| |
| |||||||
Log-Analyse und Auswertung: Trojaner Verdacht, Win10 64bitWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
08.09.2017, 22:17
| #1 |
 |  Trojaner Verdacht, Win10 64bit Hallo zusammen, seit einiger Zeit taucht beim starten ein Dos (Windows\System32\cmd.exe)Fenster. G-Data Internet Security findet nicht´s. Könnst Ihr bitte die LogDateien anschauen? Vielen Dank! FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
durchgeführt von Gena_2 (ACHTUNG: der Benutzer ist kein Administrator) auf BIGCOM (08-09-2017 22:59:56)
Gestartet von C:\Users\Gena_2\Downloads
Geladene Profile: ************** & Gena_2 (Verfügbare Profile: ************** & Gena_2 & Lilia & Gast & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
konnte nicht auf den Prozess zugreifen -> smss.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> wininit.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> services.exe
konnte nicht auf den Prozess zugreifen -> lsass.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> winlogon.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> dwm.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> WUDFHost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> WUDFHost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> igfxCUIService.exe
konnte nicht auf den Prozess zugreifen -> NVDisplay.Container.exe
konnte nicht auf den Prozess zugreifen -> GDScan.exe
konnte nicht auf den Prozess zugreifen -> NVDisplay.Container.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> dasHost.exe
konnte nicht auf den Prozess zugreifen -> AVKWCtlx64.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> spoolsv.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> ibtsiva.exe
konnte nicht auf den Prozess zugreifen -> armsvc.exe
konnte nicht auf den Prozess zugreifen -> mDNSResponder.exe
konnte nicht auf den Prozess zugreifen -> dirmngr.exe
konnte nicht auf den Prozess zugreifen -> AdobeUpdateService.exe
konnte nicht auf den Prozess zugreifen -> avmike.exe
konnte nicht auf den Prozess zugreifen -> OfficeClickToRun.exe
konnte nicht auf den Prozess zugreifen -> iSCTAgent.exe
konnte nicht auf den Prozess zugreifen -> AVKProxy.exe
konnte nicht auf den Prozess zugreifen -> DACore.exe
konnte nicht auf den Prozess zugreifen -> AGSService.exe
konnte nicht auf den Prozess zugreifen -> app_updater.exe
konnte nicht auf den Prozess zugreifen -> certsrv.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> HeciServer.exe
konnte nicht auf den Prozess zugreifen -> ijplmsvc.exe
konnte nicht auf den Prozess zugreifen -> Lenovo.Modern.ImController.exe
konnte nicht auf den Prozess zugreifen -> NvTelemetryContainer.exe
konnte nicht auf den Prozess zugreifen -> nwtsrv.exe
konnte nicht auf den Prozess zugreifen -> MBAMService.exe
konnte nicht auf den Prozess zugreifen -> nutsrv4.exe
konnte nicht auf den Prozess zugreifen -> nvcontainer.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> Seagate.Dashboard.DASWindowsService.exe
konnte nicht auf den Prozess zugreifen -> MobileService.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> WDDriveService.exe
konnte nicht auf den Prozess zugreifen -> SurfEasyService.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> ss_conn_service.exe
konnte nicht auf den Prozess zugreifen -> BrcmSetSecurity.exe
konnte nicht auf den Prozess zugreifen -> ouc.exe
konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> WDBackupEngine.exe
konnte nicht auf den Prozess zugreifen -> GDFwSvcx64.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
konnte nicht auf den Prozess zugreifen -> PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
konnte nicht auf den Prozess zugreifen -> dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
() C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
konnte nicht auf den Prozess zugreifen -> fontdrvhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
konnte nicht auf den Prozess zugreifen -> SUService.exe
konnte nicht auf den Prozess zugreifen -> IAStorDataMgrSvc.exe
konnte nicht auf den Prozess zugreifen -> IntelMeFWService.exe
konnte nicht auf den Prozess zugreifen -> Jhi_service.exe
konnte nicht auf den Prozess zugreifen -> LMS.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
konnte nicht auf den Prozess zugreifen -> Lenovo.Modern.ImController.PluginHost.Device.exe
(Mozilla Corporation) C:\Users\genas_000\Desktop\Tor Browser\Browser\firefox.exe
() C:\Users\genas_000\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe
(Mozilla Corporation) C:\Users\genas_000\Desktop\Tor Browser\Browser\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-16] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2014-02-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [101360 2014-02-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM\...\Run: [USB Safely Remove] => "C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe" /startup
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-28] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [NuTCSetupEnviron] => C:\Program Files\PTC\MKS Toolkit\bin\ncoeenv.exe [37248 2012-10-12] (MKS Software Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-07-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-07-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-05-10] (Seagate Technology LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [442856 2017-06-08] (G DATA Software AG)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2352832 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe [763416 2017-07-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-05-10] (Seagate Technology LLC)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4295360 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Polar Sync] => *:\program files\polar\polar sync\********************************************************************************************************************************************************************** (Der Dateneintrag hat 59 mehr Zeichen).
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\MountPoints2: {be3b4032-83bd-11e6-bf7a-fcf8ae9ac78d} - "I:\start-win.exe"
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-05-18] (Garmin Ltd. or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2014-02-11]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Motion Control.lnk [2014-02-11]
ShortcutTarget: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe ()
Startup: C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZenMate.bat [2017-08-13] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyServer: [S-1-5-21-4288807228-2172792055-1580508024-1003] => 84.112.117.174:8080
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2be6f6e2-00a5-4ce8-95ef-87a8efc7ebb5}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3a45b7cf-7020-4447-8c63-994d33d62839}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=625119&clcid=0x419
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
URLSearchHook: [S-1-5-21-4288807228-2172792055-1580508024-1002] ACHTUNG => Standard URLSearchHook fehlt
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> {26B3CAA3-DAC0-4C35-B5A8-06D7ABF7F9C4} URL =
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-19] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-19] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-12-15] (DVDVideoSoft Ltd.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-07-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle Corporation)
BHO-x32: IE 4.x-6.x BHO for Download Master -> {9961627E-4059-41B4-8E0E-A7D6B3854ADF} -> C:\Program Files (x86)\Download Master\dmiehlp.dll [2014-12-29] (WestByte)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-07-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2016-01-19] (DVDVideoSoft Ltd.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Amolto Call Recorder for Skype\Skype4COM.dll [2014-06-20] (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Gena_2\AppData\Roaming\Mozilla\Firefox\Profiles\wjvpswac.default-1456673523050 [2017-09-08]
FF NetworkProxy: Mozilla\Firefox\Profiles\wjvpswac.default-1456673523050 -> type", 0
FF Extension: (Tails Download and Verify) - C:\Users\Gena_2\AppData\Roaming\Mozilla\Firefox\Profiles\wjvpswac.default-1456673523050\Extensions\dave@tails.boum.org.xpi [2017-08-12]
FF Extension: (HTTPS Everywhere) - C:\Users\Gena_2\AppData\Roaming\Mozilla\Firefox\Profiles\wjvpswac.default-1456673523050\Extensions\https-everywhere-eff@eff.org.xpi [2017-09-01]
FF Extension: (ProxTube - Gesperrte YouTube Videos entsperren) - C:\Users\Gena_2\AppData\Roaming\Mozilla\Firefox\Profiles\wjvpswac.default-1456673523050\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2017-08-12]
FF Extension: (Html Validator) - C:\Users\Gena_2\AppData\Roaming\Mozilla\Firefox\Profiles\wjvpswac.default-1456673523050\Extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} [2016-11-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-08-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-27] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-07-13] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-27] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\CanonBJ\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-04] (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-07-19] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-08-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-07-13] (Adobe Systems)
FF Plugin-x32: Sony Corporation/PMCADownloader -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\npPMCADownloader.dll [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderHelper -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\PMCADownloaderHelper.exe [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderLib -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\PMCADownloaderLib.dll [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Gena_2\AppData\Roaming\mozilla\plugins\npatgpc.dll [2014-08-02] (Cisco WebEx LLC)
Chrome:
=======
CHR Profile: C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default [2017-08-13]
CHR Extension: (Google Präsentationen) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-03]
CHR Extension: (Скачать музыку с Вконтакте (vk.com)) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\afkpfjljjhhonjehpkmgonimjjgaheap [2016-09-03]
CHR Extension: (Google Docs) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-03]
CHR Extension: (Google Drive) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-03]
CHR Extension: (YouTube) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-03]
CHR Extension: (Google-Suche) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-03]
CHR Extension: (Adobe Acrobat) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-12-03]
CHR Extension: (Google Docs Offline) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-22]
CHR Extension: (OkTools) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jicldjademmddamblmdllfneeaeeclik [2016-09-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-22]
CHR Extension: (Google Mail) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-07-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-07-13] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [5017224 2017-06-23] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [3328112 2017-06-08] (G Data Software AG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3705536 2017-07-03] (Microsoft Corporation)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [432528 2013-04-17] (Nuance Communications, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [437224 2016-10-27] (Digital Wave Ltd.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2017-07-06] () [Datei ist nicht signiert]
S3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1458368 2016-06-09] (Disc Soft Ltd)
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1093136 2017-05-18] (Garmin Ltd. or its subsidiaries)
S3 GDBackupSvc; C:\Program Files (x86)\G Data\InternetSecurity\AVKBackup\AVKBackupService.exe [3997160 2017-06-23] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3419552 2017-06-08] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [884328 2017-06-08] (G DATA Software AG)
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] ()
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-06-05] (Lenovo Group Limited)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-09] (Intel Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-08-16] () [Datei ist nicht signiert]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
R3 lmhosts; C:\WINDOWS\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 lmhosts; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NlaSvc; C:\WINDOWS\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 NlaSvc; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 NuTCRACKERService; C:\WINDOWS\system32\nutsrv4.exe [574776 2012-10-12] (MKS Software Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16120 2017-05-10] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143560 2017-05-10] (Seagate Technology LLC)
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [35272 2016-05-04] (SHAREit Technologies Co.Ltd)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 SurfEasyVPN; C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe [1663368 2017-03-14] ()
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-06-09] ()
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-08-01] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 dcrypt; C:\WINDOWS\System32\drivers\dcrypt.sys [210632 2014-07-09] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-09-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-09-26] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] ()
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [109568 2013-01-25] (Huawei Technologies Co., Ltd.)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [200728 2017-08-13] (G Data Software AG)
R3 gddcd; C:\WINDOWS\System32\drivers\gddcd64.sys [79872 2015-03-23] (G Data Software AG)
R1 gddcv; C:\WINDOWS\System32\drivers\gddcv64.sys [59904 2015-03-23] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2017-02-20] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [46104 2017-08-13] (G Data Software AG)
R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [38984 2017-08-13] (G DATA Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [309784 2017-08-13] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [162328 2017-08-13] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [86584 2017-08-13] (G DATA Software AG)
S3 GRD; C:\WINDOWS\system32\drivers\GRD.sys [125640 2017-08-27] (G Data Software)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [157720 2017-08-13] (G Data Software AG)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [121728 2013-12-10] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\system32\DRIVERS\ew_wwanecm.sys [376704 2013-12-10] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-09-08] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-08] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-08] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-08] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-08] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.)
S3 MosIrUsb; C:\WINDOWS\System32\drivers\MosIrUsb.sys [27648 2007-10-11] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3776792 2015-06-22] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_e512e33140587627\nvlddmkm.sys [14841784 2017-04-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-05-03] (NVIDIA Corporation)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [759552 2015-09-21] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-16] (Realtek Semiconductor Corp.)
S3 SD11CL64; C:\WINDOWS\system32\DRIVERS\SD11CL64.sys [96512 2011-01-24] (SCM Microsystems Inc.)
S3 SDI01164; C:\WINDOWS\system32\DRIVERS\SDI01164.SYS [75904 2011-01-24] (SCM Microsystems Inc.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2017-03-21] (Anchorfree Inc.)
R0 TS4NT; C:\WINDOWS\System32\Drivers\TS4nt.sys [98760 2015-03-23] (G Data Software)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-09-08] ()
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-08 22:59 - 2017-09-08 23:00 - 000040463 _____ C:\Users\Gena_2\Downloads\FRST.txt
2017-09-08 22:59 - 2017-09-08 22:59 - 002395648 _____ (Farbar) C:\Users\Gena_2\Downloads\FRST64.exe
2017-09-08 22:11 - 2017-09-08 22:11 - 000001456 _____ C:\Users\Gena_2\Desktop\Start Tor Browser.lnk
2017-09-08 22:04 - 2017-09-08 22:37 - 000002827 _____ C:\Users\Gena_2\Desktop\mbam.txt
2017-09-08 22:04 - 2017-09-08 22:04 - 000000022 _____ C:\WINDOWS\S.dirmngr
2017-09-08 21:56 - 2017-09-08 22:04 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-08 21:56 - 2017-09-08 22:04 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-08 21:56 - 2017-09-08 22:04 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-08 21:56 - 2017-09-08 22:04 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-08 21:56 - 2017-09-08 21:56 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-08 21:56 - 2017-09-08 21:56 - 000001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-08 21:56 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-08 21:55 - 2017-09-08 21:55 - 066347240 _____ (Malwarebytes ) C:\Users\Gena_2\Downloads\mb3-setup-consumer-3.2.2.2018.exe
2017-09-08 21:33 - 2017-09-08 21:47 - 000079617 _____ C:\Users\genas_000\Downloads\Addition.txt
2017-09-08 21:32 - 2017-09-08 22:59 - 000000000 ____D C:\FRST
2017-09-08 21:32 - 2017-09-08 21:45 - 000100731 _____ C:\Users\genas_000\Downloads\FRST.txt
2017-09-08 21:29 - 2017-09-08 21:32 - 002395648 _____ (Farbar) C:\Users\genas_000\Downloads\FRST64.exe
2017-09-08 21:20 - 2017-09-08 21:20 - 007178424 _____ (VS Revo Group ) C:\Users\genas_000\Downloads\revosetup_v2.0.3.exe
2017-09-08 21:05 - 2017-09-08 21:05 - 000000970 _____ C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-09-08 21:05 - 2017-09-08 21:05 - 000000922 _____ C:\Users\genas_000\Desktop\Start Tor Browser.lnk
2017-09-08 21:04 - 2017-09-08 21:05 - 000000000 ____D C:\Users\genas_000\Desktop\Tor Browser
2017-09-08 19:04 - 2017-09-08 22:04 - 000094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-09-08 15:57 - 2017-09-08 15:57 - 000007290 _____ C:\Users\Gena_2\AppData\Local\recently-used.xbel
2017-09-08 15:57 - 2017-09-08 15:57 - 000000037 _____ C:\Users\Gena_2\.gtk-bookmarks
2017-09-07 19:59 - 2017-09-08 22:05 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2017-09-06 16:22 - 2017-09-06 20:25 - 001314861 _____ () C:\hoe.dll
2017-09-06 16:01 - 2017-09-06 16:01 - 000002447 _____ C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-04 20:54 - 2017-09-04 20:54 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign24b0aab944a0f2f8
2017-09-04 20:53 - 2017-09-04 20:53 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign7e4b5e0ba9a3c64c
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignfed5aacc0dc13da6
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign41a2d2e3a16ca90a
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign0ce8cd98bb0e703f
2017-09-03 19:24 - 2017-09-03 19:24 - 000184837 _____ C:\Users\Gena_2\Documents\Paracelsus-Versand.pdf
2017-09-02 23:31 - 2017-09-02 23:31 - 001781226 _____ C:\Users\Gena_2\Documents\Ahnenblatt-Handbuch.pdf
2017-09-02 20:38 - 2017-09-06 21:16 - 000000000 ____D C:\Users\Gena_2\Documents\Ahnenblatt
2017-09-02 20:38 - 2017-09-06 19:22 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 20:38 - 000000000 ____D C:\Users\genas_000\AppData\Roaming\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000001175 _____ C:\Users\Public\Desktop\Ahnenblatt.lnk
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\Users\genas_000\Documents\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\Program Files (x86)\Ahnenblatt
2017-09-02 16:59 - 2017-09-02 16:59 - 007164912 _____ (Dirk Böttcher ) C:\Users\Gena_2\Downloads\absetup.exe
2017-08-24 18:54 - 2017-08-24 18:54 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2017-08-24 18:54 - 2017-08-24 18:54 - 000002220 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2017-08-22 21:09 - 2017-09-08 22:04 - 000034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-08-19 13:15 - 2017-08-19 13:15 - 000000000 ____D C:\Users\genas_000\AppData\Local\keepassx
2017-08-19 13:14 - 2017-08-19 13:14 - 000000000 ____D C:\Users\Gena_2\Downloads\KeePassX-2.0.3
2017-08-19 13:12 - 2017-08-19 13:12 - 000000801 _____ C:\Users\Gena_2\Downloads\KeePassX-2.0.3.zip.sig
2017-08-19 11:38 - 2017-08-24 21:06 - 000000000 ____D C:\Users\Gena_2\Downloads\windows
2017-08-14 18:28 - 2017-08-14 18:28 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign1b4a29de636be42f
2017-08-14 18:23 - 2017-08-14 18:23 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignc0bab0ec0cf11e06
2017-08-14 18:17 - 2017-08-14 18:17 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign991be756ff36d9ed
2017-08-14 18:16 - 2017-08-14 18:16 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignad11cc61bf043d49
2017-08-14 18:16 - 2017-08-14 18:16 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsigna9351cf5d5af130d
2017-08-14 18:15 - 2017-08-14 18:15 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign880927f307097e96
2017-08-14 18:15 - 2017-08-14 18:15 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign68131fe99be3bf8d
2017-08-13 12:46 - 2017-08-13 12:46 - 001781359 _____ (pendrivelinux.com) C:\Users\Gena_2\Downloads\Universal-USB-Installer.exe
2017-08-13 12:17 - 2017-08-27 13:58 - 000125640 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2017-08-13 12:17 - 2017-08-13 12:17 - 000037544 _____ (G DATA Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000086584 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000046104 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBB64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000038984 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000002102 _____ C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2017-08-13 10:45 - 2017-08-13 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2017-08-13 10:43 - 2017-08-13 10:43 - 000309784 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000200728 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000162328 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000157720 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2017-08-13 10:35 - 2017-08-13 10:36 - 014890128 _____ (G DATA Software AG) C:\Users\Gena_2\Downloads\GDATA_INTERNETSECURITY_WEB_WEU.exe
2017-08-13 00:19 - 2017-08-13 00:19 - 001781359 _____ (pendrivelinux.com) C:\Users\genas_000\Downloads\Universal-USB-Installer.exe
2017-08-13 00:16 - 2017-08-13 00:16 - 000506984 _____ C:\Users\Gena_2\Documents\GDataSettings.gds
2017-08-12 23:22 - 2017-08-12 23:22 - 000459593 _____ C:\Users\Gena_2\Downloads\tails-signing.key
2017-08-12 22:30 - 2017-09-08 21:55 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\gnupg
2017-08-12 22:30 - 2017-08-12 22:33 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\.kde
2017-08-12 22:30 - 2017-08-12 22:30 - 000002063 _____ C:\Users\Public\Desktop\Kleopatra.lnk
2017-08-12 22:30 - 2017-08-12 22:30 - 000001203 _____ C:\Users\Public\Desktop\GPA.lnk
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\Users\Public\Desktop\Документация Gpg4win
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\Users\Gena_2\AppData\Local\GNU
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gpg4win
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\Users\genas_000\AppData\Roaming\gnupg
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\ProgramData\GNU
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\Program Files (x86)\GNU
2017-08-12 21:20 - 2017-08-12 21:20 - 054531880 _____ C:\Users\Gena_2\Downloads\torbrowser-install-7.0.4_ru.exe
2017-08-12 20:47 - 2017-08-12 20:47 - 018239617 _____ C:\Users\Gena_2\Downloads\i2pinstall_0.9.31_windows.exe
2017-08-12 20:07 - 2017-08-12 20:07 - 018583016 _____ (freenetproject.org ) C:\Users\Gena_2\Downloads\FreenetInstaller-1478.exe
2017-08-12 18:22 - 2017-08-12 18:22 - 033954414 _____ C:\Users\Gena_2\Downloads\Bitmessage_x64_0.6.2.exe
2017-08-12 18:12 - 2017-08-12 18:12 - 001468831 _____ C:\Users\Gena_2\Downloads\dcrypt_1.1.846.118_src.zip
2017-08-12 18:12 - 2017-08-12 18:12 - 001001880 _____ (hxxp://diskcryptor.net/ ) C:\Users\Gena_2\Downloads\dcrypt_setup.exe
2017-08-12 18:12 - 2017-08-12 18:12 - 000000836 _____ C:\Users\genas_000\Desktop\DiskCryptor.lnk
2017-08-12 18:12 - 2017-08-12 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCryptor
2017-08-12 18:12 - 2017-08-12 18:12 - 000000000 ____D C:\Program Files\dcrypt
2017-08-12 18:12 - 2014-07-09 10:42 - 000210632 _____ C:\WINDOWS\system32\Drivers\dcrypt.sys
2017-08-12 16:57 - 2017-08-13 01:11 - 000000000 ____D C:\Users\Gena_2\AppData\Local\ZenMate
2017-08-12 16:57 - 2017-08-13 00:53 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZenGuard GmbH
2017-08-12 16:57 - 2017-08-12 16:57 - 000000000 ____D C:\Users\Gena_2\AppData\Local\SquirrelTemp
2017-08-12 16:57 - 2017-08-12 16:57 - 000000000 ____D C:\Users\Gena_2\AppData\Local\IsolatedStorage
2017-08-12 16:47 - 2017-08-12 16:47 - 014932432 _____ (AnchorFree Inc.) C:\Users\Gena_2\Downloads\HotspotShield-6.9.2-9040555.exe
2017-08-12 15:25 - 2017-08-12 15:25 - 083516376 _____ (GitHub, Inc.) C:\Users\Gena_2\Downloads\GitHubDesktopSetup.exe
2017-08-12 14:34 - 2017-08-12 14:34 - 023584794 _____ (Tox) C:\Users\Gena_2\Downloads\setup-qtox64-1.11.0.exe
2017-08-11 23:06 - 2017-08-11 23:06 - 006492712 _____ C:\Users\Gena_2\Downloads\BleachBit-1.12-setup.exe
2017-08-11 21:34 - 2017-08-19 13:12 - 007941944 _____ C:\Users\Gena_2\Downloads\KeePassX-2.0.3.zip
2017-08-11 19:39 - 2017-08-12 18:09 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_setup.exe.asc
2017-08-11 19:39 - 2017-08-11 19:39 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_winpe.zip.asc
2017-08-11 19:39 - 2017-08-11 19:39 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_1.1.846.118_src.zip.asc
2017-08-11 19:09 - 2017-08-01 21:21 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-11 19:09 - 2017-08-01 21:20 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-08-11 19:09 - 2017-08-01 20:32 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-11 19:09 - 2017-08-01 20:27 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-08-11 19:09 - 2017-08-01 20:27 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-08-11 19:09 - 2017-08-01 19:20 - 002264344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-11 19:09 - 2017-08-01 19:20 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-08-11 19:09 - 2017-08-01 19:20 - 000781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-11 19:09 - 2017-08-01 19:20 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000577976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000339896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000266080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-11 19:09 - 2017-08-01 19:19 - 000120416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-11 19:09 - 2017-08-01 19:18 - 000139104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-11 19:09 - 2017-08-01 19:16 - 006665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-11 19:09 - 2017-08-01 19:16 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-08-11 19:09 - 2017-08-01 19:16 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-08-11 19:09 - 2017-08-01 19:10 - 000306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-08-11 19:09 - 2017-08-01 19:07 - 005686784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-11 19:09 - 2017-08-01 18:59 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-11 19:09 - 2017-08-01 18:58 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-08-11 19:09 - 2017-08-01 18:56 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-08-11 19:09 - 2017-08-01 18:56 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-08-11 19:09 - 2017-08-01 18:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-11 19:09 - 2017-08-01 18:54 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-08-11 19:09 - 2017-08-01 18:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-08-11 19:09 - 2017-08-01 18:54 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-11 19:09 - 2017-08-01 18:53 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-08-11 19:09 - 2017-08-01 18:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2017-08-11 19:09 - 2017-08-01 18:52 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-11 19:09 - 2017-08-01 18:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-11 19:09 - 2017-08-01 18:50 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-08-11 19:09 - 2017-08-01 18:49 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-11 19:09 - 2017-08-01 18:48 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-08-11 19:09 - 2017-08-01 18:48 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-08-11 19:09 - 2017-08-01 18:45 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-08-11 19:09 - 2017-08-01 18:45 - 001985536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certmgr.dll
2017-08-11 19:09 - 2017-08-01 18:41 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-08-11 19:09 - 2017-08-01 18:39 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-11 19:09 - 2017-08-01 18:39 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-11 19:09 - 2017-08-01 18:38 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-08-11 19:09 - 2017-08-01 18:37 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comuid.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-08-11 19:09 - 2017-08-01 18:36 - 007468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-08-11 19:09 - 2017-08-01 18:35 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-08-11 19:09 - 2017-08-01 18:33 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-08-11 19:09 - 2017-08-01 18:32 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-08-11 19:09 - 2017-08-01 18:32 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-08-11 19:09 - 2017-08-01 18:31 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 002997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-11 19:09 - 2017-08-01 18:30 - 002482688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-08-11 19:09 - 2017-08-01 18:29 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-08-11 19:09 - 2017-08-01 18:28 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-11 19:09 - 2017-07-12 08:17 - 000081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-08-11 19:09 - 2017-07-12 08:15 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-08-11 19:09 - 2017-07-12 08:12 - 001573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-08-11 19:09 - 2017-07-12 08:01 - 000715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-08-11 19:09 - 2017-07-12 08:00 - 000095584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2017-08-11 19:09 - 2017-07-12 07:56 - 000277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-11 19:09 - 2017-07-12 07:55 - 000607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-08-11 19:09 - 2017-07-12 07:55 - 000111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-08-11 19:09 - 2017-07-12 07:52 - 004312760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-08-11 19:09 - 2017-07-12 07:35 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dabapi.dll
2017-08-11 19:09 - 2017-07-12 07:32 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2017-08-11 19:09 - 2017-07-12 07:32 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\frprov.dll
2017-08-11 19:09 - 2017-07-12 07:31 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-11 19:09 - 2017-07-12 07:31 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2017-08-11 19:09 - 2017-07-12 07:30 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2017-08-11 19:09 - 2017-07-12 07:29 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-08-11 19:09 - 2017-07-12 07:29 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\httpapi.dll
2017-08-11 19:09 - 2017-07-12 07:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-08-11 19:09 - 2017-07-12 07:24 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys
2017-08-11 19:09 - 2017-07-12 07:23 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-11 19:09 - 2017-07-12 07:23 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-08-11 19:09 - 2017-07-12 07:21 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-11 19:09 - 2017-07-12 07:21 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2017-08-11 19:09 - 2017-07-12 07:19 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-08-11 19:09 - 2017-07-12 07:18 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-08-11 19:09 - 2017-07-12 07:15 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-11 19:09 - 2017-07-12 07:15 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsium.dll
2017-08-11 19:09 - 2017-07-12 07:14 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-11 19:09 - 2017-07-12 07:13 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-11 19:09 - 2017-07-12 07:12 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-08-11 19:09 - 2017-07-12 07:11 - 002154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-08-11 19:09 - 2017-07-12 07:10 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-11 19:09 - 2017-07-12 07:10 - 000546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-08-11 19:09 - 2017-07-12 07:09 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-08-11 19:09 - 2017-07-12 07:07 - 001572352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-08-11 19:09 - 2017-07-12 07:05 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-11 19:09 - 2017-07-12 04:49 - 000448629 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-08-11 19:09 - 2017-03-04 08:05 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-08-11 19:08 - 2017-08-01 21:32 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-08-11 19:08 - 2017-08-01 21:31 - 007780192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-11 19:08 - 2017-08-01 21:29 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-11 19:08 - 2017-08-01 21:27 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-11 19:08 - 2017-08-01 21:25 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-08-11 19:08 - 2017-08-01 21:22 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-08-11 19:08 - 2017-08-01 21:22 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 002759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-11 19:08 - 2017-08-01 21:21 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-08-11 19:08 - 2017-08-01 21:21 - 000295264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-08-11 19:08 - 2017-08-01 21:21 - 000124072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 000026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-08-11 19:08 - 2017-08-01 21:20 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000684344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000383776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000144736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-11 19:08 - 2017-08-01 21:20 - 000079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-11 19:08 - 2017-08-01 21:18 - 008169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 004260064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 022220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-08-11 19:08 - 2017-08-01 21:13 - 002532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-11 19:08 - 2017-08-01 21:13 - 001102176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-08-11 19:08 - 2017-08-01 21:13 - 000387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-11 19:08 - 2017-08-01 21:01 - 007218176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-11 19:08 - 2017-08-01 20:57 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-08-11 19:08 - 2017-08-01 20:54 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-11 19:08 - 2017-08-01 20:53 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 022569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-11 19:08 - 2017-08-01 20:51 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-11 19:08 - 2017-08-01 20:50 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-11 19:08 - 2017-08-01 20:48 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-08-11 19:08 - 2017-08-01 20:48 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-08-11 19:08 - 2017-08-01 20:48 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-11 19:08 - 2017-08-01 20:47 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-08-11 19:08 - 2017-08-01 20:46 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-11 19:08 - 2017-08-01 20:46 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-11 19:08 - 2017-08-01 20:45 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-11 19:08 - 2017-08-01 20:44 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-11 19:08 - 2017-08-01 20:44 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-11 19:08 - 2017-08-01 20:42 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-11 19:08 - 2017-08-01 20:42 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-11 19:08 - 2017-08-01 20:41 - 002222080 _____ (Microsoft Corporation) C:\WINDOWS\system32\certmgr.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 001281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-11 19:08 - 2017-08-01 20:38 - 013441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-08-11 19:08 - 2017-08-01 20:38 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-08-11 19:08 - 2017-08-01 20:37 - 013091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-11 19:08 - 2017-08-01 20:36 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-11 19:08 - 2017-08-01 20:36 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-08-11 19:08 - 2017-08-01 20:35 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-11 19:08 - 2017-08-01 20:34 - 001837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-08-11 19:08 - 2017-08-01 20:32 - 008114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-11 19:08 - 2017-08-01 20:32 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-08-11 19:08 - 2017-08-01 20:32 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 004743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-11 19:08 - 2017-08-01 20:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-08-11 19:08 - 2017-08-01 20:28 - 001490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 008076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-08-11 19:08 - 2017-08-01 20:26 - 001513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-11 19:08 - 2017-08-01 20:26 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-08-11 19:08 - 2017-08-01 20:25 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-08-11 19:08 - 2017-08-01 20:24 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-08-11 19:08 - 2017-08-01 20:23 - 003615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-11 19:08 - 2017-08-01 20:23 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-08-11 19:08 - 2017-08-01 18:51 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-11 19:08 - 2017-08-01 18:47 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-08-11 19:08 - 2017-08-01 18:47 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-11 19:08 - 2017-08-01 18:42 - 018364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-11 19:08 - 2017-08-01 18:40 - 019415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-11 19:08 - 2017-08-01 18:40 - 012187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-11 19:08 - 2017-08-01 18:37 - 012349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-08-11 19:08 - 2017-08-01 18:33 - 006031872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-11 19:08 - 2017-08-01 18:31 - 003664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-11 19:08 - 2017-07-12 08:16 - 000646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-08-11 19:08 - 2017-07-12 08:15 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-11 19:08 - 2017-07-12 08:15 - 000101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll
2017-08-11 19:08 - 2017-07-12 08:14 - 001886896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-08-11 19:08 - 2017-07-12 08:13 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-11 19:08 - 2017-07-12 08:12 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-11 19:08 - 2017-07-12 08:09 - 001181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-08-11 19:08 - 2017-07-12 08:02 - 002186592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-11 19:08 - 2017-07-12 08:02 - 000402776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-08-11 19:08 - 2017-07-12 08:01 - 000156000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2017-08-11 19:08 - 2017-07-12 08:00 - 000223072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-08-11 19:08 - 2017-07-12 08:00 - 000160608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2017-08-11 19:08 - 2017-07-12 07:59 - 001100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-08-11 19:08 - 2017-07-12 07:59 - 000989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-08-11 19:08 - 2017-07-12 07:59 - 000947040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-08-11 19:08 - 2017-07-12 07:59 - 000857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-08-11 19:08 - 2017-07-12 07:59 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-08-11 19:08 - 2017-07-12 07:55 - 004674872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-08-11 19:08 - 2017-07-12 07:25 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2017-08-11 19:08 - 2017-07-12 07:24 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2017-08-11 19:08 - 2017-07-12 07:24 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dabapi.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-08-11 19:08 - 2017-07-12 07:23 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-08-11 19:08 - 2017-07-12 07:23 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\frprov.dll
