23 - 2017-07-07 09:07 - 01106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-12 21:23 - 2017-07-07 09:07 - 00058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-07-12 21:23 - 2017-07-07 08:40 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-07-12 21:23 - 2017-07-07 08:37 - 31652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2017-07-12 21:23 - 2017-07-07 08:27 - 01050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-07-12 21:23 - 2017-07-07 08:27 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2017-07-12 21:23 - 2017-07-07 08:27 - 00360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-07-12 21:23 - 2017-07-07 08:26 - 17364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-07-12 21:23 - 2017-07-07 08:23 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-07-12 21:23 - 2017-07-07 08:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-07-12 21:23 - 2017-07-07 08:22 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-07-12 21:23 - 2017-07-07 08:21 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-07-12 21:23 - 2017-07-07 08:20 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-12 21:23 - 2017-07-07 08:20 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-07-12 21:23 - 2017-07-07 08:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2017-07-12 21:23 - 2017-07-07 08:19 - 07149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-07-12 21:23 - 2017-07-07 08:19 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-07-12 21:23 - 2017-07-07 08:18 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-12 21:23 - 2017-07-07 08:18 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-12 21:23 - 2017-07-07 08:18 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2017-07-12 21:23 - 2017-07-07 08:17 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-07-12 21:23 - 2017-07-07 08:17 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-07-12 21:23 - 2017-07-07 08:17 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-12 21:23 - 2017-07-07 08:17 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-12 21:23 - 2017-07-07 08:16 - 12786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-12 21:23 - 2017-07-07 08:16 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-07-12 21:23 - 2017-07-07 08:15 - 08238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-07-12 21:23 - 2017-07-07 08:15 - 00922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-12 21:23 - 2017-07-07 08:14 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-07-12 21:23 - 2017-07-07 08:14 - 01802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-12 21:23 - 2017-07-07 08:14 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-07-12 21:23 - 2017-07-07 08:13 - 05892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-07-12 21:23 - 2017-07-07 08:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 04730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 01305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 00706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-12 21:23 - 2017-07-07 08:11 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-07-12 21:23 - 2017-07-07 08:11 - 02649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-07-12 21:23 - 2017-07-07 08:11 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-07-12 21:23 - 2017-07-07 08:11 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-12 21:23 - 2017-07-07 08:10 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-07-12 21:23 - 2017-07-07 08:10 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-12 21:23 - 2017-07-07 08:09 - 20504576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-07-12 21:23 - 2017-07-07 08:06 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-07-12 21:23 - 2017-07-07 08:06 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2017-07-12 21:23 - 2017-07-07 08:05 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-12 21:23 - 2017-07-07 08:05 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-12 21:23 - 2017-07-07 08:04 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2017-07-12 21:23 - 2017-07-07 08:02 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-07-12 21:23 - 2017-07-07 08:01 - 06287360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-07-12 21:23 - 2017-07-07 07:59 - 03656704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-12 21:23 - 2017-07-02 00:52 - 00031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-07-12 21:23 - 2017-06-20 08:17 - 00034720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-07-12 21:23 - 2017-06-20 08:16 - 00335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-07-12 21:23 - 2017-06-20 08:15 - 00233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-12 21:23 - 2017-06-20 08:11 - 01395152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-07-12 21:23 - 2017-06-20 08:11 - 00411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2017-07-12 21:23 - 2017-06-20 08:10 - 02327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-12 21:23 - 2017-06-20 08:10 - 01930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-07-12 21:23 - 2017-06-20 08:08 - 01242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-07-12 21:23 - 2017-06-20 08:05 - 01057832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-07-12 21:23 - 2017-06-20 08:04 - 04847424 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-12 21:23 - 2017-06-20 08:03 - 00102312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe
2017-07-12 21:23 - 2017-06-20 08:02 - 02645688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-07-12 21:23 - 2017-06-20 08:00 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-07-12 21:23 - 2017-06-20 08:00 - 00142752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-07-12 21:23 - 2017-06-20 07:59 - 06554928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-07-12 21:23 - 2017-06-20 07:59 - 01220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-07-12 21:23 - 2017-06-20 07:59 - 00467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-07-12 21:23 - 2017-06-20 07:58 - 00833160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-07-12 21:23 - 2017-06-20 07:57 - 00204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-07-12 21:23 - 2017-06-20 07:15 - 01620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-07-12 21:23 - 2017-06-20 07:14 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-07-12 21:23 - 2017-06-20 07:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-07-12 21:23 - 2017-06-20 07:11 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-07-12 21:23 - 2017-06-20 07:11 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-07-12 21:23 - 2017-06-20 07:10 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-07-12 21:23 - 2017-06-20 07:10 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2017-07-12 21:23 - 2017-06-20 07:10 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-12 21:23 - 2017-06-20 07:09 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2017-07-12 21:23 - 2017-06-20 07:09 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2017-07-12 21:23 - 2017-06-20 07:09 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-07-12 21:23 - 2017-06-20 07:09 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-07-12 21:23 - 2017-06-20 07:09 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-12 21:23 - 2017-06-20 07:08 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-07-12 21:23 - 2017-06-20 07:08 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-12 21:23 - 2017-06-20 07:08 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-12 21:23 - 2017-06-20 07:08 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-07-12 21:23 - 2017-06-20 07:07 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-07-12 21:23 - 2017-06-20 07:07 - 00823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2017-07-12 21:23 - 2017-06-20 07:07 - 00626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-07-12 21:23 - 2017-06-20 07:06 - 00847872 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-07-12 21:23 - 2017-06-20 07:06 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-12 21:23 - 2017-06-20 07:06 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-07-12 21:23 - 2017-06-20 07:06 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-12 21:23 - 2017-06-20 07:05 - 04447744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-07-12 21:23 - 2017-06-20 07:05 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-07-12 21:23 - 2017-06-20 07:05 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-07-12 21:23 - 2017-06-20 07:05 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-07-12 21:23 - 2017-06-20 07:05 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-07-12 21:23 - 2017-06-20 07:04 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-07-12 21:23 - 2017-06-20 07:04 - 01425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-12 21:23 - 2017-06-20 07:04 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-07-12 21:23 - 2017-06-20 07:04 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-07-12 21:23 - 2017-06-20 07:04 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-07-12 21:23 - 2017-06-20 07:03 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-12 21:23 - 2017-06-20 07:02 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-07-12 21:23 - 2017-06-20 07:01 - 04536320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-07-12 21:23 - 2017-06-20 07:01 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-07-12 21:23 - 2017-06-20 07:01 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-07-12 21:23 - 2017-06-20 07:01 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-12 21:23 - 2017-06-20 07:00 - 02171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-07-12 21:23 - 2017-06-20 06:59 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-07-12 21:23 - 2017-06-20 06:59 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-07-12 21:23 - 2017-06-20 06:54 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-07-12 21:23 - 2017-06-20 06:45 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-07-12 21:23 - 2017-06-20 06:43 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-12 21:23 - 2017-06-20 06:43 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-12 21:23 - 2017-06-20 06:42 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-12 21:23 - 2017-06-20 06:42 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-12 21:23 - 2017-06-20 06:38 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-12 21:23 - 2017-06-20 06:37 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-12 21:22 - 2017-07-07 09:27 - 01147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-07-12 21:22 - 2017-07-07 09:27 - 00965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-07-12 21:22 - 2017-07-07 09:27 - 00821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-07-12 21:22 - 2017-07-07 09:22 - 00119384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-07-12 21:22 - 2017-07-07 09:17 - 01017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-07-12 21:22 - 2017-07-07 09:15 - 02444696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-07-12 21:22 - 2017-07-07 09:14 - 01171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2017-07-12 21:22 - 2017-07-07 09:13 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-07-12 21:22 - 2017-07-07 09:13 - 00147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2017-07-12 21:22 - 2017-07-07 09:12 - 00228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-07-12 21:22 - 2017-07-07 09:11 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-07-12 21:22 - 2017-07-07 09:10 - 21353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-07-12 21:22 - 2017-07-07 09:10 - 01337848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-07-12 21:22 - 2017-07-07 09:10 - 00372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 02229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 01693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 01458584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 01100704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00992672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00848280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-07-12 21:22 - 2017-07-07 09:08 - 00844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00506776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-07-12 21:22 - 2017-07-07 08:27 - 03670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-07-12 21:22 - 2017-07-07 08:27 - 01640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-07-12 21:22 - 2017-07-07 08:27 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-07-12 21:22 - 2017-07-07 08:27 - 00577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2017-07-12 21:22 - 2017-07-07 08:27 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-07-12 21:22 - 2017-07-07 08:25 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-07-12 21:22 - 2017-07-07 08:24 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-07-12 21:22 - 2017-07-07 08:23 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-07-12 21:22 - 2017-07-07 08:23 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll
2017-07-12 21:22 - 2017-07-07 08:22 - 00520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-07-12 21:22 - 2017-07-07 08:21 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2017-07-12 21:22 - 2017-07-07 08:19 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-07-12 21:22 - 2017-07-07 08:19 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2017-07-12 21:22 - 2017-07-07 08:18 - 00563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-07-12 21:22 - 2017-07-07 08:17 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-07-12 21:22 - 2017-07-07 08:17 - 00536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-07-12 21:22 - 2017-07-07 08:17 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-07-12 21:22 - 2017-07-07 08:16 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-07-12 21:22 - 2017-07-07 08:14 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-07-12 21:22 - 2017-07-07 08:12 - 02055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-07-12 21:22 - 2017-07-07 08:12 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-07-12 21:22 - 2017-07-07 08:12 - 01420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-07-12 21:22 - 2017-07-07 08:12 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-07-12 21:22 - 2017-07-07 08:11 - 03139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-07-12 21:22 - 2017-07-07 08:11 - 02177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-07-12 21:22 - 2017-07-07 08:11 - 00986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-07-12 21:22 - 2017-07-07 08:11 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-07-12 21:22 - 2017-07-07 08:10 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-07-12 21:22 - 2017-07-07 08:07 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-07-12 21:22 - 2017-07-07 08:07 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2017-07-12 21:22 - 2017-07-07 08:05 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-12 21:22 - 2017-07-07 08:04 - 01703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-07-12 21:22 - 2017-07-07 08:04 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-12 21:22 - 2017-06-20 08:18 - 01564576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-12 21:22 - 2017-06-20 08:18 - 00096672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-12 21:22 - 2017-06-20 08:17 - 00629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-12 21:22 - 2017-06-20 08:17 - 00544160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-12 21:22 - 2017-06-20 08:17 - 00334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-12 21:22 - 2017-06-20 08:17 - 00136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-12 21:22 - 2017-06-20 08:16 - 01214880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-12 21:22 - 2017-06-20 08:04 - 00472728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-07-12 21:22 - 2017-06-20 08:03 - 00179608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-07-12 21:22 - 2017-06-20 08:02 - 00426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-07-12 21:22 - 2017-06-20 08:00 - 00558920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-07-12 21:22 - 2017-06-20 07:59 - 01054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-07-12 21:22 - 2017-06-20 07:59 - 00583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-07-12 21:22 - 2017-06-20 07:58 - 00406072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-07-12 21:22 - 2017-06-20 07:58 - 00203168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-07-12 21:22 - 2017-06-20 07:16 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2017-07-12 21:22 - 2017-06-20 07:16 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-07-12 21:22 - 2017-06-20 07:14 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-07-12 21:22 - 2017-06-20 07:13 - 00216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 21:22 - 2017-06-20 07:13 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2017-07-12 21:22 - 2017-06-20 07:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2017-07-12 21:22 - 2017-06-20 07:12 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-07-12 21:22 - 2017-06-20 07:12 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-07-12 21:22 - 2017-06-20 07:10 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-07-12 21:22 - 2017-06-20 07:10 - 00189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2017-07-12 21:22 - 2017-06-20 07:08 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2017-07-12 21:22 - 2017-06-20 07:08 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-07-12 21:22 - 2017-06-20 07:07 - 00916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-07-12 21:22 - 2017-06-20 07:07 - 00757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-07-12 21:22 - 2017-06-20 07:07 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-07-12 21:22 - 2017-06-20 07:07 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-07-12 21:22 - 2017-06-20 07:06 - 00455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-07-12 21:22 - 2017-06-20 07:06 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-07-12 21:22 - 2017-06-20 07:06 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-07-12 21:22 - 2017-06-20 07:06 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-07-12 21:22 - 2017-06-20 07:05 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2017-07-12 21:22 - 2017-06-20 07:05 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-07-12 21:22 - 2017-06-20 07:05 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2017-07-12 21:22 - 2017-06-20 07:05 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-07-12 21:22 - 2017-06-20 07:04 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-07-12 21:22 - 2017-06-20 07:03 - 01396224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-07-12 21:22 - 2017-06-20 07:02 - 03204096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-07-12 21:22 - 2017-06-20 07:02 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-07-12 21:22 - 2017-06-20 07:02 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-07-12 21:22 - 2017-06-20 07:02 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2017-07-12 21:22 - 2017-06-20 07:01 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-07-12 21:22 - 2017-06-20 07:01 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-07-12 21:22 - 2017-06-20 07:01 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-07-12 21:22 - 2017-06-20 07:01 - 00397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-07-12 21:22 - 2017-06-20 07:00 - 03057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-07-12 21:22 - 2017-06-20 06:59 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-07-12 21:22 - 2017-06-20 06:58 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-07-12 21:22 - 2017-06-20 06:57 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2017-07-12 21:22 - 2017-06-20 06:57 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2017-07-12 21:22 - 2017-06-20 06:56 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-07-12 21:22 - 2017-06-20 06:56 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-24 21:51 - 2017-06-09 13:45 - 02406756 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-24 21:51 - 2017-03-20 06:41 - 01106312 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-24 21:51 - 2017-03-20 06:41 - 00246902 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-24 21:47 - 2017-06-09 13:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-24 21:47 - 2017-06-09 13:38 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-07-24 21:47 - 2017-03-17 21:59 - 00000000 __SHD C:\Users\pino\IntelGraphicsProfiles
2017-07-24 21:46 - 2017-03-22 09:14 - 00000000 ____D C:\Users\pino\AppData\LocalLow\Temp
2017-07-24 21:46 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-07-24 21:14 - 2017-06-09 13:43 - 00004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F553633F-DBB4-4283-9600-16674BE14575}
2017-07-24 21:11 - 2017-06-09 13:38 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-24 15:09 - 2017-03-17 22:22 - 00000000 ____D C:\Users\pino\AppData\LocalLow\Mozilla
2017-07-24 14:55 - 2017-03-20 18:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-07-24 13:32 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-24 13:28 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-23 17:09 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-23 00:32 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-07-22 22:40 - 2017-03-20 19:22 - 00000000 ____D C:\Users\pino\AppData\Local\CrashDumps
2017-07-19 15:11 - 2017-03-18 00:36 - 00000000 ____D C:\Users\pino\AppData\Roaming\FileZilla
2017-07-17 20:41 - 2017-05-10 13:29 - 00000000 ____D C:\ProgramData\firebird
2017-07-17 17:25 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-07-16 12:47 - 2017-03-22 00:19 - 00000000 ___RD C:\Dropbox
2017-07-14 17:10 - 2017-03-19 14:47 - 00000000 ____D C:\Users\pino\.gimp-2.8
2017-07-14 10:47 - 2017-03-22 00:14 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-07-14 10:44 - 2017-03-17 21:59 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-13 17:38 - 2017-06-09 13:38 - 00384840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-13 17:38 - 2017-04-20 23:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-13 17:38 - 2017-04-20 23:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\migwiz
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-07-12 21:27 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-07-12 21:26 - 2017-03-18 00:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-07-12 21:25 - 2017-03-18 00:43 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-10 18:21 - 2017-03-30 12:45 - 00000000 ____D C:\Users\pino\AppData\Roaming\TeamViewer
2017-07-06 19:20 - 2017-03-17 21:59 - 00000000 ____D C:\Users\pino\AppData\Local\Packages
2017-07-05 14:03 - 2017-06-09 13:39 - 00000000 ____D C:\Users\pino
2017-06-30 16:47 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-30 16:47 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-28 21:13 - 2017-06-09 13:38 - 00000000 ____D C:\Program Files\DellTPad
2017-06-27 20:40 - 2017-03-17 23:04 - 00002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-06-15 23:04 - 2017-06-15 23:04 - 0011879 _____ () C:\Users\pino\AppData\Local\recently-used.xbel
2017-03-21 18:34 - 2017-03-21 18:34 - 0000094 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-24 15:18

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Farbar Recovery Scan Tool (x64) Version: 23-07-2017
durchgeführt von pino (24-07-2017 21:52:54)
Gestartet von C:\Users\pino\Desktop
Start-Modus: Normal

================== Registry-Suche: "web companion;webcompanion" ===========


===================== Suchergebnis für "web companion" ==========

[HKEY_USERS\S-1-5-21-697847764-2959338102-2115453073-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe"="0x534143500100000000000000070000002800000098D20400F78C050003000000000000000000000AF122000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000005661A200000000000100000001000000"


===================== Suchergebnis für "webcompanion" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\WebCompanion.exe]

[HKEY_USERS\S-1-5-21-697847764-2959338102-2115453073-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe"="0x534143500100000000000000070000002800000098D20400F78C050003000000000000000000000AF122000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000005661A200000000000100000001000000"

====== Ende von Suche ======

pinodisole · 24.07.2017, 21:01

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-07-2017
durchgeführt von pino (24-07-2017 21:55:12)
Gestartet von C:\Users\pino\Desktop
Windows 10 Pro Version 1703 (X64) (2017-06-09 11:46:15)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-697847764-2959338102-2115453073-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-697847764-2959338102-2115453073-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-697847764-2959338102-2115453073-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-697847764-2959338102-2115453073-501 - Limited - Disabled)
pino (S-1-5-21-697847764-2959338102-2115453073-1001 - Administrator - Enabled) => C:\Users\pino

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Avaya IP Integration (HKLM-x32\...\{41E392C5-8253-4ABE-AC55-6A23FB89ED1C}) (Version: 1.0.9987.0 - GN Netcom A/S) Hidden
Avaya one-X Integration (HKLM-x32\...\{0F8D3DE8-29BF-4731-AE55-14C38B19C6C1}) (Version: 3.0.12961.0 - GN Netcom A/S) Hidden
Avaya one-X V3 Integration (HKLM-x32\...\{2EC5D63C-BDD1-44A2-BC7E-290C75EF4757}) (Version: 1.0.472.0 - GN Audio A/S) Hidden
Basic Support (HKLM-x32\...\{1231D39C-47F0-470E-8E6A-155FE61AD0BD}) (Version: 2.0.294.0 - GN Audio A/S) Hidden
BIZ 2300 Family (HKLM-x32\...\{01F8214A-56CA-4E7A-B03C-02426C4E89C5}) (Version: 3.0.14012.0 - GN Netcom A/S) Hidden
BIZ 2400 II (HKLM-x32\...\{088961FA-7493-4E35-A8C0-3D3E933ED0A3}) (Version: 2.0.10316.0 - GN Netcom A/S) Hidden
BIZ1500Setup (HKLM-x32\...\{97540499-E348-4071-B840-697EEB083C3C}) (Version: 1.0.13138.0 - GN Netcom A/S) Hidden
BIZ2400_II_CCSetup (HKLM-x32\...\{31E2438C-6C70-4EE0-B745-BBF2F5773883}) (Version: 2.0.10315.0 - GN Netcom A/S) Hidden
BIZ2400_LINK280 (HKLM-x32\...\{5FD62AB7-8CB2-43BD-A269-9BD4532BEE7D}) (Version: 1.0.9672.0 - GN Netcom A/S) Hidden
Broadsoft Integration (HKLM-x32\...\{792B93D1-6ED1-4410-838E-D2BAA7D5B944}) (Version: 2.0.13949.0 - GN Netcom A/S) Hidden
CallManager (HKLM-x32\...\{1EABEEE7-9F25-4633-A576-C7BC492AE372}) (Version: 2.0.10294.0 - GN) Hidden
Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version:  - )
Cisco IP Communicator Integration (HKLM-x32\...\{0F16E401-66F0-4E51-9881-9294534DE83E}) (Version: 3.0.10584.0 - GN Netcom A/S) Hidden
Cisco Jabber Integration (HKLM-x32\...\{A7A3B557-D9DB-4D47-A228-7A8DA24ADC49}) (Version: 3.0.10654.0 - GN Netcom A/S) Hidden
Cisco UC Integration (HKLM-x32\...\{AFF39F11-859B-4E94-8C44-DFBAB6B95BC4}) (Version: 1.0.9992.0 - GN Netcom A/S) Hidden
Cisco WebEx Connect Integration (HKLM-x32\...\{BDAAFFC6-7D89-4BB1-8879-92B80E488E35}) (Version: 1.0.9993.0 - GN Netcom A/S) Hidden
Cisco WebEx Meetings (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Receiver 4.6 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.6.0.12010 - Citrix Systems, Inc.)
CounterPath Bria Integration (HKLM-x32\...\{130A2A6F-45FB-425C-85A4-9C051A4B1064}) (Version: 3.0.287.0 - GN Audio A/S) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.2207.101.108 - ALPS ELECTRIC CO., LTD.)
DFUDriverSetupX64Setup (HKLM-x32\...\{6A0A9DA3-2173-4CFD-AAF5-05B0BA51C31F}) (Version: 6.2.653.0 - GN Netcom A/S) Hidden
DIAL 550 (HKLM-x32\...\{835C23C0-9F95-442C-BBF5-FD38F5BC4023}) (Version: 1.0.9655.0 - GN Netcom A/S) Hidden
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version:  - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 30.4.22 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
EVOLVE20_LINKSetup (HKLM-x32\...\{ADA8AA1D-6A7F-47FA-A9B4-4DF9F05B5EB5}) (Version: 3.0.414.0 - GN Netcom A/S) Hidden
EVOLVE30_IISetup (HKLM-x32\...\{D6C99D0E-69FD-4693-A53F-5022450A5BC8}) (Version: 4.0.506.0 - GN Audio A/S) Hidden
EVOLVE65Setup (HKLM-x32\...\{D467049A-6418-4D36-BA0B-10382B396353}) (Version: 4.0.616.0 - GN Audio A/S) Hidden
EVOLVE75Setup (HKLM-x32\...\{76DEEC1D-D9D9-4650-AC09-49881A34ED0E}) (Version: 1.0.686.0 - GN Audio A/S) Hidden
FileZilla Client 3.26.2 (HKLM-x32\...\FileZilla Client) (Version: 3.26.2 - Tim Kosse)
FirmwareUpdater (HKLM-x32\...\{86D87E09-E6CB-449C-B688-8C87A023AB0D}) (Version: 6.2.653.0 - GN Audio A/S) Hidden
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
GN2000 Family (HKLM-x32\...\{30CCF236-C34A-4282-B0BF-0974EC415F49}) (Version: 1.0.9657.0 - GN Netcom A/S) Hidden
GO 6470 (HKLM-x32\...\{5B4B9788-ADE8-41D8-98A2-88A057F8A0AA}) (Version: 1.0.9674.0 - GN Netcom A/S) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HANDSET450Setup (HKLM-x32\...\{705D86E1-BDEA-41FE-BE33-F1DC93F320BB}) (Version: 2.0.11048.0 - GN Netcom A/S) Hidden
IBM Sametime Integration (HKLM-x32\...\{20BB76A6-7AF6-48B9-9B75-6408EA5E2C6B}) (Version: 4.0.11289.0 - GN Netcom A/S) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.19.16.55 - Huawei Technologies Co.,Ltd)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
Jabra Direct (HKLM-x32\...\{508c3a72-c776-4128-aaa5-06cd908081a1}) (Version: 3.8.689.0 - GN Audio A/S)
JabraDirect (HKLM-x32\...\{CC2A885E-4581-4256-93D8-D9577F687E2D}) (Version: 3.8.689.0 - GN Audio A/S) Hidden
JpcsSdkDeviceService (HKLM-x32\...\{30081FB6-1DD3-4084-83E5-14B20242A702}) (Version: 1.0.9811.0 - GN Netcom A/S) Hidden
Kodi (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\Kodi) (Version:  - XBMC-Foundation)
LINK 265 (HKLM-x32\...\{F42C3E86-AF7F-4047-8633-0CC870EEF43B}) (Version: 1.0.9879.0 - GN Netcom A/S) Hidden
LINK 30/32/33/41 Setup (HKLM-x32\...\{E2E1BC7A-A89A-4623-803C-CEF4104D5934}) (Version: 1.0.9732.0 - GN Netcom A/S) Hidden
LINK 360 (HKLM-x32\...\{F0D8BA38-E373-406D-BE91-4EE113DE0C64}) (Version: 3.0.665.0 - GN Netcom A/S) Hidden
LINK180aSetup (HKLM-x32\...\{CD79C32D-AEEB-46B1-A370-F99BEA8F460D}) (Version: 1.0.9660.0 - GN Netcom A/S) Hidden
LINK220_220ASetup (HKLM-x32\...\{F3B31FED-91AE-4C15-84BB-9F0FF2BB2BA7}) (Version: 1.0.9675.0 - GN Netcom A/S) Hidden
LINK230_260Setup (HKLM-x32\...\{1AB5D1BA-BC8E-46D2-9F2F-249180213C45}) (Version: 2.0.12955.0 - GN Netcom A/S) Hidden
LINK350Setup (HKLM-x32\...\{66AAB7C3-A2FC-488B-B182-F2EDEED4A72C}) (Version: 1.0.9676.0 - GN Netcom A/S) Hidden
LINK370Setup (HKLM-x32\...\{DE075A6E-35F9-4BB5-9697-4F7979105CF6}) (Version: 2.0.664.0 - GN Audio A/S) Hidden
LINK43Setup (HKLM-x32\...\{EDD1B59B-E5B3-47D5-9F00-9BAEB4F94BDF}) (Version: 1.0.10197.0 - GN Netcom A/S) Hidden
LINK850Setup (HKLM-x32\...\{2CE15BC9-DC51-446E-8929-1E09383D6C6B}) (Version: 2.0.10289.0 - GN Netcom A/S) Hidden
LINK860Setup (HKLM-x32\...\{B09FF355-BE7F-4B61-BF1B-CC46385F414E}) (Version: 1.0.10185.0 - GN Netcom A/S) Hidden
Lync Integration (HKLM-x32\...\{B13B6CFE-69AF-4CF7-8ADD-467B9F29FEB0}) (Version: 5.0.674.0 - GN Audio A/S) Hidden
Maintenance (HKLM-x32\...\{9A1E1C6B-A8D5-42BD-B71B-9728DADB0F20}) (Version: 10.0.0.0 - GN Audio A/S) Hidden
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Mein Verein (HKLM-x32\...\{9ACE3A18-EE13-4012-989C-2BCDC95BA6B9}_is1) (Version: 16.0 - Buhl Data Service GmbH)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.8229.2086 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Motion (HKLM-x32\...\{06EA3781-ECDF-45AF-8E75-E623FC171931}) (Version: 2.0.541.0 - GN Netcom A/S) Hidden
MOTIONOFFICE (HKLM-x32\...\{A2CA3AD4-6C07-49C3-9E09-F4EEE6B9BA32}) (Version: 1.0.9677.0 - GN Netcom A/S) Hidden
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
NEC SP 350 Integration (HKLM-x32\...\{A37BF086-D78E-4D1C-BD58-19A725416DB4}) (Version: 2.0.14365.0 - GN Netcom A/S) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8229.2086 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2086 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2086 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
Online Plug-in (HKLM-x32\...\{9E362141-4BE9-47C3-BD36-638B77AC87AA}) (Version: 14.6.0.12010 - Citrix Systems, Inc.) Hidden
PRO 920 and 930 (HKLM-x32\...\{C145E0B4-7BF7-415F-B100-F32FF9EA169A}) (Version: 1.0.9734.0 - GN Netcom A/S) Hidden
PRO 94X0 Family (HKLM-x32\...\{B3A5BE45-76E7-40ED-8E58-ACF75504DC12}) (Version: 6.0.652.0 - GN Netcom A/S) Hidden
PRO925_935Setup (HKLM-x32\...\{6786309D-B042-4142-A98E-AA05E1071B79}) (Version: 1.0.9678.0 - GN Netcom A/S) Hidden
Pulse Secure Citrix Services Client (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\Pulse_Citrix_Services) (Version: 8.2.6.51693 - Pulse Secure, LLC)
Pulse Secure Host Checker (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\PulseSecure_Host_Checker) (Version: 8.2.6.51693 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\Pulse_Setup_Client) (Version: 8.2.6.977 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Pulse_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6070 - Realtek Semiconductor Corp.)
SDK Integration (HKLM-x32\...\{89095944-96E6-4520-88D6-BE2B224AFE83}) (Version: 1.0.8564.0 - GN Netcom A/S) Hidden
Self-Service Plug-in (HKLM-x32\...\{27B93352-3746-4329-9D16-CE20A1E400C5}) (Version: 4.6.0.14932 - Citrix Systems, Inc.) Hidden
Shoretel Integration (HKLM-x32\...\{36607082-9C1E-4B0D-8F30-F649BE07AF6E}) (Version: 1.0.10047.0 - GN Netcom A/S) Hidden
Sierra Wireless Dell Mobile Broadband INF Package (HKLM-x32\...\SWIDellDrvInstaller) (Version: 16.1.2.7 - Sierra Wireless)
Skype Integration (HKLM-x32\...\{6CF48C72-2923-4F4D-92A6-5A9E8E51E24B}) (Version: 4.0.673.0 - GN Audio A/S) Hidden
SPEAK 510 Family (HKLM-x32\...\{2FDB93C9-93BD-4115-A963-6186300FFF0A}) (Version: 2.0.571.0 - GN Netcom A/S) Hidden
SPEAK410Setup (HKLM-x32\...\{CC733B58-53DB-4613-AD49-1FFB62EC8989}) (Version: 1.0.9636.0 - GN Netcom A/S) Hidden
SPEAK450Setup (HKLM-x32\...\{21B3A5C8-C3E3-477F-9837-E43359C3546F}) (Version: 1.0.9637.0 - GN Netcom A/S) Hidden
SPEAK710Setup (HKLM-x32\...\{3E251A96-88F9-4364-844F-BA5FE399BBCA}) (Version: 1.0.599.0 - GN Audio A/S) Hidden
SPEAK810Setup (HKLM-x32\...\{89097763-7342-41F2-B4E7-76B846AC6BC6}) (Version: 3.0.617.0 - GN Audio A/S) Hidden
STEALTH Setup (HKLM-x32\...\{F07CB43D-352B-4B65-84E3-053C1778C8FB}) (Version: 3.0.538.0 - GN Audio A/S) Hidden
Steuer-Ratgeber 2016-2017 (HKLM-x32\...\{D63B636A-D43E-4BE3-8874-637402130365}) (Version: 17.03.3 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2017  (HKLM-x32\...\{45815686-22F8-4D24-872D-E481A654B230}) (Version: 22.31.75 - Wolters Kluwer Deutschland GmbH)
Supreme (HKLM-x32\...\{51FFEA54-1FB6-4D8D-97D9-5B15C2938DA2}) (Version: 2.0.545.0 - GN Audio A/S) Hidden
UC VOICE A Family (HKLM-x32\...\{4D63AB94-C5BA-48FB-9A3A-C7BC43522CC7}) (Version: 1.0.9669.0 - GN Netcom A/S) Hidden
UC Voice Family (HKLM-x32\...\{87FC5C34-2573-4BFC-AF28-605037BE7B85}) (Version: 1.0.9670.0 - GN Netcom A/S) Hidden
Video Download Capture V6.2.5 (HKLM-x32\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.2.5 - APOWERSOFT LIMITED)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers01: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-03-08] ()
ContextMenuHandlers01: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Keine Datei
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers04: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers05: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-10-25] (Intel Corporation)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {61CF55A5-1765-42FA-B30F-A34CE30E6792} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-05-27] (Realtek Semiconductor)
Task: {67A065B8-483C-4C2E-AC34-65ED736495BA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-22] (Dropbox, Inc.)
Task: {6CA663E0-4E32-41AB-9B7E-BB4C5BB7123B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-07-18] (Microsoft Corporation)
Task: {80C50176-EDE4-418A-94B1-24AD75C9BF15} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-02] ()
Task: {AD8E95BB-0BE0-45F2-9FC1-5FB06746046E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-07-18] (Microsoft Corporation)
Task: {C047AC5F-53D2-44A3-9A8C-10B7D252F3C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-17] (Google Inc.)
Task: {D676FDE4-3B0E-4198-BE1A-BAA5898BAFD6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-17] (Google Inc.)
Task: {DBFF6CC3-F6FC-4260-AF2D-2021B8675194} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-02] ()
Task: {DEE2FAC8-B611-4742-8598-8A72544A5F5D} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-22] (Dropbox, Inc.)
Task: {EF3A5A89-29D5-4BC7-B678-332AB9DA58DB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-02] (Microsoft Corporation)
Task: {FC80B016-975F-4CB0-BA20-3B763F47B0E5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-02] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\pino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Cisco WebEx.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=fceempjejlfaadkgdacpfhheknndlcjl