2017-08-11 19:08 - 2017-07-12 07:22 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2017-08-11 19:08 - 2017-07-12 07:20 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpapi.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-11 19:08 - 2017-07-12 07:17 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-08-11 19:08 - 2017-07-12 07:17 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-08-11 19:08 - 2017-07-12 07:16 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-08-11 19:08 - 2017-07-12 07:16 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-11 19:08 - 2017-07-12 07:15 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-08-11 19:08 - 2017-07-12 07:13 - 001478656 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-11 19:08 - 2017-07-12 07:12 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-11 19:08 - 2017-07-12 07:12 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-08-11 19:08 - 2017-07-12 07:12 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsium.dll
2017-08-11 19:08 - 2017-07-12 07:11 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-11 19:08 - 2017-07-12 07:10 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-11 19:08 - 2017-07-12 07:09 - 003291136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-08-11 19:08 - 2017-07-12 07:08 - 002861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-08-11 19:08 - 2017-07-12 07:07 - 000954880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-11 19:08 - 2017-07-12 07:07 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-08-11 19:08 - 2017-07-12 07:03 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-11 19:08 - 2017-07-12 07:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-11 19:08 - 2017-07-12 07:02 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-11 19:08 - 2017-07-12 07:01 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-11 19:08 - 2017-07-12 07:01 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-08-11 19:08 - 2017-07-12 07:00 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-08-11 19:08 - 2017-07-12 06:59 - 006664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-08-11 19:08 - 2017-07-12 06:59 - 002318336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-11 19:08 - 2017-07-12 06:59 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 001130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-11 19:08 - 2017-07-12 06:57 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-11 19:08 - 2017-07-12 06:56 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-08-11 19:08 - 2017-03-04 08:57 - 000372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-08-11 19:08 - 2017-03-04 08:16 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-08-11 19:08 - 2017-03-04 08:14 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-08-11 19:08 - 2017-03-04 08:07 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-08-11 19:08 - 2017-03-04 08:05 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-08-11 19:08 - 2016-08-02 10:13 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-11 19:01 - 2016-09-07 07:24 - 000057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-08-11 18:50 - 2017-09-08 21:04 - 054567688 _____ C:\Users\Gena_2\Downloads\torbrowser-install-7.0.4_de.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-08 22:36 - 2016-09-17 14:50 - 000000000 ____D C:\Users\Gena_2\Documents\Outlook-Dateien
2017-09-08 22:36 - 2014-07-22 18:47 - 000000000 ____D C:\Users\genas_000\Documents\Outlook-Dateien
2017-09-08 22:10 - 2016-11-16 19:56 - 000268715 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-09-08 22:09 - 2016-07-17 00:51 - 001568034 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-08 22:09 - 2016-07-17 00:51 - 001076530 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-08 22:09 - 2015-08-07 21:06 - 005777724 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-08 22:07 - 2016-09-13 21:35 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-08 22:05 - 2016-05-27 13:54 - 000000000 ___RD C:\Users\Gena_2\Creative Cloud Files
2017-09-08 22:05 - 2014-07-23 21:46 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Adobe
2017-09-08 22:05 - 2014-07-23 17:42 - 000000000 __SHD C:\Users\Gena_2\IntelGraphicsProfiles
2017-09-08 22:04 - 2016-09-13 21:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-08 22:04 - 2016-09-13 21:34 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-09-08 15:57 - 2016-09-13 21:36 - 000000000 ____D C:\Users\Gena_2
2017-09-08 15:57 - 2015-03-07 17:49 - 000000000 ____D C:\Users\Gena_2\AppData\Local\gtk-2.0
2017-09-06 20:59 - 2016-09-13 21:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-06 19:51 - 2016-12-20 23:21 - 000000000 ____D C:\Users\genas_000\AppData\LocalLow\Mozilla
2017-09-06 16:06 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-06 16:01 - 2014-07-23 17:23 - 000000000 __RDO C:\Users\genas_000\OneDrive
2017-09-06 15:59 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-06 15:54 - 2014-07-23 17:58 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\DAEMON Tools Lite
2017-09-06 15:50 - 2017-05-24 21:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-04 21:02 - 2016-09-25 23:00 - 000332800 ___SH C:\Users\Gena_2\Desktop\Thumbs.db
2017-09-01 23:29 - 2014-07-23 21:11 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-09-01 21:51 - 2014-07-22 16:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-01 21:43 - 2016-11-24 19:07 - 000000000 ____D C:\Users\Gena_2\AppData\LocalLow\Mozilla
2017-08-29 15:45 - 2015-12-03 11:46 - 000002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-29 15:45 - 2015-12-03 11:46 - 000002223 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-27 14:07 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-27 14:07 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-27 14:06 - 2014-08-24 11:17 - 000000000 ____D C:\Users\genas_000\AppData\Local\Adobe
2017-08-24 21:11 - 2014-07-22 13:17 - 000000000 ____D C:\Users\genas_000\AppData\Local\Packages
2017-08-24 18:54 - 2015-03-07 17:33 - 000000000 ____D C:\Program Files (x86)\Google
2017-08-23 17:40 - 2014-07-23 17:42 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Packages
2017-08-19 11:57 - 2016-04-09 13:41 - 000000000 ____D C:\Users\Gena_2\AppData\Local\CrashDumps
2017-08-15 21:10 - 2017-05-21 16:23 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Garmin
2017-08-13 10:48 - 2014-08-07 17:32 - 000000000 ____D C:\ProgramData\G Data
2017-08-13 10:42 - 2016-07-16 13:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-08-13 10:42 - 2014-08-07 17:33 - 000000000 ____D C:\Program Files (x86)\G Data
2017-08-13 00:24 - 2016-09-13 21:36 - 000000000 ____D C:\Users\genas_000
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2017-08-13 00:17 - 2014-04-30 17:43 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-12 23:54 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF
2017-08-12 15:55 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\rescache
2017-08-12 11:16 - 2016-11-06 19:08 - 000000000 ____D C:\Users\Lilia
2017-08-12 11:16 - 2016-09-13 21:36 - 000000000 ____D C:\Users\Gast
2017-08-12 11:15 - 2016-09-13 21:33 - 000341032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ___RD C:\Program Files\Windows Defender
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\Provisioning
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\bcastdvr
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-08-11 19:18 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-10 21:43 - 2016-05-30 16:55 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2017-08-10 21:43 - 2016-05-30 16:55 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2017-08-10 21:43 - 2016-05-30 16:55 - 000002097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2017-08-10 21:42 - 2014-07-22 16:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-10 21:35 - 2014-07-22 16:21 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-07-02 15:17 - 2016-07-02 15:17 - 000000000 ___RH () C:\Users\Gena_2\AppData\Roaming\82972e70eb62322fdec22be80f88c94e2
2016-05-15 17:25 - 2016-05-15 18:08 - 000000883 _____ () C:\Users\Gena_2\AppData\Roaming\AbsoluteReminder.xml
2015-03-23 15:43 - 2015-03-23 15:43 - 000000000 _____ () C:\Users\Gena_2\AppData\Roaming\gdfw.log
2015-03-23 15:43 - 2015-03-24 14:08 - 000001952 _____ () C:\Users\Gena_2\AppData\Roaming\gdscan.log
2015-05-07 21:24 - 2015-05-07 21:24 - 000004608 _____ () C:\Users\Gena_2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-17 11:28 - 2016-07-17 11:28 - 000000094 _____ () C:\Users\Gena_2\AppData\Local\fusioncache.dat
2017-09-08 15:57 - 2017-09-08 15:57 - 000007290 _____ () C:\Users\Gena_2\AppData\Local\recently-used.xbel
2017-02-18 23:43 - 2017-02-18 23:43 - 000370070 _____ () C:\Users\Gena_2\AppData\Local\SquareClock.Production_Home_KQ_WebIcon.ico
2016-09-13 21:35 - 2016-09-13 21:35 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-07-17 21:11 - 2017-07-18 13:10 - 000006299 _____ () C:\ProgramData\hpzinstall.log
2016-04-09 11:39 - 2016-04-09 11:39 - 000000016 _____ () C:\ProgramData\mntemp
2013-03-19 12:32 - 2013-03-19 12:32 - 000010011 _____ () C:\ProgramData\regid.2012-01.com.intel.discover-at_512FCF1B-3685-45F2-A1E9-63AEF7F79B35.swidtag
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. der Benutzer ist kein Administrator
==================== Ende von FRST.txt ============================
|
|
08.09.2017, 22:19
| #2 |
| | Trojaner Verdacht, Win10 64bit Addition
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017
durchgeführt von Gena_2 (08-09-2017 23:00:44)
Gestartet von C:\Users\Gena_2\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-13 19:51:32)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4288807228-2172792055-1580508024-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4288807228-2172792055-1580508024-1012 - Limited - Enabled)
DefaultAccount (S-1-5-21-4288807228-2172792055-1580508024-503 - Limited - Disabled)
Gast (S-1-5-21-4288807228-2172792055-1580508024-501 - Limited - Disabled) => C:\Users\Gast
************** (S-1-5-21-4288807228-2172792055-1580508024-1002 - Administrator - Enabled) => C:\Users\genas_000
Gena_2 (S-1-5-21-4288807228-2172792055-1580508024-1003 - Limited - Enabled) => C:\Users\Gena_2
HomeGroupUser$ (S-1-5-21-4288807228-2172792055-1580508024-1022 - Limited - Enabled)
Lilia (S-1-5-21-4288807228-2172792055-1580508024-1046 - Limited - Enabled) => C:\Users\Lilia
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G DATA Personal Firewall (Enabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.0 - Absolute Software)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.22 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.8 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.10.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Ahnenblatt 2.97a (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.97.2.1 - Dirk Bцttcher)
Amolto Call Recorder Premium for Skype (HKLM-x32\...\{69F36B84-256D-47CA-A4AC-D04083709434}) (Version: 2.6.1 - Amolto)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 381.65 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (HKLM\...\{1B6B17C2-176C-433C-93F3-640D12825426}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
AusweisApp2 (HKLM-x32\...\{8BC126FD-2F56-4B56-9363-54C3D0027BC6}) (Version: 1.10.1 - Governikus GmbH & Co. KG)
Benutzerhandbuch (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo) Hidden
BlackVue HD (HKLM-x32\...\BlackVueHD) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (HKLM-x32\...\{3D73DC7A-2D1D-45CF-8A67-24873925C716}) (Version: 3.00.0000 - Hewlett-Packard) Hidden
Brief Vorlagen (HKLM-x32\...\Brief Vorlagen_is1) (Version: - )
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )
Canon MX340 series - регистрация пользователя (HKLM-x32\...\Canon MX340 series - регистрация пользователя) (Version: - )
Canon MX340 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
CrystalDiskMark 5.1.2 (HKLM\...\CrystalDiskMark5_is1) (Version: 5.1.2 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0191 - Disc Soft Ltd)
DIG-CAD 4.0 (HKLM-x32\...\DIG-CAD 4.0) (Version: - )
DiskCryptor 1.1 (HKLM\...\DiskCryptor_is1) (Version: 1.1 - hxxp://diskcryptor.net/)
Download Master version 6.0.3.1433 (HKLM-x32\...\Download Master_is1) (Version: 6.0.3.1433 - WestByte)
Dragon Assistant Application de-DE Version 1.5.5 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.5 - Nuance Communications, Inc.)
Dragon Assistant Core Recognition Service Version 1.1.9 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.9 - Nuance Communications, Inc.)
Dragon Assistant Language Data de-DE Version 1.1.2 (HKLM-x32\...\{FB671668-9AAC-41DC-872B-627418FB62D5}_is1) (Version: 1.1.2 - Nuance Communications, Inc.)
Dragon Assistant Version 1.5.5 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.5 - Nuance Communications, Inc.)
Elevated Installer (HKLM-x32\...\{BA007E03-72AE-4D2D-8A73-FA4B935D4015}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo)
Exif-Viewer 2.51 (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
FLV and Media Player 4.2.1.1 (HKLM-x32\...\FLV and Media Player) (Version: 4.2.1.1 - Applian Technologies)
Free DVD Video Converter (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.65.823 - Digital Wave Ltd)
Free MP4 Video Converter version 5.0.54.1215 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.54.1215 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.54.1215 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.54.1215 - DVDVideoSoft Ltd.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.1.119 - DVDVideoSoft Ltd.)
FRITZ!Fernzugang (HKLM\...\{DD57CC22-8864-4CCA-94D4-600D024C1207}) (Version: 1.3.1 - AVM Berlin)
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.4.0.1 - G DATA Software AG)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{2f694ffe-66ec-4674-a32d-ec690281ca57}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{BCEE507D-8D49-40FF-B437-70E3B9C2D51C}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{198E262D-8C4F-4131-91C7-1F81FB8688F1}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Gpg4win (2.3.4) (HKLM-x32\...\GPG4Win) (Version: 2.3.4 - The Gpg4win Project)
Intel Anti-Theft Discovery App (HKLM-x32\...\{707248B9-2D34-4D77-A5C6-2A8A54848E5A}) (Version: 1.1.0.7 - Intel Corporation)
Intel Experience Center - Configuration (HKLM-x32\...\{C73A16B7-AC35-4262-9BAF-DA9B2039A563}) (Version: 1.9.0.8 - Intel) Hidden
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.91.55 - Huawei Technologies Co.,Ltd)
IsoBuster 3.9 (HKLM-x32\...\IsoBuster_is1) (Version: 3.9 - Smart Projects)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
KÜCHEN QUELLE 3D (HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\SquareClock_Production_Home_KQ_Web) (Version: - 3DVIA SAS)
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version: - )
L&H TTS3000 Espaсol (HKLM-x32\...\LHTTSSPE) (Version: - )
L&H TTS3000 Franзais (HKLM-x32\...\LHTTSFRF) (Version: - )
L&H TTS3000 Italiano (HKLM-x32\...\LHTTSITI) (Version: - )
L&H TTS3000 Portuguкs (Brasil) (HKLM-x32\...\LHTTSPTB) (Version: - )
L&H TTS3000 Russian (HKLM-x32\...\LHTTSRUR) (Version: - )
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10233 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo System Interface Foundation Driver (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.078.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0059 - Lenovo)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version: - )
Malwarebytes Version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7766.2099 - Microsoft Corporation)
Microsoft Office 365 ProPlus - ru-ru (HKLM\...\O365ProPlusRetail - ru-ru) (Version: 16.0.7766.2099 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Russian/русский (HKLM-x32\...\Office15.OMUI.ru-ru) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Outlook-Sicherung für Persönliche Ordner (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MKS Platform Components 9.x (HKLM\...\{30276636-0000-0905-9ABB-000BDB5CF35D}) (Version: 9.5.0000 - Mortice Kern Systems)
Motion Control (HKLM\...\Motion Control) (Version: 1.2.45.0 - Lenovo)
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Mp3tag v2.71 (HKLM-x32\...\Mp3tag) (Version: v2.71 - Florian Heidenreich)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
No23 Recorder (HKLM-x32\...\{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}) (Version: 2.1.0.3 - No23) Hidden
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.65 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0419-0000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PlayMemories Camera Apps Downloader (HKLM-x32\...\{5C42BF1B-4586-4711-81A7-8D0F890A6A31}) (Version: 1.2.0.13221 - Sony Corporation)
Polar ProTrainer (HKLM-x32\...\{DF7DBA84-0A55-11D6-A0A6-6A7573736972}) (Version: 5.40.170 - )
Polar WebLink 2.4.15 (HKLM-x32\...\{2734FEDB-7A24-4F15-AC5C-3EC00414D4CC}) (Version: 02.50.0006 - Polar Electro Oy)
QUIK (HKLM-x32\...\{519A413F-6A45-4A48-AC2E-4A9C94C8F98A}_is1) (Version: - СМВБ-Информационные технологии)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21229 - Realtek Semiconductor Corp.)
REALTEK DTV USB DEVICE (HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Remote Camera Control (HKLM-x32\...\{A32B85B2-5731-41E9-B431-3F4F5D6E664F}) (Version: 3.7.00000 - Sony Corporation)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Portable SSD T3 (HKLM-x32\...\Samsung Portable SSD T3_is1) (Version: 1.3 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
SDI011 dual interface reader (HKLM-x32\...\{D0ED9100-DFFB-482C-8DB6-C626264757BD}) (Version: 1.01 - SCM Microsystems)
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.7.1.1 - Seagate)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0100-0419-0000-0000000FF1CE}_Office15.OMUI.ru-ru_{DFA82E00-94E0-456C-B143-A2E1A90B1950}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.5.0.1160 - Lenovo)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 7.0.0.0 - Stellar Information Technology Pvt Ltd.)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
SurfEasy VPN 3.9.542 (HKLM-x32\...\SurfEasy VPN) (Version: 3.9.542 - SurfEasy Inc)
Sweet Home 3D version 5.1.1 (HKLM\...\Sweet Home 3D_is1) (Version: 5.1.1 - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Update for Skype for Business 2015 (KB4011046) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0419-0000-0000000FF1CE}_Office15.OMUI.ru-ru_{4948A05E-E21F-4A6F-BF2A-7D106E339C9B}) (Version: - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
Vibraimage8 Lite (HKLM-x32\...\{32B4ED86-7931-47CC-B62C-52C9CB739E6F}_is1) (Version: - ELSYS Corp.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WD Quick View (HKLM-x32\...\{2CE08B2D-856C-47D9-9F6A-BC691911BCD9}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{B11B695F-B5BF-4667-8291-682B3A73B5F8}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Засоби перевірки правопису Microsoft Office 2013 – Українська версія (HKLM-x32\...\{90150000-001F-0422-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2013 — русский (HKLM-x32\...\{90150000-001F-0419-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Энциклопедия Фэн-Шуй (HKLM-x32\...\{2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F}) (Version: 1.00.0000 - Агенство Вызов)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2015-04-15] ()
ContextMenuHandlers1: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G Data\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\GNU\GnuPG\bin\gpgex.dll [2017-07-06] (g10 Code GmbH)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers1: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} => -> Keine Datei
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers3: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G Data\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\GNU\GnuPG\bin\gpgex.dll [2017-07-06] (g10 Code GmbH)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers4: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} => -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-04-01] (NVIDIA Corporation)
ContextMenuHandlers5: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} => -> Keine Datei
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G Data\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G Data\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job =>
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive для бизнеса.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype для бизнеса 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\QUIK БКС.lnk -> C:\BCS_Work\QUIK_BCS\info.exe (ARQA Technologies) <==== Cyrillic
ShortcutWithArgument: C:\Users\Public\Desktop\Аура VI+.lnk -> C:\ELSYS\Vibraimage8Lite\Vibraimage.exe (ELSYS Corp.) -> -type DZ <==== Cyrillic
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-07-12 16:27 - 2017-06-21 09:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-01 17:09 - 2016-11-02 00:05 - 000401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-07-18 00:50 - 2017-07-18 00:50 - 000492112 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 000222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-09-16 19:54 - 2016-09-07 06:56 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 20:20 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 20:20 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 20:20 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 20:20 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-08-11 19:08 - 2017-03-04 08:05 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-08-11 19:08 - 2017-08-01 20:26 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-08-11 19:08 - 2017-08-01 20:31 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-24 20:44 - 2017-08-24 20:44 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-04-07 09:41 - 2017-04-07 09:41 - 000054488 _____ () C:\Program Files\CCleaner\branding.dll
2017-06-30 13:22 - 2017-06-30 13:22 - 000069632 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-02-11 07:34 - 2014-02-11 07:34 - 000172552 _____ () C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
2000-01-01 02:00 - 2000-01-01 02:00 - 003282432 _____ () C:\Users\genas_000\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\127.0.0.1 -> hxxp://127.0.0.1
IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\sharepoint.com -> hxxps://htlsalzburg.sharepoint.com
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2017-08-24 21:11 - 000004317 _____ C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 ac3.msn.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads.msn.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 a-msedge.net
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 c.atdmt.com
Da befinden sich 77 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{D5DDE90F-B890-499C-97BE-D240BF536F06}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{525C069A-4925-4CA0-B0E5-7CEADF154779}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{BE8D84D0-3369-47DE-B749-AAD23628B085}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DA8EBB94-A13D-427B-9C1E-E62823E17964}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D2DD5E8D-A22F-44FF-BA73-73D9EFC2B8DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{780E69FD-5D50-4A2A-819C-E2B45BA8A0F1}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{AC9B4F1C-3234-470E-9008-AC3A6977E938}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{2CE008AD-0902-4FD1-953A-64F9E981CED5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D7A8A6EE-2C58-4FF4-8333-F29F54047C68}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{60A8FBFC-A4F9-4ACF-879B-8B71A2F99FF0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{301BAC45-CBC7-4E83-A610-AF9A345328F9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B2C99D29-24A6-4D7E-93C7-48BB65ACEFE7}] => (Allow) LPort=8888
FirewallRules: [{B050B6DB-44A4-41A7-96A8-7CD4A20EEC39}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files (x86)\AusweisApp2 1.10.1\AusweisApp2.exe
FirewallRules: [{44A4D463-2386-4A06-B986-C805B9653687}] => (Allow) C:\Program Files\Swissquote Ltd MT5 Client Terminal\metatester64.exe
FirewallRules: [{18EA178A-2706-46B0-A5DF-9EA8F6C5A379}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5A874973-02D7-497B-8AEB-2B4C508816DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{6867CE08-BE12-4734-8E65-BDDBAC69D03B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{184D4004-B526-4305-ACB9-F90F4A4D1AA4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9B8728D3-C590-4B26-BA88-240EA494FAC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A4DA8839-462A-4F7A-9824-4C123EB59DEC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{72352756-D653-423A-833C-178972E9D8C3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{C3D370EE-3CF7-4DD3-ADBB-48A8B5FF74A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{33B2E5CB-5DD2-4C2F-A316-B1C814B7063C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{DE0CE2DB-4843-4250-A53B-A94718040FE9}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{64C1F78F-3159-4F6A-86B9-E8AB8D172EF9}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{71CE4922-4B75-4FF7-9386-9CEE9535F059}] => (Allow) C:\Users\genas_000\AppData\Local\Temp\7zS0CBD\setup\hpznui40.exe
FirewallRules: [{D1B3F7B8-03E6-44F4-A89D-59348D4F6F53}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{15125702-7408-4E8E-A327-DCC00EC41C82}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{557D9F0D-B68F-4AA5-99B6-D4E2E7B65275}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{A2C68E22-DAC7-423A-ACD0-49A6B4668CA6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{3F5C6BC9-CC3F-4D24-93F2-6A2AD63E5AD7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{E22B73BA-7459-4BDD-850E-0CF971BC241A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{CC918D2F-866A-41CF-80CF-9818F492D43A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{809AB22F-0ED4-48E6-8E1E-0BDCCE133952}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{10042CB0-C0C1-4492-B697-52544127F208}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{158653DB-4B7D-4AC8-AE0C-847F158C87F7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{41E89BDA-5104-440A-8200-8E2333410A06}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{001AEBEF-6ADF-4F05-826B-E25B7D860CCB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{B41CB8D8-987A-41BF-B501-F74961E4B840}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{E4F74B96-BD69-4D88-9099-BBA1F3A18419}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{13EC67D8-E8C7-4181-B3AA-C3B2EE470C46}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{8748E045-E98A-4457-894A-12894C16B23E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{F6EC5666-56C0-44D4-BFE4-85992EC9767B}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{B45A571A-4E8E-48D1-8991-EDB9E5A65380}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{C7446EB1-62CC-4032-BE86-A2BCF3603E52}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{EF35A8AD-2588-46A5-8813-BC49255461E0}] => (Allow) LPort=8888
FirewallRules: [{529CFD88-2099-48A0-9AB9-4719E28C5AAB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/08/2017 10:05:24 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (09/08/2017 10:05:09 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (09/08/2017 10:04:18 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/08/2017 09:56:54 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/08/2017 07:04:22 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (09/08/2017 07:04:22 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (09/07/2017 07:59:23 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (09/07/2017 07:59:22 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (09/07/2017 07:59:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname BigCom.local already in use; will try BigCom-2.local instead
Error: (09/07/2017 07:59:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 BigCom.local. Addr 192.168.178.25
Systemfehler:
=============
Error: (09/08/2017 10:58:31 PM) (Source: DCOM) (EventID: 10010) (User: BigCom)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/08/2017 10:42:01 PM) (Source: DCOM) (EventID: 10010) (User: BigCom)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/08/2017 10:12:11 PM) (Source: DCOM) (EventID: 10010) (User: BigCom)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/08/2017 10:11:19 PM) (Source: DCOM) (EventID: 10010) (User: BigCom)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/08/2017 10:05:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/08/2017 10:05:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/08/2017 10:05:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/08/2017 10:05:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/08/2017 10:04:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HWDeviceService64.exe" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/08/2017 10:04:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. RunOuc" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
CodeIntegrity:
===================================
Date: 2017-09-06 15:58:09.788
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltDll64.dll that did not meet the Store signing level requirements.
Date: 2017-09-06 15:49:15.976
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltDll64.dll that did not meet the Store signing level requirements.
Date: 2016-09-28 22:25:30.242
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.240
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.236
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.233
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.229
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.226
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.214
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.201
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 8104.27 MB
Verfügbarer physikalischer RAM: 4358.14 MB
Summe virtueller Speicher: 9384.27 MB
Verfügbarer virtueller Speicher: 4914.61 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:122.8 GB) (Free:21.45 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Zwieschenspeicher) (Fixed) (Total:25 GB) (Free:4.78 GB) NTFS
Drive g: (LENOVO_S) (Fixed) (Total:51.88 GB) (Free:1.32 GB) NTFS
Drive h: (Volume) (Fixed) (Total:23.17 GB) (Free:6.88 GB) NTFS
==================== MBR & Partitionstabelle ==================
==================== Ende von Addition.txt ============================
|
|
09.09.2017, 13:33
| #3 |
| /// TB-Ausbilder   | Trojaner Verdacht, Win10 64bit Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
09.09.2017, 20:52
| #4 |
| | Trojaner Verdacht, Win10 64bitCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
durchgeführt von *************** (Administrator) auf BIGCOM (09-09-2017 21:46:49)
Gestartet von C:\Users\Gena_2\Downloads
Geladene Profile: *************** & Gena_2 (Verfügbare Profile: *************** & Gena_2 & Lilia & Gast & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(MKS Software Inc.) C:\Windows\System32\nutsrv4.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
() C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
() C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1301.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-16] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2014-02-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [101360 2014-02-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM\...\Run: [USB Safely Remove] => "C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe" /startup
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-28] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [NuTCSetupEnviron] => C:\Program Files\PTC\MKS Toolkit\bin\ncoeenv.exe [37248 2012-10-12] (MKS Software Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-07-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-07-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-05-10] (Seagate Technology LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [442856 2017-06-08] (G DATA Software AG)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4295360 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-05-18] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [SurfEasy] => C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyVPN.exe startup
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-05-10] (Seagate Technology LLC)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\MountPoints2: {50b30d4b-8405-11e6-bf7b-fcf8ae9ac78d} - "E:\run.exe"
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\MountPoints2: {cba4bbd6-565a-11e6-bf56-fcf8ae9ac78d} - "J:\HPLauncher.exe"
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2352832 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe [763416 2017-07-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-05-10] (Seagate Technology LLC)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4295360 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Polar Sync] => *:\program files\polar\polar sync\********************************************************************************************************************************************************************** (Der Dateneintrag hat 59 mehr Zeichen).
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\MountPoints2: {be3b4032-83bd-11e6-bf7a-fcf8ae9ac78d} - "I:\start-win.exe"
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-05-18] (Garmin Ltd. or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2014-02-11]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Motion Control.lnk [2014-02-11]
ShortcutTarget: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe ()
Startup: C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZenMate.bat [2017-08-13] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyServer: [S-1-5-21-4288807228-2172792055-1580508024-1003] => 84.112.117.174:8080
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2be6f6e2-00a5-4ce8-95ef-87a8efc7ebb5}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3a45b7cf-7020-4447-8c63-994d33d62839}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=625119&clcid=0x419
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=625119&clcid=0x419
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U280DF&PC=U280&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> {26B3CAA3-DAC0-4C35-B5A8-06D7ABF7F9C4} URL =
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> {26B3CAA3-DAC0-4C35-B5A8-06D7ABF7F9C4} URL =
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-19] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-19] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-12-15] (DVDVideoSoft Ltd.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-07-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle Corporation)
BHO-x32: IE 4.x-6.x BHO for Download Master -> {9961627E-4059-41B4-8E0E-A7D6B3854ADF} -> C:\Program Files (x86)\Download Master\dmiehlp.dll [2014-12-29] (WestByte)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-07-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2016-01-19] (DVDVideoSoft Ltd.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-04-05] (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\genas_000\AppData\Roaming\Mozilla\Firefox\Profiles\30yofb6a.default-1460833065739 [2017-09-06]
FF Extension: (SaveFrom.net helper) - C:\Users\genas_000\AppData\Roaming\Mozilla\Firefox\Profiles\30yofb6a.default-1460833065739\Extensions\helper-sig@savefrom.net.xpi [2017-07-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-08-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-27] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-07-13] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-27] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\CanonBJ\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-04] (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-07-19] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-08-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-07-13] (Adobe Systems)
FF Plugin-x32: Sony Corporation/PMCADownloader -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\npPMCADownloader.dll [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderHelper -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\PMCADownloaderHelper.exe [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderLib -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\PMCADownloaderLib.dll [2012-10-17] (Sony Network Entertainment International LLC)
Chrome:
=======
CHR HomePage: Default -> bing.com/?pc=__PARAM__
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default [2017-07-08]
CHR Extension: (Google Präsentationen) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-12]
CHR Extension: (Google Docs) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-12]
CHR Extension: (Google Drive) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-12]
CHR Extension: (YouTube) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-12]
CHR Extension: (Adobe Acrobat) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-12]
CHR Extension: (Google Tabellen) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-12]
CHR Extension: (Google Docs Offline) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-12]
CHR Extension: (Skype) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-01-12]
CHR Extension: (Bing) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfedoihopcjdfjihhhojdclnfdgomdho [2017-01-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-12]
CHR Extension: (PlayMemories Camera Apps Downloader) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlghnkgcadghcdodlcjfhogekonhdei [2017-01-12]
CHR Extension: (Google Mail) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-12]
CHR Extension: (Chrome Media Router) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-12]
CHR HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-07-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-07-13] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [5017224 2017-06-23] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [3328112 2017-06-08] (G Data Software AG)
S2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
S2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3705536 2017-07-03] (Microsoft Corporation)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [432528 2013-04-17] (Nuance Communications, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [437224 2016-10-27] (Digital Wave Ltd.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2017-07-06] () [Datei ist nicht signiert]
S3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1458368 2016-06-09] (Disc Soft Ltd)
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1093136 2017-05-18] (Garmin Ltd. or its subsidiaries)
S3 GDBackupSvc; C:\Program Files (x86)\G Data\InternetSecurity\AVKBackup\AVKBackupService.exe [3997160 2017-06-23] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3419552 2017-06-08] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [884328 2017-06-08] (G DATA Software AG)
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] ()
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-06-05] (Lenovo Group Limited)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-09] (Intel Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-08-16] () [Datei ist nicht signiert]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NuTCRACKERService; C:\WINDOWS\system32\nutsrv4.exe [574776 2012-10-12] (MKS Software Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16120 2017-05-10] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143560 2017-05-10] (Seagate Technology LLC)
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [35272 2016-05-04] (SHAREit Technologies Co.Ltd)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 SurfEasyVPN; C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe [1663368 2017-03-14] ()
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-06-09] ()
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-08-01] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 dcrypt; C:\WINDOWS\System32\drivers\dcrypt.sys [210632 2014-07-09] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-09-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-09-26] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] ()
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [109568 2013-01-25] (Huawei Technologies Co., Ltd.)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [200728 2017-08-13] (G Data Software AG)
R3 gddcd; C:\WINDOWS\System32\drivers\gddcd64.sys [79872 2015-03-23] (G Data Software AG)
R1 gddcv; C:\WINDOWS\System32\drivers\gddcv64.sys [59904 2015-03-23] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2017-02-20] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [46104 2017-08-13] (G Data Software AG)
R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [38984 2017-08-13] (G DATA Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [309784 2017-08-13] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [162328 2017-08-13] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [86584 2017-08-13] (G DATA Software AG)
S3 GRD; C:\WINDOWS\system32\drivers\GRD.sys [125640 2017-08-27] (G Data Software)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [157720 2017-08-13] (G Data Software AG)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [121728 2013-12-10] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\system32\DRIVERS\ew_wwanecm.sys [376704 2013-12-10] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-09-08] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-09] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-09] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-09] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-09] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.)
S3 MosIrUsb; C:\WINDOWS\System32\drivers\MosIrUsb.sys [27648 2007-10-11] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3776792 2015-06-22] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_e512e33140587627\nvlddmkm.sys [14841784 2017-04-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-05-03] (NVIDIA Corporation)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [759552 2015-09-21] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-16] (Realtek Semiconductor Corp.)
S3 SD11CL64; C:\WINDOWS\system32\DRIVERS\SD11CL64.sys [96512 2011-01-24] (SCM Microsystems Inc.)
S3 SDI01164; C:\WINDOWS\system32\DRIVERS\SDI01164.SYS [75904 2011-01-24] (SCM Microsystems Inc.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2017-03-21] (Anchorfree Inc.)