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-07-24 14:36 - 2017-06-27 12:06 - 02260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-20 13:11 - 2015-07-06 13:18 - 00682072 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2017-06-12 19:48 - 2017-06-12 19:48 - 00052392 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-10-25 02:08 - 2016-10-25 02:08 - 00401912 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-22 00:15 - 2017-07-12 22:01 - 00025408 _____ () C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
2017-06-27 20:40 - 2017-06-23 05:21 - 03807064 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libglesv2.dll
2017-06-27 20:40 - 2017-06-23 05:21 - 00100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\libegl.dll
2017-03-20 13:11 - 2013-08-16 08:53 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2017-03-20 13:11 - 2013-08-16 08:53 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2017-03-20 13:11 - 2014-02-15 09:31 - 02416640 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2017-03-20 13:11 - 2014-02-15 09:33 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2017-07-14 10:47 - 2017-07-12 21:58 - 00746816 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-07-14 10:47 - 2017-07-12 21:58 - 01787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-04-16 14:33 - 2017-07-12 21:58 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-04-16 14:33 - 2017-07-12 21:58 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-04-16 14:33 - 2017-07-12 21:58 - 00125904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 01862992 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00020432 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-03-22 00:15 - 2017-07-12 21:58 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-07-14 10:47 - 2017-07-12 21:58 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-05-17 19:53 - 2017-07-12 22:01 - 00082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-07-14 10:47 - 2017-07-12 21:59 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-07-14 10:47 - 2017-07-12 21:59 - 00181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-03-22 00:15 - 2017-07-12 22:01 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-07-14 10:47 - 2017-07-12 21:59 - 01637688 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-03-22 00:15 - 2017-07-12 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.pyd
2017-04-07 20:38 - 2017-07-12 22:01 - 00023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-06-21 10:21 - 2016-06-21 10:21 - 01500672 _____ () C:\PROGRAM FILES (X86)\JABRA\DIRECT\BROADSOFTINTEGRATION\CommunicatorApiV2.dll
2017-03-20 18:44 - 2017-03-20 18:44 - 01754296 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\tmpod.dll
2017-03-20 18:44 - 2017-07-18 13:07 - 01009856 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 13:47 - 2016-07-16 13:45 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-697847764-2959338102-2115453073-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{EAD01BA2-A39A-4240-9062-A90FB6AFA13A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [UDP Query User{32629BF6-4303-4CB2-B1AF-D9329646DEBB}C:\users\pino\downloads\anydesk.exe] => (Allow) C:\users\pino\downloads\anydesk.exe
FirewallRules: [TCP Query User{080C05B9-4DE5-42B7-9807-E122EF46E40F}C:\users\pino\downloads\anydesk.exe] => (Allow) C:\users\pino\downloads\anydesk.exe
FirewallRules: [{C1A72C66-5F5F-4417-8BB6-D39D8CA309C7}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe
FirewallRules: [{FE21340C-EED1-446D-8DD6-6F9F2FC2CBBB}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe
FirewallRules: [{D203AF8D-344F-422E-A596-D372BDBBEF8C}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe
FirewallRules: [{E16006B5-5786-4A80-A7EA-E18BA5671F7A}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe
FirewallRules: [{1F0904A6-A5E2-4E5D-A8ED-03B70F9CDB38}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{21CE1221-C968-4D51-AAC5-A55A0E9D7DFB}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{DDE1EF13-1C43-4585-A376-455595A9A649}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Unlimited\Apowersoft Unlimited.exe
FirewallRules: [{A38992C3-0BDB-4328-8E59-4C43A7C67A58}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Unlimited\Apowersoft Unlimited.exe
FirewallRules: [{3A1AFFB6-C46E-4939-9551-FEA1DE5FA1AF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{30BBAB3A-4B13-4924-8FF5-9CC0F2F838CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{5BBCCF8E-3E75-4D4E-A6D0-9FAF6AAAEE61}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{BAD3FD50-DE31-443A-BF1E-FE87142465C3}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{D5E1C8B3-4BCF-4B5C-847F-27D5F56C604D}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe
FirewallRules: [TCP Query User{0864A867-1912-4CE3-9E97-426EB38CE5B6}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe
FirewallRules: [{D5EFDD91-E9AF-475B-ADC1-C89AE6191212}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{EBA470EC-C109-444B-8381-9B175A81C505}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{4B0F8C3C-3D7C-42B1-AD92-CB8A944F8513}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B363EA4E-D2BC-48E9-835D-72630F2C1F3B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [UDP Query User{59B14F13-6A5F-4F9D-9E87-9586C78C5D43}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe
FirewallRules: [TCP Query User{14D97455-470C-45C6-826D-C825C371E049}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe
FirewallRules: [TCP Query User{A29C4871-9C9E-4830-87A7-9B9070DE2230}C:\users\pino\downloads\anydesk (2).exe] => (Allow) C:\users\pino\downloads\anydesk (2).exe
FirewallRules: [UDP Query User{580E3069-9401-4AA8-83C9-1D3DF8657596}C:\users\pino\downloads\anydesk (2).exe] => (Allow) C:\users\pino\downloads\anydesk (2).exe
FirewallRules: [{2A7D7719-0505-48AC-BDAE-5E9C7BE3EC9B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5A99D781-E857-4538-A95A-D4ACFBC05C89}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [TCP Query User{293EE330-7E12-415D-83F3-4B794A502CA8}C:\users\pino\downloads\anydesk (1).exe] => (Block) C:\users\pino\downloads\anydesk (1).exe
FirewallRules: [UDP Query User{DC541665-25E9-44DF-8898-E90D4AC921FF}C:\users\pino\downloads\anydesk (1).exe] => (Block) C:\users\pino\downloads\anydesk (1).exe
FirewallRules: [{1209BB15-ED96-4EE1-88BF-8D69D024EFA8}] => (Allow) C:\Users\pino\Desktop\FRST64.exe
FirewallRules: [{903FBE08-310C-4EF2-9AD2-FE37015E2736}] => (Allow) C:\Users\pino\Desktop\FRST64.exe

==================== Wiederherstellungspunkte =========================

08-07-2017 12:44:36 Geplanter Prüfpunkt
12-07-2017 21:25:10 Windows Update
22-07-2017 21:10:27 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Broadcom USH
Description: Broadcom USH
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Integrated Webcam
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Broadcom USH w/swipe sensor
Description: Broadcom USH w/swipe sensor
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Alessia
Description: Bluetooth-Gerät
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Microsoft
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/24/2017 09:48:09 PM) (Source: Microsoft Office 16) (EventID: 2001) (User: )
Description: Microsoft Outlook: Rejected Safe Mode action : Outlook konnte beim letzten Mal nicht gestartet werden. Der abgesicherte Modus kann Ihnen bei der Problembehandlung behilflich sein. Einige Features sind aber in diesem Modus möglicherweise nicht verfügbar.

Möchten Sie im abgesicherten Modus starten?.
Rejected Safe Mode action : Microsoft Outlook.

Error: (07/24/2017 09:47:14 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/24/2017 09:46:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 16.0.8229.2086, Zeitstempel: 0x5958ba50
Name des fehlerhaften Moduls: wwlib.dll, Version: 16.0.8229.2086, Zeitstempel: 0x5958c1d2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0009af8f
ID des fehlerhaften Prozesses: 0x1ee4
Startzeit der fehlerhaften Anwendung: 0x01d304b58428cbec
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Microsoft Office\root\Office16\wwlib.dll
Berichtskennung: 0bd23b2c-3ebd-41e7-a680-c4337152c85f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/24/2017 09:12:01 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/24/2017 07:49:51 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/24/2017 05:39:58 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/24/2017 02:43:28 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (07/24/2017 02:38:47 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (07/24/2017 02:31:23 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/24/2017 02:30:48 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!


Systemfehler:
=============
Error: (07/24/2017 09:47:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/24/2017 09:47:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/24/2017 09:47:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/24/2017 09:47:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/24/2017 09:47:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HWDeviceService64.exe" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/24/2017 09:47:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. RunOuc" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (07/24/2017 09:47:16 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. RunOuc erreicht.

Error: (07/24/2017 09:47:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.

Error: (07/24/2017 09:46:09 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (07/24/2017 09:45:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4300U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 8097.43 MB
Verfügbarer physikalischer RAM: 5510.93 MB
Summe virtueller Speicher: 9377.43 MB
Verfügbarer virtueller Speicher: 6802.14 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:237.51 GB) (Free:71.23 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 6DEEFFB3)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=484 MB) - (Type=27)

==================== Ende von Addition.txt ============================

M-K-D-B · 24.07.2017, 21:05

Es fehlt noch der FRST-Fix.

pinodisole · 24.07.2017, 21:14

Zitat:

Zitat von M-K-D-B

Es fehlt noch der FRST-Fix.

Sorry...

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-07-2017
durchgeführt von pino (24-07-2017 21:45:37) Run:1
Gestartet von C:\Users\pino\Desktop
Geladene Profile: pino (Verfügbare Profile: defaultuser0 & pino)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************

CloseProcesses:
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
CMD: dir "C:\"
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:

*****************

Prozesse erfolgreich geschlossen.

========= dir "%ProgramFiles%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 7866-63A0

 Verzeichnis von C:\Program Files

24.07.2017  14:36    <DIR>          .
24.07.2017  14:36    <DIR>          ..
18.03.2017  23:03    <DIR>          Common Files
28.06.2017  21:13    <DIR>          DellTPad
09.06.2017  13:38    <DIR>          DIFX
19.06.2017  11:31    <DIR>          FileZilla FTP Client
19.03.2017  13:57    <DIR>          GIMP 2
09.06.2017  13:38    <DIR>          Intel
09.06.2017  14:35    <DIR>          Internet Explorer
19.03.2017  13:59    <DIR>          IrfanView
24.07.2017  14:36    <DIR>          Malwarebytes
20.03.2017  18:41    <DIR>          Microsoft Office 15
09.06.2017  14:31    <DIR>          MSBuild
30.03.2017  18:55    <DIR>          Notepad++
09.06.2017  13:38    <DIR>          Realtek
09.06.2017  14:31    <DIR>          Reference Assemblies
09.06.2017  13:39    <DIR>          Sierra Wireless Inc
09.06.2017  13:38    <DIR>          STMicroelectronics
18.06.2017  17:06    <DIR>          tmp
01.06.2017  07:24    <DIR>          UNP
13.07.2017  17:37    <DIR>          Windows Defender
20.03.2017  06:43    <DIR>          Windows Defender Advanced Threat Protection
20.03.2017  06:41    <DIR>          Windows Mail
20.03.2017  06:41    <DIR>          Windows Media Player
18.03.2017  23:03    <DIR>          Windows Multimedia Platform
09.06.2017  13:46    <DIR>          Windows NT
13.07.2017  17:37    <DIR>          Windows Photo Viewer
18.03.2017  23:03    <DIR>          Windows Portable Devices
18.03.2017  23:03    <DIR>          Windows Security
18.03.2017  23:03    <DIR>          WindowsPowerShell
21.03.2017  13:24    <DIR>          WinRAR
               0 Datei(en),              0 Bytes
              31 Verzeichnis(se), 75.557.834.752 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramFiles(x86)%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 7866-63A0

 Verzeichnis von C:\Program Files (x86)

09.06.2017  13:40    <DIR>          .
09.06.2017  13:40    <DIR>          ..
24.03.2017  00:21    <DIR>          Akademische Arbeitsgemeinschaft
17.05.2017  19:56    <DIR>          Apowersoft
10.05.2017  13:19    <DIR>          Buhl
17.03.2017  22:28    <DIR>          Citrix
24.07.2017  13:27    <DIR>          Common Files
31.05.2017  18:56    <DIR>          dreamboxEDIT
14.07.2017  10:47    <DIR>          Dropbox
17.03.2017  23:04    <DIR>          Google
17.03.2017  19:16    <DIR>          Intel
09.06.2017  14:35    <DIR>          Internet Explorer
21.03.2017  18:26    <DIR>          Jabra
18.04.2017  19:26    <DIR>          Kodi
24.07.2017  14:55    <DIR>          Microsoft Office
09.06.2017  13:40    <DIR>          Microsoft.NET
13.07.2017  17:38    <DIR>          Mozilla Firefox
13.07.2017  17:38    <DIR>          Mozilla Maintenance Service
09.06.2017  14:31    <DIR>          MSBuild
09.06.2017  13:38    <DIR>          Realtek
09.06.2017  14:31    <DIR>          Reference Assemblies
09.06.2017  13:39    <DIR>          Sierra Wireless Inc
10.05.2017  20:41    <DIR>          Sony Mobile
20.03.2017  13:10    <DIR>          T-Mobile
13.07.2017  17:37    <DIR>          Windows Defender
20.03.2017  06:41    <DIR>          Windows Mail
20.03.2017  06:41    <DIR>          Windows Media Player
18.03.2017  23:03    <DIR>          Windows Multimedia Platform
18.03.2017  23:03    <DIR>          Windows NT
13.07.2017  17:37    <DIR>          Windows Photo Viewer
18.03.2017  23:03    <DIR>          Windows Portable Devices
18.03.2017  23:03    <DIR>          WindowsPowerShell
               0 Datei(en),              0 Bytes
              32 Verzeichnis(se), 75.557.904.384 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramData%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 7866-63A0

 Verzeichnis von C:\ProgramData

24.03.2017  00:21    <DIR>          AAV
17.05.2017  20:02    <DIR>          Apowersoft
18.03.2017  00:36    <DIR>          Application Data
10.05.2017  13:29    <DIR>          Buhl Data Service GmbH
17.03.2017  22:28    <DIR>          Citrix
16.07.2016  13:47    <DIR>          Comms
20.03.2017  13:11    <DIR>          DatacardService
22.03.2017  00:14    <DIR>          Dropbox
17.07.2017  20:41    <DIR>          firebird
20.03.2017  13:11    <DIR>          Internet Manager
24.07.2017  14:36    <DIR>          Malwarebytes
09.06.2017  14:08    <DIR>          Microsoft OneDrive
21.03.2017  18:34                94 Microsoft.SqlServer.Compact.400.32.bc
28.04.2017  14:57    <DIR>          Oracle
08.06.2017  08:35    <DIR>          Package Cache
24.07.2017  13:28    <DIR>          regid.1991-06.com.microsoft
09.06.2017  13:39    <DIR>          Sierra Wireless
18.03.2017  23:03    <DIR>          SoftwareDistribution
10.05.2017  20:41    <DIR>          Sony Mobile
09.06.2017  13:52    <DIR>          USOPrivate
09.06.2017  13:52    <DIR>          USOShared
22.03.2017  16:33    <DIR>          WebEx
20.03.2017  06:43    <DIR>          WindowsHolographicDevices
               1 Datei(en),             94 Bytes
              22 Verzeichnis(se), 75.557.842.944 Bytes frei

========= Ende von CMD: =========


========= dir "%Appdata%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 7866-63A0

 Verzeichnis von C:\Users\pino\AppData\Roaming

09.06.2017  13:39    <DIR>          .
09.06.2017  13:39    <DIR>          ..
17.03.2017  21:59    <DIR>          Adobe
15.06.2017  16:21    <DIR>          AnyDesk
26.05.2017  15:31    <DIR>          Apowersoft
28.04.2017  14:53    <DIR>          Apple Computer
10.05.2017  13:29    <DIR>          Buhl Data Service
10.05.2017  15:18    <DIR>          Buhl Data Service GmbH
22.03.2017  00:14    <DIR>          Dropbox
19.07.2017  15:11    <DIR>          FileZilla
17.03.2017  22:28    <DIR>          ICAClient
19.03.2017  13:59    <DIR>          IrfanView
21.03.2017  18:34    <DIR>          Jabra
22.04.2017  13:40    <DIR>          Kodi
17.03.2017  22:20    <DIR>          Macromedia
17.03.2017  22:22    <DIR>          Mozilla
30.03.2017  19:26    <DIR>          Notepad++
17.03.2017  22:32    <DIR>          Pulse Secure
17.03.2017  22:00    <DIR>          Skype
10.07.2017  18:21    <DIR>          TeamViewer
22.03.2017  18:15    <DIR>          webex
21.03.2017  13:24    <DIR>          WinRAR
               0 Datei(en),              0 Bytes
              22 Verzeichnis(se), 75.557.793.792 Bytes frei

========= Ende von CMD: =========


========= dir "%LocalAppdata%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 7866-63A0

 Verzeichnis von C:\Users\pino\AppData\Local

24.07.2017  20:01    <DIR>          .
24.07.2017  20:01    <DIR>          ..
24.03.2017  00:56    <DIR>          AAV
10.05.2017  13:18    <DIR>          Buhl Data Service
28.04.2017  14:53    <DIR>          CEF
27.03.2017  20:26    <DIR>          Citrix
17.03.2017  22:10    <DIR>          Comms
17.03.2017  22:10    <DIR>          ConnectedDevicesPlatform
22.07.2017  22:40    <DIR>          CrashDumps
10.06.2017  15:52    <DIR>          DBG
27.04.2017  21:59    <DIR>          Diagnostics
21.04.2017  23:18    <DIR>          Downloaded Installations
15.06.2017  17:21    <DIR>          Dropbox
23.03.2017  00:06    <DIR>          FileZilla
19.03.2017  14:47    <DIR>          fontconfig
21.03.2017  12:16    <DIR>          GContactsSync
19.03.2017  14:47    <DIR>          gegl-0.2
17.03.2017  23:11    <DIR>          Google
15.06.2017  22:39    <DIR>          gtk-2.0
20.06.2017  08:04    <DIR>          IE Tab
09.06.2017  13:15    <DIR>          IsolatedStorage
21.03.2017  18:34    <DIR>          Jabra
09.06.2017  16:05    <DIR>          Microsoft
24.05.2017  21:19    <DIR>          MicrosoftEdge
17.03.2017  22:27    <DIR>          Mozilla
17.03.2017  23:22    <DIR>          NetworkTiles
06.07.2017  19:20    <DIR>          Packages
18.03.2017  00:36    <DIR>          PeerDistRepub
19.03.2017  13:56    <DIR>          Programs
17.03.2017  21:59    <DIR>          Publishers
17.03.2017  22:31    <DIR>          Pulse Secure
15.06.2017  23:04            11.879 recently-used.xbel
13.06.2017  22:23    <DIR>          Recovery
21.04.2017  23:18    <DIR>          roomeon
24.07.2017  21:44    <DIR>          Temp
17.03.2017  21:59    <DIR>          TileDataLayer
01.06.2017  13:08    <DIR>          UNP
22.03.2017  19:26    <DIR>          VirtualStore
22.03.2017  09:14    <DIR>          WebEx
               1 Datei(en),         11.879 Bytes
              38 Verzeichnis(se), 75.557.732.352 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramFiles(x86)%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 7866-63A0

 Verzeichnis von C:\Program Files (x86)\Common Files

24.07.2017  13:27    <DIR>          .
24.07.2017  13:27    <DIR>          ..
17.03.2017  22:28    <DIR>          Citrix
24.07.2017  13:27    <DIR>          DESIGNER
09.06.2017  13:38    <DIR>          Intel
24.07.2017  13:27    <DIR>          Microsoft Shared
18.03.2017  23:03    <DIR>          Services
20.03.2017  06:41    <DIR>          System
               0 Datei(en),              0 Bytes
               8 Verzeichnis(se), 75.557.679.104 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramW6432%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 7866-63A0

 Verzeichnis von C:\Program Files\Common Files

18.03.2017  23:03    <DIR>          .
18.03.2017  23:03    <DIR>          ..
09.06.2017  13:40    <DIR>          microsoft shared
18.03.2017  23:03    <DIR>          Services
20.03.2017  06:41    <DIR>          System
               0 Datei(en),              0 Bytes
               5 Verzeichnis(se), 75.557.621.760 Bytes frei

========= Ende von CMD: =========


========= dir "%UserProfile%" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 7866-63A0

 Verzeichnis von C:\Users\pino

05.07.2017  14:03    <DIR>          .
05.07.2017  14:03    <DIR>          ..
14.07.2017  17:10    <DIR>          .gimp-2.8
20.03.2017  19:28    <DIR>          .thumbnails
14.07.2017  10:44    <DIR>          Contacts
24.07.2017  21:45    <DIR>          Desktop
14.07.2017  10:44    <DIR>          Documents
24.07.2017  14:34    <DIR>          Downloads
14.07.2017  10:44    <DIR>          Favorites
14.07.2017  10:44    <DIR>          Links
14.07.2017  10:44    <DIR>          Music
14.07.2017  10:44    <DIR>          Pictures
14.07.2017  10:44    <DIR>          Saved Games
14.07.2017  10:44    <DIR>          Searches
14.07.2017  10:44    <DIR>          Videos
               0 Datei(en),              0 Bytes
              15 Verzeichnis(se), 75.557.564.416 Bytes frei

========= Ende von CMD: =========


========= dir "C:\" =========

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 7866-63A0

 Verzeichnis von C:\

24.07.2017  14:30    <DIR>          AdwCleaner
16.07.2017  12:47    <DIR>          Dropbox
12.06.2017  20:03    <DIR>          Freigabe
24.07.2017  21:45    <DIR>          FRST
17.03.2017  19:16    <DIR>          Intel
18.03.2017  23:03    <DIR>          PerfLogs
24.07.2017  14:36    <DIR>          Program Files
09.06.2017  13:40    <DIR>          Program Files (x86)
24.07.2017  00:05            53.106 TDSSKiller.3.1.0.15_24.07.2017_00.01.01_log.txt
09.06.2017  13:39    <DIR>          Users
24.07.2017  14:44    <DIR>          Windows
               1 Datei(en),         53.106 Bytes
              10 Verzeichnis(se), 75.557.511.168 Bytes frei

========= Ende von CMD: =========

================== ExportKey: ===================

[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Extensions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\TemporaryPaths]

=== Ende von ExportKey ===

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-697847764-2959338102-2115453073-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-697847764-2959338102-2115453073-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 59521128 B
Java, Flash, Steam htmlcache => 990 B
Windows/system/drivers => 7856709 B
Edge => 32837303 B
Chrome => 341998891 B
Firefox => 97076531 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 288840 B
defaultuser0 => 0 B
pino => 282249842 B

RecycleBin => 0 B
EmptyTemp: => 791.3 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 21:46:36 ====

M-K-D-B · 25.07.2017, 13:10

Servus,

wir kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 2
Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)

Starte die Installationsdatei.
Akzeptiere die Nutzungsbedingungen.
Wähle Erkennung evtl. unerwünschter Anwendungen aktivieren aus und klicke auf Scannen.
Zuerst werden die notwendigen Signaturen heruntergeladen, anschließend startet ESET automatisch den Suchlauf.
Am Ende des Suchlaufs werden gegebenenfalls die gefundenen Elemente aufgelistet.
Wähle In Textdatei speichern... aus und speichere die Datei als eset.txt auf deinem Desktop ab.
Füge den Inhalt der eset.txt mit deiner nächsten Antwort hinzu.
Schließe den ESET Online Scanner rechts oben [ X ] und klicke anschließend auf Schließen.

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei von HitmanPro,
die Logdatei von ESET,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

pinodisole · 25.07.2017, 14:18

Zitat:

Zitat von M-K-D-B

Bitte poste mit deiner nächsten Antwort

die Logdatei von ESET,

ESET hat nichts gefunden und es gab keine Datei.

Code:

ATTFilter

HitmanPro 3.7.20.286
www.hitmanpro.com

   Computer name . . . . : DELL
   Windows . . . . . . . : 10.0.0.15063.X64/4
   User name . . . . . . : DELL\pino
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-07-25 14:15:39
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 38s
   Disk access mode  . . : Direct disk access (FsdHigh)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 1

   Objects scanned . . . : 1.807.329
   Files scanned . . . . : 20.921
   Remnants scanned  . . : 383.885 files / 1.402.523 keys

Suspicious files ____________________________________________________________

   C:\Users\pino\Desktop\FRST64.exe
      Size . . . . . . . : 2.382.336 bytes
      Age  . . . . . . . : 1.6 days (2017-07-23 23:26:59)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 26753FE07EEC338038AFF8BCBDEBD47D52DDD927DBE8DBF32AF5F35D2EA7418E
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-07-2017
durchgeführt von pino (Administrator) auf DELL (25-07-2017 15:13:43)
Gestartet von C:\Users\pino\Desktop
Geladene Profile: defaultuser0 & pino (Verfügbare Profile: defaultuser0 & pino)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Sierra Wireless, Inc.) C:\Program Files\Sierra Wireless Inc\Utils\SwiService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(GN Audio A/S) C:\Program Files (x86)\Jabra\Direct\JabraDirect.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [773760 2016-10-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8474880 2015-05-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403800 2015-05-27] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [526648 2016-11-07] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231736 2016-11-07] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-07-12] (Dropbox, Inc.)
HKLM-x32\...\Run: [Jabra Direct] => C:\Program Files (x86)\Jabra\Direct\JabraDirect.exe [1273792 2017-05-02] (GN Audio A/S)
HKU\S-1-5-21-697847764-2959338102-2115453073-1000\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\MountPoints2: {0fcff8c3-0bc2-11e7-96a2-8086f2d83e01} - "D:\VmS.exe" 
HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\MountPoints2: {ecb9dff6-370b-11e7-96aa-8086f2d83e01} - "D:\AutoRun.exe" 

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0a501cb2-4b95-489d-8291-c2c4f3832c64}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{167546f3-0743-4e41-8a58-27f68faa5282}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{b297a4e9-5f79-4fbf-aee2-34a81362d97d}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-697847764-2959338102-2115453073-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKU\S-1-5-21-697847764-2959338102-2115453073-1001 -> {2867DB33-23AD-4975-962A-958043E2C207} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-02] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-18] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-06-20] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-07-18] (Microsoft Corporation)
DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab
DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://pbrasweb.postbank.de/dana-cached/sc/PulseSetupClient.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} hxxps://akamaicdn.webex.com/client/WBXclient-T30L10NSP14EP2-20000/webex/ieatgpc1.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-02] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-11-07] (Citrix Systems, Inc.)