R0 TS4NT; C:\WINDOWS\System32\Drivers\TS4nt.sys [98760 2015-03-23] (G Data Software)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-09-09] ()
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-09 21:45 - 2017-09-09 21:46 - 000061049 _____ C:\Users\Gena_2\Downloads\Addition.txt
2017-09-09 21:45 - 2017-09-09 21:46 - 000041468 _____ C:\Users\Gena_2\Downloads\FRST.txt
2017-09-09 21:31 - 2017-09-09 21:31 - 000000022 _____ C:\WINDOWS\S.dirmngr
2017-09-09 14:54 - 2017-09-09 21:38 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2017-09-08 23:26 - 2017-09-08 23:26 - 000000000 ____D C:\Users\Gena_2\Desktop\txt
2017-09-08 22:59 - 2017-09-09 21:44 - 002395648 _____ (Farbar) C:\Users\Gena_2\Downloads\FRST64.exe
2017-09-08 22:11 - 2017-09-08 22:11 - 000001456 _____ C:\Users\Gena_2\Desktop\Start Tor Browser.lnk
2017-09-08 21:56 - 2017-09-09 21:39 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-08 21:56 - 2017-09-09 21:31 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-08 21:56 - 2017-09-09 21:31 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-08 21:56 - 2017-09-09 21:31 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-08 21:56 - 2017-09-08 21:56 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-08 21:56 - 2017-09-08 21:56 - 000001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-08 21:56 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-08 21:55 - 2017-09-08 21:55 - 066347240 _____ (Malwarebytes ) C:\Users\Gena_2\Downloads\mb3-setup-consumer-3.2.2.2018.exe
2017-09-08 21:33 - 2017-09-08 21:47 - 000079617 _____ C:\Users\genas_000\Downloads\Addition.txt
2017-09-08 21:32 - 2017-09-09 21:46 - 000000000 ____D C:\FRST
2017-09-08 21:32 - 2017-09-08 21:45 - 000100731 _____ C:\Users\genas_000\Downloads\FRST.txt
2017-09-08 21:29 - 2017-09-08 21:32 - 002395648 _____ (Farbar) C:\Users\genas_000\Downloads\FRST64.exe
2017-09-08 21:20 - 2017-09-08 21:20 - 007178424 _____ (VS Revo Group ) C:\Users\genas_000\Downloads\revosetup_v2.0.3.exe
2017-09-08 21:05 - 2017-09-08 21:05 - 000000970 _____ C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-09-08 21:05 - 2017-09-08 21:05 - 000000922 _____ C:\Users\genas_000\Desktop\Start Tor Browser.lnk
2017-09-08 21:04 - 2017-09-08 21:05 - 000000000 ____D C:\Users\genas_000\Desktop\Tor Browser
2017-09-08 19:04 - 2017-09-09 21:31 - 000094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-09-08 15:57 - 2017-09-08 15:57 - 000007290 _____ C:\Users\Gena_2\AppData\Local\recently-used.xbel
2017-09-08 15:57 - 2017-09-08 15:57 - 000000037 _____ C:\Users\Gena_2\.gtk-bookmarks
2017-09-07 19:59 - 2017-09-09 21:32 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2017-09-06 16:22 - 2017-09-06 20:25 - 001314861 _____ () C:\hoe.dll
2017-09-06 16:01 - 2017-09-06 16:01 - 000002447 _____ C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-04 20:54 - 2017-09-04 20:54 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign24b0aab944a0f2f8
2017-09-04 20:53 - 2017-09-04 20:53 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign7e4b5e0ba9a3c64c
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignfed5aacc0dc13da6
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign41a2d2e3a16ca90a
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign0ce8cd98bb0e703f
2017-09-03 19:24 - 2017-09-03 19:24 - 000184837 _____ C:\Users\Gena_2\Documents\Paracelsus-Versand.pdf
2017-09-02 23:31 - 2017-09-02 23:31 - 001781226 _____ C:\Users\Gena_2\Documents\Ahnenblatt-Handbuch.pdf
2017-09-02 20:38 - 2017-09-06 21:16 - 000000000 ____D C:\Users\Gena_2\Documents\Ahnenblatt
2017-09-02 20:38 - 2017-09-06 19:22 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 20:38 - 000000000 ____D C:\Users\genas_000\AppData\Roaming\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000001175 _____ C:\Users\Public\Desktop\Ahnenblatt.lnk
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\Users\genas_000\Documents\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\Program Files (x86)\Ahnenblatt
2017-09-02 16:59 - 2017-09-02 16:59 - 007164912 _____ (Dirk Böttcher ) C:\Users\Gena_2\Downloads\absetup.exe
2017-08-24 18:54 - 2017-08-24 18:54 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2017-08-24 18:54 - 2017-08-24 18:54 - 000002220 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2017-08-22 21:09 - 2017-09-09 21:31 - 000034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-08-19 13:15 - 2017-08-19 13:15 - 000000000 ____D C:\Users\genas_000\AppData\Local\keepassx
2017-08-19 13:14 - 2017-08-19 13:14 - 000000000 ____D C:\Users\Gena_2\Downloads\KeePassX-2.0.3
2017-08-19 13:12 - 2017-08-19 13:12 - 000000801 _____ C:\Users\Gena_2\Downloads\KeePassX-2.0.3.zip.sig
2017-08-19 11:38 - 2017-08-24 21:06 - 000000000 ____D C:\Users\Gena_2\Downloads\windows
2017-08-14 18:28 - 2017-08-14 18:28 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign1b4a29de636be42f
2017-08-14 18:23 - 2017-08-14 18:23 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignc0bab0ec0cf11e06
2017-08-14 18:17 - 2017-08-14 18:17 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign991be756ff36d9ed
2017-08-14 18:16 - 2017-08-14 18:16 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignad11cc61bf043d49
2017-08-14 18:16 - 2017-08-14 18:16 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsigna9351cf5d5af130d
2017-08-14 18:15 - 2017-08-14 18:15 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign880927f307097e96
2017-08-14 18:15 - 2017-08-14 18:15 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign68131fe99be3bf8d
2017-08-13 12:46 - 2017-08-13 12:46 - 001781359 _____ (pendrivelinux.com) C:\Users\Gena_2\Downloads\Universal-USB-Installer.exe
2017-08-13 12:17 - 2017-08-27 13:58 - 000125640 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2017-08-13 12:17 - 2017-08-13 12:17 - 000037544 _____ (G DATA Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000086584 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000046104 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBB64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000038984 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000002102 _____ C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2017-08-13 10:45 - 2017-08-13 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2017-08-13 10:43 - 2017-08-13 10:43 - 000309784 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000200728 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000162328 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000157720 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2017-08-13 10:35 - 2017-08-13 10:36 - 014890128 _____ (G DATA Software AG) C:\Users\Gena_2\Downloads\GDATA_INTERNETSECURITY_WEB_WEU.exe
2017-08-13 00:19 - 2017-08-13 00:19 - 001781359 _____ (pendrivelinux.com) C:\Users\genas_000\Downloads\Universal-USB-Installer.exe
2017-08-13 00:16 - 2017-08-13 00:16 - 000506984 _____ C:\Users\Gena_2\Documents\GDataSettings.gds
2017-08-12 23:22 - 2017-08-12 23:22 - 000459593 _____ C:\Users\Gena_2\Downloads\tails-signing.key
2017-08-12 22:30 - 2017-09-08 21:55 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\gnupg
2017-08-12 22:30 - 2017-08-12 22:33 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\.kde
2017-08-12 22:30 - 2017-08-12 22:30 - 000002063 _____ C:\Users\Public\Desktop\Kleopatra.lnk
2017-08-12 22:30 - 2017-08-12 22:30 - 000001203 _____ C:\Users\Public\Desktop\GPA.lnk
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\Users\Public\Desktop\Документация Gpg4win
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\Users\Gena_2\AppData\Local\GNU
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gpg4win
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\Users\genas_000\AppData\Roaming\gnupg
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\ProgramData\GNU
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\Program Files (x86)\GNU
2017-08-12 21:20 - 2017-08-12 21:20 - 054531880 _____ C:\Users\Gena_2\Downloads\torbrowser-install-7.0.4_ru.exe
2017-08-12 20:47 - 2017-08-12 20:47 - 018239617 _____ C:\Users\Gena_2\Downloads\i2pinstall_0.9.31_windows.exe
2017-08-12 20:07 - 2017-08-12 20:07 - 018583016 _____ (freenetproject.org ) C:\Users\Gena_2\Downloads\FreenetInstaller-1478.exe
2017-08-12 18:22 - 2017-08-12 18:22 - 033954414 _____ C:\Users\Gena_2\Downloads\Bitmessage_x64_0.6.2.exe
2017-08-12 18:12 - 2017-08-12 18:12 - 001468831 _____ C:\Users\Gena_2\Downloads\dcrypt_1.1.846.118_src.zip
2017-08-12 18:12 - 2017-08-12 18:12 - 001001880 _____ (hxxp://diskcryptor.net/ ) C:\Users\Gena_2\Downloads\dcrypt_setup.exe
2017-08-12 18:12 - 2017-08-12 18:12 - 000000836 _____ C:\Users\genas_000\Desktop\DiskCryptor.lnk
2017-08-12 18:12 - 2017-08-12 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCryptor
2017-08-12 18:12 - 2017-08-12 18:12 - 000000000 ____D C:\Program Files\dcrypt
2017-08-12 18:12 - 2014-07-09 10:42 - 000210632 _____ C:\WINDOWS\system32\Drivers\dcrypt.sys
2017-08-12 16:57 - 2017-08-13 01:11 - 000000000 ____D C:\Users\Gena_2\AppData\Local\ZenMate
2017-08-12 16:57 - 2017-08-13 00:53 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZenGuard GmbH
2017-08-12 16:57 - 2017-08-12 16:57 - 000000000 ____D C:\Users\Gena_2\AppData\Local\SquirrelTemp
2017-08-12 16:57 - 2017-08-12 16:57 - 000000000 ____D C:\Users\Gena_2\AppData\Local\IsolatedStorage
2017-08-12 16:47 - 2017-08-12 16:47 - 014932432 _____ (AnchorFree Inc.) C:\Users\Gena_2\Downloads\HotspotShield-6.9.2-9040555.exe
2017-08-12 15:25 - 2017-08-12 15:25 - 083516376 _____ (GitHub, Inc.) C:\Users\Gena_2\Downloads\GitHubDesktopSetup.exe
2017-08-12 14:34 - 2017-08-12 14:34 - 023584794 _____ (Tox) C:\Users\Gena_2\Downloads\setup-qtox64-1.11.0.exe
2017-08-11 23:06 - 2017-08-11 23:06 - 006492712 _____ C:\Users\Gena_2\Downloads\BleachBit-1.12-setup.exe
2017-08-11 21:34 - 2017-08-19 13:12 - 007941944 _____ C:\Users\Gena_2\Downloads\KeePassX-2.0.3.zip
2017-08-11 19:39 - 2017-08-12 18:09 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_setup.exe.asc
2017-08-11 19:39 - 2017-08-11 19:39 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_winpe.zip.asc
2017-08-11 19:39 - 2017-08-11 19:39 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_1.1.846.118_src.zip.asc
2017-08-11 19:09 - 2017-08-01 21:21 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-11 19:09 - 2017-08-01 21:20 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-08-11 19:09 - 2017-08-01 20:32 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-11 19:09 - 2017-08-01 20:27 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-08-11 19:09 - 2017-08-01 20:27 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-08-11 19:09 - 2017-08-01 19:20 - 002264344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-11 19:09 - 2017-08-01 19:20 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-08-11 19:09 - 2017-08-01 19:20 - 000781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-11 19:09 - 2017-08-01 19:20 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000577976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000339896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000266080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-11 19:09 - 2017-08-01 19:19 - 000120416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-11 19:09 - 2017-08-01 19:18 - 000139104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-11 19:09 - 2017-08-01 19:16 - 006665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-11 19:09 - 2017-08-01 19:16 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-08-11 19:09 - 2017-08-01 19:16 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-08-11 19:09 - 2017-08-01 19:10 - 000306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-08-11 19:09 - 2017-08-01 19:07 - 005686784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-11 19:09 - 2017-08-01 18:59 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-11 19:09 - 2017-08-01 18:58 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-08-11 19:09 - 2017-08-01 18:56 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-08-11 19:09 - 2017-08-01 18:56 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-08-11 19:09 - 2017-08-01 18:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-11 19:09 - 2017-08-01 18:54 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-08-11 19:09 - 2017-08-01 18:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-08-11 19:09 - 2017-08-01 18:54 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-11 19:09 - 2017-08-01 18:53 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-08-11 19:09 - 2017-08-01 18:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2017-08-11 19:09 - 2017-08-01 18:52 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-11 19:09 - 2017-08-01 18:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-11 19:09 - 2017-08-01 18:50 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-08-11 19:09 - 2017-08-01 18:49 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-11 19:09 - 2017-08-01 18:48 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-08-11 19:09 - 2017-08-01 18:48 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-08-11 19:09 - 2017-08-01 18:45 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-08-11 19:09 - 2017-08-01 18:45 - 001985536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certmgr.dll
2017-08-11 19:09 - 2017-08-01 18:41 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-08-11 19:09 - 2017-08-01 18:39 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-11 19:09 - 2017-08-01 18:39 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-11 19:09 - 2017-08-01 18:38 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-08-11 19:09 - 2017-08-01 18:37 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comuid.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-08-11 19:09 - 2017-08-01 18:36 - 007468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-08-11 19:09 - 2017-08-01 18:35 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-08-11 19:09 - 2017-08-01 18:33 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-08-11 19:09 - 2017-08-01 18:32 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-08-11 19:09 - 2017-08-01 18:32 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-08-11 19:09 - 2017-08-01 18:31 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 002997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-11 19:09 - 2017-08-01 18:30 - 002482688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-08-11 19:09 - 2017-08-01 18:29 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-08-11 19:09 - 2017-08-01 18:28 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-11 19:09 - 2017-07-12 08:17 - 000081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-08-11 19:09 - 2017-07-12 08:15 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-08-11 19:09 - 2017-07-12 08:12 - 001573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-08-11 19:09 - 2017-07-12 08:01 - 000715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-08-11 19:09 - 2017-07-12 08:00 - 000095584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2017-08-11 19:09 - 2017-07-12 07:56 - 000277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-11 19:09 - 2017-07-12 07:55 - 000607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-08-11 19:09 - 2017-07-12 07:55 - 000111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-08-11 19:09 - 2017-07-12 07:52 - 004312760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-08-11 19:09 - 2017-07-12 07:35 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dabapi.dll
2017-08-11 19:09 - 2017-07-12 07:32 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2017-08-11 19:09 - 2017-07-12 07:32 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\frprov.dll
2017-08-11 19:09 - 2017-07-12 07:31 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-11 19:09 - 2017-07-12 07:31 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2017-08-11 19:09 - 2017-07-12 07:30 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2017-08-11 19:09 - 2017-07-12 07:29 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-08-11 19:09 - 2017-07-12 07:29 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\httpapi.dll
2017-08-11 19:09 - 2017-07-12 07:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-08-11 19:09 - 2017-07-12 07:24 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys
2017-08-11 19:09 - 2017-07-12 07:23 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-11 19:09 - 2017-07-12 07:23 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-08-11 19:09 - 2017-07-12 07:21 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-11 19:09 - 2017-07-12 07:21 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2017-08-11 19:09 - 2017-07-12 07:19 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-08-11 19:09 - 2017-07-12 07:18 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-08-11 19:09 - 2017-07-12 07:15 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-11 19:09 - 2017-07-12 07:15 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsium.dll
2017-08-11 19:09 - 2017-07-12 07:14 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-11 19:09 - 2017-07-12 07:13 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-11 19:09 - 2017-07-12 07:12 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-08-11 19:09 - 2017-07-12 07:11 - 002154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-08-11 19:09 - 2017-07-12 07:10 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-11 19:09 - 2017-07-12 07:10 - 000546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-08-11 19:09 - 2017-07-12 07:09 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-08-11 19:09 - 2017-07-12 07:07 - 001572352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-08-11 19:09 - 2017-07-12 07:05 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-11 19:09 - 2017-07-12 04:49 - 000448629 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-08-11 19:09 - 2017-03-04 08:05 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-08-11 19:08 - 2017-08-01 21:32 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-08-11 19:08 - 2017-08-01 21:31 - 007780192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-11 19:08 - 2017-08-01 21:29 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-11 19:08 - 2017-08-01 21:27 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-11 19:08 - 2017-08-01 21:25 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-08-11 19:08 - 2017-08-01 21:22 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-08-11 19:08 - 2017-08-01 21:22 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 002759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-11 19:08 - 2017-08-01 21:21 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-08-11 19:08 - 2017-08-01 21:21 - 000295264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-08-11 19:08 - 2017-08-01 21:21 - 000124072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 000026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-08-11 19:08 - 2017-08-01 21:20 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000684344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000383776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000144736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-11 19:08 - 2017-08-01 21:20 - 000079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-11 19:08 - 2017-08-01 21:18 - 008169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 004260064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 022220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-08-11 19:08 - 2017-08-01 21:13 - 002532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-11 19:08 - 2017-08-01 21:13 - 001102176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-08-11 19:08 - 2017-08-01 21:13 - 000387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-11 19:08 - 2017-08-01 21:01 - 007218176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-11 19:08 - 2017-08-01 20:57 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-08-11 19:08 - 2017-08-01 20:54 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-11 19:08 - 2017-08-01 20:53 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 022569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-11 19:08 - 2017-08-01 20:51 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-11 19:08 - 2017-08-01 20:50 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-11 19:08 - 2017-08-01 20:48 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-08-11 19:08 - 2017-08-01 20:48 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-08-11 19:08 - 2017-08-01 20:48 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-11 19:08 - 2017-08-01 20:47 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-08-11 19:08 - 2017-08-01 20:46 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-11 19:08 - 2017-08-01 20:46 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-11 19:08 - 2017-08-01 20:45 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-11 19:08 - 2017-08-01 20:44 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-11 19:08 - 2017-08-01 20:44 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-11 19:08 - 2017-08-01 20:42 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-11 19:08 - 2017-08-01 20:42 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-11 19:08 - 2017-08-01 20:41 - 002222080 _____ (Microsoft Corporation) C:\WINDOWS\system32\certmgr.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 001281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-11 19:08 - 2017-08-01 20:38 - 013441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-08-11 19:08 - 2017-08-01 20:38 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-08-11 19:08 - 2017-08-01 20:37 - 013091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-11 19:08 - 2017-08-01 20:36 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-11 19:08 - 2017-08-01 20:36 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-08-11 19:08 - 2017-08-01 20:35 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-11 19:08 - 2017-08-01 20:34 - 001837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-08-11 19:08 - 2017-08-01 20:32 - 008114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-11 19:08 - 2017-08-01 20:32 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-08-11 19:08 - 2017-08-01 20:32 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 004743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-11 19:08 - 2017-08-01 20:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-08-11 19:08 - 2017-08-01 20:28 - 001490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 008076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-08-11 19:08 - 2017-08-01 20:26 - 001513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-11 19:08 - 2017-08-01 20:26 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-08-11 19:08 - 2017-08-01 20:25 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-08-11 19:08 - 2017-08-01 20:24 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-08-11 19:08 - 2017-08-01 20:23 - 003615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-11 19:08 - 2017-08-01 20:23 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-08-11 19:08 - 2017-08-01 18:51 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-11 19:08 - 2017-08-01 18:47 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-08-11 19:08 - 2017-08-01 18:47 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-11 19:08 - 2017-08-01 18:42 - 018364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-11 19:08 - 2017-08-01 18:40 - 019415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-11 19:08 - 2017-08-01 18:40 - 012187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-11 19:08 - 2017-08-01 18:37 - 012349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-08-11 19:08 - 2017-08-01 18:33 - 006031872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-11 19:08 - 2017-08-01 18:31 - 003664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-11 19:08 - 2017-07-12 08:16 - 000646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-08-11 19:08 - 2017-07-12 08:15 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-11 19:08 - 2017-07-12 08:15 - 000101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll
2017-08-11 19:08 - 2017-07-12 08:14 - 001886896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-08-11 19:08 - 2017-07-12 08:13 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-11 19:08 - 2017-07-12 08:12 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-11 19:08 - 2017-07-12 08:09 - 001181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-08-11 19:08 - 2017-07-12 08:02 - 002186592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-11 19:08 - 2017-07-12 08:02 - 000402776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-08-11 19:08 - 2017-07-12 08:01 - 000156000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2017-08-11 19:08 - 2017-07-12 08:00 - 000223072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-08-11 19:08 - 2017-07-12 08:00 - 000160608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2017-08-11 19:08 - 2017-07-12 07:59 - 001100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-08-11 19:08 - 2017-07-12 07:59 - 000989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-08-11 19:08 - 2017-07-12 07:59 - 000947040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-08-11 19:08 - 2017-07-12 07:59 - 000857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-08-11 19:08 - 2017-07-12 07:59 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-08-11 19:08 - 2017-07-12 07:55 - 004674872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-08-11 19:08 - 2017-07-12 07:25 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2017-08-11 19:08 - 2017-07-12 07:24 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2017-08-11 19:08 - 2017-07-12 07:24 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dabapi.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-08-11 19:08 - 2017-07-12 07:23 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-08-11 19:08 - 2017-07-12 07:23 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\frprov.dll
2017-08-11 19:08 - 2017-07-12 07:22 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2017-08-11 19:08 - 2017-07-12 07:20 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpapi.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-11 19:08 - 2017-07-12 07:17 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-08-11 19:08 - 2017-07-12 07:17 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-08-11 19:08 - 2017-07-12 07:16 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-08-11 19:08 - 2017-07-12 07:16 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-11 19:08 - 2017-07-12 07:15 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-08-11 19:08 - 2017-07-12 07:13 - 001478656 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-11 19:08 - 2017-07-12 07:12 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-11 19:08 - 2017-07-12 07:12 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-08-11 19:08 - 2017-07-12 07:12 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsium.dll
2017-08-11 19:08 - 2017-07-12 07:11 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-11 19:08 - 2017-07-12 07:10 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-11 19:08 - 2017-07-12 07:09 - 003291136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-08-11 19:08 - 2017-07-12 07:08 - 002861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-08-11 19:08 - 2017-07-12 07:07 - 000954880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-11 19:08 - 2017-07-12 07:07 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-08-11 19:08 - 2017-07-12 07:03 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-11 19:08 - 2017-07-12 07:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-11 19:08 - 2017-07-12 07:02 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-11 19:08 - 2017-07-12 07:01 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-11 19:08 - 2017-07-12 07:01 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-08-11 19:08 - 2017-07-12 07:00 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-08-11 19:08 - 2017-07-12 06:59 - 006664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-08-11 19:08 - 2017-07-12 06:59 - 002318336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-11 19:08 - 2017-07-12 06:59 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 001130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-11 19:08 - 2017-07-12 06:57 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-11 19:08 - 2017-07-12 06:56 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-08-11 19:08 - 2017-03-04 08:57 - 000372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-08-11 19:08 - 2017-03-04 08:16 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-08-11 19:08 - 2017-03-04 08:14 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-08-11 19:08 - 2017-03-04 08:07 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-08-11 19:08 - 2017-03-04 08:05 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-08-11 19:08 - 2016-08-02 10:13 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-11 19:01 - 2016-09-07 07:24 - 000057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-08-11 18:50 - 2017-09-08 21:04 - 054567688 _____ C:\Users\Gena_2\Downloads\torbrowser-install-7.0.4_de.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-09 21:37 - 2016-07-17 00:51 - 001576958 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-09 21:37 - 2016-07-17 00:51 - 001085070 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-09 21:37 - 2016-07-16 08:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-09-09 21:37 - 2015-08-07 21:06 - 005814092 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-09 21:36 - 2016-11-16 19:56 - 000270507 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-09-09 21:36 - 2016-09-13 21:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-09 21:34 - 2014-07-23 21:46 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Adobe
2017-09-09 21:33 - 2016-09-13 21:35 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-09 21:32 - 2016-09-17 14:50 - 000000000 ____D C:\Users\Gena_2\Documents\Outlook-Dateien
2017-09-09 21:32 - 2016-05-27 13:54 - 000000000 ___RD C:\Users\Gena_2\Creative Cloud Files
2017-09-09 21:32 - 2014-07-22 18:47 - 000000000 ____D C:\Users\genas_000\Documents\Outlook-Dateien
2017-09-09 21:31 - 2016-09-13 21:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-09 21:31 - 2016-09-13 21:34 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-09-09 21:31 - 2014-07-23 17:42 - 000000000 __SHD C:\Users\Gena_2\IntelGraphicsProfiles
2017-09-09 17:19 - 2016-07-16 08:04 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2017-09-08 15:57 - 2016-09-13 21:36 - 000000000 ____D C:\Users\Gena_2
2017-09-08 15:57 - 2015-03-07 17:49 - 000000000 ____D C:\Users\Gena_2\AppData\Local\gtk-2.0
2017-09-06 19:51 - 2016-12-20 23:21 - 000000000 ____D C:\Users\genas_000\AppData\LocalLow\Mozilla
2017-09-06 16:06 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-06 16:01 - 2017-07-23 12:18 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4288807228-2172792055-1580508024-1002
2017-09-06 16:01 - 2014-07-23 17:23 - 000000000 __RDO C:\Users\genas_000\OneDrive
2017-09-06 15:59 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-06 15:54 - 2014-07-23 17:58 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\DAEMON Tools Lite
2017-09-06 15:50 - 2017-05-24 21:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-04 21:02 - 2016-09-25 23:00 - 000332800 ___SH C:\Users\Gena_2\Desktop\Thumbs.db
2017-09-01 23:29 - 2014-07-23 21:11 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-09-01 21:51 - 2014-07-22 16:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-01 21:43 - 2016-11-24 19:07 - 000000000 ____D C:\Users\Gena_2\AppData\LocalLow\Mozilla
2017-08-29 15:45 - 2015-12-03 11:46 - 000002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-29 15:45 - 2015-12-03 11:46 - 000002223 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-27 14:07 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-27 14:07 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-27 14:06 - 2014-08-24 11:17 - 000000000 ____D C:\Users\genas_000\AppData\Local\Adobe
2017-08-24 21:11 - 2014-07-22 13:17 - 000000000 ____D C:\Users\genas_000\AppData\Local\Packages
2017-08-24 18:54 - 2015-03-07 17:33 - 000000000 ____D C:\Program Files (x86)\Google
2017-08-23 17:40 - 2014-07-23 17:42 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Packages
2017-08-19 11:57 - 2016-04-09 13:41 - 000000000 ____D C:\Users\Gena_2\AppData\Local\CrashDumps
2017-08-15 21:10 - 2017-05-21 16:23 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Garmin
2017-08-13 10:48 - 2014-08-07 17:32 - 000000000 ____D C:\ProgramData\G Data
2017-08-13 10:42 - 2016-07-16 13:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-08-13 10:42 - 2014-08-07 17:33 - 000000000 ____D C:\Program Files (x86)\G Data
2017-08-13 00:24 - 2016-09-13 21:36 - 000000000 ____D C:\Users\genas_000
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2017-08-13 00:17 - 2014-04-30 17:43 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-12 23:54 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF
2017-08-12 15:55 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\rescache
2017-08-12 11:16 - 2016-11-06 19:08 - 000000000 ____D C:\Users\Lilia
2017-08-12 11:16 - 2016-09-13 21:36 - 000000000 ____D C:\Users\Gast
2017-08-12 11:15 - 2016-09-13 21:33 - 000341032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ___RD C:\Program Files\Windows Defender
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\Provisioning
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\bcastdvr
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-08-11 19:18 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-10 21:43 - 2016-05-30 16:55 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2017-08-10 21:43 - 2016-05-30 16:55 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2017-08-10 21:43 - 2016-05-30 16:55 - 000002097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2017-08-10 21:42 - 2014-07-22 16:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-10 21:41 - 2016-09-13 21:44 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-08-10 21:35 - 2014-07-22 16:21 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-07-22 13:18 - 2014-07-23 16:52 - 000005244 _____ () C:\Users\genas_000\AppData\Roaming\AbsoluteReminder.xml
2014-08-07 17:33 - 2014-08-07 17:33 - 000000000 _____ () C:\Users\genas_000\AppData\Roaming\gdfw.log
2014-08-07 17:33 - 2017-08-13 10:43 - 000001558 _____ () C:\Users\genas_000\AppData\Roaming\gdscan.log
2006-12-11 19:13 - 2006-12-11 19:13 - 000097336 _____ (Un4seen Developments) C:\Users\genas_000\AppData\Local\bass.dll
2006-12-11 19:13 - 2006-12-11 19:13 - 000013872 _____ (Un4seen Developments) C:\Users\genas_000\AppData\Local\basscd.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 000102912 _____ (Albert L Faber) C:\Users\genas_000\AppData\Local\CDRip.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 000155136 _____ () C:\Users\genas_000\AppData\Local\lame_enc.dll
2007-01-18 21:09 - 2007-01-18 21:09 - 000623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\genas_000\AppData\Local\No23 Recorder.exe
2005-08-23 22:34 - 2005-08-23 22:34 - 000029184 _____ () C:\Users\genas_000\AppData\Local\no23xwrapper.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 000015872 _____ () C:\Users\genas_000\AppData\Local\ogg.dll
2014-10-08 15:02 - 2014-10-08 19:51 - 000001451 _____ () C:\Users\genas_000\AppData\Local\RecConfig.xml
2014-08-09 18:40 - 2016-09-17 16:47 - 000007598 _____ () C:\Users\genas_000\AppData\Local\Resmon.ResmonCfg
2006-10-26 01:06 - 2006-10-26 01:06 - 000143872 _____ () C:\Users\genas_000\AppData\Local\vorbis.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 000064000 _____ () C:\Users\genas_000\AppData\Local\vorbisenc.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 000019456 _____ () C:\Users\genas_000\AppData\Local\vorbisfile.dll
2016-09-13 21:35 - 2016-09-13 21:35 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-07-17 21:11 - 2017-07-18 13:10 - 000006299 _____ () C:\ProgramData\hpzinstall.log
2016-04-09 11:39 - 2016-04-09 11:39 - 000000016 _____ () C:\ProgramData\mntemp
2013-03-19 12:32 - 2013-03-19 12:32 - 000010011 _____ () C:\ProgramData\regid.2012-01.com.intel.discover-at_512FCF1B-3685-45F2-A1E9-63AEF7F79B35.swidtag
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-09-08 20:21
==================== Ende von FRST.txt ============================
|
|
09.09.2017, 20:53
| #5 |
| | Trojaner Verdacht, Win10 64bitCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017
durchgeführt von ************** (09-09-2017 21:47:29)
Gestartet von C:\Users\Gena_2\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-13 19:51:32)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4288807228-2172792055-1580508024-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4288807228-2172792055-1580508024-1012 - Limited - Enabled)
DefaultAccount (S-1-5-21-4288807228-2172792055-1580508024-503 - Limited - Disabled)
Gast (S-1-5-21-4288807228-2172792055-1580508024-501 - Limited - Disabled) => C:\Users\Gast
************** (S-1-5-21-4288807228-2172792055-1580508024-1002 - Administrator - Enabled) => C:\Users\genas_000
Gena_2 (S-1-5-21-4288807228-2172792055-1580508024-1003 - Limited - Enabled) => C:\Users\Gena_2
HomeGroupUser$ (S-1-5-21-4288807228-2172792055-1580508024-1022 - Limited - Enabled)
Lilia (S-1-5-21-4288807228-2172792055-1580508024-1046 - Limited - Enabled) => C:\Users\Lilia
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.0 - Absolute Software)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.22 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.8 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.10.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Ahnenblatt 2.97a (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.97.2.1 - Dirk Bцttcher)
Amolto Call Recorder Premium for Skype (HKLM-x32\...\{69F36B84-256D-47CA-A4AC-D04083709434}) (Version: 2.6.1 - Amolto)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 381.65 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (HKLM\...\{1B6B17C2-176C-433C-93F3-640D12825426}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
AusweisApp2 (HKLM-x32\...\{8BC126FD-2F56-4B56-9363-54C3D0027BC6}) (Version: 1.10.1 - Governikus GmbH & Co. KG)
Benutzerhandbuch (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo) Hidden
BlackVue HD (HKLM-x32\...\BlackVueHD) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (HKLM-x32\...\{3D73DC7A-2D1D-45CF-8A67-24873925C716}) (Version: 3.00.0000 - Hewlett-Packard) Hidden
Brief Vorlagen (HKLM-x32\...\Brief Vorlagen_is1) (Version: - )
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )
Canon MX340 series - регистрация пользователя (HKLM-x32\...\Canon MX340 series - регистрация пользователя) (Version: - )
Canon MX340 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
CrystalDiskMark 5.1.2 (HKLM\...\CrystalDiskMark5_is1) (Version: 5.1.2 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0191 - Disc Soft Ltd)
DIG-CAD 4.0 (HKLM-x32\...\DIG-CAD 4.0) (Version: - )
DiskCryptor 1.1 (HKLM\...\DiskCryptor_is1) (Version: 1.1 - hxxp://diskcryptor.net/)
Download Master version 6.0.3.1433 (HKLM-x32\...\Download Master_is1) (Version: 6.0.3.1433 - WestByte)
Dragon Assistant Application de-DE Version 1.5.5 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.5 - Nuance Communications, Inc.)
Dragon Assistant Core Recognition Service Version 1.1.9 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.9 - Nuance Communications, Inc.)
Dragon Assistant Language Data de-DE Version 1.1.2 (HKLM-x32\...\{FB671668-9AAC-41DC-872B-627418FB62D5}_is1) (Version: 1.1.2 - Nuance Communications, Inc.)
Dragon Assistant Version 1.5.5 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.5 - Nuance Communications, Inc.)
Elevated Installer (HKLM-x32\...\{BA007E03-72AE-4D2D-8A73-FA4B935D4015}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo)
Exif-Viewer 2.51 (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
FLV and Media Player 4.2.1.1 (HKLM-x32\...\FLV and Media Player) (Version: 4.2.1.1 - Applian Technologies)
Free DVD Video Converter (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.65.823 - Digital Wave Ltd)
Free MP4 Video Converter version 5.0.54.1215 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.54.1215 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.54.1215 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.54.1215 - DVDVideoSoft Ltd.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.1.119 - DVDVideoSoft Ltd.)