FireFox:
========
FF DefaultProfile: sxbmzu46.default-1492723331066
FF ProfilePath: C:\Users\pino\AppData\Roaming\Mozilla\Firefox\Profiles\sxbmzu46.default-1492723331066 [2017-07-24]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2016-11-07] (Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-05-28] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-05-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default [2017-07-25]
CHR Extension: (Google Präsentationen) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-03-17]
CHR Extension: (Google Docs) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-17]
CHR Extension: (Google Drive) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-17]
CHR Extension: (YouTube) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-17]
CHR Extension: (Cisco WebEx) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\fceempjejlfaadkgdacpfhheknndlcjl [2017-07-24]
CHR Extension: (Google Tabellen) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-03-17]
CHR Extension: (Google Docs Offline) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-18]
CHR Extension: (IE Tab) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2017-07-14]
CHR Extension: (Cisco WebEx Extension) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibgpnhikmkblcolfmklkbcakhkgmleef [2017-03-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-17]
CHR Extension: (Google Mail) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-17]
CHR Extension: (Chrome Media Router) - C:\Users\pino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-14]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [104744 2016-10-20] (Alps Electric Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4411584 2017-07-02] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-22] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-22] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-07-12] (Dropbox, Inc.)
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] ()
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373760 2016-10-25] (Intel Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [682072 2015-07-06] ()
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [299776 2015-05-27] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 SwiService; C:\Program Files\Sierra Wireless Inc\Utils\SwiService.exe [1163360 2016-01-25] (Sierra Wireless, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 blackberryncm; C:\WINDOWS\System32\drivers\blackberryncm6_AMD64.sys [36360 2016-04-06] (BlackBerry)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (OSR Open Systems Resources, Inc.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [547840 2015-09-12] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] ()
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [125952 2014-07-25] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [380800 2015-01-07] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
R3 IntcAzAudAddService; C:\WINDOWS\system32\drivers\RTDVHD64.sys [2540800 2015-05-27] (Realtek Semiconductor Corp.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-07-24] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-07-24] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-07-24] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-24] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-07-25] (Malwarebytes)
R1 MpKsld55f4a93; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DFF0C21F-D3E9-4368-9AD6-48F811C77A98}\MpKsld55f4a93.sys [44928 2017-07-24] (Microsoft Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
R2 npf; C:\Windows\system32\drivers\npf.sys [36600 2017-01-02] (Riverbed Technology, Inc.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [146512 2015-07-02] (STMicroelectronics)
S3 swg3kser05; C:\WINDOWS\system32\DRIVERS\swg3kser05.sys [296576 2016-01-28] (Sierra Wireless Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 wmbclass; C:\WINDOWS\System32\drivers\wmbclass.sys [327168 2017-06-20] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-25 15:13 - 2017-07-25 15:13 - 00019123 _____ C:\Users\pino\Desktop\FRST.txt
2017-07-25 15:13 - 2017-07-25 15:13 - 00000000 ____D C:\Users\pino\Desktop\Neuer Ordner (3)
2017-07-25 14:19 - 2017-07-25 14:19 - 00000000 ____D C:\Users\pino\AppData\Local\ESET
2017-07-25 14:18 - 2017-07-25 14:18 - 06760064 _____ (ESET spol. s r.o.) C:\Users\pino\Desktop\esetonlinescanner_deu.exe
2017-07-25 14:14 - 2017-07-25 14:17 - 00000000 ____D C:\ProgramData\HitmanPro
2017-07-25 14:14 - 2017-07-25 14:14 - 11584088 _____ (SurfRight B.V.) C:\Users\pino\Desktop\HitmanPro_x64.exe
2017-07-24 21:52 - 2017-07-24 21:52 - 00001435 _____ C:\Users\pino\Desktop\SearchReg.txt
2017-07-24 21:47 - 2017-07-24 21:47 - 00000000 ____D C:\Users\pino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell
2017-07-24 21:45 - 2017-07-24 21:46 - 00014980 _____ C:\Users\pino\Desktop\Fixlog.txt
2017-07-24 21:45 - 2017-07-24 21:45 - 00000000 ____D C:\Users\pino\Desktop\Neuer Ordner (2)
2017-07-24 14:43 - 2017-07-24 14:43 - 00000000 ____D C:\Users\pino\Desktop\Neuer Ordner
2017-07-24 14:36 - 2017-07-25 14:14 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-07-24 14:36 - 2017-07-24 21:47 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-24 14:36 - 2017-07-24 21:47 - 00101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-07-24 14:36 - 2017-07-24 21:47 - 00045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-07-24 14:36 - 2017-07-24 14:36 - 00188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-07-24 14:36 - 2017-07-24 14:36 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-24 14:36 - 2017-07-24 14:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-24 14:36 - 2017-07-24 14:36 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-24 14:36 - 2017-07-24 14:36 - 00000000 ____D C:\Program Files\Malwarebytes
2017-07-24 14:36 - 2017-06-27 12:06 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-24 14:34 - 2017-07-24 14:35 - 65033984 _____ (Malwarebytes ) C:\Users\pino\Desktop\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-24 14:28 - 2017-07-24 14:30 - 00000000 ____D C:\AdwCleaner
2017-07-24 14:26 - 2017-07-24 14:26 - 08162248 _____ (Malwarebytes) C:\Users\pino\Desktop\adwcleaner_7.0.0.0.exe
2017-07-24 00:01 - 2017-07-24 00:05 - 00053106 _____ C:\TDSSKiller.3.1.0.15_24.07.2017_00.01.01_log.txt
2017-07-23 23:59 - 2017-07-23 23:59 - 04922400 _____ (AO Kaspersky Lab) C:\Users\pino\Desktop\tdsskiller.exe
2017-07-23 23:44 - 2017-07-25 15:13 - 00000000 ____D C:\FRST
2017-07-23 23:26 - 2017-07-23 23:27 - 02382336 _____ (Farbar) C:\Users\pino\Desktop\FRST64.exe
2017-07-23 18:30 - 2017-07-23 18:30 - 00219658 _____ C:\Users\pino\Downloads\FRITZ.Box 7580 153.06.83_23.07.17_1830.export
2017-07-22 22:16 - 2017-07-22 22:17 - 01787592 _____ C:\Users\pino\Downloads\AnyDesk (2).exe
2017-07-22 22:16 - 2017-07-22 22:16 - 01787592 _____ C:\Users\pino\Downloads\AnyDesk (1).exe
2017-07-22 21:58 - 2017-07-22 21:58 - 01787592 _____ C:\Users\pino\Downloads\AnyDesk.exe
2017-07-17 20:21 - 2017-07-17 20:21 - 00000000 ____D C:\Users\pino\Downloads\realtek_pcielan_7_mb
2017-07-17 20:20 - 2017-07-17 20:20 - 10886971 _____ C:\Users\pino\Downloads\realtek_pcielan_7_mb.zip
2017-07-16 20:24 - 2017-07-16 20:24 - 59651896 _____ C:\Users\pino\Downloads\PROWinx64.exe
2017-07-16 12:38 - 2017-07-16 12:38 - 03177096 _____ C:\Users\pino\Downloads\dreamNotificationsDebug.apk
2017-07-15 15:22 - 2017-07-15 15:22 - 00363340 _____ C:\Users\pino\Downloads\302-1541508-1397143.pdf
2017-07-15 15:22 - 2017-07-15 15:22 - 00363340 _____ C:\Users\pino\Downloads\302-1541508-1397143 (1).pdf
2017-07-14 12:30 - 2017-07-14 12:35 - 151278979 _____ C:\Users\pino\Downloads\gigablue.rar
2017-07-14 12:30 - 2017-07-14 12:30 - 00000979 _____ C:\Users\pino\Downloads\Anleitung zum Flashen.txt
2017-07-14 10:47 - 2017-07-14 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-07-12 21:58 - 2017-07-12 21:58 - 00049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-07-12 21:58 - 2017-07-12 21:58 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-07-12 21:58 - 2017-07-12 21:58 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-07-12 21:58 - 2017-07-12 21:58 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-07-12 21:24 - 2017-07-07 09:24 - 00117664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-12 21:24 - 2017-07-07 09:20 - 02021680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-07-12 21:24 - 2017-07-07 09:13 - 00554392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-07-12 21:24 - 2017-07-07 09:13 - 00336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-07-12 21:24 - 2017-07-07 09:11 - 00094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-07-12 21:24 - 2017-07-07 09:10 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-07-12 21:24 - 2017-07-07 08:57 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-07-12 21:24 - 2017-07-07 08:57 - 00125344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2017-07-12 21:24 - 2017-07-07 08:39 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-07-12 21:24 - 2017-07-07 08:39 - 00096128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-07-12 21:24 - 2017-07-07 08:37 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-07-12 21:24 - 2017-07-07 08:37 - 01339352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-07-12 21:24 - 2017-07-07 08:31 - 05820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-07-12 21:24 - 2017-07-07 08:31 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-12 21:24 - 2017-07-07 08:31 - 00129184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-07-12 21:24 - 2017-07-07 08:30 - 02165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-07-12 21:24 - 2017-07-07 08:30 - 00949920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2017-07-12 21:24 - 2017-07-07 08:30 - 00750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-07-12 21:24 - 2017-07-07 08:29 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-07-12 21:24 - 2017-07-07 08:29 - 00123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2017-07-12 21:24 - 2017-07-07 08:27 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-12 21:24 - 2017-07-07 08:26 - 20373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-07-12 21:24 - 2017-07-07 08:26 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-12 21:24 - 2017-07-07 08:26 - 01195240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-07-12 21:24 - 2017-07-07 08:26 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-07-12 21:24 - 2017-07-07 08:25 - 00035232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininitext.dll
2017-07-12 21:24 - 2017-07-07 08:24 - 01517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-07-12 21:24 - 2017-07-07 08:23 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-07-12 21:24 - 2017-07-07 08:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-07-12 21:24 - 2017-07-07 08:19 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-07-12 21:24 - 2017-07-07 08:18 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2017-07-12 21:24 - 2017-07-07 08:14 - 08211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-07-12 21:24 - 2017-07-07 08:14 - 02956800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-07-12 21:24 - 2017-07-07 08:14 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-07-12 21:24 - 2017-07-07 08:14 - 00790016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-07-12 21:24 - 2017-07-07 08:13 - 13839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-07-12 21:24 - 2017-07-07 08:12 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-12 21:24 - 2017-07-07 08:10 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-07-12 21:24 - 2017-07-07 08:10 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll
2017-07-12 21:24 - 2017-07-07 08:09 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-07-12 21:24 - 2017-07-07 08:08 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-07-12 21:24 - 2017-07-07 08:07 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-07-12 21:24 - 2017-07-07 08:07 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2017-07-12 21:24 - 2017-07-07 08:06 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2017-07-12 21:24 - 2017-07-07 08:05 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-07-12 21:24 - 2017-07-07 08:05 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-07-12 21:24 - 2017-07-07 08:05 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-07-12 21:24 - 2017-07-07 08:05 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-12 21:24 - 2017-07-07 08:04 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-12 21:24 - 2017-07-07 08:04 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-07-12 21:24 - 2017-07-07 08:04 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-12 21:24 - 2017-07-07 08:04 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-12 21:24 - 2017-07-07 08:04 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-07-12 21:24 - 2017-07-07 08:03 - 06123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-07-12 21:24 - 2017-07-07 08:03 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-07-12 21:24 - 2017-07-07 08:03 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-07-12 21:24 - 2017-07-07 08:02 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-07-12 21:24 - 2017-07-07 08:01 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 07596544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 01565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-12 21:24 - 2017-07-07 08:00 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-07-12 21:24 - 2017-07-07 07:59 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-12 21:24 - 2017-07-07 07:59 - 01494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-07-12 21:24 - 2017-07-07 07:59 - 01355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-07-12 21:24 - 2017-07-07 07:59 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-07-12 21:24 - 2017-07-07 07:58 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-07-12 21:24 - 2017-07-07 07:58 - 02782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-07-12 21:24 - 2017-07-07 07:58 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-07-12 21:24 - 2017-07-07 07:58 - 01237504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-12 21:24 - 2017-07-07 07:55 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2017-07-12 21:24 - 2017-07-07 07:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-07-12 21:24 - 2017-07-07 07:53 - 01301504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-12 21:24 - 2017-07-07 07:53 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-12 21:24 - 2017-06-20 08:06 - 00279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-07-12 21:24 - 2017-06-20 08:03 - 00820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-07-12 21:24 - 2017-06-20 08:02 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-07-12 21:24 - 2017-06-20 07:57 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-07-12 21:24 - 2017-06-20 07:34 - 00192416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-07-12 21:24 - 2017-06-20 07:15 - 00455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2017-07-12 21:24 - 2017-06-20 07:13 - 00787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-07-12 21:24 - 2017-06-20 07:13 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2017-07-12 21:24 - 2017-06-20 07:12 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-07-12 21:24 - 2017-06-20 07:12 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2017-07-12 21:24 - 2017-06-20 07:12 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2017-07-12 21:24 - 2017-06-20 07:11 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wmbclass.sys
2017-07-12 21:24 - 2017-06-20 07:10 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-07-12 21:24 - 2017-06-20 07:09 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2017-07-12 21:24 - 2017-06-20 07:09 - 00406032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-07-12 21:24 - 2017-06-20 07:08 - 04469840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-12 21:24 - 2017-06-20 07:08 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2017-07-12 21:24 - 2017-06-20 07:08 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-07-12 21:24 - 2017-06-20 07:07 - 02475136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-07-12 21:24 - 2017-06-20 07:07 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2017-07-12 21:24 - 2017-06-20 07:07 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-07-12 21:24 - 2017-06-20 07:07 - 00346016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-07-12 21:24 - 2017-06-20 07:07 - 00138656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-07-12 21:24 - 2017-06-20 07:06 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-07-12 21:24 - 2017-06-20 07:06 - 00754592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-12 21:24 - 2017-06-20 07:06 - 00278944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-07-12 21:24 - 2017-06-20 07:05 - 00438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-07-12 21:24 - 2017-06-20 07:05 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-07-12 21:24 - 2017-06-20 07:05 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-07-12 21:24 - 2017-06-20 07:05 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-07-12 21:24 - 2017-06-20 07:04 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-12 21:24 - 2017-06-20 07:04 - 01178528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-07-12 21:24 - 2017-06-20 07:04 - 01177600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-07-12 21:24 - 2017-06-20 07:04 - 01077496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2017-07-12 21:24 - 2017-06-20 07:04 - 00181656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-07-12 21:24 - 2017-06-20 07:04 - 00049656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msasn1.dll
2017-07-12 21:24 - 2017-06-20 07:03 - 05806048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-07-12 21:24 - 2017-06-20 07:03 - 00864240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-07-12 21:24 - 2017-06-20 07:03 - 00443728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2017-07-12 21:24 - 2017-06-20 07:02 - 03377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-12 21:24 - 2017-06-20 07:02 - 01121928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-12 21:24 - 2017-06-20 07:02 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-07-12 21:24 - 2017-06-20 07:01 - 00176032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-07-12 21:24 - 2017-06-20 07:00 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-12 21:24 - 2017-06-20 06:56 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-07-12 21:24 - 2017-06-20 06:49 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2017-07-12 21:24 - 2017-06-20 06:49 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-07-12 21:24 - 2017-06-20 06:46 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 21:24 - 2017-06-20 06:45 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.RetailInfo.dll
2017-07-12 21:24 - 2017-06-20 06:43 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-07-12 21:24 - 2017-06-20 06:43 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2017-07-12 21:24 - 2017-06-20 06:43 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2017-07-12 21:24 - 2017-06-20 06:43 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-07-12 21:24 - 2017-06-20 06:43 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2017-07-12 21:24 - 2017-06-20 06:42 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certca.dll
2017-07-12 21:24 - 2017-06-20 06:42 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2017-07-12 21:24 - 2017-06-20 06:42 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-07-12 21:24 - 2017-06-20 06:42 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-07-12 21:24 - 2017-06-20 06:41 - 00734208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-07-12 21:24 - 2017-06-20 06:41 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2017-07-12 21:24 - 2017-06-20 06:41 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-07-12 21:24 - 2017-06-20 06:41 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-12 21:24 - 2017-06-20 06:41 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-07-12 21:24 - 2017-06-20 06:40 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-07-12 21:24 - 2017-06-20 06:40 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-07-12 21:24 - 2017-06-20 06:40 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-07-12 21:24 - 2017-06-20 06:40 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-07-12 21:24 - 2017-06-20 06:40 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-07-12 21:24 - 2017-06-20 06:40 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-07-12 21:24 - 2017-06-20 06:39 - 02814464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2017-07-12 21:24 - 2017-06-20 06:39 - 02671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-12 21:24 - 2017-06-20 06:39 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-07-12 21:24 - 2017-06-20 06:39 - 00646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2017-07-12 21:24 - 2017-06-20 06:39 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2017-07-12 21:24 - 2017-06-20 06:39 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-07-12 21:24 - 2017-06-20 06:38 - 01451008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-07-12 21:24 - 2017-06-20 06:38 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-07-12 21:24 - 2017-06-20 06:38 - 01171968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-12 21:24 - 2017-06-20 06:38 - 00648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-07-12 21:24 - 2017-06-20 06:38 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-07-12 21:24 - 2017-06-20 06:36 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-07-12 21:24 - 2017-06-20 06:35 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-07-12 21:24 - 2017-06-20 06:35 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-12 21:24 - 2017-06-20 06:35 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-07-12 21:24 - 2017-06-20 06:34 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-07-12 21:24 - 2017-06-20 06:34 - 02750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-07-12 21:24 - 2017-06-20 06:34 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-07-12 21:24 - 2017-06-20 06:34 - 01492480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-12 21:24 - 2017-06-20 06:34 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-07-12 21:24 - 2017-06-20 06:31 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-07-12 21:24 - 2017-06-20 06:30 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdmaud.drv
2017-07-12 21:24 - 2017-06-20 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-07-12 21:24 - 2017-06-20 06:30 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-12 21:24 - 2017-06-20 06:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-07-12 21:23 - 2017-07-07 16:00 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2017-07-12 21:23 - 2017-07-07 09:27 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-07-12 21:23 - 2017-07-07 09:27 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-07-12 21:23 - 2017-07-07 09:26 - 01065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-07-12 21:23 - 2017-07-07 09:25 - 00899824 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-07-12 21:23 - 2017-07-07 09:23 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-07-12 21:23 - 2017-07-07 09:22 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-12 21:23 - 2017-07-07 09:22 - 01186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-07-12 21:23 - 2017-07-07 09:21 - 32688336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2017-07-12 21:23 - 2017-07-07 09:21 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-12 21:23 - 2017-07-07 09:20 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-07-12 21:23 - 2017-07-07 09:20 - 00519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-12 21:23 - 2017-07-07 09:20 - 00382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-12 21:23 - 2017-07-07 09:14 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-07-12 21:23 - 2017-07-07 09:14 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-07-12 21:23 - 2017-07-07 09:14 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-12 21:23 - 2017-07-07 09:12 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-07-12 21:23 - 2017-07-07 09:12 - 00318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-07-12 21:23 - 2017-07-07 09:10 - 01325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-07-12 21:23 - 2017-07-07 09:10 - 00254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-12 21:23 - 2017-07-07 09:09 - 00041376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininitext.dll
2017-07-12 21:23 - 2017-07-07 09:07 - 01106848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-12 21:23 - 2017-07-07 09:07 - 00058488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-07-12 21:23 - 2017-07-07 08:40 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-07-12 21:23 - 2017-07-07 08:37 - 31652264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2017-07-12 21:23 - 2017-07-07 08:27 - 01050624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-07-12 21:23 - 2017-07-07 08:27 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2017-07-12 21:23 - 2017-07-07 08:27 - 00360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-07-12 21:23 - 2017-07-07 08:26 - 17364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-07-12 21:23 - 2017-07-07 08:23 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-07-12 21:23 - 2017-07-07 08:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-07-12 21:23 - 2017-07-07 08:22 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-07-12 21:23 - 2017-07-07 08:21 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-07-12 21:23 - 2017-07-07 08:20 - 23681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-12 21:23 - 2017-07-07 08:20 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-07-12 21:23 - 2017-07-07 08:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2017-07-12 21:23 - 2017-07-07 08:19 - 07149056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-07-12 21:23 - 2017-07-07 08:19 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-07-12 21:23 - 2017-07-07 08:18 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-12 21:23 - 2017-07-07 08:18 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-12 21:23 - 2017-07-07 08:18 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2017-07-12 21:23 - 2017-07-07 08:17 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-07-12 21:23 - 2017-07-07 08:17 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-07-12 21:23 - 2017-07-07 08:17 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-12 21:23 - 2017-07-07 08:17 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-12 21:23 - 2017-07-07 08:16 - 12786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-12 21:23 - 2017-07-07 08:16 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-07-12 21:23 - 2017-07-07 08:15 - 08238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-07-12 21:23 - 2017-07-07 08:15 - 00922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-12 21:23 - 2017-07-07 08:14 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-07-12 21:23 - 2017-07-07 08:14 - 01802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-12 21:23 - 2017-07-07 08:14 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-07-12 21:23 - 2017-07-07 08:13 - 05892096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-07-12 21:23 - 2017-07-07 08:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 04730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 01305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-07-12 21:23 - 2017-07-07 08:12 - 00706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-12 21:23 - 2017-07-07 08:11 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-07-12 21:23 - 2017-07-07 08:11 - 02649600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-07-12 21:23 - 2017-07-07 08:11 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-07-12 21:23 - 2017-07-07 08:11 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-12 21:23 - 2017-07-07 08:10 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-07-12 21:23 - 2017-07-07 08:10 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-12 21:23 - 2017-07-07 08:09 - 20504576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-07-12 21:23 - 2017-07-07 08:06 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-07-12 21:23 - 2017-07-07 08:06 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2017-07-12 21:23 - 2017-07-07 08:05 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-12 21:23 - 2017-07-07 08:05 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-12 21:23 - 2017-07-07 08:04 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2017-07-12 21:23 - 2017-07-07 08:02 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-07-12 21:23 - 2017-07-07 08:01 - 06287360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-07-12 21:23 - 2017-07-07 07:59 - 03656704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-12 21:23 - 2017-07-02 00:52 - 00031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-07-12 21:23 - 2017-06-20 08:17 - 00034720 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-07-12 21:23 - 2017-06-20 08:16 - 00335776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-07-12 21:23 - 2017-06-20 08:15 - 00233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-12 21:23 - 2017-06-20 08:11 - 01395152 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-07-12 21:23 - 2017-06-20 08:11 - 00411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2017-07-12 21:23 - 2017-06-20 08:10 - 02327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-12 21:23 - 2017-06-20 08:10 - 01930320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-07-12 21:23 - 2017-06-20 08:08 - 01242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-07-12 21:23 - 2017-06-20 08:05 - 01057832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-07-12 21:23 - 2017-06-20 08:04 - 04847424 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-12 21:23 - 2017-06-20 08:03 - 00102312 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialUIBroker.exe
2017-07-12 21:23 - 2017-06-20 08:02 - 02645688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-07-12 21:23 - 2017-06-20 08:00 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-07-12 21:23 - 2017-06-20 08:00 - 00142752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-07-12 21:23 - 2017-06-20 07:59 - 06554928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-07-12 21:23 - 2017-06-20 07:59 - 01220072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-07-12 21:23 - 2017-06-20 07:59 - 00467504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-07-12 21:23 - 2017-06-20 07:58 - 00833160 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-07-12 21:23 - 2017-06-20 07:57 - 00204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-07-12 21:23 - 2017-06-20 07:15 - 01620368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-07-12 21:23 - 2017-06-20 07:14 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-07-12 21:23 - 2017-06-20 07:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-07-12 21:23 - 2017-06-20 07:11 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-07-12 21:23 - 2017-06-20 07:11 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-07-12 21:23 - 2017-06-20 07:10 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-07-12 21:23 - 2017-06-20 07:10 - 00188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2017-07-12 21:23 - 2017-06-20 07:10 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-12 21:23 - 2017-06-20 07:09 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Narrator.exe
2017-07-12 21:23 - 2017-06-20 07:09 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2017-07-12 21:23 - 2017-06-20 07:09 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-07-12 21:23 - 2017-06-20 07:09 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-07-12 21:23 - 2017-06-20 07:09 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-12 21:23 - 2017-06-20 07:08 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-07-12 21:23 - 2017-06-20 07:08 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-12 21:23 - 2017-06-20 07:08 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-12 21:23 - 2017-06-20 07:08 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-07-12 21:23 - 2017-06-20 07:07 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-07-12 21:23 - 2017-06-20 07:07 - 00823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2017-07-12 21:23 - 2017-06-20 07:07 - 00626176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-07-12 21:23 - 2017-06-20 07:06 - 00847872 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-07-12 21:23 - 2017-06-20 07:06 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-12 21:23 - 2017-06-20 07:06 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-07-12 21:23 - 2017-06-20 07:06 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-12 21:23 - 2017-06-20 07:05 - 04447744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-07-12 21:23 - 2017-06-20 07:05 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-07-12 21:23 - 2017-06-20 07:05 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-07-12 21:23 - 2017-06-20 07:05 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-07-12 21:23 - 2017-06-20 07:05 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-07-12 21:23 - 2017-06-20 07:04 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-07-12 21:23 - 2017-06-20 07:04 - 01425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-12 21:23 - 2017-06-20 07:04 - 00899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-07-12 21:23 - 2017-06-20 07:04 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-07-12 21:23 - 2017-06-20 07:04 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-07-12 21:23 - 2017-06-20 07:03 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-12 21:23 - 2017-06-20 07:02 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-07-12 21:23 - 2017-06-20 07:01 - 04536320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-07-12 21:23 - 2017-06-20 07:01 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-07-12 21:23 - 2017-06-20 07:01 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-07-12 21:23 - 2017-06-20 07:01 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-12 21:23 - 2017-06-20 07:00 - 02171392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-07-12 21:23 - 2017-06-20 06:59 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-07-12 21:23 - 2017-06-20 06:59 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-07-12 21:23 - 2017-06-20 06:54 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-07-12 21:23 - 2017-06-20 06:45 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-07-12 21:23 - 2017-06-20 06:43 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-12 21:23 - 2017-06-20 06:43 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-12 21:23 - 2017-06-20 06:42 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-12 21:23 - 2017-06-20 06:42 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-12 21:23 - 2017-06-20 06:38 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-12 21:23 - 2017-06-20 06:37 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-12 21:22 - 2017-07-07 09:27 - 01147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-07-12 21:22 - 2017-07-07 09:27 - 00965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-07-12 21:22 - 2017-07-07 09:27 - 00821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-07-12 21:22 - 2017-07-07 09:22 - 00119384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-07-12 21:22 - 2017-07-07 09:17 - 01017760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-07-12 21:22 - 2017-07-07 09:15 - 02444696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-07-12 21:22 - 2017-07-07 09:14 - 01171032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2017-07-12 21:22 - 2017-07-07 09:13 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-07-12 21:22 - 2017-07-07 09:13 - 00147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2017-07-12 21:22 - 2017-07-07 09:12 - 00228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-07-12 21:22 - 2017-07-07 09:11 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-07-12 21:22 - 2017-07-07 09:10 - 21353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-07-12 21:22 - 2017-07-07 09:10 - 01337848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-07-12 21:22 - 2017-07-07 09:10 - 00372128 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 02229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 01693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 01458584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 01100704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00992672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00848280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-07-12 21:22 - 2017-07-07 09:08 - 00844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00506776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-07-12 21:22 - 2017-07-07 09:08 - 00399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-07-12 21:22 - 2017-07-07 08:27 - 03670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-07-12 21:22 - 2017-07-07 08:27 - 01640448 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-07-12 21:22 - 2017-07-07 08:27 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-07-12 21:22 - 2017-07-07 08:27 - 00577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2017-07-12 21:22 - 2017-07-07 08:27 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-07-12 21:22 - 2017-07-07 08:25 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-07-12 21:22 - 2017-07-07 08:24 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-07-12 21:22 - 2017-07-07 08:23 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-07-12 21:22 - 2017-07-07 08:23 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll
2017-07-12 21:22 - 2017-07-07 08:22 - 00520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-07-12 21:22 - 2017-07-07 08:21 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2017-07-12 21:22 - 2017-07-07 08:19 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-07-12 21:22 - 2017-07-07 08:19 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2017-07-12 21:22 - 2017-07-07 08:18 - 00563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-07-12 21:22 - 2017-07-07 08:17 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-07-12 21:22 - 2017-07-07 08:17 - 00536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-07-12 21:22 - 2017-07-07 08:17 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-07-12 21:22 - 2017-07-07 08:16 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-07-12 21:22 - 2017-07-07 08:14 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-07-12 21:22 - 2017-07-07 08:12 - 02055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-07-12 21:22 - 2017-07-07 08:12 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-07-12 21:22 - 2017-07-07 08:12 - 01420800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-07-12 21:22 - 2017-07-07 08:12 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-07-12 21:22 - 2017-07-07 08:11 - 03139584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-07-12 21:22 - 2017-07-07 08:11 - 02177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-07-12 21:22 - 2017-07-07 08:11 - 00986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-07-12 21:22 - 2017-07-07 08:11 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-07-12 21:22 - 2017-07-07 08:10 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-07-12 21:22 - 2017-07-07 08:07 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-07-12 21:22 - 2017-07-07 08:07 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2017-07-12 21:22 - 2017-07-07 08:05 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-12 21:22 - 2017-07-07 08:04 - 01703424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-07-12 21:22 - 2017-07-07 08:04 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-12 21:22 - 2017-06-20 08:18 - 01564576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-12 21:22 - 2017-06-20 08:18 - 00096672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-12 21:22 - 2017-06-20 08:17 - 00629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-12 21:22 - 2017-06-20 08:17 - 00544160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-12 21:22 - 2017-06-20 08:17 - 00334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-12 21:22 - 2017-06-20 08:17 - 00136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-12 21:22 - 2017-06-20 08:16 - 01214880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-12 21:22 - 2017-06-20 08:04 - 00472728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-07-12 21:22 - 2017-06-20 08:03 - 00179608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-07-12 21:22 - 2017-06-20 08:02 - 00426912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-07-12 21:22 - 2017-06-20 08:00 - 00558920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-07-12 21:22 - 2017-06-20 07:59 - 01054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-07-12 21:22 - 2017-06-20 07:59 - 00583304 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-07-12 21:22 - 2017-06-20 07:58 - 00406072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-07-12 21:22 - 2017-06-20 07:58 - 00203168 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-07-12 21:22 - 2017-06-20 07:16 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2017-07-12 21:22 - 2017-06-20 07:16 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-07-12 21:22 - 2017-06-20 07:14 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-07-12 21:22 - 2017-06-20 07:13 - 00216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2017-07-12 21:22 - 2017-06-20 07:13 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2017-07-12 21:22 - 2017-06-20 07:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgr.dll
2017-07-12 21:22 - 2017-06-20 07:12 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-07-12 21:22 - 2017-06-20 07:12 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-07-12 21:22 - 2017-06-20 07:10 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-07-12 21:22 - 2017-06-20 07:10 - 00189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-07-12 21:22 - 2017-06-20 07:09 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2017-07-12 21:22 - 2017-06-20 07:08 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2017-07-12 21:22 - 2017-06-20 07:08 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-07-12 21:22 - 2017-06-20 07:07 - 00916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-07-12 21:22 - 2017-06-20 07:07 - 00757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-07-12 21:22 - 2017-06-20 07:07 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-07-12 21:22 - 2017-06-20 07:07 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-07-12 21:22 - 2017-06-20 07:06 - 00455680 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-07-12 21:22 - 2017-06-20 07:06 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-07-12 21:22 - 2017-06-20 07:06 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-07-12 21:22 - 2017-06-20 07:06 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-07-12 21:22 - 2017-06-20 07:05 - 02873344 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2017-07-12 21:22 - 2017-06-20 07:05 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-07-12 21:22 - 2017-06-20 07:05 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2017-07-12 21:22 - 2017-06-20 07:05 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-07-12 21:22 - 2017-06-20 07:04 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-07-12 21:22 - 2017-06-20 07:03 - 01396224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-07-12 21:22 - 2017-06-20 07:02 - 03204096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-07-12 21:22 - 2017-06-20 07:02 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-07-12 21:22 - 2017-06-20 07:02 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-07-12 21:22 - 2017-06-20 07:02 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2017-07-12 21:22 - 2017-06-20 07:01 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-07-12 21:22 - 2017-06-20 07:01 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-07-12 21:22 - 2017-06-20 07:01 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-07-12 21:22 - 2017-06-20 07:01 - 00397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-07-12 21:22 - 2017-06-20 07:00 - 03057664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-07-12 21:22 - 2017-06-20 06:59 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-07-12 21:22 - 2017-06-20 06:58 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-07-12 21:22 - 2017-06-20 06:57 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2017-07-12 21:22 - 2017-06-20 06:57 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2017-07-12 21:22 - 2017-06-20 06:56 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-07-12 21:22 - 2017-06-20 06:56 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdmaud.drv