FRITZ!Fernzugang (HKLM\...\{DD57CC22-8864-4CCA-94D4-600D024C1207}) (Version: 1.3.1 - AVM Berlin)
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.4.0.1 - G DATA Software AG)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{2f694ffe-66ec-4674-a32d-ec690281ca57}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{BCEE507D-8D49-40FF-B437-70E3B9C2D51C}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{198E262D-8C4F-4131-91C7-1F81FB8688F1}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Gpg4win (2.3.4) (HKLM-x32\...\GPG4Win) (Version: 2.3.4 - The Gpg4win Project)
Intel Anti-Theft Discovery App (HKLM-x32\...\{707248B9-2D34-4D77-A5C6-2A8A54848E5A}) (Version: 1.1.0.7 - Intel Corporation)
Intel Experience Center - Configuration (HKLM-x32\...\{C73A16B7-AC35-4262-9BAF-DA9B2039A563}) (Version: 1.9.0.8 - Intel) Hidden
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.91.55 - Huawei Technologies Co.,Ltd)
IsoBuster 3.9 (HKLM-x32\...\IsoBuster_is1) (Version: 3.9 - Smart Projects)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
KÜCHEN QUELLE 3D (HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\SquareClock_Production_Home_KQ_Web) (Version: - 3DVIA SAS)
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version: - )
L&H TTS3000 Espaсol (HKLM-x32\...\LHTTSSPE) (Version: - )
L&H TTS3000 Franзais (HKLM-x32\...\LHTTSFRF) (Version: - )
L&H TTS3000 Italiano (HKLM-x32\...\LHTTSITI) (Version: - )
L&H TTS3000 Portuguкs (Brasil) (HKLM-x32\...\LHTTSPTB) (Version: - )
L&H TTS3000 Russian (HKLM-x32\...\LHTTSRUR) (Version: - )
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10233 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo System Interface Foundation Driver (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.078.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0059 - Lenovo)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version: - )
Malwarebytes Version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7766.2099 - Microsoft Corporation)
Microsoft Office 365 ProPlus - ru-ru (HKLM\...\O365ProPlusRetail - ru-ru) (Version: 16.0.7766.2099 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Russian/русский (HKLM-x32\...\Office15.OMUI.ru-ru) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation)
Microsoft Outlook-Sicherung für Persönliche Ordner (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MKS Platform Components 9.x (HKLM\...\{30276636-0000-0905-9ABB-000BDB5CF35D}) (Version: 9.5.0000 - Mortice Kern Systems)
Motion Control (HKLM\...\Motion Control) (Version: 1.2.45.0 - Lenovo)
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Mp3tag v2.71 (HKLM-x32\...\Mp3tag) (Version: v2.71 - Florian Heidenreich)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
No23 Recorder (HKLM-x32\...\{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}) (Version: 2.1.0.3 - No23) Hidden
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.65 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0419-0000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PlayMemories Camera Apps Downloader (HKLM-x32\...\{5C42BF1B-4586-4711-81A7-8D0F890A6A31}) (Version: 1.2.0.13221 - Sony Corporation)
Polar ProTrainer (HKLM-x32\...\{DF7DBA84-0A55-11D6-A0A6-6A7573736972}) (Version: 5.40.170 - )
Polar WebLink 2.4.15 (HKLM-x32\...\{2734FEDB-7A24-4F15-AC5C-3EC00414D4CC}) (Version: 02.50.0006 - Polar Electro Oy)
QUIK (HKLM-x32\...\{519A413F-6A45-4A48-AC2E-4A9C94C8F98A}_is1) (Version: - СМВБ-Информационные технологии)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21229 - Realtek Semiconductor Corp.)
REALTEK DTV USB DEVICE (HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Remote Camera Control (HKLM-x32\...\{A32B85B2-5731-41E9-B431-3F4F5D6E664F}) (Version: 3.7.00000 - Sony Corporation)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Portable SSD T3 (HKLM-x32\...\Samsung Portable SSD T3_is1) (Version: 1.3 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
SDI011 dual interface reader (HKLM-x32\...\{D0ED9100-DFFB-482C-8DB6-C626264757BD}) (Version: 1.01 - SCM Microsystems)
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.7.1.1 - Seagate)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0100-0419-0000-0000000FF1CE}_Office15.OMUI.ru-ru_{DFA82E00-94E0-456C-B143-A2E1A90B1950}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.5.0.1160 - Lenovo)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 7.0.0.0 - Stellar Information Technology Pvt Ltd.)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
SurfEasy VPN 3.9.542 (HKLM-x32\...\SurfEasy VPN) (Version: 3.9.542 - SurfEasy Inc)
Sweet Home 3D version 5.1.1 (HKLM\...\Sweet Home 3D_is1) (Version: 5.1.1 - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Update for Skype for Business 2015 (KB4011046) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0419-0000-0000000FF1CE}_Office15.OMUI.ru-ru_{4948A05E-E21F-4A6F-BF2A-7D106E339C9B}) (Version: - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
Vibraimage8 Lite (HKLM-x32\...\{32B4ED86-7931-47CC-B62C-52C9CB739E6F}_is1) (Version: - ELSYS Corp.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WD Quick View (HKLM-x32\...\{2CE08B2D-856C-47D9-9F6A-BC691911BCD9}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{B11B695F-B5BF-4667-8291-682B3A73B5F8}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Засоби перевірки правопису Microsoft Office 2013 – Українська версія (HKLM-x32\...\{90150000-001F-0422-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2013 — русский (HKLM-x32\...\{90150000-001F-0419-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Энциклопедия Фэн-Шуй (HKLM-x32\...\{2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F}) (Version: 1.00.0000 - Агенство Вызов)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002_Classes\CLSID\{784D0A2D-A305-4E18-3208-A1915D75B970}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-6F9128BD414A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll => Keine Datei
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2015-04-15] ()
ContextMenuHandlers1: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G Data\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\GNU\GnuPG\bin\gpgex.dll [2017-07-06] (g10 Code GmbH)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers1: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} => -> Keine Datei
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers3: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G Data\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\GNU\GnuPG\bin\gpgex.dll [2017-07-06] (g10 Code GmbH)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers4: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} => -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-04-01] (NVIDIA Corporation)
ContextMenuHandlers5: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} => -> Keine Datei
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G Data\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G Data\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01267627-A5D2-44DE-B56B-A85703097784} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {039B2D62-D86C-4D71-A3E5-9E1EF9AE46C8} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {0A27731B-0644-4062-ADF0-0AFD83B598EA} - System32\Tasks\Gena_2 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {0BF03656-1B3D-4867-8112-51DBA6467FAD} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-06-09] ()
Task: {0FABADAA-5079-48C6-8A0A-0ABD016CC58F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {1395D612-2190-44B0-A672-C8420DF26B86} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {198E00EF-0EC1-4025-911B-5CE90632D071} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {1DC43BE4-327A-4520-B93B-8115D1E48DD5} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4c98bf0d-18a5-4624-b1f6-47e18eadd885 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {26022CA4-A54C-4B08-8BCB-416A4A669B2F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {2B2E2AD2-8AC9-4185-8305-4F24390A902B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-03] (Microsoft Corporation)
Task: {2F88D19A-556E-4BBC-905F-3FB0FDFEEC1C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-08-05] (Microsoft Corporation)
Task: {2FFF98D8-7ECF-4660-B437-0AE36010B04D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-03] (Google Inc.)
Task: {32A8A4BB-A436-4B23-8F55-0C8B032A1856} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-05-18] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3B8B8F6B-77BC-432C-B0FD-AFAD1F998184} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {3DDDA922-4DD7-4912-9AF7-455BDE6C560B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {4563D974-856B-42C7-A4A8-73967ABCD319} - System32\Tasks\AdobeAAMUpdater-1.0-BigCom-Gena_2 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {48E9D8C9-2761-4284-B55B-24C8EFCA456C} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe
Task: {4AF6F6B4-2BF2-4311-8579-9136AEE95063} - System32\Tasks\Gena_2 DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2017-05-10] (Seagate Technology LLC)
Task: {4C4B59C3-B8BC-43E6-9CB9-17EF37989396} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-08-10] (Microsoft Corporation)
Task: {52AA9BF9-EC9D-4F59-BF25-8F9F64E91635} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {547ECDD4-8BA2-4948-959A-2427DB30601C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {555A3E37-1F9D-4024-B22F-2DAA322FA09E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8a48051d-2b64-4a23-a89c-00bad163b00e => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {56A4F296-4DBB-4BA0-9DBF-31A9EDBF6FF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-03] (Google Inc.)
Task: {66BE7478-3082-4773-A506-64305CE3D70A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {70323029-858D-4ADD-90A8-2E72B7A2E07E} - System32\Tasks\Gena_22 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {73F37D5B-1887-430D-8AF3-4A8C48517A73} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {77973E8A-CCB9-466D-8AF3-B9E2F87DC3FC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {7A3C259E-E121-49E4-9755-A251DFE47278} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {835D682E-AF26-4F49-A80B-1F370544DDA3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {88FEE2BE-9F38-4350-8652-A605E311C0E7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {8E6988D4-EC82-402A-BF59-9C8F0B09B9B2} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-06-09] ()
Task: {90983A60-D055-4DEB-A400-D7A6127FE537} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {97E4A251-A276-4D50-9078-630F149BA7C5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {97ED358D-36C8-4036-A210-DBF1729CFEA2} - System32\Tasks\Gena_21 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {986DA129-70AE-4B81-A3A8-C2F4D410DF13} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {9BC2B296-270E-455D-8911-77C889224D35} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {9DC13746-7A1F-4F11-8EE1-6A96FCDEB4E8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {9ED4E3EA-4A16-4189-95B9-4D3F28867A03} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {AB54D929-72E4-4012-B905-9F022AAC3B22} - \Lenovo\Lenovo Service Bridge\S-1-5-21-4288807228-2172792055-1580508024-1002 -> Keine Datei <==== ACHTUNG
Task: {AC1E0504-321F-4E19-8A49-4C3D89897DA4} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-08-05] (Microsoft Corporation)
Task: {B0C360A4-A098-4E2E-ACB7-E1DDF62984E3} - System32\Tasks\************** => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {B41D011D-99EC-4190-B583-7927BAD275EB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2d938407-7221-45c0-8d00-dbeb970a6cad => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {C3A1E82E-B71D-4E9C-B517-FEE16711404B} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2017-05-10] (Seagate Technology LLC)
Task: {C9E08BBA-0F3F-406A-9442-C3A6A6D92266} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\33ae9e82-09dc-4688-b723-c1d0845bcf29 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {D40095DF-2C22-4518-A3C7-6F63CD89DC85} - System32\Tasks\************** DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2017-05-10] (Seagate Technology LLC)
Task: {D80986EA-20E0-4142-9888-6046758FDCCA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {DF1FACA5-2092-4B69-9F91-14BBA48448AF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-08-05] (Microsoft Corporation)
Task: {E6F85229-2129-4888-92D2-5E851347D80B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {EE06876A-F8FF-493F-9DBD-3B2C43B72CF0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {EF0B1B4C-C6E7-471A-9D7D-646B40C81902} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {F2F9BE46-A019-4347-A469-CECFC7E691EC} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {F64242DF-4744-4098-BF1E-6CD406336300} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {FE51E7E7-011F-47E8-BCF3-0595F5E3B458} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-03] (Microsoft Corporation)
Task: {FF1133FB-0247-4224-8FC2-0411588B726D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\genas_000\Desktop\Поиграй!.lnk -> C:\Program Files (x86)\Download Master\games.url () <==== Cyrillic
Shortcut: C:\Users\genas_000\Desktop\Энциклопедия Фэн-Шуй.lnk -> C:\Users\genas_000\AppData\Roaming\Microsoft\Installer\{2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F}\_35987B591D36_44F6_A1C6_DD3345589997.exe () <==== Cyrillic
Shortcut: C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Энциклопедия Фэн-Шуй\Энциклопедия Фэн-Шуй.lnk -> C:\Users\genas_000\AppData\Roaming\Microsoft\Installer\{2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F}\_35987B591D36_44F6_A1C6_DD3345589997.exe () <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive для бизнеса.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype для бизнеса 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\QUIK БКС.lnk -> C:\BCS_Work\QUIK_BCS\info.exe (ARQA Technologies) <==== Cyrillic
ShortcutWithArgument: C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Энциклопедия Фэн-Шуй\Удаление.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F} <==== Cyrillic
ShortcutWithArgument: C:\Users\Public\Desktop\Аура VI+.lnk -> C:\ELSYS\Vibraimage8Lite\Vibraimage.exe (ELSYS Corp.) -> -type DZ <==== Cyrillic
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-07-12 16:27 - 2017-06-21 09:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2013-04-15 16:45 - 2013-04-15 16:45 - 000182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 16:45 - 2013-04-15 16:45 - 000060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-07-23 21:11 - 2009-09-08 14:12 - 000116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2017-07-06 14:46 - 2017-07-06 14:46 - 000216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2017-09-08 21:56 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-04-06 20:22 - 2017-05-03 22:21 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-14 21:39 - 2017-03-14 21:39 - 001663368 _____ () C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
2015-05-04 20:47 - 2013-08-16 08:53 - 000671744 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2017-06-08 05:54 - 2017-06-08 05:54 - 000554984 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2017-07-18 00:50 - 2017-07-18 00:50 - 000492112 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 000222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-03-01 17:09 - 2016-11-02 00:05 - 000401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-09-16 19:54 - 2016-09-07 06:56 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 20:20 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 20:20 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 20:20 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 20:20 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-08-11 19:08 - 2017-03-04 08:05 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-08-11 19:08 - 2017-08-01 20:26 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-08-11 19:08 - 2017-08-01 20:31 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-24 20:44 - 2017-08-24 20:44 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-04-07 09:41 - 2017-04-07 09:41 - 000054488 _____ () C:\Program Files\CCleaner\branding.dll
2017-06-30 13:22 - 2017-06-30 13:22 - 000069632 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-02-11 07:34 - 2014-02-11 07:34 - 000172552 _____ () C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
2017-07-11 19:38 - 2017-06-09 16:11 - 000023416 _____ () C:\Program Files (x86)\Lenovo\System Update\SUService.exe
2017-08-05 08:43 - 2017-08-05 08:43 - 000019968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-08-05 08:43 - 2017-08-05 08:43 - 028986880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-08-05 08:43 - 2017-08-05 08:43 - 000428032 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-08-05 08:43 - 2017-08-05 08:43 - 020510208 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-08-05 08:43 - 2017-08-05 08:43 - 002339328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-08-05 08:43 - 2017-08-05 08:43 - 003041792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-06-08 15:34 - 2017-06-08 15:34 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-15 10:57 - 2017-06-15 10:58 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-08-05 08:43 - 2017-08-05 08:43 - 001361920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-23 21:26 - 2017-05-23 21:26 - 003918848 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1301.0_x64__8wekyb3d8bbwe\Calculator.exe
2014-02-11 07:31 - 2013-04-17 16:26 - 001165712 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_asr.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 000199056 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_base.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 000387984 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\fl_core.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 000035216 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_platform.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 000229264 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\sdxg.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 001132944 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_pron.dll
2014-02-11 07:31 - 2013-04-17 16:25 - 000027648 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\WASAPIResamplingStreamCOMServer.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2017-07-06 14:33 - 2017-07-06 14:33 - 000222720 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2017-07-06 14:21 - 2017-07-06 14:21 - 000050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2017-07-06 14:33 - 2017-07-06 14:33 - 000073728 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2017-07-06 14:36 - 2017-07-06 14:36 - 000890880 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2017-07-06 14:27 - 2017-07-06 14:27 - 000103424 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2017-05-10 15:50 - 2017-05-10 15:50 - 000729792 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\PocoNet.dll
2017-03-14 21:40 - 2017-03-14 21:40 - 000078216 _____ () C:\Program Files (x86)\SurfEasy VPN\client\ZLIB1.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 000011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 000043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 002417152 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 001148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2017-04-06 20:22 - 2017-05-03 22:21 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-04-23 13:32 - 2016-04-23 13:32 - 000131072 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_de\PDFMaker\PDFMOutlookAddin.DEU
2017-03-28 19:24 - 2017-03-28 19:24 - 003990136 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\PDFMaker\Common\AdobePDFMakerX.dll
2016-04-23 13:32 - 2016-04-23 13:32 - 001446912 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2014-02-11 07:34 - 2014-02-11 07:34 - 001623048 _____ () C:\Program Files (x86)\Lenovo\MotionControl\eyeKeys.dll
2014-02-11 07:34 - 2014-02-11 07:34 - 000030728 _____ () C:\Program Files (x86)\Lenovo\MotionControl\esmlib.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2017-06-22 18:56 - 2017-06-22 18:56 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-06-22 18:56 - 2017-06-22 18:56 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-06-22 18:55 - 2017-06-22 18:55 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-06-22 18:56 - 2017-06-22 18:56 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-07-13 10:12 - 2017-07-13 10:12 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-06-22 18:56 - 2017-06-22 18:56 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-05-19 23:50 - 2017-05-19 23:50 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-07-13 10:07 - 2017-07-13 10:07 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-05-19 23:49 - 2017-05-19 23:49 - 000098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2017-05-19 23:50 - 2017-05-19 23:50 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
2014-02-11 07:09 - 2013-05-09 14:23 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\sharepoint.com -> hxxps://htlsalzburg-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\127.0.0.1 -> hxxp://127.0.0.1
IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\sharepoint.com -> hxxps://htlsalzburg.sharepoint.com
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2017-08-24 21:11 - 000004317 _____ C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 ac3.msn.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads.msn.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 a-msedge.net
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 c.atdmt.com
Da befinden sich 77 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\genas_000\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img4.jpg
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{D5DDE90F-B890-499C-97BE-D240BF536F06}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{525C069A-4925-4CA0-B0E5-7CEADF154779}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{BE8D84D0-3369-47DE-B749-AAD23628B085}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DA8EBB94-A13D-427B-9C1E-E62823E17964}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D2DD5E8D-A22F-44FF-BA73-73D9EFC2B8DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{780E69FD-5D50-4A2A-819C-E2B45BA8A0F1}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{AC9B4F1C-3234-470E-9008-AC3A6977E938}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{2CE008AD-0902-4FD1-953A-64F9E981CED5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D7A8A6EE-2C58-4FF4-8333-F29F54047C68}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{60A8FBFC-A4F9-4ACF-879B-8B71A2F99FF0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{301BAC45-CBC7-4E83-A610-AF9A345328F9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B2C99D29-24A6-4D7E-93C7-48BB65ACEFE7}] => (Allow) LPort=8888
FirewallRules: [{B050B6DB-44A4-41A7-96A8-7CD4A20EEC39}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files (x86)\AusweisApp2 1.10.1\AusweisApp2.exe
FirewallRules: [{44A4D463-2386-4A06-B986-C805B9653687}] => (Allow) C:\Program Files\Swissquote Ltd MT5 Client Terminal\metatester64.exe
FirewallRules: [{18EA178A-2706-46B0-A5DF-9EA8F6C5A379}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5A874973-02D7-497B-8AEB-2B4C508816DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{6867CE08-BE12-4734-8E65-BDDBAC69D03B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{184D4004-B526-4305-ACB9-F90F4A4D1AA4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9B8728D3-C590-4B26-BA88-240EA494FAC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A4DA8839-462A-4F7A-9824-4C123EB59DEC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{72352756-D653-423A-833C-178972E9D8C3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{C3D370EE-3CF7-4DD3-ADBB-48A8B5FF74A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{33B2E5CB-5DD2-4C2F-A316-B1C814B7063C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{DE0CE2DB-4843-4250-A53B-A94718040FE9}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{64C1F78F-3159-4F6A-86B9-E8AB8D172EF9}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{71CE4922-4B75-4FF7-9386-9CEE9535F059}] => (Allow) C:\Users\genas_000\AppData\Local\Temp\7zS0CBD\setup\hpznui40.exe
FirewallRules: [{D1B3F7B8-03E6-44F4-A89D-59348D4F6F53}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{15125702-7408-4E8E-A327-DCC00EC41C82}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{557D9F0D-B68F-4AA5-99B6-D4E2E7B65275}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{A2C68E22-DAC7-423A-ACD0-49A6B4668CA6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{3F5C6BC9-CC3F-4D24-93F2-6A2AD63E5AD7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{E22B73BA-7459-4BDD-850E-0CF971BC241A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{CC918D2F-866A-41CF-80CF-9818F492D43A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{809AB22F-0ED4-48E6-8E1E-0BDCCE133952}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{10042CB0-C0C1-4492-B697-52544127F208}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{158653DB-4B7D-4AC8-AE0C-847F158C87F7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{41E89BDA-5104-440A-8200-8E2333410A06}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{001AEBEF-6ADF-4F05-826B-E25B7D860CCB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{B41CB8D8-987A-41BF-B501-F74961E4B840}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{E4F74B96-BD69-4D88-9099-BBA1F3A18419}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{13EC67D8-E8C7-4181-B3AA-C3B2EE470C46}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{8748E045-E98A-4457-894A-12894C16B23E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{F6EC5666-56C0-44D4-BFE4-85992EC9767B}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{B45A571A-4E8E-48D1-8991-EDB9E5A65380}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{C7446EB1-62CC-4032-BE86-A2BCF3603E52}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{EF35A8AD-2588-46A5-8813-BC49255461E0}] => (Allow) LPort=8888
FirewallRules: [{529CFD88-2099-48A0-9AB9-4719E28C5AAB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/09/2017 09:31:56 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (09/09/2017 09:31:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BrcmSetSecurity.exe, Version: 1.0.0.1, Zeitstempel: 0x516df51d
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.1532, Zeitstempel: 0x5965abad
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002f7fb
ID des fehlerhaften Prozesses: 0x11dc
Startzeit der fehlerhaften Anwendung: 0x01d329a2403ddf07
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 57a2e20f-8e72-4661-8a08-769efc0676e9
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/08/2017 10:05:24 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (09/08/2017 10:05:09 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (09/08/2017 10:04:18 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/08/2017 09:56:54 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/08/2017 07:04:22 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (09/08/2017 07:04:22 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (09/07/2017 07:59:23 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (09/07/2017 07:59:22 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Systemfehler:
=============
Error: (09/09/2017 09:47:07 PM) (Source: DCOM) (EventID: 10010) (User: BigCom)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/09/2017 09:31:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HWDeviceService64.exe" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/09/2017 09:31:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BrcmSetSecurity" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/09/2017 09:31:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/09/2017 09:31:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/09/2017 09:31:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/09/2017 09:31:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/09/2017 09:31:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. RunOuc" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (09/09/2017 09:31:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. RunOuc erreicht.
Error: (09/09/2017 03:02:09 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2017-09-06 15:58:09.788
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltDll64.dll that did not meet the Store signing level requirements.
Date: 2017-09-06 15:49:15.976
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltDll64.dll that did not meet the Store signing level requirements.
Date: 2016-09-28 22:25:30.242
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.240
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.236
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.233
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.229
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.226
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.214
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.201
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Prozentuale Nutzung des RAM: 50%
Installierter physikalischer RAM: 8104.27 MB
Verfügbarer physikalischer RAM: 3992.03 MB
Summe virtueller Speicher: 9384.27 MB
Verfügbarer virtueller Speicher: 4941.29 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:122.8 GB) (Free:21.45 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Zwieschenspeicher) (Fixed) (Total:25 GB) (Free:4.78 GB) NTFS
Drive g: (LENOVO_S) (Fixed) (Total:51.88 GB) (Free:1.32 GB) NTFS
Drive h: (Volume) (Fixed) (Total:23.17 GB) (Free:6.88 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: BC09B5DB)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
09.09.2017, 21:00
| #6 |
| | Trojaner Verdacht, Win10 64bitCode:
ATTFilter 21:57:24.0029 0x369c TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
21:57:24.0029 0x369c UEFI system
21:57:30.0873 0x369c ============================================================
21:57:30.0873 0x369c Current date / time: 2017/09/09 21:57:30.0873
21:57:30.0873 0x369c SystemInfo:
21:57:30.0873 0x369c
21:57:30.0873 0x369c OS Version: 10.0.14393 ServicePack: 0.0
21:57:30.0873 0x369c Product type: Workstation
21:57:30.0873 0x369c ComputerName: BIGCOM
21:57:30.0873 0x369c UserName: Gena Winter
21:57:30.0873 0x369c Windows directory: C:\WINDOWS
21:57:30.0873 0x369c System windows directory: C:\WINDOWS
21:57:30.0873 0x369c Running under WOW64
21:57:30.0873 0x369c Processor architecture: Intel x64
21:57:30.0873 0x369c Number of processors: 4
21:57:30.0873 0x369c Page size: 0x1000
21:57:30.0873 0x369c Boot type: Normal boot
21:57:30.0873 0x369c CodeIntegrityOptions = 0x00000001
21:57:30.0873 0x369c ============================================================
21:57:30.0920 0x369c KLMD registered as C:\WINDOWS\system32\drivers\79994163.sys
21:57:30.0920 0x369c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1593, osProperties = 0x19
21:57:31.0185 0x369c System UUID: {426221EF-B9C4-FCE7-B95E-7E51F9315B01}
21:57:31.0639 0x369c Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:57:31.0639 0x369c ============================================================
21:57:31.0639 0x369c \Device\Harddisk0\DR0:
21:57:31.0639 0x369c GPT partitions:
21:57:31.0654 0x369c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {12471D5F-89E5-4C09-9EF4-22A839CFA08B}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
21:57:31.0654 0x369c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {727F8724-E71F-4FB6-AF9B-C0EA54D6FAA7}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
21:57:31.0654 0x369c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {AC13F19C-EB62-41F1-B5D7-09F1E9276A83}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
21:57:31.0654 0x369c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {127118D5-4B68-46B5-97FC-9761244A59FE}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
21:57:31.0654 0x369c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {323712EE-14CD-4FC0-B5DF-C96ED2DF2A76}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0xF59A800
21:57:31.0654 0x369c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B4E5E56C-0D3F-4163-9CDE-BAAC3D1F3381}, Name: Basic data partition, StartLBA 0xFA45800, BlocksNum 0x67C1000