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-25 15:04 - 2017-06-09 13:43 - 00004146 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F553633F-DBB4-4283-9600-16674BE14575}
2017-07-25 14:44 - 2017-06-09 13:38 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-25 14:23 - 2017-03-17 21:59 - 00000000 ____D C:\Users\pino\AppData\Local\Packages
2017-07-25 14:17 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-25 14:17 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-24 21:51 - 2017-06-09 13:45 - 02406756 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-24 21:51 - 2017-03-20 06:41 - 01106312 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-24 21:51 - 2017-03-20 06:41 - 00246902 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-24 21:47 - 2017-06-09 13:43 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-24 21:47 - 2017-06-09 13:38 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-07-24 21:47 - 2017-03-17 21:59 - 00000000 __SHD C:\Users\pino\IntelGraphicsProfiles
2017-07-24 21:46 - 2017-03-22 09:14 - 00000000 ____D C:\Users\pino\AppData\LocalLow\Temp
2017-07-24 21:46 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-07-24 15:09 - 2017-03-17 22:22 - 00000000 ____D C:\Users\pino\AppData\LocalLow\Mozilla
2017-07-24 14:55 - 2017-03-20 18:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-07-24 13:28 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-07-23 00:32 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-07-22 22:40 - 2017-03-20 19:22 - 00000000 ____D C:\Users\pino\AppData\Local\CrashDumps
2017-07-19 15:11 - 2017-03-18 00:36 - 00000000 ____D C:\Users\pino\AppData\Roaming\FileZilla
2017-07-17 20:41 - 2017-05-10 13:29 - 00000000 ____D C:\ProgramData\firebird
2017-07-17 17:25 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-07-16 12:47 - 2017-03-22 00:19 - 00000000 ___RD C:\Dropbox
2017-07-14 17:10 - 2017-03-19 14:47 - 00000000 ____D C:\Users\pino\.gimp-2.8
2017-07-14 10:47 - 2017-03-22 00:14 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-07-14 10:44 - 2017-03-17 21:59 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-13 17:38 - 2017-06-09 13:38 - 00384840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-13 17:38 - 2017-04-20 23:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-13 17:38 - 2017-04-20 23:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\migwiz
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-13 17:37 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-07-12 21:27 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-07-12 21:26 - 2017-03-18 00:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-07-12 21:25 - 2017-03-18 00:43 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-10 18:21 - 2017-03-30 12:45 - 00000000 ____D C:\Users\pino\AppData\Roaming\TeamViewer
2017-07-05 14:03 - 2017-06-09 13:39 - 00000000 ____D C:\Users\pino
2017-06-30 16:47 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-30 16:47 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-28 21:13 - 2017-06-09 13:38 - 00000000 ____D C:\Program Files\DellTPad
2017-06-27 20:40 - 2017-03-17 23:04 - 00002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-06-15 23:04 - 2017-06-15 23:04 - 0011879 _____ () C:\Users\pino\AppData\Local\recently-used.xbel
2017-03-21 18:34 - 2017-03-21 18:34 - 0000094 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-24 15:18

==================== Ende von FRST.txt ============================

pinodisole · 25.07.2017, 14:22

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-07-2017
durchgeführt von pino (25-07-2017 15:14:14)
Gestartet von C:\Users\pino\Desktop
Windows 10 Pro Version 1703 (X64) (2017-06-09 11:46:15)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-697847764-2959338102-2115453073-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-697847764-2959338102-2115453073-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-697847764-2959338102-2115453073-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-697847764-2959338102-2115453073-501 - Limited - Disabled)
pino (S-1-5-21-697847764-2959338102-2115453073-1001 - Administrator - Enabled) => C:\Users\pino

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Avaya IP Integration (HKLM-x32\...\{41E392C5-8253-4ABE-AC55-6A23FB89ED1C}) (Version: 1.0.9987.0 - GN Netcom A/S) Hidden
Avaya one-X Integration (HKLM-x32\...\{0F8D3DE8-29BF-4731-AE55-14C38B19C6C1}) (Version: 3.0.12961.0 - GN Netcom A/S) Hidden
Avaya one-X V3 Integration (HKLM-x32\...\{2EC5D63C-BDD1-44A2-BC7E-290C75EF4757}) (Version: 1.0.472.0 - GN Audio A/S) Hidden
Basic Support (HKLM-x32\...\{1231D39C-47F0-470E-8E6A-155FE61AD0BD}) (Version: 2.0.294.0 - GN Audio A/S) Hidden
BIZ 2300 Family (HKLM-x32\...\{01F8214A-56CA-4E7A-B03C-02426C4E89C5}) (Version: 3.0.14012.0 - GN Netcom A/S) Hidden
BIZ 2400 II (HKLM-x32\...\{088961FA-7493-4E35-A8C0-3D3E933ED0A3}) (Version: 2.0.10316.0 - GN Netcom A/S) Hidden
BIZ1500Setup (HKLM-x32\...\{97540499-E348-4071-B840-697EEB083C3C}) (Version: 1.0.13138.0 - GN Netcom A/S) Hidden
BIZ2400_II_CCSetup (HKLM-x32\...\{31E2438C-6C70-4EE0-B745-BBF2F5773883}) (Version: 2.0.10315.0 - GN Netcom A/S) Hidden
BIZ2400_LINK280 (HKLM-x32\...\{5FD62AB7-8CB2-43BD-A269-9BD4532BEE7D}) (Version: 1.0.9672.0 - GN Netcom A/S) Hidden
Broadsoft Integration (HKLM-x32\...\{792B93D1-6ED1-4410-838E-D2BAA7D5B944}) (Version: 2.0.13949.0 - GN Netcom A/S) Hidden
CallManager (HKLM-x32\...\{1EABEEE7-9F25-4633-A576-C7BC492AE372}) (Version: 2.0.10294.0 - GN) Hidden
Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version:  - )
Cisco IP Communicator Integration (HKLM-x32\...\{0F16E401-66F0-4E51-9881-9294534DE83E}) (Version: 3.0.10584.0 - GN Netcom A/S) Hidden
Cisco Jabber Integration (HKLM-x32\...\{A7A3B557-D9DB-4D47-A228-7A8DA24ADC49}) (Version: 3.0.10654.0 - GN Netcom A/S) Hidden
Cisco UC Integration (HKLM-x32\...\{AFF39F11-859B-4E94-8C44-DFBAB6B95BC4}) (Version: 1.0.9992.0 - GN Netcom A/S) Hidden
Cisco WebEx Connect Integration (HKLM-x32\...\{BDAAFFC6-7D89-4BB1-8879-92B80E488E35}) (Version: 1.0.9993.0 - GN Netcom A/S) Hidden
Cisco WebEx Meetings (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Receiver 4.6 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.6.0.12010 - Citrix Systems, Inc.)
CounterPath Bria Integration (HKLM-x32\...\{130A2A6F-45FB-425C-85A4-9C051A4B1064}) (Version: 3.0.287.0 - GN Audio A/S) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.2207.101.108 - ALPS ELECTRIC CO., LTD.)
DFUDriverSetupX64Setup (HKLM-x32\...\{6A0A9DA3-2173-4CFD-AAF5-05B0BA51C31F}) (Version: 6.2.653.0 - GN Netcom A/S) Hidden
DIAL 550 (HKLM-x32\...\{835C23C0-9F95-442C-BBF5-FD38F5BC4023}) (Version: 1.0.9655.0 - GN Netcom A/S) Hidden
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version:  - )
Dropbox (HKLM-x32\...\Dropbox) (Version: 30.4.22 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden
EVOLVE20_LINKSetup (HKLM-x32\...\{ADA8AA1D-6A7F-47FA-A9B4-4DF9F05B5EB5}) (Version: 3.0.414.0 - GN Netcom A/S) Hidden
EVOLVE30_IISetup (HKLM-x32\...\{D6C99D0E-69FD-4693-A53F-5022450A5BC8}) (Version: 4.0.506.0 - GN Audio A/S) Hidden
EVOLVE65Setup (HKLM-x32\...\{D467049A-6418-4D36-BA0B-10382B396353}) (Version: 4.0.616.0 - GN Audio A/S) Hidden
EVOLVE75Setup (HKLM-x32\...\{76DEEC1D-D9D9-4650-AC09-49881A34ED0E}) (Version: 1.0.686.0 - GN Audio A/S) Hidden
FileZilla Client 3.26.2 (HKLM-x32\...\FileZilla Client) (Version: 3.26.2 - Tim Kosse)
FirmwareUpdater (HKLM-x32\...\{86D87E09-E6CB-449C-B688-8C87A023AB0D}) (Version: 6.2.653.0 - GN Audio A/S) Hidden
GIMP 2.8.20 (HKLM\...\GIMP-2_is1) (Version: 2.8.20 - The GIMP Team)
GN2000 Family (HKLM-x32\...\{30CCF236-C34A-4282-B0BF-0974EC415F49}) (Version: 1.0.9657.0 - GN Netcom A/S) Hidden
GO 6470 (HKLM-x32\...\{5B4B9788-ADE8-41D8-98A2-88A057F8A0AA}) (Version: 1.0.9674.0 - GN Netcom A/S) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HANDSET450Setup (HKLM-x32\...\{705D86E1-BDEA-41FE-BE33-F1DC93F320BB}) (Version: 2.0.11048.0 - GN Netcom A/S) Hidden
IBM Sametime Integration (HKLM-x32\...\{20BB76A6-7AF6-48B9-9B75-6408EA5E2C6B}) (Version: 4.0.11289.0 - GN Netcom A/S) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.19.16.55 - Huawei Technologies Co.,Ltd)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
Jabra Direct (HKLM-x32\...\{508c3a72-c776-4128-aaa5-06cd908081a1}) (Version: 3.8.689.0 - GN Audio A/S)
JabraDirect (HKLM-x32\...\{CC2A885E-4581-4256-93D8-D9577F687E2D}) (Version: 3.8.689.0 - GN Audio A/S) Hidden
JpcsSdkDeviceService (HKLM-x32\...\{30081FB6-1DD3-4084-83E5-14B20242A702}) (Version: 1.0.9811.0 - GN Netcom A/S) Hidden
Kodi (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\Kodi) (Version:  - XBMC-Foundation)
LINK 265 (HKLM-x32\...\{F42C3E86-AF7F-4047-8633-0CC870EEF43B}) (Version: 1.0.9879.0 - GN Netcom A/S) Hidden
LINK 30/32/33/41 Setup (HKLM-x32\...\{E2E1BC7A-A89A-4623-803C-CEF4104D5934}) (Version: 1.0.9732.0 - GN Netcom A/S) Hidden
LINK 360 (HKLM-x32\...\{F0D8BA38-E373-406D-BE91-4EE113DE0C64}) (Version: 3.0.665.0 - GN Netcom A/S) Hidden
LINK180aSetup (HKLM-x32\...\{CD79C32D-AEEB-46B1-A370-F99BEA8F460D}) (Version: 1.0.9660.0 - GN Netcom A/S) Hidden
LINK220_220ASetup (HKLM-x32\...\{F3B31FED-91AE-4C15-84BB-9F0FF2BB2BA7}) (Version: 1.0.9675.0 - GN Netcom A/S) Hidden
LINK230_260Setup (HKLM-x32\...\{1AB5D1BA-BC8E-46D2-9F2F-249180213C45}) (Version: 2.0.12955.0 - GN Netcom A/S) Hidden
LINK350Setup (HKLM-x32\...\{66AAB7C3-A2FC-488B-B182-F2EDEED4A72C}) (Version: 1.0.9676.0 - GN Netcom A/S) Hidden
LINK370Setup (HKLM-x32\...\{DE075A6E-35F9-4BB5-9697-4F7979105CF6}) (Version: 2.0.664.0 - GN Audio A/S) Hidden
LINK43Setup (HKLM-x32\...\{EDD1B59B-E5B3-47D5-9F00-9BAEB4F94BDF}) (Version: 1.0.10197.0 - GN Netcom A/S) Hidden
LINK850Setup (HKLM-x32\...\{2CE15BC9-DC51-446E-8929-1E09383D6C6B}) (Version: 2.0.10289.0 - GN Netcom A/S) Hidden
LINK860Setup (HKLM-x32\...\{B09FF355-BE7F-4B61-BF1B-CC46385F414E}) (Version: 1.0.10185.0 - GN Netcom A/S) Hidden
Lync Integration (HKLM-x32\...\{B13B6CFE-69AF-4CF7-8ADD-467B9F29FEB0}) (Version: 5.0.674.0 - GN Audio A/S) Hidden
Maintenance (HKLM-x32\...\{9A1E1C6B-A8D5-42BD-B71B-9728DADB0F20}) (Version: 10.0.0.0 - GN Audio A/S) Hidden
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Mein Verein (HKLM-x32\...\{9ACE3A18-EE13-4012-989C-2BCDC95BA6B9}_is1) (Version: 16.0 - Buhl Data Service GmbH)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.8229.2086 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Motion (HKLM-x32\...\{06EA3781-ECDF-45AF-8E75-E623FC171931}) (Version: 2.0.541.0 - GN Netcom A/S) Hidden
MOTIONOFFICE (HKLM-x32\...\{A2CA3AD4-6C07-49C3-9E09-F4EEE6B9BA32}) (Version: 1.0.9677.0 - GN Netcom A/S) Hidden
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
NEC SP 350 Integration (HKLM-x32\...\{A37BF086-D78E-4D1C-BD58-19A725416DB4}) (Version: 2.0.14365.0 - GN Netcom A/S) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8229.2086 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2086 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8229.2086 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8229.2045 - Microsoft Corporation) Hidden
Online Plug-in (HKLM-x32\...\{9E362141-4BE9-47C3-BD36-638B77AC87AA}) (Version: 14.6.0.12010 - Citrix Systems, Inc.) Hidden
PRO 920 and 930 (HKLM-x32\...\{C145E0B4-7BF7-415F-B100-F32FF9EA169A}) (Version: 1.0.9734.0 - GN Netcom A/S) Hidden
PRO 94X0 Family (HKLM-x32\...\{B3A5BE45-76E7-40ED-8E58-ACF75504DC12}) (Version: 6.0.652.0 - GN Netcom A/S) Hidden
PRO925_935Setup (HKLM-x32\...\{6786309D-B042-4142-A98E-AA05E1071B79}) (Version: 1.0.9678.0 - GN Netcom A/S) Hidden
Pulse Secure Citrix Services Client (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\Pulse_Citrix_Services) (Version: 8.2.6.51693 - Pulse Secure, LLC)
Pulse Secure Host Checker (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\PulseSecure_Host_Checker) (Version: 8.2.6.51693 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\Pulse_Setup_Client) (Version: 8.2.6.977 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Pulse_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6070 - Realtek Semiconductor Corp.)
SDK Integration (HKLM-x32\...\{89095944-96E6-4520-88D6-BE2B224AFE83}) (Version: 1.0.8564.0 - GN Netcom A/S) Hidden
Self-Service Plug-in (HKLM-x32\...\{27B93352-3746-4329-9D16-CE20A1E400C5}) (Version: 4.6.0.14932 - Citrix Systems, Inc.) Hidden
Shoretel Integration (HKLM-x32\...\{36607082-9C1E-4B0D-8F30-F649BE07AF6E}) (Version: 1.0.10047.0 - GN Netcom A/S) Hidden
Sierra Wireless Dell Mobile Broadband INF Package (HKLM-x32\...\SWIDellDrvInstaller) (Version: 16.1.2.7 - Sierra Wireless)
Skype Integration (HKLM-x32\...\{6CF48C72-2923-4F4D-92A6-5A9E8E51E24B}) (Version: 4.0.673.0 - GN Audio A/S) Hidden
SPEAK 510 Family (HKLM-x32\...\{2FDB93C9-93BD-4115-A963-6186300FFF0A}) (Version: 2.0.571.0 - GN Netcom A/S) Hidden
SPEAK410Setup (HKLM-x32\...\{CC733B58-53DB-4613-AD49-1FFB62EC8989}) (Version: 1.0.9636.0 - GN Netcom A/S) Hidden
SPEAK450Setup (HKLM-x32\...\{21B3A5C8-C3E3-477F-9837-E43359C3546F}) (Version: 1.0.9637.0 - GN Netcom A/S) Hidden
SPEAK710Setup (HKLM-x32\...\{3E251A96-88F9-4364-844F-BA5FE399BBCA}) (Version: 1.0.599.0 - GN Audio A/S) Hidden
SPEAK810Setup (HKLM-x32\...\{89097763-7342-41F2-B4E7-76B846AC6BC6}) (Version: 3.0.617.0 - GN Audio A/S) Hidden
STEALTH Setup (HKLM-x32\...\{F07CB43D-352B-4B65-84E3-053C1778C8FB}) (Version: 3.0.538.0 - GN Audio A/S) Hidden
Steuer-Ratgeber 2016-2017 (HKLM-x32\...\{D63B636A-D43E-4BE3-8874-637402130365}) (Version: 17.03.3 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2017  (HKLM-x32\...\{45815686-22F8-4D24-872D-E481A654B230}) (Version: 22.31.75 - Wolters Kluwer Deutschland GmbH)
Supreme (HKLM-x32\...\{51FFEA54-1FB6-4D8D-97D9-5B15C2938DA2}) (Version: 2.0.545.0 - GN Audio A/S) Hidden
UC VOICE A Family (HKLM-x32\...\{4D63AB94-C5BA-48FB-9A3A-C7BC43522CC7}) (Version: 1.0.9669.0 - GN Netcom A/S) Hidden
UC Voice Family (HKLM-x32\...\{87FC5C34-2573-4BFC-AF28-605037BE7B85}) (Version: 1.0.9670.0 - GN Netcom A/S) Hidden
Video Download Capture V6.2.5 (HKLM-x32\...\{b3336f66-e079-4ff6-abdb-51e2fab781d5}_is1) (Version: 6.2.5 - APOWERSOFT LIMITED)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers01: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-03-08] ()
ContextMenuHandlers01: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Keine Datei
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers04: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers05: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-10-25] (Intel Corporation)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {61CF55A5-1765-42FA-B30F-A34CE30E6792} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-05-27] (Realtek Semiconductor)
Task: {67A065B8-483C-4C2E-AC34-65ED736495BA} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-22] (Dropbox, Inc.)
Task: {6CA663E0-4E32-41AB-9B7E-BB4C5BB7123B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-07-18] (Microsoft Corporation)
Task: {80C50176-EDE4-418A-94B1-24AD75C9BF15} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-02] ()
Task: {AD8E95BB-0BE0-45F2-9FC1-5FB06746046E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-07-18] (Microsoft Corporation)
Task: {C047AC5F-53D2-44A3-9A8C-10B7D252F3C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-17] (Google Inc.)
Task: {D676FDE4-3B0E-4198-BE1A-BAA5898BAFD6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-17] (Google Inc.)
Task: {DBFF6CC3-F6FC-4260-AF2D-2021B8675194} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-07-02] ()
Task: {DEE2FAC8-B611-4742-8598-8A72544A5F5D} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-22] (Dropbox, Inc.)
Task: {EF3A5A89-29D5-4BC7-B678-332AB9DA58DB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-02] (Microsoft Corporation)
Task: {FC80B016-975F-4CB0-BA20-3B763F47B0E5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-02] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\pino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Cisco WebEx.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=fceempjejlfaadkgdacpfhheknndlcjl