21:57:31.0654 0x369c \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {20C1D095-9215-4B42-90C4-6A70D9BAEFD5}, Name: Basic data partition, StartLBA 0x16206800, BlocksNum 0x2E55000
21:57:31.0654 0x369c \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {AC6A2FB5-4DF3-4C79-ACAD-7BA28559F4B3}, Name: Basic data partition, StartLBA 0x1905B800, BlocksNum 0x3200000
21:57:31.0654 0x369c \Device\Harddisk0\DR0\Partition9: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1000A890-627D-4E6B-B3A1-55ED1931D2E0}, Name: Basic data partition, StartLBA 0x1C25C000, BlocksNum 0x1A97000
21:57:31.0654 0x369c MBR partitions:
21:57:31.0654 0x369c ============================================================
21:57:31.0654 0x369c C: <-> \Device\Harddisk0\DR0\Partition5
21:57:31.0654 0x369c G: <-> \Device\Harddisk0\DR0\Partition6
21:57:31.0654 0x369c H: <-> \Device\Harddisk0\DR0\Partition7
21:57:31.0654 0x369c D: <-> \Device\Harddisk0\DR0\Partition8
21:57:31.0654 0x369c ============================================================
21:57:31.0654 0x369c Initialize success
21:57:31.0654 0x369c ============================================================
21:58:34.0077 0x19e4 ============================================================
21:58:34.0077 0x19e4 Scan started
21:58:34.0077 0x19e4 Mode: Manual; SigCheck; TDLFS;
21:58:34.0077 0x19e4 ============================================================
21:58:34.0077 0x19e4 KSN ping started
21:58:54.0280 0x19e4 KSN ping finished: true
21:58:54.0905 0x19e4 ================ Scan system memory ========================
21:58:54.0905 0x19e4 System memory - ok
21:58:54.0905 0x19e4 ================ Scan services =============================
21:58:54.0952 0x19e4 1394ohci - ok
21:58:54.0952 0x19e4 3ware - ok
21:58:54.0968 0x19e4 ACPI - ok
21:58:54.0968 0x19e4 AcpiDev - ok
21:58:54.0968 0x19e4 acpiex - ok
21:58:54.0983 0x19e4 acpipagr - ok
21:58:54.0983 0x19e4 AcpiPmi - ok
21:58:54.0983 0x19e4 acpitime - ok
21:58:54.0999 0x19e4 [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC C:\WINDOWS\System32\drivers\AcpiVpc.sys
21:58:55.0077 0x19e4 ACPIVPC - ok
21:58:55.0093 0x19e4 [ 9B112FDA1D5FB7B75627461001AC692A, 2EDF7C8FD59CD5FCD19FA528F60CBD6DDB9A8076AE0280B11D8EA8EAF7D39958 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:58:55.0108 0x19e4 AdobeARMservice - ok
21:58:55.0124 0x19e4 [ AD0541B0ACCC3FAC2F9C8867F462DAC9, 9CE2BBE73AEAAA02B4E131E56F732DB93FA51BEC7F65FB46DFEF08A35C4AD583 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
21:58:55.0155 0x19e4 AdobeUpdateService - ok
21:58:55.0155 0x19e4 ADP80XX - ok
21:58:55.0186 0x19e4 [ 0D0E5281784C2C526BA43C2ECD374288, BE4B16E08A96A24BEB904A2216A538340FD91A11E0CAB43BF8788C35DAD2D2B5 ] Afc C:\WINDOWS\syswow64\drivers\Afc.sys
21:58:55.0202 0x19e4 Afc - ok
21:58:55.0202 0x19e4 AFD - ok
21:58:55.0249 0x19e4 [ 078B785A7533B7059A236017B3B060A4, 43B3E716009136A5A5A86BF8546DE6C416CA3B7F8EEC242D9D44EF12111B7A6E ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
21:58:55.0311 0x19e4 AGSService - ok
21:58:55.0311 0x19e4 ahcache - ok
21:58:55.0311 0x19e4 AJRouter - ok
21:58:55.0327 0x19e4 ALG - ok
21:58:55.0327 0x19e4 AmdK8 - ok
21:58:55.0327 0x19e4 AmdPPM - ok
21:58:55.0327 0x19e4 amdsata - ok
21:58:55.0343 0x19e4 amdsbs - ok
21:58:55.0343 0x19e4 amdxata - ok
21:58:55.0343 0x19e4 [ 4DE4BE679205B3A712562507AEE75227, 1C40F14A2BFFFB8E9646B57419D9F810A86D0DCD94F9DE9D9851D498F86F343E ] AMPPAL C:\WINDOWS\System32\drivers\AMPPAL.sys
21:58:55.0358 0x19e4 AMPPAL - ok
21:58:55.0358 0x19e4 [ 4DE4BE679205B3A712562507AEE75227, 1C40F14A2BFFFB8E9646B57419D9F810A86D0DCD94F9DE9D9851D498F86F343E ] AMPPALP C:\WINDOWS\system32\DRIVERS\amppal.sys
21:58:55.0374 0x19e4 AMPPALP - ok
21:58:55.0390 0x19e4 AppHostSvc - ok
21:58:55.0390 0x19e4 AppID - ok
21:58:55.0390 0x19e4 AppIDSvc - ok
21:58:55.0390 0x19e4 Appinfo - ok
21:58:55.0390 0x19e4 applockerfltr - ok
21:58:55.0405 0x19e4 AppReadiness - ok
21:58:55.0405 0x19e4 AppXSvc - ok
21:58:55.0405 0x19e4 arcsas - ok
21:58:55.0421 0x19e4 aspnet_state - ok
21:58:55.0421 0x19e4 AsyncMac - ok
21:58:55.0436 0x19e4 atapi - ok
21:58:55.0436 0x19e4 AudioEndpointBuilder - ok
21:58:55.0436 0x19e4 Audiosrv - ok
21:58:55.0530 0x19e4 [ 401DE45B4A49F9B7C70BA8592DF7D8E9, 58CE96D1CF88D2E4BE31331B93750E56023C5078FAE295009FAC69D38A3E47AA ] AVKProxy C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
21:58:55.0640 0x19e4 AVKProxy - ok
21:58:55.0718 0x19e4 [ 8A9F5A2458E8A0FB84853A5D4E8EDB33, D6F732C3C6AE0B7B6EE4ACFBA9C3832814991BDAC56A36E54ABDBF1AEA8690EB ] AVKWCtl C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
21:58:55.0796 0x19e4 AVKWCtl - ok
21:58:55.0796 0x19e4 [ 81862C2A991036C85FDA23FFDC140F92, 32E6671729A9FFB4A187A4E22F69EB44BCF35AD4BBD5003E046914AACFD58557 ] avmike C:\Program Files\FRITZ!Fernzugang\avmike.exe
21:58:55.0827 0x19e4 avmike - ok
21:58:55.0827 0x19e4 AxInstSV - ok
21:58:55.0827 0x19e4 b06bdrv - ok
21:58:55.0827 0x19e4 BasicDisplay - ok
21:58:55.0843 0x19e4 BasicRender - ok
21:58:55.0843 0x19e4 bcmfn - ok
21:58:55.0843 0x19e4 bcmfn2 - ok
21:58:55.0843 0x19e4 BDESVC - ok
21:58:55.0858 0x19e4 Beep - ok
21:58:55.0858 0x19e4 BFE - ok
21:58:55.0858 0x19e4 BITS - ok
21:58:55.0874 0x19e4 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:58:55.0890 0x19e4 Bonjour Service - ok
21:58:55.0890 0x19e4 bowser - ok
21:58:55.0890 0x19e4 [ BFBA5FAC5169821FC768E96443A8B8C1, 47DEE5A62BA802A58E06BA087756903839E3DFF1555F7506712C82E5ADD34AC1 ] BrcmSetSecurity C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
21:58:55.0905 0x19e4 BrcmSetSecurity - ok
21:58:55.0905 0x19e4 BrokerInfrastructure - ok
21:58:55.0921 0x19e4 Browser - ok
21:58:55.0921 0x19e4 BthAvrcpTg - ok
21:58:55.0921 0x19e4 BthEnum - ok
21:58:55.0921 0x19e4 BthHFEnum - ok
21:58:55.0937 0x19e4 bthhfhid - ok
21:58:55.0937 0x19e4 BthHFSrv - ok
21:58:55.0937 0x19e4 BthLEEnum - ok
21:58:55.0937 0x19e4 BTHMODEM - ok
21:58:55.0952 0x19e4 BthPan - ok
21:58:55.0952 0x19e4 BTHPORT - ok
21:58:55.0952 0x19e4 bthserv - ok
21:58:55.0952 0x19e4 BTHUSB - ok
21:58:55.0968 0x19e4 buttonconverter - ok
21:58:55.0968 0x19e4 CapImg - ok
21:58:55.0968 0x19e4 cdfs - ok
21:58:55.0968 0x19e4 CDPSvc - ok
21:58:55.0983 0x19e4 CDPUserSvc - ok
21:58:55.0983 0x19e4 cdrom - ok
21:58:55.0983 0x19e4 CertPropSvc - ok
21:58:55.0999 0x19e4 [ 75A561F505EA4D0A13EEFBB8CBDB1C35, C422F9E3D5122BA9E3BDB556A9DA1A357AB0CFBD84DC01A612B253D79EFA0DA6 ] certsrv C:\Program Files\FRITZ!Fernzugang\certsrv.exe
21:58:56.0015 0x19e4 certsrv - ok
21:58:56.0015 0x19e4 cht4iscsi - ok
21:58:56.0015 0x19e4 cht4vbd - ok
21:58:56.0030 0x19e4 circlass - ok
21:58:56.0030 0x19e4 CLFS - ok
21:58:56.0108 0x19e4 [ D1A7480F3ECF74E6B8947CA99284471B, C66B14FE05BB7E110A61529ED32E75652243E6AFD67AFF2A1431E03AE470C9D0 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
21:58:56.0202 0x19e4 ClickToRunSvc - ok
21:58:56.0202 0x19e4 ClipSVC - ok
21:58:56.0202 0x19e4 clreg - ok
21:58:56.0218 0x19e4 CmBatt - ok
21:58:56.0218 0x19e4 CNG - ok
21:58:56.0233 0x19e4 cnghwassist - ok
21:58:56.0265 0x19e4 CompositeBus - ok
21:58:56.0265 0x19e4 COMSysApp - ok
21:58:56.0265 0x19e4 condrv - ok
21:58:56.0280 0x19e4 CoreMessagingRegistrar - ok
21:58:56.0312 0x19e4 [ 75C568E62A2BD89A869C34119A66D19B, 2954F25E511947728FE50AA76ACECE0B6952D1984301027F499E2F3DAAEB65D3 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
21:58:56.0343 0x19e4 cphs - ok
21:58:56.0343 0x19e4 CryptSvc - ok
21:58:56.0358 0x19e4 [ A5E1AF2677DA7BDCA1A5040FF0AD099C, 70AF315B72A092DEBF6BF998DF81C56051795B743D6C8CD05382E417E0474959 ] DACoreService C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
21:58:56.0374 0x19e4 DACoreService - ok
21:58:56.0374 0x19e4 dam - ok
21:58:56.0374 0x19e4 DcomLaunch - ok
21:58:56.0390 0x19e4 DcpSvc - ok
21:58:56.0390 0x19e4 [ EDB72F4A46C39452D1A5414F7D26454A, 0B2F863F4119DC88A22CC97C0A136C88A0127CB026751303B045F7322A8972F6 ] dcrypt C:\WINDOWS\system32\drivers\dcrypt.sys
21:58:56.0405 0x19e4 dcrypt - ok
21:58:56.0405 0x19e4 defragsvc - ok
21:58:56.0421 0x19e4 DeviceAssociationService - ok
21:58:56.0421 0x19e4 DeviceInstall - ok
21:58:56.0421 0x19e4 DevQueryBroker - ok
21:58:56.0421 0x19e4 Dfsc - ok
21:58:56.0437 0x19e4 [ 5F78930AAB3900102EA8ACDD38F97324, 49CAE29CC7B1B846BDE603B1A411833162ACC1A9D1608BFDF67C2EA3A0EE0F85 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
21:58:56.0452 0x19e4 dg_ssudbus - ok
21:58:56.0452 0x19e4 Dhcp - ok
21:58:56.0452 0x19e4 diagnosticshub.standardcollector.service - ok
21:58:56.0468 0x19e4 [ BEFAFF2DB70CD9E10E27C32E9C43B279, D89B43EBCD05662327D5851BDF1A8CB4C6E5FA7C6BD1241C230F50057BD35189 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
21:58:56.0483 0x19e4 DigitalWave.Update.Service - ok
21:58:56.0499 0x19e4 [ 196DC2853B3AFC0036C88D81121AD445, 4B9CEB424D2555F30D1669DD0BAB4D43B9D7885915EC76FAADABF245EA3DF7A0 ] DirMngr C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
21:58:56.0515 0x19e4 DirMngr - detected UnsignedFile.Multi.Generic ( 1 )
21:58:57.0015 0x19e4 Detect skipped due to KSN trusted
21:58:57.0015 0x19e4 DirMngr - ok
21:58:57.0046 0x19e4 [ 634C8F78837D0C8365D4DD4E40777098, D14460017F5AD6DF6DE08D60A6F23AE72AACC0D4B7FFDB4FCEF14E908D87D5EC ] Disc Soft Lite Bus Service C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
21:58:57.0093 0x19e4 Disc Soft Lite Bus Service - ok
21:58:57.0108 0x19e4 disk - ok
21:58:57.0108 0x19e4 DmEnrollmentSvc - ok
21:58:57.0108 0x19e4 dmvsc - ok
21:58:57.0108 0x19e4 Dnscache - ok
21:58:57.0124 0x19e4 dot3svc - ok
21:58:57.0124 0x19e4 DPS - ok
21:58:57.0124 0x19e4 drmkaud - ok
21:58:57.0124 0x19e4 DsmSvc - ok
21:58:57.0140 0x19e4 DsSvc - ok
21:58:57.0140 0x19e4 [ 679FF716052109392D870F6A6C4A3535, BEF1784448CCA4AF1D67ED68BD0C7CFE01A7719E98CACF92C2DCBFAA916DC57E ] dtlitescsibus C:\WINDOWS\System32\drivers\dtlitescsibus.sys
21:58:57.0155 0x19e4 dtlitescsibus - ok
21:58:57.0155 0x19e4 [ E23FDD696839A4790682CA66C48D3F2F, F5F0721BDA751968224E52E75D0C309A3E084C430CD98E85A55AF622D16B9A44 ] dtliteusbbus C:\WINDOWS\System32\drivers\dtliteusbbus.sys
21:58:57.0171 0x19e4 dtliteusbbus - ok
21:58:57.0171 0x19e4 DXGKrnl - ok
21:58:57.0171 0x19e4 EapHost - ok
21:58:57.0171 0x19e4 ebdrv - ok
21:58:57.0187 0x19e4 EFS - ok
21:58:57.0187 0x19e4 EhStorClass - ok
21:58:57.0187 0x19e4 EhStorTcgDrv - ok
21:58:57.0187 0x19e4 embeddedmode - ok
21:58:57.0202 0x19e4 EntAppSvc - ok
21:58:57.0202 0x19e4 ErrDev - ok
21:58:57.0202 0x19e4 [ 11B9D886D7AE2F2F5C6BC03D7C52FD31, CA3EB6AB127A01311DA1C7CE3A2F4C2C3E3641F45718CFCA0F8AED7235BE910D ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
21:58:57.0218 0x19e4 ESProtectionDriver - ok
21:58:57.0233 0x19e4 EventSystem - ok
21:58:57.0233 0x19e4 [ 5222D99C7E3245882E864D2EA7011387, 184E36074C765243783F69B7073FB2FAFC53BB18209ECD5030514CC513A47C8B ] ew_usbenumfilter C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys
21:58:57.0249 0x19e4 ew_usbenumfilter - ok
21:58:57.0249 0x19e4 exfat - ok
21:58:57.0265 0x19e4 fastfat - ok
21:58:57.0265 0x19e4 Fax - ok
21:58:57.0265 0x19e4 fdc - ok
21:58:57.0265 0x19e4 fdPHost - ok
21:58:57.0265 0x19e4 FDResPub - ok
21:58:57.0280 0x19e4 fhsvc - ok
21:58:57.0280 0x19e4 FileCrypt - ok
21:58:57.0280 0x19e4 FileInfo - ok
21:58:57.0280 0x19e4 Filetrace - ok
21:58:57.0296 0x19e4 flpydisk - ok
21:58:57.0296 0x19e4 FltMgr - ok
21:58:57.0296 0x19e4 FontCache - ok
21:58:57.0296 0x19e4 FontCache3.0.0.0 - ok
21:58:57.0312 0x19e4 FrameServer - ok
21:58:57.0312 0x19e4 FsDepends - ok
21:58:57.0312 0x19e4 Fs_Rec - ok
21:58:57.0327 0x19e4 fvevol - ok
21:58:57.0343 0x19e4 [ 2C3D5F5B28164C3624012E55B8DED3ED, 9948E1C72561D93C4C2D98E84F16998739E25ED8E455EE61BAE52C95C96F2785 ] Garmin Device Interaction Service C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
21:58:57.0374 0x19e4 Garmin Device Interaction Service - ok
21:58:57.0468 0x19e4 [ 17595638D32C533C808F9045164366F0, A01A6960CD91A894C695602770164E24EA58D55DEFAD36976B152F57284598D6 ] GDBackupSvc C:\Program Files (x86)\G Data\InternetSecurity\AVKBackup\AVKBackupService.exe
21:58:57.0562 0x19e4 GDBackupSvc - ok
21:58:57.0562 0x19e4 [ 5C9BB17C90FF7E41B37FF303E66E8B7E, 30DFE4E54F02265D1C88EE776B3D94DC6170C393C5A207F603CA4DAE3A062924 ] GDBehave C:\WINDOWS\system32\drivers\GDBehave.sys
21:58:57.0577 0x19e4 GDBehave - ok
21:58:57.0593 0x19e4 [ 33ECB58FC1668E41B9724CFAC1898C3C, ADE4A01AF894FF95F339369D7A33684057C5F87454C356BB4DB29AC830964412 ] gddcd C:\WINDOWS\system32\drivers\gddcd64.sys
21:58:57.0593 0x19e4 gddcd - ok
21:58:57.0608 0x19e4 [ 24638D40572A3C2E6750BF3D2FCF5D6C, 614E9C02999D5507CB050433F4F2D5FE70DEBAC04090681D5B9E153CB8F20525 ] gddcv C:\WINDOWS\system32\drivers\gddcv64.sys
21:58:57.0608 0x19e4 gddcv - ok
21:58:57.0624 0x19e4 [ 1314062567B9ED86BFFDE5D8C48C52AE, 01DE02308E478F50DBFE4C6EAE9D0C052C1575283F2C182388E2028F3BF2E756 ] GDElam C:\WINDOWS\system32\DRIVERS\GDElam.sys
21:58:57.0640 0x19e4 GDElam - ok
21:58:57.0702 0x19e4 [ 276D84DF732C3B621C18B2EF971784E5, 4FF3716256AADA8C42FE5B475736E6D3D8CEDD57A46105ED38201C810DD240C5 ] GDFwSvc C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
21:58:57.0780 0x19e4 GDFwSvc - ok
21:58:57.0780 0x19e4 [ D48DAF24329226E8797CE4AF53D90FBC, 5F0B25F55CA27647FA24558B55DCD267889DCA29DC6F8857C820F45913F28D06 ] GDKBB C:\WINDOWS\system32\drivers\GDKBB64.sys
21:58:57.0796 0x19e4 GDKBB - ok
21:58:57.0796 0x19e4 [ FC20CC3F6B87E9C26B01D8A6DDE6D847, C62B802E217160996073CDEBE7010C1C89FE26B89A09FF9F236642CDEDF2D19B ] GDKBFlt C:\WINDOWS\system32\drivers\GDKBFlt64.sys
21:58:57.0812 0x19e4 GDKBFlt - ok
21:58:57.0827 0x19e4 [ 6AE13510BD818420767003E59A5CE7B9, C3B27A183BC02F9C2F1D0BE9DE0E187B0DAE3607954C9B4C7008B6EBF4902DDF ] GDMnIcpt C:\WINDOWS\system32\drivers\MiniIcpt.sys
21:58:57.0843 0x19e4 GDMnIcpt - ok
21:58:57.0843 0x19e4 [ 13B5327BAF54153B7056E11DF5E63C79, 280A631BA2ABE2A1E7E49E10802C241FD987372E0A8E5C11037137EAA22E7019 ] GDPkIcpt C:\WINDOWS\system32\drivers\PktIcpt.sys
21:58:57.0858 0x19e4 GDPkIcpt - ok
21:58:57.0890 0x19e4 [ 9BDF6478C4474BC571E1B94DCB77A157, 57C23520CF13A32200206B73EFAD82BE7C05E6F51BE443F84E7864FC7D73485C ] GDScan C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
21:58:57.0905 0x19e4 GDScan - ok
21:58:57.0921 0x19e4 [ 7D9BBF500FE0C59434C73588A592BFA7, B9B7EB8B7BCB06188A7671574611247286E0EFBD620245EAD17D41DEA0CBC2DF ] gdwfpcd C:\WINDOWS\system32\drivers\gdwfpcd64.sys
21:58:57.0921 0x19e4 gdwfpcd - ok
21:58:57.0937 0x19e4 gencounter - ok
21:58:57.0937 0x19e4 genericusbfn - ok
21:58:57.0937 0x19e4 GPIOClx0101 - ok
21:58:57.0937 0x19e4 gpsvc - ok
21:58:57.0952 0x19e4 GpuEnergyDrv - ok
21:58:57.0952 0x19e4 [ 7F2DEAC8C1F91EA86FD0E50A340C3348, 5FB43B9AEC482AF95E71E11E9A96E65BDE9D1A25F9B42EE7051866D2A3EF0098 ] GRD C:\WINDOWS\system32\drivers\GRD.sys
21:58:57.0968 0x19e4 GRD - ok
21:58:57.0968 0x19e4 [ B9893A68032A6D9ADDB5B98287C630F7, F0280764D7B31F1EA634E91397229B1C064A7C1B3A77A6BBD123CEA74180789F ] grmnusb C:\WINDOWS\system32\drivers\grmnusb.sys
21:58:57.0983 0x19e4 grmnusb - ok
21:58:57.0983 0x19e4 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:58:57.0999 0x19e4 gupdate - ok
21:58:57.0999 0x19e4 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:58:58.0015 0x19e4 gupdatem - ok
21:58:58.0015 0x19e4 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:58:58.0030 0x19e4 gusvc - ok
21:58:58.0030 0x19e4 HdAudAddService - ok
21:58:58.0046 0x19e4 HDAudBus - ok
21:58:58.0046 0x19e4 HidBatt - ok
21:58:58.0046 0x19e4 HidBth - ok
21:58:58.0046 0x19e4 hidi2c - ok
21:58:58.0062 0x19e4 hidinterrupt - ok
21:58:58.0062 0x19e4 HidIr - ok
21:58:58.0062 0x19e4 hidserv - ok
21:58:58.0077 0x19e4 HidUsb - ok
21:58:58.0077 0x19e4 [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK C:\WINDOWS\system32\drivers\HipShieldK.sys
21:58:58.0093 0x19e4 HipShieldK - ok
21:58:58.0093 0x19e4 HomeGroupListener - ok
21:58:58.0093 0x19e4 HomeGroupProvider - ok
21:58:58.0108 0x19e4 [ DCD75DED063C6625AAD5F28A7F86279F, A27C0E70577EA4FCD9CBB3DD63A280FA099AD3F367D7107385E38635F00C5BA3 ] HookCentre C:\WINDOWS\system32\drivers\HookCentre.sys
21:58:58.0124 0x19e4 HookCentre - ok
21:58:58.0124 0x19e4 HpSAMD - ok
21:58:58.0124 0x19e4 HTTP - ok
21:58:58.0140 0x19e4 [ 5004E766075BADA25608489A7C649698, 685D6F5B99C06EF091BB126CA3FEADCA3ED3C05DD78B6709AF04A1DD0A030BAE ] huawei_cdcacm C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys
21:58:58.0155 0x19e4 huawei_cdcacm - ok
21:58:58.0155 0x19e4 [ D49D4E7B70AD6B1D04771AC1F7DB79C7, 093D8343CF769FC805308ED357EEF30E3D78569B817A20FE9884863A1FDBC028 ] huawei_enumerator C:\WINDOWS\System32\drivers\ew_jubusenum.sys
21:58:58.0187 0x19e4 huawei_enumerator - ok
21:58:58.0187 0x19e4 HvHost - ok
21:58:58.0187 0x19e4 hvservice - ok
21:58:58.0202 0x19e4 [ BEF8FA61400A8BBD44DB075F52058DF3, D6631072B06DA60735CC4D7EA883496855A5B79D509D859B0570C88CA9A6F66C ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
21:58:58.0218 0x19e4 HWDeviceService64.exe - ok
21:58:58.0218 0x19e4 hwpolicy - ok
21:58:58.0233 0x19e4 [ F76D89C60AF419CC67AC1A1E589092B7, 9E878EE0517C1DBA726E6BCDB8EA3893007793B0036B28E13E75A9230B7CB754 ] hwusb_cdcacm C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys
21:58:58.0249 0x19e4 hwusb_cdcacm - ok
21:58:58.0265 0x19e4 [ 82B1F9908C829ABA37997EEC919C01C6, 1CC511F8A32CDB4102ECD34A4057882031E216D8B3E68576B5E928B57479DF49 ] hwusb_wwanecm C:\WINDOWS\system32\DRIVERS\ew_wwanecm.sys
21:58:58.0296 0x19e4 hwusb_wwanecm - ok
21:58:58.0296 0x19e4 hyperkbd - ok
21:58:58.0296 0x19e4 i8042prt - ok
21:58:58.0312 0x19e4 iagpio - ok
21:58:58.0312 0x19e4 iai2c - ok
21:58:58.0312 0x19e4 iaLPSS2i_GPIO2 - ok
21:58:58.0312 0x19e4 iaLPSS2i_I2C - ok
21:58:58.0327 0x19e4 iaLPSSi_GPIO - ok
21:58:58.0327 0x19e4 iaLPSSi_I2C - ok
21:58:58.0343 0x19e4 [ DD954B3DA679DD1CC22D7BE714BDCA97, 1D21DF77F635E43D800610B6B742AEFBE8CE5800BEE593A64CDF740DA9071426 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
21:58:58.0358 0x19e4 iaStorA - ok
21:58:58.0374 0x19e4 iaStorAV - ok
21:58:58.0374 0x19e4 [ D0BC37AD4F4AB21BE2322FD481247475, 88FAD5D7095DD15BAEBA74EF6DCDF9E00932BBF2C73963DF05687CFDF1984047 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:58:58.0390 0x19e4 IAStorDataMgrSvc - ok
21:58:58.0390 0x19e4 iaStorV - ok
21:58:58.0390 0x19e4 ibbus - ok
21:58:58.0390 0x19e4 ibtsiva - ok
21:58:58.0405 0x19e4 [ C5547F54E191D36AFD3A3654CBA65806, FC4EA1FFE2077FE17C536C0674CBC61EFDA138BC145346DA67742C15A93D9C1A ] ibtusb C:\WINDOWS\system32\DRIVERS\ibtusb.sys
21:58:58.0421 0x19e4 ibtusb - ok
21:58:58.0421 0x19e4 icssvc - ok
21:58:58.0577 0x19e4 [ 658287D76E8D77C08AE98989F99B8948, DBA67B5772E1FE43ABDB3908A1CF86D76F2774BABC20359D2511F06A2A8CAC57 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
21:58:58.0749 0x19e4 igfx - ok
21:58:58.0780 0x19e4 [ A105AD05696D55E6E4F078ED850F6305, 8121A4226D2941EDD4809D516E7684E5C7164ADCF5AA4C8BC6620110625D3E8D ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
21:58:58.0796 0x19e4 igfxCUIService2.0.0.0 - ok
21:58:58.0796 0x19e4 [ C5B04409186A27409BD069580208A6D3, CAD4B07EB498BBDF730A8362BFDF02CF3A40B28001097CB8DBB5BE20D79581BA ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
21:58:58.0812 0x19e4 IJPLMSVC - ok
21:58:58.0812 0x19e4 [ E18725531054FE222115873AC1CCB02B, 0FC4B9D5DF77E19E4732759B848B4BCBBD44A124304FA8333BB3B7BC37E15FB8 ] ikbevent C:\WINDOWS\system32\DRIVERS\ikbevent.sys
21:58:58.0827 0x19e4 ikbevent - ok
21:58:58.0827 0x19e4 IKEEXT - ok
21:58:58.0843 0x19e4 [ 8A268094274301F2673D0D656BF763E5, 7633741B393D4A3151425D4FBB0C0EB9D5E2B31A707710E23F4B749C08248C54 ] ImControllerService C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
21:58:58.0843 0x19e4 ImControllerService - ok
21:58:58.0858 0x19e4 [ 45060257BCA3D60204FEC29F6E6DE458, C9FB92FEEFC0DC5386B545A8E429D60B932360B9044A920F6F2EDD5CF3B7B5A0 ] imsevent C:\WINDOWS\system32\DRIVERS\imsevent.sys
21:58:58.0858 0x19e4 imsevent - ok
21:58:58.0874 0x19e4 IndirectKmd - ok
21:58:58.0874 0x19e4 [ 5950F69F9B345952F3C2275C39EA393B, 382923DE0F5F25285F8C86BA628350DF1CFB6E63FF20736CF9285FB0F36A76DE ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
21:58:58.0890 0x19e4 intaud_WaveExtensible - ok
21:58:58.0968 0x19e4 [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
21:58:59.0062 0x19e4 IntcAzAudAddService - ok
21:58:59.0077 0x19e4 [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
21:58:59.0108 0x19e4 IntcDAud - ok
21:58:59.0124 0x19e4 [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:58:59.0155 0x19e4 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
21:58:59.0655 0x19e4 Detect skipped due to KSN trusted
21:58:59.0655 0x19e4 Intel(R) Capability Licensing Service Interface - ok
21:58:59.0687 0x19e4 [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:58:59.0718 0x19e4 Intel(R) Capability Licensing Service TCP IP Interface - ok
21:58:59.0718 0x19e4 [ 726BFAF3DC2071218F0AE53C919A4D3B, 7934BB42C16F1DAA80AB92FA4AF4BFDD2B8AF73EF55D95950E4A77DBB3DCBF4A ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
21:58:59.0733 0x19e4 Intel(R) ME Service - ok
21:58:59.0733 0x19e4 intelide - ok
21:58:59.0749 0x19e4 intelpep - ok
21:58:59.0749 0x19e4 intelppm - ok
21:58:59.0765 0x19e4 [ C5678CCEB3E9E03639C0A0E67B132E92, 3997C2F0410C7211C32730D3D80CDE18EABAAC9F244282008490351B9A4057EB ] Internet Manager. RunOuc C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe
21:58:59.0796 0x19e4 Internet Manager. RunOuc - detected UnsignedFile.Multi.Generic ( 1 )
21:59:00.0312 0x19e4 Detect skipped due to KSN trusted
21:59:00.0312 0x19e4 Internet Manager. RunOuc - ok
21:59:00.0312 0x19e4 iorate - ok
21:59:00.0312 0x19e4 IpFilterDriver - ok
21:59:00.0327 0x19e4 iphlpsvc - ok
21:59:00.0327 0x19e4 IPMIDRV - ok
21:59:00.0327 0x19e4 IPNAT - ok
21:59:00.0327 0x19e4 irda - ok
21:59:00.0343 0x19e4 IRENUM - ok
21:59:00.0343 0x19e4 irmon - ok
21:59:00.0343 0x19e4 isapnp - ok
21:59:00.0343 0x19e4 iScsiPrt - ok
21:59:00.0358 0x19e4 [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT C:\WINDOWS\System32\drivers\ISCTD64.sys
21:59:00.0358 0x19e4 ISCT - ok
21:59:00.0374 0x19e4 [ 6E5767C95F746B6834F412CDBDCFEC48, DE4FC70159D0A4C0B15DE8F69554F8FF6EED9C6480C0CBE33BF74FCB0BD975FE ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
21:59:00.0390 0x19e4 ISCTAgent - ok
21:59:00.0390 0x19e4 [ 622BF9C46A47CF17608C501320E8EFBD, 059F99D4306216324E100FCDAF02093B2CD662F2C6BE8565A4281E7760F8B575 ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
21:59:00.0405 0x19e4 iumsvc - ok
21:59:00.0421 0x19e4 [ F1D3A377ED9BA1CA449824C41CAF104C, EA0E90D5D827664CFDB644753C6DC134C3F8F852F24175EC8328A9FA925B25BF ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
21:59:00.0421 0x19e4 iwdbus - ok
21:59:00.0437 0x19e4 [ 1128B38EEC9DAF1B36373B65E87C00A3, 071E9454B9B442C2C3272FBC1AE5E92911A23CDB99F1C718C34067A70B99F910 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:59:00.0452 0x19e4 jhi_service - ok
21:59:00.0452 0x19e4 kbdclass - ok
21:59:00.0452 0x19e4 kbdhid - ok
21:59:00.0452 0x19e4 kdnic - ok
21:59:00.0468 0x19e4 KeyIso - ok
21:59:00.0468 0x19e4 KSecDD - ok
21:59:00.0468 0x19e4 KSecPkg - ok
21:59:00.0468 0x19e4 ksthunk - ok
21:59:00.0483 0x19e4 KtmRm - ok
21:59:00.0483 0x19e4 LanmanServer - ok
21:59:00.0483 0x19e4 LanmanWorkstation - ok
21:59:00.0499 0x19e4 lfsvc - ok
21:59:00.0499 0x19e4 [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr C:\WINDOWS\system32\DRIVERS\LhdX64.sys
21:59:00.0515 0x19e4 LHDmgr - ok
21:59:00.0515 0x19e4 LicenseManager - ok
21:59:00.0515 0x19e4 lltdio - ok
21:59:00.0530 0x19e4 lltdsvc - ok
21:59:00.0530 0x19e4 lmhosts - ok
21:59:00.0546 0x19e4 [ 36DCEA3101D8CB56852EF5D7A4079164, 4E0CF63270B26049A8C76E5294EE9225D867F3D53A85A6D07486FDF87270E559 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:59:00.0562 0x19e4 LMS - ok
21:59:00.0562 0x19e4 LSI_SAS - ok
21:59:00.0562 0x19e4 LSI_SAS2i - ok
21:59:00.0577 0x19e4 LSI_SAS3i - ok
21:59:00.0577 0x19e4 LSI_SSS - ok
21:59:00.0577 0x19e4 LSM - ok
21:59:00.0577 0x19e4 luafv - ok
21:59:00.0593 0x19e4 MapsBroker - ok
21:59:00.0593 0x19e4 [ 25FAEF6CCFF6D9912A65641AE60711EB, AD83C6DE72D7C416EC7765DBA2EF41B32084980EE071A17CA2C360CDF91212AE ] MBAMChameleon C:\WINDOWS\system32\drivers\MBAMChameleon.sys
21:59:00.0608 0x19e4 MBAMChameleon - ok
21:59:00.0624 0x19e4 [ 4988F9AEE3B9E4545975CAA9381DB0EF, DC6030468783BF02DAA6922A5469D73D56642963F7212398A959AD7915D9E76B ] MBAMFarflt C:\WINDOWS\system32\DRIVERS\farflt.sys
21:59:00.0624 0x19e4 MBAMFarflt - ok
21:59:00.0640 0x19e4 [ 149E252142950594695178971748D056, 6F3EBAD6CB87A21B457AA09CA56EF01B48D4478CB94BD09834E72BE9A41265A4 ] MBAMProtection C:\WINDOWS\system32\drivers\mbam.sys
21:59:00.0655 0x19e4 MBAMProtection - ok
21:59:00.0765 0x19e4 [ FEAF4E98C93BC3512B8108D2F534A3BA, 6D93EF21DB9BFFACC1241E823F9BB7719B9395D64BBF952874CFF015B7930D92 ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
21:59:00.0890 0x19e4 MBAMService - ok
21:59:00.0921 0x19e4 [ 94FCA94EE7937EA3ED75F39DE4C8E292, CD41ACBC70412B61C844ADC26413728A09D60983A464327A285C80E08D37F8B6 ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
21:59:00.0937 0x19e4 MBAMSwissArmy - ok
21:59:00.0937 0x19e4 [ CC6522BC2BD971FEBADC5A794A908E4D, 388E612B4BC4E5A6E547D94D4C81D3301D664CDA77798FC0EFC0EF1F811E734C ] MBAMWebProtection C:\WINDOWS\system32\drivers\mwac.sys
21:59:00.0952 0x19e4 MBAMWebProtection - ok
21:59:00.0952 0x19e4 megasas - ok
21:59:00.0968 0x19e4 megasas2i - ok
21:59:00.0968 0x19e4 megasr - ok
21:59:00.0968 0x19e4 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
21:59:00.0983 0x19e4 MEIx64 - ok
21:59:00.0999 0x19e4 MessagingService - ok
21:59:00.0999 0x19e4 [ CFFF5D9DD7C2B45801D71D13B3F372E0, 2C36A379AE107EEB28092399ED3152BAB0C3D5BC26B0591FA7962DED15F2A7F7 ] mfencrk C:\WINDOWS\system32\DRIVERS\mfencrk.sys
21:59:01.0015 0x19e4 mfencrk - ok
21:59:01.0030 0x19e4 mlx4_bus - ok
21:59:01.0030 0x19e4 MMCSS - ok
21:59:01.0030 0x19e4 Modem - ok
21:59:01.0030 0x19e4 monitor - ok
21:59:01.0046 0x19e4 [ 54F44C3A4F6C1C4D00D4157FBD531EB1, B70861488C53F5399F2102E984220EC9578C5E21D48D280DF9F96CA0654A5923 ] MosIrUsb C:\WINDOWS\System32\drivers\MosIrUsb.sys
21:59:01.0062 0x19e4 MosIrUsb - ok
21:59:01.0062 0x19e4 mouclass - ok
21:59:01.0077 0x19e4 mouhid - ok
21:59:01.0077 0x19e4 mountmgr - ok
21:59:01.0093 0x19e4 [ 0EACD4459D14FBB121A0F8202F170225, 6C63A3D69D6A44E6E03863D2256A5C6EF2DCA56B18DC90B8F3AE8C8DF5D303EF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:59:01.0108 0x19e4 MozillaMaintenance - ok
21:59:01.0108 0x19e4 mpsdrv - ok
21:59:01.0108 0x19e4 MpsSvc - ok
21:59:01.0124 0x19e4 MRxDAV - ok
21:59:01.0124 0x19e4 mrxsmb - ok
21:59:01.0124 0x19e4 mrxsmb10 - ok
21:59:01.0124 0x19e4 mrxsmb20 - ok
21:59:01.0140 0x19e4 MsBridge - ok
21:59:01.0140 0x19e4 MSDTC - ok
21:59:01.0140 0x19e4 Msfs - ok
21:59:01.0155 0x19e4 msgpiowin32 - ok
21:59:01.0155 0x19e4 mshidkmdf - ok
21:59:01.0155 0x19e4 mshidumdf - ok
21:59:01.0155 0x19e4 msisadrv - ok
21:59:01.0171 0x19e4 MSiSCSI - ok
21:59:01.0171 0x19e4 msiserver - ok
21:59:01.0171 0x19e4 MSKSSRV - ok
21:59:01.0171 0x19e4 MsLldp - ok
21:59:01.0187 0x19e4 MSPCLOCK - ok
21:59:01.0187 0x19e4 MSPQM - ok
21:59:01.0187 0x19e4 MsRPC - ok
21:59:01.0202 0x19e4 mssmbios - ok
21:59:01.0202 0x19e4 MSTEE - ok
21:59:01.0202 0x19e4 MTConfig - ok
21:59:01.0202 0x19e4 Mup - ok
21:59:01.0218 0x19e4 mvumis - ok
21:59:01.0218 0x19e4 NativeWifiP - ok
21:59:01.0218 0x19e4 NcaSvc - ok
21:59:01.0233 0x19e4 NcbService - ok
21:59:01.0233 0x19e4 NcdAutoSetup - ok
21:59:01.0233 0x19e4 ndfltr - ok
21:59:01.0233 0x19e4 NDIS - ok
21:59:01.0249 0x19e4 NdisCap - ok
21:59:01.0249 0x19e4 NdisImPlatform - ok
21:59:01.0249 0x19e4 NdisTapi - ok
21:59:01.0265 0x19e4 Ndisuio - ok
21:59:01.0265 0x19e4 NdisVirtualBus - ok
21:59:01.0265 0x19e4 NdisWan - ok
21:59:01.0265 0x19e4 ndiswanlegacy - ok
21:59:01.0280 0x19e4 ndproxy - ok
21:59:01.0280 0x19e4 Ndu - ok
21:59:01.0280 0x19e4 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
21:59:01.0296 0x19e4 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
21:59:01.0749 0x19e4 Detect skipped due to KSN trusted
21:59:01.0749 0x19e4 Net Driver HPZ12 - ok
21:59:01.0749 0x19e4 NetAdapterCx - ok
21:59:01.0765 0x19e4 NetBIOS - ok
21:59:01.0765 0x19e4 NetBT - ok
21:59:01.0765 0x19e4 Netlogon - ok
21:59:01.0780 0x19e4 Netman - ok
21:59:01.0780 0x19e4 netprofm - ok
21:59:01.0780 0x19e4 NetSetupSvc - ok
21:59:01.0796 0x19e4 NetTcpPortSharing - ok
21:59:01.0858 0x19e4 [ 387ADDE3084B0E98CD2943705377F9C8, CC29F396277518CED5453870E08653BE95BF0E0BD7DD94DF9E84A35FFE80CDAB ] NETwNb64 C:\WINDOWS\System32\drivers\Netwbw02.sys
21:59:01.0952 0x19e4 NETwNb64 - ok
21:59:01.0968 0x19e4 NgcCtnrSvc - ok
21:59:01.0968 0x19e4 NgcSvc - ok
21:59:01.0968 0x19e4 NlaSvc - ok
21:59:01.0983 0x19e4 Npfs - ok
21:59:01.0983 0x19e4 npsvctrig - ok
21:59:01.0983 0x19e4 nsi - ok
21:59:01.0983 0x19e4 nsiproxy - ok
21:59:01.0999 0x19e4 NTFS - ok
21:59:01.0999 0x19e4 Null - ok
21:59:02.0015 0x19e4 [ DA16D10F446F9F9CE3EDB395A34ED5EE, F2F7592BEDB2F5D9981C49695987C7767DA9995A5963B3483EFC7ADE6B39669D ] NuTCRACKERService C:\WINDOWS\system32\nutsrv4.exe
21:59:02.0046 0x19e4 NuTCRACKERService - ok
21:59:02.0062 0x19e4 [ 176372CCCD2A3B36224D0490A24FDCD5, 214C2BE782CF060069070C292CD18084DFFC26A2F26DB94847EFFFEC5B190905 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
21:59:02.0077 0x19e4 NvContainerLocalSystem - ok
21:59:02.0093 0x19e4 [ 176372CCCD2A3B36224D0490A24FDCD5, 214C2BE782CF060069070C292CD18084DFFC26A2F26DB94847EFFFEC5B190905 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
21:59:02.0108 0x19e4 NvContainerNetworkService - ok
21:59:02.0405 0x19e4 [ 90050A0469120BD8E0931267FFE31CFD, 0424DF3733EBF21B2500F7B94C40E0A8AD60005191E4FB0C2F6FFD8FC7844EEF ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_e512e33140587627\nvlddmkm.sys
21:59:02.0718 0x19e4 nvlddmkm - ok
21:59:02.0749 0x19e4 [ 48898B26FBE8185DE5625FA1D369DDDB, 5CF71E952D1E4E24BC2E3DB8A48D44DD4A132B940E6D883A3E37DDC65940DBA4 ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
21:59:02.0765 0x19e4 nvpciflt - ok
21:59:02.0765 0x19e4 nvraid - ok
21:59:02.0765 0x19e4 nvstor - ok
21:59:02.0765 0x19e4 [ 4942EC595A4A10F94BB060CB2DFE83BD, 2FDBA6AFFCA0E85D840AFD149762CE82C95861C370469DF8A5C5B5F213CD9488 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
21:59:02.0780 0x19e4 NvStreamKms - ok
21:59:02.0796 0x19e4 [ 0CB5B4866F6A7EAE332E256D151C8190, 2A9CFFD46C2972DDC16C3C34DD3A17B47C6D4145485E4A28365AD3797576424C ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
21:59:02.0812 0x19e4 NvTelemetryContainer - ok
21:59:02.0812 0x19e4 [ F489CE4A8456F9EB0F0C5532E2FD7549, 145D8A8EBF5120C735FBCDCA6593AB29088E2AB77130749E3727CB1434C9ABEA ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
21:59:02.0827 0x19e4 nvvad_WaveExtensible - ok
21:59:02.0827 0x19e4 [ 0E624D8E9B6BFDA269FB1C4456E5DEBE, 9F4E5485B719547F12A27EAFFAB32819AE38086D0933EA1525B5B62684A07477 ] nvvhci C:\WINDOWS\System32\drivers\nvvhci.sys
21:59:02.0843 0x19e4 nvvhci - ok
21:59:02.0858 0x19e4 [ 18D041C4E99653D5C782AD2B3E4AAE04, B991AF5CFCF9174E050D5034FAB044C0FB01CBC0C0FB01F0ACF2C52B227BF33D ] nwtsrv C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
21:59:02.0874 0x19e4 nwtsrv - ok
21:59:02.0874 0x19e4 OneSyncSvc - ok
21:59:02.0890 0x19e4 [ 28EBB54D39A9BDC13516C2C0FF1EB95D, 5E4D9126772E43D689010C8FA1131296FAD9A8F92395E68F598CA8FBB18BFC71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:59:02.0905 0x19e4 ose - ok
21:59:02.0905 0x19e4 p2pimsvc - ok
21:59:02.0905 0x19e4 p2psvc - ok
21:59:02.0921 0x19e4 Parport - ok
21:59:02.0921 0x19e4 partmgr - ok
21:59:02.0921 0x19e4 PcaSvc - ok
21:59:02.0921 0x19e4 pci - ok
21:59:02.0937 0x19e4 pciide - ok
21:59:02.0937 0x19e4 pcmcia - ok
21:59:02.0937 0x19e4 pcw - ok
21:59:02.0952 0x19e4 pdc - ok
21:59:02.0952 0x19e4 PEAUTH - ok
21:59:02.0952 0x19e4 percsas2i - ok
21:59:02.0968 0x19e4 percsas3i - ok
21:59:02.0999 0x19e4 PerfHost - ok
21:59:02.0999 0x19e4 PhoneSvc - ok
21:59:03.0015 0x19e4 PimIndexMaintenanceSvc - ok
21:59:03.0015 0x19e4 pla - ok
21:59:03.0015 0x19e4 PlugPlay - ok
21:59:03.0030 0x19e4 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
21:59:03.0046 0x19e4 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
21:59:03.0499 0x19e4 Detect skipped due to KSN trusted
21:59:03.0499 0x19e4 Pml Driver HPZ12 - ok
21:59:03.0515 0x19e4 PNRPAutoReg - ok
21:59:03.0515 0x19e4 PNRPsvc - ok
21:59:03.0515 0x19e4 PolicyAgent - ok
21:59:03.0530 0x19e4 Power - ok
21:59:03.0530 0x19e4 PptpMiniport - ok
21:59:03.0593 0x19e4 [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:59:03.0718 0x19e4 PrintNotify - ok
21:59:03.0733 0x19e4 Processor - ok
21:59:03.0733 0x19e4 ProfSvc - ok
21:59:03.0733 0x19e4 Psched - ok
21:59:03.0733 0x19e4 QWAVE - ok
21:59:03.0749 0x19e4 QWAVEdrv - ok
21:59:03.0749 0x19e4 RasAcd - ok
21:59:03.0749 0x19e4 RasAgileVpn - ok
21:59:03.0765 0x19e4 RasAuto - ok
21:59:03.0765 0x19e4 Rasl2tp - ok
21:59:03.0765 0x19e4 RasMan - ok
21:59:03.0765 0x19e4 RasPppoe - ok
21:59:03.0780 0x19e4 RasSstp - ok
21:59:03.0780 0x19e4 rdbss - ok
21:59:03.0780 0x19e4 rdpbus - ok
21:59:03.0796 0x19e4 RDPDR - ok
21:59:03.0796 0x19e4 RdpVideoMiniport - ok
21:59:03.0812 0x19e4 rdyboost - ok
21:59:03.0812 0x19e4 ReFSv1 - ok
21:59:03.0812 0x19e4 RemoteAccess - ok
21:59:03.0812 0x19e4 RemoteRegistry - ok
21:59:03.0827 0x19e4 RetailDemo - ok
21:59:03.0827 0x19e4 RFCOMM - ok
21:59:03.0827 0x19e4 RmSvc - ok
21:59:03.0843 0x19e4 RpcEptMapper - ok
21:59:03.0843 0x19e4 RpcLocator - ok
21:59:03.0843 0x19e4 RpcSs - ok
21:59:03.0858 0x19e4 rspndr - ok
21:59:03.0858 0x19e4 rt640x64 - ok
21:59:03.0874 0x19e4 [ B88880586ACD3EDEFCD0F9C2A6C1EE27, 901EEA6C7CC4AA19C3D79E52D4892F9965B61D51DBE0855ACCB64BB6B2260353 ] RTL2832UBDA C:\WINDOWS\system32\drivers\RTL2832UBDA.sys
21:59:03.0874 0x19e4 RTL2832UBDA - ok
21:59:03.0890 0x19e4 [ 4C04300EE6A5E780FD4E2F0806AECA0E, 85C01DDABEC393D85DD5F243EDF4792036209BCC01CE23296F0305AD1D2CFA71 ] RTL2832UUSB C:\WINDOWS\System32\Drivers\RTL2832UUSB.sys
21:59:03.0890 0x19e4 RTL2832UUSB - ok
21:59:03.0905 0x19e4 [ C24DF587D59345FCA718FE550EB036D7, 50B3D26C0F633B90B399C2E466108CE0B6A592CBE969CEE4A44E5F4EC9F07258 ] RTL2832U_IRHID C:\WINDOWS\System32\drivers\RTL2832U_IRHID.sys
21:59:03.0905 0x19e4 RTL2832U_IRHID - ok
21:59:03.0937 0x19e4 [ 0563EF3AFC4F0A3A10A850A2CC4C3121, B5A125883E826316F94DD5E941C59C1319409752070C6A5BE28FB5DA09845746 ] RTL8168 C:\WINDOWS\System32\drivers\Rt630x64.sys
21:59:03.0952 0x19e4 RTL8168 - ok
21:59:03.0983 0x19e4 [ 72194EB35B78757FBA9FCEC5C94AB53A, 3FCDF13C20D902A11A81EFAB3FD99D839EC6B39BB51FC3E1EE1138DBBF33AFF9 ] RTSPER C:\WINDOWS\system32\DRIVERS\RtsPer.sys
21:59:03.0999 0x19e4 RTSPER - ok
21:59:04.0155 0x19e4 [ 40F7D0FC20448D8DDC56066565CE17E6, FCBA1A9D7666089AC2141ECC9403A62087875E585B1592F40E8B27B4DBD07767 ] rtsuvc C:\WINDOWS\system32\DRIVERS\rtsuvc.sys
21:59:04.0327 0x19e4 rtsuvc - ok
21:59:04.0343 0x19e4 s3cap - ok
21:59:04.0343 0x19e4 SamSs - ok
21:59:04.0343 0x19e4 sbp2port - ok
21:59:04.0343 0x19e4 SCardSvr - ok
21:59:04.0358 0x19e4 ScDeviceEnum - ok
21:59:04.0358 0x19e4 scfilter - ok
21:59:04.0358 0x19e4 Schedule - ok
21:59:04.0374 0x19e4 scmbus - ok
21:59:04.0374 0x19e4 scmdisk0101 - ok
21:59:04.0374 0x19e4 SCPolicySvc - ok
21:59:04.0390 0x19e4 [ F7CB59B1758135DA71CDBDC478170C99, 72DD13DD3A5BEEB4444723A5E743D8AD31122211236EEBACE972AF7A2686A5CE ] SD11CL64 C:\WINDOWS\system32\DRIVERS\SD11CL64.sys
21:59:04.0405 0x19e4 SD11CL64 - ok
21:59:04.0405 0x19e4 sdbus - ok
21:59:04.0421 0x19e4 [ 316A555A88EE4B2A2B6064D7205CDACD, 9BE8E986C51CBC9B5F49B8D6DD79AAA3591469C1047AFA2762F717C0A72AE0FA ] SDI01164 C:\WINDOWS\system32\DRIVERS\SDI01164.SYS
21:59:04.0437 0x19e4 SDI01164 - ok
21:59:04.0437 0x19e4 SDRSVC - ok
21:59:04.0437 0x19e4 sdstor - ok
21:59:04.0452 0x19e4 [ AFC22441287207D38A6D0D8031E86BBA, 540F27632A883C29217E82DCEB887D0A5459FCD19AC7FED6B1F9F61DF3BF86E2 ] Seagate Dashboard Services C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
21:59:04.0468 0x19e4 Seagate Dashboard Services - ok
21:59:04.0468 0x19e4 [ D95BAFD391C781E55316E6F26831E45B, C6412A055661306D107C3C31AD49D58A3BE5B9154587B53610F1511E33D57BE0 ] Seagate MobileBackup Service C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
21:59:04.0483 0x19e4 Seagate MobileBackup Service - ok
21:59:04.0483 0x19e4 seclogon - ok
21:59:04.0499 0x19e4 SENS - ok
21:59:04.0499 0x19e4 SensorDataService - ok
21:59:04.0499 0x19e4 SensorService - ok
21:59:04.0515 0x19e4 SensrSvc - ok
21:59:04.0515 0x19e4 SerCx - ok
21:59:04.0515 0x19e4 SerCx2 - ok
21:59:04.0530 0x19e4 Serenum - ok
21:59:04.0530 0x19e4 Serial - ok
21:59:04.0546 0x19e4 sermouse - ok
21:59:04.0562 0x19e4 SessionEnv - ok
21:59:04.0562 0x19e4 sfloppy - ok
21:59:04.0562 0x19e4 SharedAccess - ok
21:59:04.0577 0x19e4 [ E829D42DD6C64DFE2587FD9B9F598693, 78C387F7F049BD436E69CB5366BCA08B0B9BE7D7A468B843A18E24E7DB2624FA ] ShareItSvc C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe
21:59:04.0593 0x19e4 ShareItSvc - ok
21:59:04.0593 0x19e4 ShellHWDetection - ok
21:59:04.0593 0x19e4 shpamsvc - ok
21:59:04.0608 0x19e4 SiSRaid2 - ok
21:59:04.0608 0x19e4 SiSRaid4 - ok
21:59:04.0624 0x19e4 [ E6DA1192D36D2D29FF8387917C2D70A6, 6F6AB7A2E45D7E05F5ED0B08B1ED9FFA03BDBFAF5E80F8B9E2C4D6CF6F74B851 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:59:04.0655 0x19e4 SkypeUpdate - ok
21:59:04.0655 0x19e4 [ 8A6571231D93C08434A56E19E33A35CB, 78A12B58D129D5B2017C9A94734656B9F1ED41345DF1D01F82702D4D95C1BE3F ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
21:59:04.0671 0x19e4 SmbDrvI - ok
21:59:04.0671 0x19e4 smphost - ok
21:59:04.0687 0x19e4 SmsRouter - ok
21:59:04.0702 0x19e4 SNMPTRAP - ok
21:59:04.0702 0x19e4 spaceport - ok
21:59:04.0702 0x19e4 SpbCx - ok
21:59:04.0718 0x19e4 Spooler - ok
21:59:04.0718 0x19e4 sppsvc - ok
21:59:04.0733 0x19e4 srv - ok
21:59:04.0733 0x19e4 srv2 - ok
21:59:04.0733 0x19e4 srvnet - ok
21:59:04.0749 0x19e4 SSDPSRV - ok
21:59:04.0749 0x19e4 SstpSvc - ok
21:59:04.0765 0x19e4 [ F0B59ADCD06BCEB9D47311B7041CA2C9, 6299AB514CBE153C875F083ED789F6205C1781C0178759521F5A6D8007F5257C ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
21:59:04.0780 0x19e4 ssudmdm - ok
21:59:04.0796 0x19e4 [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
21:59:04.0827 0x19e4 ss_conn_service - ok
21:59:04.0827 0x19e4 StateRepository - ok
21:59:04.0827 0x19e4 stexstor - ok
21:59:04.0843 0x19e4 stisvc - ok
21:59:04.0843 0x19e4 storahci - ok
21:59:04.0843 0x19e4 storflt - ok
21:59:04.0858 0x19e4 stornvme - ok
21:59:04.0858 0x19e4 storqosflt - ok
21:59:04.0858 0x19e4 StorSvc - ok
21:59:04.0874 0x19e4 storufs - ok
21:59:04.0874 0x19e4 storvsc - ok
21:59:04.0905 0x19e4 [ 6BB595EDC1C53A06E07B737C27CE000D, 0141C0CDA1C0D080A4A0A43B919A6EC76661A913C1E4036E1A61E0F80D014C64 ] SurfEasyVPN C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
21:59:04.0952 0x19e4 SurfEasyVPN - ok
21:59:04.0968 0x19e4 [ EB207D539911B512726C4A6B8A2ED78C, 9662B0BDFA1420399B48B892C9B3C47FDFE966F32405FC3A4B22F2DE2A0FA614 ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
21:59:04.0968 0x19e4 SUService - ok
21:59:04.0983 0x19e4 svsvc - ok
21:59:04.0983 0x19e4 swenum - ok
21:59:04.0983 0x19e4 swprv - ok
21:59:04.0999 0x19e4 Synth3dVsc - ok
21:59:05.0015 0x19e4 [ 7DC2B34FB6F1798F2D13453E0321D025, 60EF12A8824384DD88D9C5D188E8FB137F0F85A63C06AAF720CB2D616EB847F4 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
21:59:05.0030 0x19e4 SynTP - ok
21:59:05.0030 0x19e4 SysMain - ok
21:59:05.0046 0x19e4 SystemEventsBroker - ok
21:59:05.0046 0x19e4 TabletInputService - ok
21:59:05.0046 0x19e4 [ D765F43CBEA72D14C04AF3D2B9C8E54B, 89C5CA1440DF186497CE158EB71C0C6BF570A75B6BC1880EAC7C87A0250201C0 ] tap0901 C:\WINDOWS\System32\drivers\tap0901.sys
21:59:05.0062 0x19e4 tap0901 - ok
21:59:05.0077 0x19e4 [ E790E904BB06081F5A3DAFE87F20D06B, F09F574A134E87B9578B914ACD028AF49031CDC788989A073197774A49FFFD17 ] taphss6 C:\WINDOWS\System32\drivers\taphss6.sys
21:59:05.0077 0x19e4 taphss6 - ok
21:59:05.0093 0x19e4 TapiSrv - ok
21:59:05.0093 0x19e4 Tcpip - ok
21:59:05.0093 0x19e4 Tcpip6 - ok
21:59:05.0108 0x19e4 tcpipreg - ok
21:59:05.0108 0x19e4 tdx - ok
21:59:05.0124 0x19e4 terminpt - ok
21:59:05.0124 0x19e4 TermService - ok
21:59:05.0124 0x19e4 Themes - ok
21:59:05.0140 0x19e4 TieringEngineService - ok
21:59:05.0140 0x19e4 tiledatamodelsvc - ok
21:59:05.0140 0x19e4 TimeBrokerSvc - ok
21:59:05.0140 0x19e4 TPM - ok
21:59:05.0155 0x19e4 TrkWks - ok
21:59:05.0155 0x19e4 TrustedInstaller - ok
21:59:05.0171 0x19e4 [ 59BD43714E1034A913F019413905D387, 1F16B042F5C7880C94AC368FA88E05CA2031F7BE56CEBB8188746E5C2B27A2FB ] TS4NT C:\WINDOWS\system32\Drivers\TS4nt.sys
21:59:05.0171 0x19e4 TS4NT - ok
21:59:05.0187 0x19e4 tsusbflt - ok
21:59:05.0187 0x19e4 TsUsbGD - ok
21:59:05.0202 0x19e4 tunnel - ok
21:59:05.0202 0x19e4 tzautoupdate - ok
21:59:05.0202 0x19e4 UASPStor - ok
21:59:05.0218 0x19e4 UcmCx0101 - ok
21:59:05.0218 0x19e4 UcmTcpciCx0101 - ok
21:59:05.0233 0x19e4 UcmUcsi - ok
21:59:05.0233 0x19e4 Ucx01000 - ok
21:59:05.0249 0x19e4 UdeCx - ok
21:59:05.0249 0x19e4 udfs - ok
21:59:05.0249 0x19e4 UEFI - ok
21:59:05.0265 0x19e4 Ufx01000 - ok
21:59:05.0265 0x19e4 UfxChipidea - ok
21:59:05.0265 0x19e4 ufxsynopsys - ok
21:59:05.0280 0x19e4 UI0Detect - ok
21:59:05.0296 0x19e4 umbus - ok
21:59:05.0296 0x19e4 UmPass - ok
21:59:05.0312 0x19e4 UmRdpService - ok
21:59:05.0327 0x19e4 UnistoreSvc - ok
21:59:05.0343 0x19e4 upnphost - ok
21:59:05.0343 0x19e4 UrsChipidea - ok
21:59:05.0343 0x19e4 UrsCx01000 - ok
21:59:05.0358 0x19e4 UrsSynopsys - ok
21:59:05.0374 0x19e4 [ 75F8A310533E15D27115CDE2A881126F, 19678B5362D3FF318E5D4D4D2E8F5435C05C508737772D35EABC6E9642473566 ] usb3Hub C:\WINDOWS\System32\drivers\usb3Hub.sys
21:59:05.0390 0x19e4 usb3Hub - ok
21:59:05.0405 0x19e4 usbccgp - ok
21:59:05.0421 0x19e4 usbcir - ok
21:59:05.0437 0x19e4 usbehci - ok
21:59:05.0437 0x19e4 usbhub - ok
21:59:05.0452 0x19e4 USBHUB3 - ok
21:59:05.0452 0x19e4 usbohci - ok
21:59:05.0468 0x19e4 usbprint - ok
21:59:05.0468 0x19e4 usbser - ok
21:59:05.0468 0x19e4 USBSTOR - ok
21:59:05.0483 0x19e4 usbuhci - ok
21:59:05.0483 0x19e4 USBXHCI - ok
21:59:05.0499 0x19e4 UserDataSvc - ok
21:59:05.0499 0x19e4 UserManager - ok
21:59:05.0515 0x19e4 UsoSvc - ok
21:59:05.0515 0x19e4 VaultSvc - ok
21:59:05.0515 0x19e4 vdrvroot - ok
21:59:05.0530 0x19e4 vds - ok
21:59:05.0530 0x19e4 VerifierExt - ok
21:59:05.0530 0x19e4 vhdmp - ok
21:59:05.0546 0x19e4 vhf - ok
21:59:05.0546 0x19e4 vmbus - ok
21:59:05.0546 0x19e4 VMBusHID - ok
21:59:05.0562 0x19e4 vmgid - ok
21:59:05.0562 0x19e4 vmicguestinterface - ok
21:59:05.0562 0x19e4 vmicheartbeat - ok
21:59:05.0577 0x19e4 vmickvpexchange - ok
21:59:05.0577 0x19e4 vmicrdv - ok
21:59:05.0593 0x19e4 vmicshutdown - ok
21:59:05.0593 0x19e4 vmictimesync - ok
21:59:05.0608 0x19e4 vmicvmsession - ok
21:59:05.0608 0x19e4 vmicvss - ok
21:59:05.0624 0x19e4 volmgr - ok
21:59:05.0624 0x19e4 volmgrx - ok
21:59:05.0640 0x19e4 volsnap - ok
21:59:05.0640 0x19e4 volume - ok
21:59:05.0640 0x19e4 vpci - ok
21:59:05.0655 0x19e4 vsmraid - ok
21:59:05.0655 0x19e4 VSS - ok
21:59:05.0655 0x19e4 VSTXRAID - ok
21:59:05.0671 0x19e4 vwifibus - ok
21:59:05.0671 0x19e4 vwififlt - ok
21:59:05.0671 0x19e4 vwifimp - ok
21:59:05.0687 0x19e4 W32Time - ok
21:59:05.0687 0x19e4 w3logsvc - ok
21:59:05.0687 0x19e4 W3SVC - ok
21:59:05.0702 0x19e4 WacomPen - ok
21:59:05.0702 0x19e4 WalletService - ok
21:59:05.0702 0x19e4 wanarp - ok
21:59:05.0718 0x19e4 wanarpv6 - ok
21:59:05.0718 0x19e4 WAS - ok
21:59:05.0718 0x19e4 wbengine - ok
21:59:05.0733 0x19e4 WbioSrvc - ok
21:59:05.0733 0x19e4 wcifs - ok
21:59:05.0733 0x19e4 Wcmsvc - ok
21:59:05.0749 0x19e4 wcncsvc - ok
21:59:05.0749 0x19e4 wcnfs - ok
21:59:05.0780 0x19e4 [ C1324C0096AB72FA335A60F2212EF729, 287A546CA931491674701A1E0EC650337BCD844674FE2B97DEAA9D5DB102E43A ] WDBackup C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
21:59:05.0812 0x19e4 WDBackup - ok
21:59:05.0827 0x19e4 WdBoot - ok
21:59:05.0827 0x19e4 [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM C:\WINDOWS\System32\drivers\wdcsam64.sys
21:59:05.0843 0x19e4 WDC_SAM - ok
21:59:05.0858 0x19e4 [ A9579584C5111D9AD1DE374DA0C7D3EC, 5ED0DE615F9FF6EB0CE903D60F16502897FAB79C5B006CEF3266DD0A7E5E4E37 ] WDDriveService C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
21:59:05.0874 0x19e4 WDDriveService - ok
21:59:05.0874 0x19e4 Wdf01000 - ok
21:59:05.0890 0x19e4 WdFilter - ok
21:59:05.0890 0x19e4 WdiServiceHost - ok
21:59:05.0890 0x19e4 WdiSystemHost - ok
21:59:05.0905 0x19e4 wdiwifi - ok
21:59:05.0905 0x19e4 WdNisDrv - ok
21:59:05.0921 0x19e4 WdNisSvc - ok
21:59:05.0921 0x19e4 WebClient - ok
21:59:05.0937 0x19e4 Wecsvc - ok
21:59:05.0937 0x19e4 WEPHOSTSVC - ok
21:59:05.0937 0x19e4 wercplsupport - ok
21:59:05.0952 0x19e4 WerSvc - ok
21:59:05.0952 0x19e4 WFPLWFS - ok
21:59:05.0968 0x19e4 WiaRpc - ok
21:59:05.0968 0x19e4 WIMMount - ok
21:59:05.0968 0x19e4 WinDefend - ok
21:59:05.0983 0x19e4 WindowsTrustedRT - ok
21:59:05.0999 0x19e4 WindowsTrustedRTProxy - ok
21:59:05.0999 0x19e4 WinHttpAutoProxySvc - ok
21:59:05.0999 0x19e4 WinMad - ok
21:59:06.0015 0x19e4 Winmgmt - ok
21:59:06.0015 0x19e4 WinRM - ok
21:59:06.0030 0x19e4 WINUSB - ok
21:59:06.0030 0x19e4 WinVerbs - ok
21:59:06.0030 0x19e4 wisvc - ok
21:59:06.0046 0x19e4 WlanSvc - ok
21:59:06.0046 0x19e4 wlidsvc - ok
21:59:06.0046 0x19e4 WmiAcpi - ok
21:59:06.0062 0x19e4 wmiApSrv - ok
21:59:06.0062 0x19e4 WMPNetworkSvc - ok
21:59:06.0062 0x19e4 Wof - ok
21:59:06.0077 0x19e4 workfolderssvc - ok
21:59:06.0077 0x19e4 WPDBusEnum - ok
21:59:06.0077 0x19e4 WpdUpFltr - ok
21:59:06.0093 0x19e4 WpnService - ok
21:59:06.0093 0x19e4 WpnUserService - ok
21:59:06.0109 0x19e4 [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001 C:\WINDOWS\system32\drivers\WPRO_41_2001.sys
21:59:06.0109 0x19e4 WPRO_41_2001 - ok
21:59:06.0124 0x19e4 ws2ifsl - ok
21:59:06.0124 0x19e4 wscsvc - ok
21:59:06.0124 0x19e4 WSDPrintDevice - ok
21:59:06.0140 0x19e4 WSDScan - ok
21:59:06.0140 0x19e4 WSearch - ok
21:59:06.0155 0x19e4 [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\WINDOWS\system32\DRIVERS\wsvd.sys
21:59:06.0155 0x19e4 wsvd - ok
21:59:06.0171 0x19e4 wuauserv - ok
21:59:06.0171 0x19e4 WudfPf - ok
21:59:06.0171 0x19e4 WUDFRd - ok
21:59:06.0187 0x19e4 wudfsvc - ok
21:59:06.0187 0x19e4 WUDFWpdFs - ok
21:59:06.0187 0x19e4 WUDFWpdMtp - ok
21:59:06.0202 0x19e4 WwanSvc - ok
21:59:06.0202 0x19e4 XblAuthManager - ok
21:59:06.0202 0x19e4 XblGameSave - ok
21:59:06.0218 0x19e4 xboxgip - ok
21:59:06.0218 0x19e4 XboxNetApiSvc - ok
21:59:06.0218 0x19e4 xinputhid - ok
21:59:06.0233 0x19e4 ================ Scan global ===============================
21:59:06.0249 0x19e4 [ Global ] - ok
21:59:06.0249 0x19e4 ================ Scan MBR ==================================
21:59:06.0249 0x19e4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:59:06.0265 0x19e4 \Device\Harddisk0\DR0 - ok
21:59:06.0265 0x19e4 ================ Scan VBR ==================================
21:59:06.0265 0x19e4 [ A766BF229472CA05938B4E833FAD0EB5 ] \Device\Harddisk0\DR0\Partition1
21:59:06.0265 0x19e4 \Device\Harddisk0\DR0\Partition1 - ok
21:59:06.0265 0x19e4 [ F7878AFC1827089A47DB327AFEDF292A ] \Device\Harddisk0\DR0\Partition2
21:59:06.0265 0x19e4 \Device\Harddisk0\DR0\Partition2 - ok
21:59:06.0280 0x19e4 [ AEB711D503036FC10F489B0376F8D95F ] \Device\Harddisk0\DR0\Partition3
21:59:06.0280 0x19e4 \Device\Harddisk0\DR0\Partition3 - ok
21:59:06.0280 0x19e4 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition4
21:59:06.0280 0x19e4 \Device\Harddisk0\DR0\Partition4 - ok
21:59:06.0280 0x19e4 [ 95F5E9D723589F83D3F3D1C0F23BA072 ] \Device\Harddisk0\DR0\Partition5
21:59:06.0280 0x19e4 \Device\Harddisk0\DR0\Partition5 - ok
21:59:06.0280 0x19e4 [ A9BE15C77DAD78EAF915AF27C88338D0 ] \Device\Harddisk0\DR0\Partition6
21:59:06.0280 0x19e4 \Device\Harddisk0\DR0\Partition6 - ok
21:59:06.0280 0x19e4 [ 08050F2299B1C587400C1F22E027E8AC ] \Device\Harddisk0\DR0\Partition7
21:59:06.0280 0x19e4 \Device\Harddisk0\DR0\Partition7 - ok
21:59:06.0296 0x19e4 [ 89AC7C7FD73749D637850B725BBCAAF1 ] \Device\Harddisk0\DR0\Partition8
21:59:06.0296 0x19e4 \Device\Harddisk0\DR0\Partition8 - ok
21:59:06.0296 0x19e4 [ 451071B73B5836A964BCE74670215245 ] \Device\Harddisk0\DR0\Partition9
21:59:06.0296 0x19e4 \Device\Harddisk0\DR0\Partition9 - ok
21:59:06.0296 0x19e4 ================ Scan generic autorun ======================
21:59:06.0530 0x19e4 [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:59:06.0843 0x19e4 RtHDVCpl - ok
21:59:06.0874 0x19e4 [ 31821EC63BDEDE18E64C11F7248B32AB, 6982AE866F8EC7943FDB3E4B77B03542A2E3E07F080B8D806C4ED903DE3368CE ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
21:59:06.0921 0x19e4 RtHDVBg_Dolby - ok
21:59:06.0937 0x19e4 [ 31821EC63BDEDE18E64C11F7248B32AB, 6982AE866F8EC7943FDB3E4B77B03542A2E3E07F080B8D806C4ED903DE3368CE ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
21:59:06.0984 0x19e4 RtHDVBg_LENOVO_DOLBYDRAGON - ok
21:59:07.0015 0x19e4 [ 31821EC63BDEDE18E64C11F7248B32AB, 6982AE866F8EC7943FDB3E4B77B03542A2E3E07F080B8D806C4ED903DE3368CE ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
21:59:07.0046 0x19e4 RtHDVBg_LENOVO_MICPKEY - ok
21:59:07.0171 0x19e4 [ 8FC50E52DE82C5D9931FAF10BA53995B, B7D94D34A56A23E98507C8C5D98D003778906BAA100EEA9323529FD8658E3C94 ] C:\WINDOWS\RTFTrack.exe
21:59:07.0327 0x19e4 RtsFT - ok
21:59:07.0609 0x19e4 [ 948DD38ED5A7A047CB17F5C3D9274C15, C6B6AA1719CB30598B2B55665045598D6F2FD51A47F230F6588729DDB2F5C5D0 ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
21:59:07.0937 0x19e4 Energy Manager - ok
21:59:07.0952 0x19e4 [ 6EEC94872D8AFBC403EC93CD6ADC1C0F, BEB304BCD689D48E2EC180545AD3139E2AE8BBBAC74FB2C8520A72445778283A ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
21:59:07.0968 0x19e4 Lenovo Utility - ok
21:59:08.0015 0x19e4 [ E9D228970356F01DB68E531A0F173FB8, B23032DFEA446CF4D5E75D6CC3F049314EC9EB2D4E9BEB1883D4AC4BC2631A6B ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
21:59:08.0077 0x19e4 CanonMyPrinter - ok
21:59:08.0093 0x19e4 [ 48515EEA1608ECD83FE26C7490460F59, C7C552D13ED12B4165FDE45F69E170D4F18B746D84B3B08E7254AAF8D9671D0C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
21:59:08.0124 0x19e4 AdobeAAMUpdater-1.0 - ok
21:59:08.0124 0x19e4 SynTPEnh - ok
21:59:08.0124 0x19e4 USB Safely Remove - ok
21:59:08.0124 0x19e4 ShadowPlay - ok
21:59:08.0140 0x19e4 [ E9566B95DEF8DFE53E1BDEE3FB723BA1, F6D645138CB76F8B0DFC2B0E427A401DBA21B4ED5B0676861B988128FC8088C0 ] C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
21:59:08.0171 0x19e4 LenovoUtility - ok
21:59:08.0187 0x19e4 [ C2513AEB3F326B8811E2A37C9A7F930B, E3D9C0BB1A31367E7E3E0ED71F04068DF09F57CA293293B24D841331A1F9ADCB ] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
21:59:08.0202 0x19e4 YouCam Tray - ok
21:59:08.0202 0x19e4 [ BB73B4A6D4A9F1410563D1BA4D53E7CA, 38641DF5215C770B30FEC045D930835CF8DC72F2F6CA30A85AD08B5D6B26AD33 ] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
21:59:08.0218 0x19e4 IJNetworkScanUtility - ok
21:59:08.0218 0x19e4 [ 2199723879C9F75A709680E2935C052F, DDD5B5CC86463284D9137372CB8541D1258AC020EA811F1AD3735809F314B086 ] C:\Program Files (x86)\PDF24\pdf24.exe
21:59:08.0234 0x19e4 PDFPrint - ok
21:59:08.0249 0x19e4 [ 5033035D383051EE779349B65806D74D, B6E0A732736733F03B170EF7E33DD4941F1597BEC9A7324E52676A31117AD2DC ] C:\PROGRA~1\PTC\MKSTOO~1\bin\ncoeenv.exe
21:59:08.0249 0x19e4 NuTCSetupEnviron - ok
21:59:08.0312 0x19e4 [ 18236595E10FDB9A19117C3A1DB7F284, BCFD229FACBAB56C2475B36DC6462F5A88FB607B786C932A7973B68AE301248F ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
21:59:08.0374 0x19e4 Adobe Creative Cloud - ok
21:59:08.0437 0x19e4 [ 7F4D9442912DDFAD8F272EE4DFA7B5A1, 616D7A54ACDF6A70BE91F2A6282C526C6CBE186A410C18B0181260E715C6468A ] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe
21:59:08.0530 0x19e4 Acrobat Assistant 8.0 - ok
21:59:08.0624 0x19e4 [ 51A27200FDE64CB50C24BA53025EC344, 3D09E71953FAC133B1EFA1E103CD5B2DB4912474D19E8467EF379999206E913B ] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
21:59:08.0749 0x19e4 WD Quick View - ok
21:59:08.0796 0x19e4 [ 3614B98D721F9F9760F5A7E549281B74, 595BFD4625EF81E77B376AD6719BD783268B0B8875877EBA72773B5E3B81FFF8 ] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
21:59:08.0827 0x19e4 DBAgent - ok
21:59:08.0843 0x19e4 [ A443A7C05ABF0FCD16E89593F63B633B, 3F579132A39AEC2513CD286AB9A43534DC05F9502FD1A369126236F69EF76282 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
21:59:08.0859 0x19e4 SunJavaUpdateSched - ok
21:59:08.0874 0x19e4 [ 844AAB9272D48C99289D8C035234A4BC, DA5B21337E19F9F82F0F645AF741C89F32148B9D1AC574C72667F892BAA0561D ] C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe
21:59:08.0890 0x19e4 G Data ASM - ok
21:59:08.0921 0x19e4 OneDriveSetup - ok
21:59:08.0921 0x19e4 OneDriveSetup - ok
21:59:08.0952 0x19e4 [ 49CB055A98FDEDE685350C988D349B8B, 5AF539D8D8E88A17E9AFDC5DF2FE8F84F3E4638FF8D8C1DEBB7D44666418B33A ] C:\Users\genas_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:59:08.0999 0x19e4 OneDrive - ok
21:59:09.0077 0x19e4 [ 0AE5A2A270E6FA15175023FBCAB09C62, 6FC98E0D307E202D019EF72999AEC6104182014BF655265D0702630988EF4C81 ] C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe
21:59:09.0187 0x19e4 DAEMON Tools Lite Automount - ok
21:59:09.0218 0x19e4 [ 72BC198F29E8E32DD4BD2B32625683AB, 6BE16DBD9FE94CED59F902D135013201E8AD74516C1DA3323F0F981198AD7E76 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
21:59:09.0249 0x19e4 GarminExpressTrayApp - ok
21:59:09.0249 0x19e4 SurfEasy - ok
21:59:09.0437 0x19e4 [ 24AFAD9B4B24FD1D4BF7127A2DC78D92, 86F801B1EA39CEE3A1A1969A02D32477040982339F837AE8FAAFF68F46D78822 ] C:\Program Files\CCleaner\CCleaner64.exe
21:59:09.0655 0x19e4 CCleaner Monitoring - ok
21:59:09.0671 0x19e4 [ 20971425677FC30022125A8A820BCAF3, 32040C041378F3CA059F9A680DDB63567A2463075A18DCDC5E5FE289D115B8C3 ] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
21:59:09.0687 0x19e4 Uploader - ok
21:59:09.0734 0x19e4 [ 1B74C83AAA208FFF207540AAFD921F32, 4ECA20299E65B0250CEDB59A1A0476B08F6896B2D830A8CA0123B5B557720B99 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
21:59:09.0796 0x19e4 DAEMON Tools Lite - ok
21:59:09.0796 0x19e4 KiesPDLR.exe - ok
21:59:09.0812 0x19e4 [ 14ED0C491AAE03DFB9C471BBF36D95DE, 80599C95A022C6E341243C07A717319B5EDA2DBBFBEBB99FDC5A3C499F5C7CCC ] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe
21:59:09.0843 0x19e4 Adobe Acrobat Synchronizer - ok
21:59:09.0843 0x19e4 [ 20971425677FC30022125A8A820BCAF3, 32040C041378F3CA059F9A680DDB63567A2463075A18DCDC5E5FE289D115B8C3 ] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
21:59:09.0859 0x19e4 Uploader - ok
21:59:09.0937 0x19e4 [ 0AE5A2A270E6FA15175023FBCAB09C62, 6FC98E0D307E202D019EF72999AEC6104182014BF655265D0702630988EF4C81 ] C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe
21:59:10.0046 0x19e4 DAEMON Tools Lite Automount - ok
21:59:10.0218 0x19e4 [ 24AFAD9B4B24FD1D4BF7127A2DC78D92, 86F801B1EA39CEE3A1A1969A02D32477040982339F837AE8FAAFF68F46D78822 ] C:\Program Files\CCleaner\CCleaner64.exe
21:59:10.0405 0x19e4 CCleaner Monitoring - ok
21:59:10.0437 0x19e4 [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\Lilia\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:59:10.0640 0x19e4 OneDrive - ok
21:59:10.0640 0x19e4 OneDriveSetup - ok
21:59:10.0640 0x19e4 WAB Migrate - ok
21:59:10.0640 0x19e4 OneDriveSetup - ok
21:59:10.0640 0x19e4 Waiting for KSN requests completion. In queue: 151
21:59:11.0202 0x1c20 Object required for P2P: [ 24AFAD9B4B24FD1D4BF7127A2DC78D92 ] C:\Program Files\CCleaner\CCleaner64.exe
21:59:11.0624 0x1c20 Object send P2P result: true
21:59:11.0624 0x1c20 Object required for P2P: [ 24AFAD9B4B24FD1D4BF7127A2DC78D92 ] C:\Program Files\CCleaner\CCleaner64.exe
21:59:11.0655 0x19e4 Waiting for KSN requests completion. In queue: 6
21:59:12.0030 0x1c20 Object send P2P result: true
21:59:12.0687 0x19e4 AV detected via SS2: G DATA INTERNET SECURITY, C:\Program Files (x86)\G Data\InternetSecurity\AVK\avkwscpe.exe ( 25.1.0.0 ), 0x41000 ( enabled : updated )
21:59:12.0687 0x19e4 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x60100 ( disabled : updated )
21:59:12.0687 0x19e4 AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x61000 ( enabled : updated )
21:59:12.0687 0x19e4 FW detected via SS2: G*DATA Personal Firewall, C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe ( 22.0.0.1 ), 0x41010 ( enabled )
21:59:12.0952 0x19e4 ============================================================
21:59:12.0952 0x19e4 Scan finished
21:59:12.0952 0x19e4 ============================================================
21:59:12.0952 0x3410 Detected object count: 0
21:59:12.0952 0x3410 Actual detected object count: 0
|
|
10.09.2017, 10:15
| #7 |
| /// TB-Ausbilder | Trojaner Verdacht, Win10 64bit Servus, Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
Schritt 2
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
10.09.2017, 13:43
| #8 |
| | Trojaner Verdacht, Win10 64bit Servus, AdwCleaner Code:
ATTFilter # AdwCleaner 7.0.2.1 - Logfile created on Sun Sep 10 12:37:25 2017
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\Program Files (x86)\yuna software
Deleted: C:\Users\genas_000\AppData\Roaming\FLV and Media Player
Deleted: C:\Users\Gena_2\AppData\Roaming\FLV and Media Player
Deleted: C:\Users\genas_000\AppData\Roaming\RHEng
***** [ Files ] *****
Deleted: C:\Users\All Users\Desktop\FLV and Media Player.lnk
Deleted: C:\Users\Public\Desktop\FLV and Media Player.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV and Media Player
Deleted: [Key] - HKLM\SOFTWARE\yuna software
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Image File Execution Options%s keys deleted
::Prefetch files deleted
::Proxy settings cleared
::Firewall rules cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [1543 B] - [2017/9/10 12:36:21]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
|
|
10.09.2017, 14:01
| #9 |
| | Trojaner Verdacht, Win10 64bitCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-09-2017
durchgeführt von *************** (Administrator) auf BIGCOM (10-09-2017 14:59:36)
Gestartet von C:\Users\Gena_2\Downloads
Geladene Profile: *************** & Gena_2 (Verfügbare Profile: *************** & Gena_2 & Lilia & Gast & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(MKS Software Inc.) C:\Windows\System32\nutsrv4.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
() C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
() C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-16] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2014-02-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [101360 2014-02-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM\...\Run: [USB Safely Remove] => "C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe" /startup
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-28] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [NuTCSetupEnviron] => C:\Program Files\PTC\MKS Toolkit\bin\ncoeenv.exe [37248 2012-10-12] (MKS Software Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-07-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-07-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-05-10] (Seagate Technology LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [442856 2017-06-08] (G DATA Software AG)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4295360 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-05-18] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [SurfEasy] => C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyVPN.exe startup
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-05-10] (Seagate Technology LLC)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[C0].tx
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\MountPoints2: {50b30d4b-8405-11e6-bf7b-fcf8ae9ac78d} - "E:\run.exe"
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\MountPoints2: {cba4bbd6-565a-11e6-bf56-fcf8ae9ac78d} - "J:\HPLauncher.exe"
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2352832 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe [763416 2017-07-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-05-10] (Seagate Technology LLC)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4295360 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Polar Sync] => *:\program files\polar\polar sync\********************************************************************************************************************************************************************** (Der Dateneintrag hat 59 mehr Zeichen).
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\MountPoints2: {be3b4032-83bd-11e6-bf7a-fcf8ae9ac78d} - "I:\start-win.exe"
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-05-18] (Garmin Ltd. or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2014-02-11]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Motion Control.lnk [2014-02-11]
ShortcutTarget: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe ()
Startup: C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZenMate.bat [2017-08-13] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2be6f6e2-00a5-4ce8-95ef-87a8efc7ebb5}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3a45b7cf-7020-4447-8c63-994d33d62839}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=625119&clcid=0x419
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=625119&clcid=0x419
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U280DF&PC=U280&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> {26B3CAA3-DAC0-4C35-B5A8-06D7ABF7F9C4} URL =
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> {26B3CAA3-DAC0-4C35-B5A8-06D7ABF7F9C4} URL =
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-19] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-19] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-12-15] (DVDVideoSoft Ltd.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-07-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle Corporation)
BHO-x32: IE 4.x-6.x BHO for Download Master -> {9961627E-4059-41B4-8E0E-A7D6B3854ADF} -> C:\Program Files (x86)\Download Master\dmiehlp.dll [2014-12-29] (WestByte)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-07-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2016-01-19] (DVDVideoSoft Ltd.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-04-05] (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\genas_000\AppData\Roaming\Mozilla\Firefox\Profiles\30yofb6a.default-1460833065739 [2017-09-06]
FF Extension: (SaveFrom.net helper) - C:\Users\genas_000\AppData\Roaming\Mozilla\Firefox\Profiles\30yofb6a.default-1460833065739\Extensions\helper-sig@savefrom.net.xpi [2017-07-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-08-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-27] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-07-13] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-27] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\CanonBJ\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-04] (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-07-19] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-08-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-07-13] (Adobe Systems)
FF Plugin-x32: Sony Corporation/PMCADownloader -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\npPMCADownloader.dll [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderHelper -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\PMCADownloaderHelper.exe [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderLib -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\PMCADownloaderLib.dll [2012-10-17] (Sony Network Entertainment International LLC)
Chrome:
=======
CHR HomePage: Default -> bing.com/?pc=__PARAM__
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default [2017-09-10]
CHR Extension: (Google Präsentationen) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-12]
CHR Extension: (Google Docs) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-12]
CHR Extension: (Google Drive) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-12]
CHR Extension: (YouTube) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-12]
CHR Extension: (Adobe Acrobat) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-12]
CHR Extension: (Google Tabellen) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-12]
CHR Extension: (Google Docs Offline) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-12]
CHR Extension: (Skype) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-01-12]
CHR Extension: (Bing) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfedoihopcjdfjihhhojdclnfdgomdho [2017-01-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-12]
CHR Extension: (PlayMemories Camera Apps Downloader) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlghnkgcadghcdodlcjfhogekonhdei [2017-01-12]
CHR Extension: (Google Mail) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-12]
CHR Extension: (Chrome Media Router) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-12]
CHR HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-07-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-07-13] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [5017224 2017-06-23] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [3328112 2017-06-08] (G Data Software AG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3705536 2017-07-03] (Microsoft Corporation)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [432528 2013-04-17] (Nuance Communications, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [437224 2016-10-27] (Digital Wave Ltd.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2017-07-06] () [Datei ist nicht signiert]