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-07-24 14:36 - 2017-06-27 12:06 - 02260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-20 13:11 - 2015-07-06 13:18 - 00682072 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2017-06-12 19:48 - 2017-06-12 19:48 - 00052392 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-10-25 02:08 - 2016-10-25 02:08 - 00401912 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-22 00:15 - 2017-07-12 22:01 - 00025408 _____ () C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
2017-07-12 21:18 - 2017-07-12 21:18 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-07-12 21:18 - 2017-07-12 21:18 - 27590144 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-07-12 21:18 - 2017-07-12 21:18 - 00428032 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-07-12 21:18 - 2017-07-12 21:18 - 20649984 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-07-12 21:18 - 2017-07-12 21:18 - 02305536 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-07-12 21:18 - 2017-07-12 21:18 - 02856448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-06-06 18:24 - 2017-06-06 18:25 - 03139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-06 18:24 - 2017-06-06 18:25 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-03-17 23:37 - 2017-03-17 23:37 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-07-12 21:18 - 2017-07-12 21:18 - 01127936 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-09 08:14 - 2017-05-09 08:14 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2017-07-21 14:01 - 2017-07-21 14:02 - 24054272 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.0_x64__8wekyb3d8bbwe\Video.UI.exe
2017-07-21 14:01 - 2017-07-21 14:02 - 09161728 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-06-13 08:21 - 2017-06-13 08:22 - 03500456 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-07-21 14:01 - 2017-07-21 14:02 - 10910208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.0_x64__8wekyb3d8bbwe\EntPlat.dll
2017-07-18 13:04 - 2017-07-18 13:04 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-18 13:04 - 2017-07-18 13:04 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-18 13:04 - 2017-07-18 13:04 - 43573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-18 13:04 - 2017-07-18 13:04 - 02435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2017-03-20 13:11 - 2013-08-16 08:53 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2017-03-20 13:11 - 2013-08-16 08:53 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2017-03-20 13:11 - 2014-02-15 09:31 - 02416640 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2017-03-20 13:11 - 2014-02-15 09:33 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2017-07-14 10:47 - 2017-07-12 21:58 - 00746816 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-07-14 10:47 - 2017-07-12 21:58 - 01787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-04-16 14:33 - 2017-07-12 21:58 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-04-16 14:33 - 2017-07-12 21:58 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-04-16 14:33 - 2017-07-12 21:58 - 00125904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 01862992 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00020432 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-03-22 00:15 - 2017-07-12 21:58 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00062784 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00040248 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-07-14 10:47 - 2017-07-12 21:58 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-05-17 19:53 - 2017-07-12 22:01 - 00082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-03-22 00:15 - 2017-07-12 21:58 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-07-14 10:47 - 2017-07-12 21:59 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-07-14 10:47 - 2017-07-12 21:58 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-07-14 10:47 - 2017-07-12 21:59 - 00181056 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-03-22 00:15 - 2017-07-12 22:01 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-07-14 10:47 - 2017-07-12 21:59 - 00024368 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-07-14 10:47 - 2017-07-12 21:59 - 01637688 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-03-22 00:15 - 2017-07-12 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-22 00:15 - 2017-07-12 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.pyd
2017-04-07 20:38 - 2017-07-12 22:01 - 00023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-07-14 10:47 - 2017-07-12 22:00 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-06-21 10:21 - 2016-06-21 10:21 - 01500672 _____ () C:\PROGRAM FILES (X86)\JABRA\DIRECT\BROADSOFTINTEGRATION\CommunicatorApiV2.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-697847764-2959338102-2115453073-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 13:47 - 2016-07-16 13:45 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-697847764-2959338102-2115453073-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-697847764-2959338102-2115453073-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{EAD01BA2-A39A-4240-9062-A90FB6AFA13A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [UDP Query User{32629BF6-4303-4CB2-B1AF-D9329646DEBB}C:\users\pino\downloads\anydesk.exe] => (Allow) C:\users\pino\downloads\anydesk.exe
FirewallRules: [TCP Query User{080C05B9-4DE5-42B7-9807-E122EF46E40F}C:\users\pino\downloads\anydesk.exe] => (Allow) C:\users\pino\downloads\anydesk.exe
FirewallRules: [{C1A72C66-5F5F-4417-8BB6-D39D8CA309C7}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe
FirewallRules: [{FE21340C-EED1-446D-8DD6-6F9F2FC2CBBB}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\rtmpsrv.exe
FirewallRules: [{D203AF8D-344F-422E-A596-D372BDBBEF8C}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe
FirewallRules: [{E16006B5-5786-4A80-A7EA-E18BA5671F7A}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture 6\Video Download Capture 6.exe
FirewallRules: [{1F0904A6-A5E2-4E5D-A8ED-03B70F9CDB38}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{21CE1221-C968-4D51-AAC5-A55A0E9D7DFB}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{DDE1EF13-1C43-4585-A376-455595A9A649}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Unlimited\Apowersoft Unlimited.exe
FirewallRules: [{A38992C3-0BDB-4328-8E59-4C43A7C67A58}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Unlimited\Apowersoft Unlimited.exe
FirewallRules: [{3A1AFFB6-C46E-4939-9551-FEA1DE5FA1AF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{30BBAB3A-4B13-4924-8FF5-9CC0F2F838CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{5BBCCF8E-3E75-4D4E-A6D0-9FAF6AAAEE61}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{BAD3FD50-DE31-443A-BF1E-FE87142465C3}C:\program files (x86)\kodi\kodi.exe] => (Block) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{D5E1C8B3-4BCF-4B5C-847F-27D5F56C604D}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe
FirewallRules: [TCP Query User{0864A867-1912-4CE3-9E97-426EB38CE5B6}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe
FirewallRules: [{D5EFDD91-E9AF-475B-ADC1-C89AE6191212}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{EBA470EC-C109-444B-8381-9B175A81C505}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{4B0F8C3C-3D7C-42B1-AD92-CB8A944F8513}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B363EA4E-D2BC-48E9-835D-72630F2C1F3B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [UDP Query User{59B14F13-6A5F-4F9D-9E87-9586C78C5D43}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe
FirewallRules: [TCP Query User{14D97455-470C-45C6-826D-C825C371E049}C:\program files (x86)\citrix\ica client\wfica32.exe] => (Allow) C:\program files (x86)\citrix\ica client\wfica32.exe
FirewallRules: [TCP Query User{A29C4871-9C9E-4830-87A7-9B9070DE2230}C:\users\pino\downloads\anydesk (2).exe] => (Allow) C:\users\pino\downloads\anydesk (2).exe
FirewallRules: [UDP Query User{580E3069-9401-4AA8-83C9-1D3DF8657596}C:\users\pino\downloads\anydesk (2).exe] => (Allow) C:\users\pino\downloads\anydesk (2).exe
FirewallRules: [{2A7D7719-0505-48AC-BDAE-5E9C7BE3EC9B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5A99D781-E857-4538-A95A-D4ACFBC05C89}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [TCP Query User{293EE330-7E12-415D-83F3-4B794A502CA8}C:\users\pino\downloads\anydesk (1).exe] => (Block) C:\users\pino\downloads\anydesk (1).exe
FirewallRules: [UDP Query User{DC541665-25E9-44DF-8898-E90D4AC921FF}C:\users\pino\downloads\anydesk (1).exe] => (Block) C:\users\pino\downloads\anydesk (1).exe
FirewallRules: [{1209BB15-ED96-4EE1-88BF-8D69D024EFA8}] => (Allow) C:\Users\pino\Desktop\FRST64.exe
FirewallRules: [{903FBE08-310C-4EF2-9AD2-FE37015E2736}] => (Allow) C:\Users\pino\Desktop\FRST64.exe

==================== Wiederherstellungspunkte =========================

08-07-2017 12:44:36 Geplanter Prüfpunkt
12-07-2017 21:25:10 Windows Update
22-07-2017 21:10:27 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Broadcom USH
Description: Broadcom USH
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Integrated Webcam
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Broadcom USH w/swipe sensor
Description: Broadcom USH w/swipe sensor
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Alessia
Description: Bluetooth-Gerät
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Microsoft
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/25/2017 02:16:50 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (07/25/2017 02:13:00 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/24/2017 10:32:49 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (07/24/2017 09:48:09 PM) (Source: Microsoft Office 16) (EventID: 2001) (User: )
Description: Microsoft Outlook: Rejected Safe Mode action : Outlook konnte beim letzten Mal nicht gestartet werden. Der abgesicherte Modus kann Ihnen bei der Problembehandlung behilflich sein. Einige Features sind aber in diesem Modus möglicherweise nicht verfügbar.

Möchten Sie im abgesicherten Modus starten?.
Rejected Safe Mode action : Microsoft Outlook.

Error: (07/24/2017 09:47:14 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/24/2017 09:46:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 16.0.8229.2086, Zeitstempel: 0x5958ba50
Name des fehlerhaften Moduls: wwlib.dll, Version: 16.0.8229.2086, Zeitstempel: 0x5958c1d2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0009af8f
ID des fehlerhaften Prozesses: 0x1ee4
Startzeit der fehlerhaften Anwendung: 0x01d304b58428cbec
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Microsoft Office\root\Office16\wwlib.dll
Berichtskennung: 0bd23b2c-3ebd-41e7-a680-c4337152c85f
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/24/2017 09:12:01 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/24/2017 07:49:51 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/24/2017 05:39:58 PM) (Source: SWISoftDev) (EventID: 1) (User: )
Description: Device ID: <11999061>  is not supported on this machine!

Error: (07/24/2017 02:43:28 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


Systemfehler:
=============
Error: (07/25/2017 02:23:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/25/2017 02:23:49 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\pino\AppData\Local\Temp\ehdrv.sys

Error: (07/25/2017 02:23:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/25/2017 02:23:48 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\pino\AppData\Local\Temp\ehdrv.sys

Error: (07/25/2017 02:23:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/25/2017 02:23:48 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\pino\AppData\Local\Temp\ehdrv.sys

Error: (07/25/2017 02:23:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/25/2017 02:23:48 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\pino\AppData\Local\Temp\ehdrv.sys

Error: (07/25/2017 02:23:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/25/2017 02:23:48 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\pino\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2017-07-25 14:22:31.600
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-07-25 14:22:31.446
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4300U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8097.43 MB
Verfügbarer physikalischer RAM: 5276.69 MB
Summe virtueller Speicher: 9377.43 MB
Verfügbarer virtueller Speicher: 6586.6 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:237.51 GB) (Free:70.7 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 6DEEFFB3)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=484 MB) - (Type=27)

==================== Ende von Addition.txt ============================

Das Notebook verhält normal. Tat es aber auch vorher, wie in meinem Startpost geschrieben.

24.07.2017, 21:05	#11
M-K-D-B /// TB-Ausbilder	Win10 Notebook auf Schadsoftware und Co. prüfen Es fehlt noch der FRST-Fix.

Win10 Notebook auf Schadsoftware und Co. prüfen

Plagegeister aller Art und deren Bekämpfung: Win10 Notebook auf Schadsoftware und Co. prüfen