S3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1458368 2016-06-09] (Disc Soft Ltd)
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1093136 2017-05-18] (Garmin Ltd. or its subsidiaries)
S3 GDBackupSvc; C:\Program Files (x86)\G Data\InternetSecurity\AVKBackup\AVKBackupService.exe [3997160 2017-06-23] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3419552 2017-06-08] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [884328 2017-06-08] (G DATA Software AG)
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] ()
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-06-05] (Lenovo Group Limited)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-09] (Intel Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-08-16] () [Datei ist nicht signiert]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NuTCRACKERService; C:\WINDOWS\system32\nutsrv4.exe [574776 2012-10-12] (MKS Software Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16120 2017-05-10] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143560 2017-05-10] (Seagate Technology LLC)
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [35272 2016-05-04] (SHAREit Technologies Co.Ltd)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 SurfEasyVPN; C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe [1663368 2017-03-14] ()
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-06-09] ()
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-08-01] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 dcrypt; C:\WINDOWS\System32\drivers\dcrypt.sys [210632 2014-07-09] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-09-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-09-26] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] ()
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [109568 2013-01-25] (Huawei Technologies Co., Ltd.)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [200728 2017-08-13] (G Data Software AG)
R3 gddcd; C:\WINDOWS\System32\drivers\gddcd64.sys [79872 2015-03-23] (G Data Software AG)
R1 gddcv; C:\WINDOWS\System32\drivers\gddcv64.sys [59904 2015-03-23] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2017-02-20] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [46104 2017-08-13] (G Data Software AG)
R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [38984 2017-08-13] (G DATA Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [309784 2017-08-13] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [162328 2017-08-13] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [86584 2017-08-13] (G DATA Software AG)
S3 GRD; C:\WINDOWS\system32\drivers\GRD.sys [125640 2017-09-10] (G Data Software)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [157720 2017-08-13] (G Data Software AG)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [121728 2013-12-10] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\system32\DRIVERS\ew_wwanecm.sys [376704 2013-12-10] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-09-08] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-10] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-10] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-10] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.)
S3 MosIrUsb; C:\WINDOWS\System32\drivers\MosIrUsb.sys [27648 2007-10-11] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3776792 2015-06-22] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_e512e33140587627\nvlddmkm.sys [14841784 2017-04-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-05-03] (NVIDIA Corporation)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [759552 2015-09-21] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-16] (Realtek Semiconductor Corp.)
S3 SD11CL64; C:\WINDOWS\system32\DRIVERS\SD11CL64.sys [96512 2011-01-24] (SCM Microsystems Inc.)
S3 SDI01164; C:\WINDOWS\system32\DRIVERS\SDI01164.SYS [75904 2011-01-24] (SCM Microsystems Inc.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2017-03-21] (Anchorfree Inc.)
R0 TS4NT; C:\WINDOWS\System32\Drivers\TS4nt.sys [98760 2015-03-23] (G Data Software)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-09-10] ()
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
U3 dmwappushsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-10 14:58 - 2017-09-10 14:58 - 002396160 _____ (Farbar) C:\Users\Gena_2\Downloads\FRST64.exe
2017-09-10 14:58 - 2017-09-10 14:58 - 000000000 ____D C:\Users\Gena_2\Downloads\FRST-OlderVersion
2017-09-10 14:55 - 2017-09-10 14:55 - 000001436 _____ C:\Users\Gena_2\Desktop\mbam.txt
2017-09-10 14:51 - 2017-09-10 14:51 - 000000022 _____ C:\WINDOWS\S.dirmngr
2017-09-10 14:49 - 2017-09-10 14:49 - 000001436 _____ C:\Users\Gena_2\Desktop\mb.txt
2017-09-10 14:32 - 2017-09-10 14:37 - 000000000 ____D C:\AdwCleaner
2017-09-10 14:29 - 2017-09-10 14:32 - 008182736 _____ (Malwarebytes) C:\Users\Gena_2\Desktop\adwcleaner_7.0.2.1.exe
2017-09-09 23:01 - 2017-09-09 23:04 - 390343134 _____ C:\Users\Gena_2\Downloads\2012_[www.youryoga.org].AVI
2017-09-09 22:53 - 2017-09-09 22:59 - 829020160 _____ C:\Users\Gena_2\Downloads\4-vid_[www.youryoga.org].avi
2017-09-09 21:57 - 2017-09-09 22:03 - 000130884 _____ C:\TDSSKiller.3.1.0.15_09.09.2017_21.57.24_log.txt
2017-09-09 21:54 - 2017-09-09 21:57 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Gena_2\Downloads\tdsskiller.exe
2017-09-09 21:45 - 2017-09-10 14:59 - 000041036 _____ C:\Users\Gena_2\Downloads\FRST.txt
2017-09-09 21:45 - 2017-09-09 21:51 - 000080254 _____ C:\Users\Gena_2\Downloads\Addition.txt
2017-09-08 23:26 - 2017-09-08 23:26 - 000000000 ____D C:\Users\Gena_2\Desktop\txt
2017-09-08 22:11 - 2017-09-08 22:11 - 000001456 _____ C:\Users\Gena_2\Desktop\Start Tor Browser.lnk
2017-09-08 21:56 - 2017-09-10 14:51 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-08 21:56 - 2017-09-10 14:51 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-08 21:56 - 2017-09-10 14:51 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-08 21:56 - 2017-09-10 14:51 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-08 21:56 - 2017-09-08 21:56 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-08 21:56 - 2017-09-08 21:56 - 000001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-08 21:56 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-08 21:55 - 2017-09-08 21:55 - 066347240 _____ (Malwarebytes ) C:\Users\Gena_2\Downloads\mb3-setup-consumer-3.2.2.2018.exe
2017-09-08 21:33 - 2017-09-08 21:47 - 000079617 _____ C:\Users\genas_000\Downloads\Addition.txt
2017-09-08 21:32 - 2017-09-10 14:59 - 000000000 ____D C:\FRST
2017-09-08 21:32 - 2017-09-08 21:45 - 000100731 _____ C:\Users\genas_000\Downloads\FRST.txt
2017-09-08 21:29 - 2017-09-08 21:32 - 002395648 _____ (Farbar) C:\Users\genas_000\Downloads\FRST64.exe
2017-09-08 21:20 - 2017-09-08 21:20 - 007178424 _____ (VS Revo Group ) C:\Users\genas_000\Downloads\revosetup_v2.0.3.exe
2017-09-08 21:05 - 2017-09-08 21:05 - 000000970 _____ C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-09-08 21:05 - 2017-09-08 21:05 - 000000922 _____ C:\Users\genas_000\Desktop\Start Tor Browser.lnk
2017-09-08 21:04 - 2017-09-08 21:05 - 000000000 ____D C:\Users\genas_000\Desktop\Tor Browser
2017-09-08 19:04 - 2017-09-10 14:51 - 000094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-09-08 15:57 - 2017-09-08 15:57 - 000007290 _____ C:\Users\Gena_2\AppData\Local\recently-used.xbel
2017-09-08 15:57 - 2017-09-08 15:57 - 000000037 _____ C:\Users\Gena_2\.gtk-bookmarks
2017-09-07 19:59 - 2017-09-10 14:53 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2017-09-06 16:22 - 2017-09-06 20:25 - 001314861 _____ () C:\hoe.dll
2017-09-06 16:01 - 2017-09-06 16:01 - 000002447 _____ C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-04 20:54 - 2017-09-04 20:54 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign24b0aab944a0f2f8
2017-09-04 20:53 - 2017-09-04 20:53 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign7e4b5e0ba9a3c64c
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignfed5aacc0dc13da6
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign41a2d2e3a16ca90a
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign0ce8cd98bb0e703f
2017-09-03 19:24 - 2017-09-03 19:24 - 000184837 _____ C:\Users\Gena_2\Documents\Paracelsus-Versand.pdf
2017-09-02 23:31 - 2017-09-02 23:31 - 001781226 _____ C:\Users\Gena_2\Documents\Ahnenblatt-Handbuch.pdf
2017-09-02 20:38 - 2017-09-06 21:16 - 000000000 ____D C:\Users\Gena_2\Documents\Ahnenblatt
2017-09-02 20:38 - 2017-09-06 19:22 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 20:38 - 000000000 ____D C:\Users\genas_000\AppData\Roaming\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000001175 _____ C:\Users\Public\Desktop\Ahnenblatt.lnk
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\Users\genas_000\Documents\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\Program Files (x86)\Ahnenblatt
2017-09-02 16:59 - 2017-09-02 16:59 - 007164912 _____ (Dirk Böttcher ) C:\Users\Gena_2\Downloads\absetup.exe
2017-08-24 18:54 - 2017-08-24 18:54 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2017-08-24 18:54 - 2017-08-24 18:54 - 000002220 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2017-08-22 21:09 - 2017-09-10 14:51 - 000034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-08-19 13:15 - 2017-08-19 13:15 - 000000000 ____D C:\Users\genas_000\AppData\Local\keepassx
2017-08-19 13:14 - 2017-08-19 13:14 - 000000000 ____D C:\Users\Gena_2\Downloads\KeePassX-2.0.3
2017-08-19 13:12 - 2017-08-19 13:12 - 000000801 _____ C:\Users\Gena_2\Downloads\KeePassX-2.0.3.zip.sig
2017-08-19 11:38 - 2017-08-24 21:06 - 000000000 ____D C:\Users\Gena_2\Downloads\windows
2017-08-14 18:28 - 2017-08-14 18:28 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign1b4a29de636be42f
2017-08-14 18:23 - 2017-08-14 18:23 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignc0bab0ec0cf11e06
2017-08-14 18:17 - 2017-08-14 18:17 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign991be756ff36d9ed
2017-08-14 18:16 - 2017-08-14 18:16 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignad11cc61bf043d49
2017-08-14 18:16 - 2017-08-14 18:16 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsigna9351cf5d5af130d
2017-08-14 18:15 - 2017-08-14 18:15 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign880927f307097e96
2017-08-14 18:15 - 2017-08-14 18:15 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign68131fe99be3bf8d
2017-08-13 12:46 - 2017-08-13 12:46 - 001781359 _____ (pendrivelinux.com) C:\Users\Gena_2\Downloads\Universal-USB-Installer.exe
2017-08-13 12:17 - 2017-09-10 14:46 - 000125640 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2017-08-13 12:17 - 2017-08-13 12:17 - 000037544 _____ (G DATA Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000086584 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000046104 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBB64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000038984 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000002102 _____ C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2017-08-13 10:45 - 2017-08-13 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2017-08-13 10:43 - 2017-08-13 10:43 - 000309784 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000200728 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000162328 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000157720 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2017-08-13 10:35 - 2017-08-13 10:36 - 014890128 _____ (G DATA Software AG) C:\Users\Gena_2\Downloads\GDATA_INTERNETSECURITY_WEB_WEU.exe
2017-08-13 00:19 - 2017-08-13 00:19 - 001781359 _____ (pendrivelinux.com) C:\Users\genas_000\Downloads\Universal-USB-Installer.exe
2017-08-13 00:16 - 2017-08-13 00:16 - 000506984 _____ C:\Users\Gena_2\Documents\GDataSettings.gds
2017-08-12 23:22 - 2017-08-12 23:22 - 000459593 _____ C:\Users\Gena_2\Downloads\tails-signing.key
2017-08-12 22:30 - 2017-09-08 21:55 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\gnupg
2017-08-12 22:30 - 2017-08-12 22:33 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\.kde
2017-08-12 22:30 - 2017-08-12 22:30 - 000002063 _____ C:\Users\Public\Desktop\Kleopatra.lnk
2017-08-12 22:30 - 2017-08-12 22:30 - 000001203 _____ C:\Users\Public\Desktop\GPA.lnk
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\Users\Public\Desktop\Документация Gpg4win
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\Users\Gena_2\AppData\Local\GNU
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gpg4win
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\Users\genas_000\AppData\Roaming\gnupg
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\ProgramData\GNU
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\Program Files (x86)\GNU
2017-08-12 21:20 - 2017-08-12 21:20 - 054531880 _____ C:\Users\Gena_2\Downloads\torbrowser-install-7.0.4_ru.exe
2017-08-12 20:47 - 2017-08-12 20:47 - 018239617 _____ C:\Users\Gena_2\Downloads\i2pinstall_0.9.31_windows.exe
2017-08-12 20:07 - 2017-08-12 20:07 - 018583016 _____ (freenetproject.org ) C:\Users\Gena_2\Downloads\FreenetInstaller-1478.exe
2017-08-12 18:22 - 2017-08-12 18:22 - 033954414 _____ C:\Users\Gena_2\Downloads\Bitmessage_x64_0.6.2.exe
2017-08-12 18:12 - 2017-08-12 18:12 - 001468831 _____ C:\Users\Gena_2\Downloads\dcrypt_1.1.846.118_src.zip
2017-08-12 18:12 - 2017-08-12 18:12 - 001001880 _____ (hxxp://diskcryptor.net/ ) C:\Users\Gena_2\Downloads\dcrypt_setup.exe
2017-08-12 18:12 - 2017-08-12 18:12 - 000000836 _____ C:\Users\genas_000\Desktop\DiskCryptor.lnk
2017-08-12 18:12 - 2017-08-12 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCryptor
2017-08-12 18:12 - 2017-08-12 18:12 - 000000000 ____D C:\Program Files\dcrypt
2017-08-12 18:12 - 2014-07-09 10:42 - 000210632 _____ C:\WINDOWS\system32\Drivers\dcrypt.sys
2017-08-12 16:57 - 2017-08-13 01:11 - 000000000 ____D C:\Users\Gena_2\AppData\Local\ZenMate
2017-08-12 16:57 - 2017-08-13 00:53 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZenGuard GmbH
2017-08-12 16:57 - 2017-08-12 16:57 - 000000000 ____D C:\Users\Gena_2\AppData\Local\SquirrelTemp
2017-08-12 16:57 - 2017-08-12 16:57 - 000000000 ____D C:\Users\Gena_2\AppData\Local\IsolatedStorage
2017-08-12 16:47 - 2017-08-12 16:47 - 014932432 _____ (AnchorFree Inc.) C:\Users\Gena_2\Downloads\HotspotShield-6.9.2-9040555.exe
2017-08-12 15:25 - 2017-08-12 15:25 - 083516376 _____ (GitHub, Inc.) C:\Users\Gena_2\Downloads\GitHubDesktopSetup.exe
2017-08-12 14:34 - 2017-08-12 14:34 - 023584794 _____ (Tox) C:\Users\Gena_2\Downloads\setup-qtox64-1.11.0.exe
2017-08-11 23:06 - 2017-08-11 23:06 - 006492712 _____ C:\Users\Gena_2\Downloads\BleachBit-1.12-setup.exe
2017-08-11 21:34 - 2017-08-19 13:12 - 007941944 _____ C:\Users\Gena_2\Downloads\KeePassX-2.0.3.zip
2017-08-11 19:39 - 2017-08-12 18:09 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_setup.exe.asc
2017-08-11 19:39 - 2017-08-11 19:39 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_winpe.zip.asc
2017-08-11 19:39 - 2017-08-11 19:39 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_1.1.846.118_src.zip.asc
2017-08-11 19:09 - 2017-08-01 21:21 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-11 19:09 - 2017-08-01 21:20 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-08-11 19:09 - 2017-08-01 20:32 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-11 19:09 - 2017-08-01 20:27 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-08-11 19:09 - 2017-08-01 20:27 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-08-11 19:09 - 2017-08-01 19:20 - 002264344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-11 19:09 - 2017-08-01 19:20 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-08-11 19:09 - 2017-08-01 19:20 - 000781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-11 19:09 - 2017-08-01 19:20 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000577976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000339896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000266080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-11 19:09 - 2017-08-01 19:19 - 000120416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-11 19:09 - 2017-08-01 19:18 - 000139104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-11 19:09 - 2017-08-01 19:16 - 006665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-11 19:09 - 2017-08-01 19:16 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-08-11 19:09 - 2017-08-01 19:16 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-08-11 19:09 - 2017-08-01 19:10 - 000306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-08-11 19:09 - 2017-08-01 19:07 - 005686784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-11 19:09 - 2017-08-01 18:59 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-11 19:09 - 2017-08-01 18:58 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-08-11 19:09 - 2017-08-01 18:56 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-08-11 19:09 - 2017-08-01 18:56 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-08-11 19:09 - 2017-08-01 18:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-11 19:09 - 2017-08-01 18:54 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-08-11 19:09 - 2017-08-01 18:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-08-11 19:09 - 2017-08-01 18:54 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-11 19:09 - 2017-08-01 18:53 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-08-11 19:09 - 2017-08-01 18:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2017-08-11 19:09 - 2017-08-01 18:52 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-11 19:09 - 2017-08-01 18:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-11 19:09 - 2017-08-01 18:50 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-08-11 19:09 - 2017-08-01 18:49 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-11 19:09 - 2017-08-01 18:48 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-08-11 19:09 - 2017-08-01 18:48 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-08-11 19:09 - 2017-08-01 18:45 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-08-11 19:09 - 2017-08-01 18:45 - 001985536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certmgr.dll
2017-08-11 19:09 - 2017-08-01 18:41 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-08-11 19:09 - 2017-08-01 18:39 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-11 19:09 - 2017-08-01 18:39 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-11 19:09 - 2017-08-01 18:38 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-08-11 19:09 - 2017-08-01 18:37 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comuid.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-08-11 19:09 - 2017-08-01 18:36 - 007468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-08-11 19:09 - 2017-08-01 18:35 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-08-11 19:09 - 2017-08-01 18:33 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-08-11 19:09 - 2017-08-01 18:32 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-08-11 19:09 - 2017-08-01 18:32 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-08-11 19:09 - 2017-08-01 18:31 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 002997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-11 19:09 - 2017-08-01 18:30 - 002482688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-08-11 19:09 - 2017-08-01 18:29 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-08-11 19:09 - 2017-08-01 18:28 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-11 19:09 - 2017-07-12 08:17 - 000081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-08-11 19:09 - 2017-07-12 08:15 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-08-11 19:09 - 2017-07-12 08:12 - 001573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-08-11 19:09 - 2017-07-12 08:01 - 000715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-08-11 19:09 - 2017-07-12 08:00 - 000095584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2017-08-11 19:09 - 2017-07-12 07:56 - 000277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-11 19:09 - 2017-07-12 07:55 - 000607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-08-11 19:09 - 2017-07-12 07:55 - 000111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-08-11 19:09 - 2017-07-12 07:52 - 004312760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-08-11 19:09 - 2017-07-12 07:35 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dabapi.dll
2017-08-11 19:09 - 2017-07-12 07:32 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2017-08-11 19:09 - 2017-07-12 07:32 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\frprov.dll
2017-08-11 19:09 - 2017-07-12 07:31 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-11 19:09 - 2017-07-12 07:31 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2017-08-11 19:09 - 2017-07-12 07:30 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2017-08-11 19:09 - 2017-07-12 07:29 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-08-11 19:09 - 2017-07-12 07:29 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\httpapi.dll
2017-08-11 19:09 - 2017-07-12 07:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-08-11 19:09 - 2017-07-12 07:24 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys
2017-08-11 19:09 - 2017-07-12 07:23 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-11 19:09 - 2017-07-12 07:23 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-08-11 19:09 - 2017-07-12 07:21 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-11 19:09 - 2017-07-12 07:21 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2017-08-11 19:09 - 2017-07-12 07:19 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-08-11 19:09 - 2017-07-12 07:18 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-08-11 19:09 - 2017-07-12 07:15 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-11 19:09 - 2017-07-12 07:15 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsium.dll
2017-08-11 19:09 - 2017-07-12 07:14 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-11 19:09 - 2017-07-12 07:13 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-11 19:09 - 2017-07-12 07:12 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-08-11 19:09 - 2017-07-12 07:11 - 002154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-08-11 19:09 - 2017-07-12 07:10 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-11 19:09 - 2017-07-12 07:10 - 000546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-08-11 19:09 - 2017-07-12 07:09 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-08-11 19:09 - 2017-07-12 07:07 - 001572352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-08-11 19:09 - 2017-07-12 07:05 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-11 19:09 - 2017-07-12 04:49 - 000448629 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-08-11 19:09 - 2017-03-04 08:05 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-08-11 19:08 - 2017-08-01 21:32 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-08-11 19:08 - 2017-08-01 21:31 - 007780192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-11 19:08 - 2017-08-01 21:29 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-11 19:08 - 2017-08-01 21:27 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-11 19:08 - 2017-08-01 21:25 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-08-11 19:08 - 2017-08-01 21:22 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-08-11 19:08 - 2017-08-01 21:22 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 002759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-11 19:08 - 2017-08-01 21:21 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-08-11 19:08 - 2017-08-01 21:21 - 000295264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-08-11 19:08 - 2017-08-01 21:21 - 000124072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 000026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-08-11 19:08 - 2017-08-01 21:20 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000684344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000383776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000144736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-11 19:08 - 2017-08-01 21:20 - 000079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-11 19:08 - 2017-08-01 21:18 - 008169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 004260064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 022220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-08-11 19:08 - 2017-08-01 21:13 - 002532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-11 19:08 - 2017-08-01 21:13 - 001102176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-08-11 19:08 - 2017-08-01 21:13 - 000387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-11 19:08 - 2017-08-01 21:01 - 007218176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-11 19:08 - 2017-08-01 20:57 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-08-11 19:08 - 2017-08-01 20:54 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-11 19:08 - 2017-08-01 20:53 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 022569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-11 19:08 - 2017-08-01 20:51 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-11 19:08 - 2017-08-01 20:50 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-11 19:08 - 2017-08-01 20:48 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-08-11 19:08 - 2017-08-01 20:48 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-08-11 19:08 - 2017-08-01 20:48 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-11 19:08 - 2017-08-01 20:47 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-08-11 19:08 - 2017-08-01 20:46 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-11 19:08 - 2017-08-01 20:46 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-11 19:08 - 2017-08-01 20:45 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-11 19:08 - 2017-08-01 20:44 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-11 19:08 - 2017-08-01 20:44 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-11 19:08 - 2017-08-01 20:42 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-11 19:08 - 2017-08-01 20:42 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-11 19:08 - 2017-08-01 20:41 - 002222080 _____ (Microsoft Corporation) C:\WINDOWS\system32\certmgr.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 001281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-11 19:08 - 2017-08-01 20:38 - 013441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-08-11 19:08 - 2017-08-01 20:38 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-08-11 19:08 - 2017-08-01 20:37 - 013091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-11 19:08 - 2017-08-01 20:36 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-11 19:08 - 2017-08-01 20:36 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-08-11 19:08 - 2017-08-01 20:35 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-11 19:08 - 2017-08-01 20:34 - 001837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-08-11 19:08 - 2017-08-01 20:32 - 008114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-11 19:08 - 2017-08-01 20:32 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-08-11 19:08 - 2017-08-01 20:32 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 004743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-11 19:08 - 2017-08-01 20:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-08-11 19:08 - 2017-08-01 20:28 - 001490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 008076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-08-11 19:08 - 2017-08-01 20:26 - 001513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-11 19:08 - 2017-08-01 20:26 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-08-11 19:08 - 2017-08-01 20:25 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-08-11 19:08 - 2017-08-01 20:24 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-08-11 19:08 - 2017-08-01 20:23 - 003615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-11 19:08 - 2017-08-01 20:23 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-08-11 19:08 - 2017-08-01 18:51 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-11 19:08 - 2017-08-01 18:47 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-08-11 19:08 - 2017-08-01 18:47 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-11 19:08 - 2017-08-01 18:42 - 018364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-11 19:08 - 2017-08-01 18:40 - 019415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-11 19:08 - 2017-08-01 18:40 - 012187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-11 19:08 - 2017-08-01 18:37 - 012349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-08-11 19:08 - 2017-08-01 18:33 - 006031872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-11 19:08 - 2017-08-01 18:31 - 003664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-11 19:08 - 2017-07-12 08:16 - 000646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-08-11 19:08 - 2017-07-12 08:15 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-11 19:08 - 2017-07-12 08:15 - 000101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll
2017-08-11 19:08 - 2017-07-12 08:14 - 001886896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-08-11 19:08 - 2017-07-12 08:13 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-11 19:08 - 2017-07-12 08:12 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-11 19:08 - 2017-07-12 08:09 - 001181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-08-11 19:08 - 2017-07-12 08:02 - 002186592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-11 19:08 - 2017-07-12 08:02 - 000402776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-08-11 19:08 - 2017-07-12 08:01 - 000156000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2017-08-11 19:08 - 2017-07-12 08:00 - 000223072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-08-11 19:08 - 2017-07-12 08:00 - 000160608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2017-08-11 19:08 - 2017-07-12 07:59 - 001100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-08-11 19:08 - 2017-07-12 07:59 - 000989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-08-11 19:08 - 2017-07-12 07:59 - 000947040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-08-11 19:08 - 2017-07-12 07:59 - 000857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-08-11 19:08 - 2017-07-12 07:59 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-08-11 19:08 - 2017-07-12 07:55 - 004674872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-08-11 19:08 - 2017-07-12 07:25 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2017-08-11 19:08 - 2017-07-12 07:24 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2017-08-11 19:08 - 2017-07-12 07:24 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dabapi.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-08-11 19:08 - 2017-07-12 07:23 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-08-11 19:08 - 2017-07-12 07:23 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\frprov.dll
2017-08-11 19:08 - 2017-07-12 07:22 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2017-08-11 19:08 - 2017-07-12 07:20 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpapi.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-11 19:08 - 2017-07-12 07:17 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-08-11 19:08 - 2017-07-12 07:17 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-08-11 19:08 - 2017-07-12 07:16 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-08-11 19:08 - 2017-07-12 07:16 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-11 19:08 - 2017-07-12 07:15 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-08-11 19:08 - 2017-07-12 07:13 - 001478656 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-11 19:08 - 2017-07-12 07:12 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-11 19:08 - 2017-07-12 07:12 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-08-11 19:08 - 2017-07-12 07:12 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsium.dll
2017-08-11 19:08 - 2017-07-12 07:11 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-11 19:08 - 2017-07-12 07:10 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-11 19:08 - 2017-07-12 07:09 - 003291136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-08-11 19:08 - 2017-07-12 07:08 - 002861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-08-11 19:08 - 2017-07-12 07:07 - 000954880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-11 19:08 - 2017-07-12 07:07 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-08-11 19:08 - 2017-07-12 07:03 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-11 19:08 - 2017-07-12 07:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-11 19:08 - 2017-07-12 07:02 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-11 19:08 - 2017-07-12 07:01 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-11 19:08 - 2017-07-12 07:01 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-08-11 19:08 - 2017-07-12 07:00 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-08-11 19:08 - 2017-07-12 06:59 - 006664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-08-11 19:08 - 2017-07-12 06:59 - 002318336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-11 19:08 - 2017-07-12 06:59 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 001130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-11 19:08 - 2017-07-12 06:57 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-11 19:08 - 2017-07-12 06:56 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-08-11 19:08 - 2017-03-04 08:57 - 000372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-08-11 19:08 - 2017-03-04 08:16 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-08-11 19:08 - 2017-03-04 08:14 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-08-11 19:08 - 2017-03-04 08:07 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-08-11 19:08 - 2017-03-04 08:05 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-08-11 19:08 - 2016-08-02 10:13 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-11 19:01 - 2016-09-07 07:24 - 000057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-08-11 18:50 - 2017-09-08 21:04 - 054567688 _____ C:\Users\Gena_2\Downloads\torbrowser-install-7.0.4_de.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-10 14:58 - 2016-11-16 19:56 - 000273195 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-09-10 14:58 - 2016-07-17 00:51 - 001590344 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-10 14:58 - 2016-07-17 00:51 - 001097880 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-10 14:58 - 2015-08-07 21:06 - 005868644 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-10 14:55 - 2016-09-17 14:50 - 000000000 ____D C:\Users\Gena_2\Documents\Outlook-Dateien
2017-09-10 14:55 - 2016-09-13 21:35 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-10 14:55 - 2014-07-22 18:47 - 000000000 ____D C:\Users\genas_000\Documents\Outlook-Dateien
2017-09-10 14:53 - 2016-09-13 21:34 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-09-10 14:53 - 2016-05-27 13:54 - 000000000 ___RD C:\Users\Gena_2\Creative Cloud Files
2017-09-10 14:53 - 2014-07-23 21:46 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Adobe
2017-09-10 14:53 - 2014-07-23 17:42 - 000000000 __SHD C:\Users\Gena_2\IntelGraphicsProfiles
2017-09-10 14:51 - 2016-09-13 21:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-10 14:50 - 2016-07-16 08:04 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2017-09-10 14:44 - 2016-07-16 08:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-09-09 23:54 - 2016-09-13 21:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-08 15:57 - 2016-09-13 21:36 - 000000000 ____D C:\Users\Gena_2
2017-09-08 15:57 - 2015-03-07 17:49 - 000000000 ____D C:\Users\Gena_2\AppData\Local\gtk-2.0
2017-09-06 19:51 - 2016-12-20 23:21 - 000000000 ____D C:\Users\genas_000\AppData\LocalLow\Mozilla
2017-09-06 16:06 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-06 16:01 - 2017-07-23 12:18 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4288807228-2172792055-1580508024-1002
2017-09-06 16:01 - 2014-07-23 17:23 - 000000000 __RDO C:\Users\genas_000\OneDrive
2017-09-06 15:59 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-06 15:54 - 2014-07-23 17:58 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\DAEMON Tools Lite
2017-09-06 15:50 - 2017-05-24 21:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-04 21:02 - 2016-09-25 23:00 - 000332800 ___SH C:\Users\Gena_2\Desktop\Thumbs.db
2017-09-01 23:29 - 2014-07-23 21:11 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-09-01 21:51 - 2014-07-22 16:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-01 21:43 - 2016-11-24 19:07 - 000000000 ____D C:\Users\Gena_2\AppData\LocalLow\Mozilla
2017-08-29 15:45 - 2015-12-03 11:46 - 000002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-29 15:45 - 2015-12-03 11:46 - 000002223 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-27 14:07 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-27 14:07 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-27 14:06 - 2014-08-24 11:17 - 000000000 ____D C:\Users\genas_000\AppData\Local\Adobe
2017-08-24 21:11 - 2014-07-22 13:17 - 000000000 ____D C:\Users\genas_000\AppData\Local\Packages
2017-08-24 18:54 - 2015-03-07 17:33 - 000000000 ____D C:\Program Files (x86)\Google
2017-08-23 17:40 - 2014-07-23 17:42 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Packages
2017-08-19 11:57 - 2016-04-09 13:41 - 000000000 ____D C:\Users\Gena_2\AppData\Local\CrashDumps
2017-08-15 21:10 - 2017-05-21 16:23 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Garmin
2017-08-13 10:48 - 2014-08-07 17:32 - 000000000 ____D C:\ProgramData\G Data
2017-08-13 10:42 - 2016-07-16 13:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-08-13 10:42 - 2014-08-07 17:33 - 000000000 ____D C:\Program Files (x86)\G Data
2017-08-13 00:24 - 2016-09-13 21:36 - 000000000 ____D C:\Users\genas_000
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2017-08-13 00:17 - 2014-04-30 17:43 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-12 23:54 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF
2017-08-12 15:55 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\rescache
2017-08-12 11:16 - 2016-11-06 19:08 - 000000000 ____D C:\Users\Lilia
2017-08-12 11:16 - 2016-09-13 21:36 - 000000000 ____D C:\Users\Gast
2017-08-12 11:15 - 2016-09-13 21:33 - 000341032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ___RD C:\Program Files\Windows Defender
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\Provisioning
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\bcastdvr
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-08-11 19:18 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-07-22 13:18 - 2014-07-23 16:52 - 000005244 _____ () C:\Users\genas_000\AppData\Roaming\AbsoluteReminder.xml
2014-08-07 17:33 - 2014-08-07 17:33 - 000000000 _____ () C:\Users\genas_000\AppData\Roaming\gdfw.log
2014-08-07 17:33 - 2017-08-13 10:43 - 000001558 _____ () C:\Users\genas_000\AppData\Roaming\gdscan.log
2006-12-11 19:13 - 2006-12-11 19:13 - 000097336 _____ (Un4seen Developments) C:\Users\genas_000\AppData\Local\bass.dll
2006-12-11 19:13 - 2006-12-11 19:13 - 000013872 _____ (Un4seen Developments) C:\Users\genas_000\AppData\Local\basscd.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 000102912 _____ (Albert L Faber) C:\Users\genas_000\AppData\Local\CDRip.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 000155136 _____ () C:\Users\genas_000\AppData\Local\lame_enc.dll
2007-01-18 21:09 - 2007-01-18 21:09 - 000623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\genas_000\AppData\Local\No23 Recorder.exe
2005-08-23 22:34 - 2005-08-23 22:34 - 000029184 _____ () C:\Users\genas_000\AppData\Local\no23xwrapper.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 000015872 _____ () C:\Users\genas_000\AppData\Local\ogg.dll
2014-10-08 15:02 - 2014-10-08 19:51 - 000001451 _____ () C:\Users\genas_000\AppData\Local\RecConfig.xml
2014-08-09 18:40 - 2016-09-17 16:47 - 000007598 _____ () C:\Users\genas_000\AppData\Local\Resmon.ResmonCfg
2006-10-26 01:06 - 2006-10-26 01:06 - 000143872 _____ () C:\Users\genas_000\AppData\Local\vorbis.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 000064000 _____ () C:\Users\genas_000\AppData\Local\vorbisenc.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 000019456 _____ () C:\Users\genas_000\AppData\Local\vorbisfile.dll
2016-09-13 21:35 - 2016-09-13 21:35 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-07-17 21:11 - 2017-07-18 13:10 - 000006299 _____ () C:\ProgramData\hpzinstall.log
2016-04-09 11:39 - 2016-04-09 11:39 - 000000016 _____ () C:\ProgramData\mntemp
2013-03-19 12:32 - 2013-03-19 12:32 - 000010011 _____ () C:\ProgramData\regid.2012-01.com.intel.discover-at_512FCF1B-3685-45F2-A1E9-63AEF7F79B35.swidtag
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-09-08 20:21
==================== Ende von FRST.txt ============================
|
|
10.09.2017, 14:04
| #10 |
| | Trojaner Verdacht, Win10 64bitCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-09-2017
durchgeführt von *************** (10-09-2017 15:00:31)
Gestartet von C:\Users\Gena_2\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-13 19:51:32)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4288807228-2172792055-1580508024-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4288807228-2172792055-1580508024-1012 - Limited - Enabled)
DefaultAccount (S-1-5-21-4288807228-2172792055-1580508024-503 - Limited - Disabled)
Gast (S-1-5-21-4288807228-2172792055-1580508024-501 - Limited - Disabled) => C:\Users\Gast
*************** (S-1-5-21-4288807228-2172792055-1580508024-1002 - Administrator - Enabled) => C:\Users\genas_000
Gena_2 (S-1-5-21-4288807228-2172792055-1580508024-1003 - Limited - Enabled) => C:\Users\Gena_2
HomeGroupUser$ (S-1-5-21-4288807228-2172792055-1580508024-1022 - Limited - Enabled)
Lilia (S-1-5-21-4288807228-2172792055-1580508024-1046 - Limited - Enabled) => C:\Users\Lilia
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.0 - Absolute Software)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.22 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.8 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.10.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Ahnenblatt 2.97a (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.97.2.1 - Dirk Bцttcher)
Amolto Call Recorder Premium for Skype (HKLM-x32\...\{69F36B84-256D-47CA-A4AC-D04083709434}) (Version: 2.6.1 - Amolto)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 381.65 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (HKLM\...\{1B6B17C2-176C-433C-93F3-640D12825426}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
AusweisApp2 (HKLM-x32\...\{8BC126FD-2F56-4B56-9363-54C3D0027BC6}) (Version: 1.10.1 - Governikus GmbH & Co. KG)
Benutzerhandbuch (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo) Hidden
BlackVue HD (HKLM-x32\...\BlackVueHD) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (HKLM-x32\...\{3D73DC7A-2D1D-45CF-8A67-24873925C716}) (Version: 3.00.0000 - Hewlett-Packard) Hidden
Brief Vorlagen (HKLM-x32\...\Brief Vorlagen_is1) (Version: - )
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )
Canon MX340 series - регистрация пользователя (HKLM-x32\...\Canon MX340 series - регистрация пользователя) (Version: - )
Canon MX340 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
CrystalDiskMark 5.1.2 (HKLM\...\CrystalDiskMark5_is1) (Version: 5.1.2 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0191 - Disc Soft Ltd)
DIG-CAD 4.0 (HKLM-x32\...\DIG-CAD 4.0) (Version: - )
DiskCryptor 1.1 (HKLM\...\DiskCryptor_is1) (Version: 1.1 - hxxp://diskcryptor.net/)
Download Master version 6.0.3.1433 (HKLM-x32\...\Download Master_is1) (Version: 6.0.3.1433 - WestByte)
Dragon Assistant Application de-DE Version 1.5.5 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.5 - Nuance Communications, Inc.)
Dragon Assistant Core Recognition Service Version 1.1.9 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.9 - Nuance Communications, Inc.)
Dragon Assistant Language Data de-DE Version 1.1.2 (HKLM-x32\...\{FB671668-9AAC-41DC-872B-627418FB62D5}_is1) (Version: 1.1.2 - Nuance Communications, Inc.)
Dragon Assistant Version 1.5.5 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.5 - Nuance Communications, Inc.)
Elevated Installer (HKLM-x32\...\{BA007E03-72AE-4D2D-8A73-FA4B935D4015}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo)
Exif-Viewer 2.51 (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
Free DVD Video Converter (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.65.823 - Digital Wave Ltd)
Free MP4 Video Converter version 5.0.54.1215 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.54.1215 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.54.1215 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.54.1215 - DVDVideoSoft Ltd.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.1.119 - DVDVideoSoft Ltd.)
FRITZ!Fernzugang (HKLM\...\{DD57CC22-8864-4CCA-94D4-600D024C1207}) (Version: 1.3.1 - AVM Berlin)
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.4.0.1 - G DATA Software AG)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{2f694ffe-66ec-4674-a32d-ec690281ca57}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{BCEE507D-8D49-40FF-B437-70E3B9C2D51C}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{198E262D-8C4F-4131-91C7-1F81FB8688F1}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Gpg4win (2.3.4) (HKLM-x32\...\GPG4Win) (Version: 2.3.4 - The Gpg4win Project)
Intel Anti-Theft Discovery App (HKLM-x32\...\{707248B9-2D34-4D77-A5C6-2A8A54848E5A}) (Version: 1.1.0.7 - Intel Corporation)
Intel Experience Center - Configuration (HKLM-x32\...\{C73A16B7-AC35-4262-9BAF-DA9B2039A563}) (Version: 1.9.0.8 - Intel) Hidden
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.91.55 - Huawei Technologies Co.,Ltd)
IsoBuster 3.9 (HKLM-x32\...\IsoBuster_is1) (Version: 3.9 - Smart Projects)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
KÜCHEN QUELLE 3D (HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\SquareClock_Production_Home_KQ_Web) (Version: - 3DVIA SAS)
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version: - )
L&H TTS3000 Espaсol (HKLM-x32\...\LHTTSSPE) (Version: - )
L&H TTS3000 Franзais (HKLM-x32\...\LHTTSFRF) (Version: - )
L&H TTS3000 Italiano (HKLM-x32\...\LHTTSITI) (Version: - )
L&H TTS3000 Portuguкs (Brasil) (HKLM-x32\...\LHTTSPTB) (Version: - )
L&H TTS3000 Russian (HKLM-x32\...\LHTTSRUR) (Version: - )
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10233 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo System Interface Foundation Driver (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.078.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0059 - Lenovo)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version: - )
Malwarebytes Version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7766.2099 - Microsoft Corporation)
Microsoft Office 365 ProPlus - ru-ru (HKLM\...\O365ProPlusRetail - ru-ru) (Version: 16.0.7766.2099 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Russian/русский (HKLM-x32\...\Office15.OMUI.ru-ru) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation)
Microsoft Outlook-Sicherung für Persönliche Ordner (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MKS Platform Components 9.x (HKLM\...\{30276636-0000-0905-9ABB-000BDB5CF35D}) (Version: 9.5.0000 - Mortice Kern Systems)
Motion Control (HKLM\...\Motion Control) (Version: 1.2.45.0 - Lenovo)
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Mp3tag v2.71 (HKLM-x32\...\Mp3tag) (Version: v2.71 - Florian Heidenreich)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
No23 Recorder (HKLM-x32\...\{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}) (Version: 2.1.0.3 - No23) Hidden
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.65 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0419-0000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PlayMemories Camera Apps Downloader (HKLM-x32\...\{5C42BF1B-4586-4711-81A7-8D0F890A6A31}) (Version: 1.2.0.13221 - Sony Corporation)
Polar ProTrainer (HKLM-x32\...\{DF7DBA84-0A55-11D6-A0A6-6A7573736972}) (Version: 5.40.170 - )
Polar WebLink 2.4.15 (HKLM-x32\...\{2734FEDB-7A24-4F15-AC5C-3EC00414D4CC}) (Version: 02.50.0006 - Polar Electro Oy)
QUIK (HKLM-x32\...\{519A413F-6A45-4A48-AC2E-4A9C94C8F98A}_is1) (Version: - СМВБ-Информационные технологии)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21229 - Realtek Semiconductor Corp.)
REALTEK DTV USB DEVICE (HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Remote Camera Control (HKLM-x32\...\{A32B85B2-5731-41E9-B431-3F4F5D6E664F}) (Version: 3.7.00000 - Sony Corporation)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Portable SSD T3 (HKLM-x32\...\Samsung Portable SSD T3_is1) (Version: 1.3 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
SDI011 dual interface reader (HKLM-x32\...\{D0ED9100-DFFB-482C-8DB6-C626264757BD}) (Version: 1.01 - SCM Microsystems)
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.7.1.1 - Seagate)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0100-0419-0000-0000000FF1CE}_Office15.OMUI.ru-ru_{DFA82E00-94E0-456C-B143-A2E1A90B1950}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.5.0.1160 - Lenovo)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 7.0.0.0 - Stellar Information Technology Pvt Ltd.)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
SurfEasy VPN 3.9.542 (HKLM-x32\...\SurfEasy VPN) (Version: 3.9.542 - SurfEasy Inc)
Sweet Home 3D version 5.1.1 (HKLM\...\Sweet Home 3D_is1) (Version: 5.1.1 - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Update for Skype for Business 2015 (KB4011046) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0419-0000-0000000FF1CE}_Office15.OMUI.ru-ru_{4948A05E-E21F-4A6F-BF2A-7D106E339C9B}) (Version: - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
Vibraimage8 Lite (HKLM-x32\...\{32B4ED86-7931-47CC-B62C-52C9CB739E6F}_is1) (Version: - ELSYS Corp.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WD Quick View (HKLM-x32\...\{2CE08B2D-856C-47D9-9F6A-BC691911BCD9}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{B11B695F-B5BF-4667-8291-682B3A73B5F8}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Засоби перевірки правопису Microsoft Office 2013 – Українська версія (HKLM-x32\...\{90150000-001F-0422-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2013 — русский (HKLM-x32\...\{90150000-001F-0419-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Энциклопедия Фэн-Шуй (HKLM-x32\...\{2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F}) (Version: 1.00.0000 - Агенство Вызов)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002_Classes\CLSID\{784D0A2D-A305-4E18-3208-A1915D75B970}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-6F9128BD414A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll => Keine Datei
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2015-04-15] ()
ContextMenuHandlers1: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G Data\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\GNU\GnuPG\bin\gpgex.dll [2017-07-06] (g10 Code GmbH)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers1: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} => -> Keine Datei
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers3: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G Data\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\GNU\GnuPG\bin\gpgex.dll [2017-07-06] (g10 Code GmbH)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers4: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} => -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-04-01] (NVIDIA Corporation)
ContextMenuHandlers5: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} => -> Keine Datei
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G Data\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G Data\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01267627-A5D2-44DE-B56B-A85703097784} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {039B2D62-D86C-4D71-A3E5-9E1EF9AE46C8} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {0A27731B-0644-4062-ADF0-0AFD83B598EA} - System32\Tasks\Gena_2 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {0BF03656-1B3D-4867-8112-51DBA6467FAD} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-06-09] ()
Task: {0E01EF6C-B37D-4D42-8031-7A7BFD8B7B2E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\00252f5e-3e31-405a-ad65-baba05f70c1c => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {0FABADAA-5079-48C6-8A0A-0ABD016CC58F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {1395D612-2190-44B0-A672-C8420DF26B86} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {198E00EF-0EC1-4025-911B-5CE90632D071} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {26022CA4-A54C-4B08-8BCB-416A4A669B2F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {2B2E2AD2-8AC9-4185-8305-4F24390A902B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-03] (Microsoft Corporation)
Task: {2F88D19A-556E-4BBC-905F-3FB0FDFEEC1C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-08-05] (Microsoft Corporation)
Task: {2FFF98D8-7ECF-4660-B437-0AE36010B04D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-03] (Google Inc.)
Task: {3280604A-AF2C-45F7-81D3-A9EED583F736} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4b6b0c0d-1ea0-412e-ac1c-c580671bc486 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {32A8A4BB-A436-4B23-8F55-0C8B032A1856} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-05-18] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3B8B8F6B-77BC-432C-B0FD-AFAD1F998184} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {3DDDA922-4DD7-4912-9AF7-455BDE6C560B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {4563D974-856B-42C7-A4A8-73967ABCD319} - System32\Tasks\AdobeAAMUpdater-1.0-BigCom-Gena_2 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {48E9D8C9-2761-4284-B55B-24C8EFCA456C} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe
Task: {4AF6F6B4-2BF2-4311-8579-9136AEE95063} - System32\Tasks\Gena_2 DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2017-05-10] (Seagate Technology LLC)
Task: {4C4B59C3-B8BC-43E6-9CB9-17EF37989396} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-08-10] (Microsoft Corporation)
Task: {52AA9BF9-EC9D-4F59-BF25-8F9F64E91635} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {547ECDD4-8BA2-4948-959A-2427DB30601C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {56A4F296-4DBB-4BA0-9DBF-31A9EDBF6FF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-03] (Google Inc.)
Task: {66BE7478-3082-4773-A506-64305CE3D70A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {70323029-858D-4ADD-90A8-2E72B7A2E07E} - System32\Tasks\Gena_22 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {73F37D5B-1887-430D-8AF3-4A8C48517A73} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {77973E8A-CCB9-466D-8AF3-B9E2F87DC3FC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {7A3C259E-E121-49E4-9755-A251DFE47278} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {835D682E-AF26-4F49-A80B-1F370544DDA3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {88FEE2BE-9F38-4350-8652-A605E311C0E7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {8E6988D4-EC82-402A-BF59-9C8F0B09B9B2} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-06-09] ()
Task: {90983A60-D055-4DEB-A400-D7A6127FE537} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {97E4A251-A276-4D50-9078-630F149BA7C5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {97ED358D-36C8-4036-A210-DBF1729CFEA2} - System32\Tasks\Gena_21 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {986DA129-70AE-4B81-A3A8-C2F4D410DF13} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {9BC2B296-270E-455D-8911-77C889224D35} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {9DC13746-7A1F-4F11-8EE1-6A96FCDEB4E8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {9ED4E3EA-4A16-4189-95B9-4D3F28867A03} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {AB54D929-72E4-4012-B905-9F022AAC3B22} - \Lenovo\Lenovo Service Bridge\S-1-5-21-4288807228-2172792055-1580508024-1002 -> Keine Datei <==== ACHTUNG
Task: {AC1E0504-321F-4E19-8A49-4C3D89897DA4} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-08-05] (Microsoft Corporation)
Task: {B0C360A4-A098-4E2E-ACB7-E1DDF62984E3} - System32\Tasks\*************** => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {BC2C2903-41C9-447B-B05C-6FFAD8A5596D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5ae460d9-a7d4-48fc-b990-d9445da2dae2 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {C3A1E82E-B71D-4E9C-B517-FEE16711404B} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2017-05-10] (Seagate Technology LLC)
Task: {D40095DF-2C22-4518-A3C7-6F63CD89DC85} - System32\Tasks\*************** DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2017-05-10] (Seagate Technology LLC)
Task: {D80986EA-20E0-4142-9888-6046758FDCCA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {DF1FACA5-2092-4B69-9F91-14BBA48448AF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-08-05] (Microsoft Corporation)
Task: {E6F85229-2129-4888-92D2-5E851347D80B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {EE06876A-F8FF-493F-9DBD-3B2C43B72CF0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {EF0B1B4C-C6E7-471A-9D7D-646B40C81902} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {F2F9BE46-A019-4347-A469-CECFC7E691EC} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {F64242DF-4744-4098-BF1E-6CD406336300} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {F8AE1AFB-2665-42A4-88A8-4B29D5730079} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\794a89dd-51f0-40c3-b656-8862d79f99e7 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {FE51E7E7-011F-47E8-BCF3-0595F5E3B458} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-03] (Microsoft Corporation)
Task: {FF1133FB-0247-4224-8FC2-0411588B726D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\genas_000\Desktop\Поиграй!.lnk -> C:\Program Files (x86)\Download Master\games.url () <==== Cyrillic
Shortcut: C:\Users\genas_000\Desktop\Энциклопедия Фэн-Шуй.lnk -> C:\Users\genas_000\AppData\Roaming\Microsoft\Installer\{2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F}\_35987B591D36_44F6_A1C6_DD3345589997.exe () <==== Cyrillic
Shortcut: C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Энциклопедия Фэн-Шуй\Энциклопедия Фэн-Шуй.lnk -> C:\Users\genas_000\AppData\Roaming\Microsoft\Installer\{2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F}\_35987B591D36_44F6_A1C6_DD3345589997.exe () <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive для бизнеса.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype для бизнеса 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\QUIK БКС.lnk -> C:\BCS_Work\QUIK_BCS\info.exe (ARQA Technologies) <==== Cyrillic
ShortcutWithArgument: C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Энциклопедия Фэн-Шуй\Удаление.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F} <==== Cyrillic
ShortcutWithArgument: C:\Users\Public\Desktop\Аура VI+.lnk -> C:\ELSYS\Vibraimage8Lite\Vibraimage.exe (ELSYS Corp.) -> -type DZ <==== Cyrillic
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-07-12 16:27 - 2017-06-21 09:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-06 14:46 - 2017-07-06 14:46 - 000216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2014-07-23 21:11 - 2009-09-08 14:12 - 000116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-04-15 16:45 - 2013-04-15 16:45 - 000182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 16:45 - 2013-04-15 16:45 - 000060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2017-09-08 21:56 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-04-06 20:22 - 2017-05-03 22:21 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-14 21:39 - 2017-03-14 21:39 - 001663368 _____ () C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
2015-05-04 20:47 - 2013-08-16 08:53 - 000671744 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2017-06-08 05:54 - 2017-06-08 05:54 - 000554984 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2017-07-18 00:50 - 2017-07-18 00:50 - 000492112 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 000222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-09-16 19:54 - 2016-09-07 06:56 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 20:20 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 20:20 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 20:20 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 20:20 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-08-11 19:08 - 2017-03-04 08:05 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-08-11 19:08 - 2017-08-01 20:26 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-08-11 19:08 - 2017-08-01 20:31 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-03-01 17:09 - 2016-11-02 00:05 - 000401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-08-24 20:44 - 2017-08-24 20:44 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-24 20:44 - 2017-08-24 20:44 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-04-07 09:41 - 2017-04-07 09:41 - 000054488 _____ () C:\Program Files\CCleaner\branding.dll
2017-06-30 13:22 - 2017-06-30 13:22 - 000069632 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-02-11 07:34 - 2014-02-11 07:34 - 000172552 _____ () C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
2014-02-11 07:31 - 2013-04-17 16:26 - 000387984 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\fl_core.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 001165712 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_asr.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 000199056 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_base.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 001132944 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_pron.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 000035216 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_platform.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 000229264 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\sdxg.dll
2014-02-11 07:31 - 2013-04-17 16:25 - 000027648 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\WASAPIResamplingStreamCOMServer.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2017-07-06 14:33 - 2017-07-06 14:33 - 000222720 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2017-07-06 14:21 - 2017-07-06 14:21 - 000050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2017-07-06 14:33 - 2017-07-06 14:33 - 000073728 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2017-07-06 14:36 - 2017-07-06 14:36 - 000890880 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2017-07-06 14:27 - 2017-07-06 14:27 - 000103424 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2017-05-10 15:50 - 2017-05-10 15:50 - 000729792 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\PocoNet.dll
2017-03-14 21:40 - 2017-03-14 21:40 - 000078216 _____ () C:\Program Files (x86)\SurfEasy VPN\client\ZLIB1.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 000011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 000043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 002417152 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 001148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2017-04-06 20:22 - 2017-05-03 22:21 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2014-02-11 07:09 - 2013-05-09 14:23 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-02-11 07:34 - 2014-02-11 07:34 - 001623048 _____ () C:\Program Files (x86)\Lenovo\MotionControl\eyeKeys.dll
2014-02-11 07:34 - 2014-02-11 07:34 - 000030728 _____ () C:\Program Files (x86)\Lenovo\MotionControl\esmlib.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2017-06-22 18:56 - 2017-06-22 18:56 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-06-22 18:56 - 2017-06-22 18:56 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-06-22 18:55 - 2017-06-22 18:55 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-06-22 18:56 - 2017-06-22 18:56 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-07-13 10:12 - 2017-07-13 10:12 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-06-22 18:56 - 2017-06-22 18:56 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-05-19 23:50 - 2017-05-19 23:50 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-07-13 10:07 - 2017-07-13 10:07 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-05-19 23:49 - 2017-05-19 23:49 - 000098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2017-05-19 23:50 - 2017-05-19 23:50 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-04-23 13:32 - 2016-04-23 13:32 - 000131072 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_de\PDFMaker\PDFMOutlookAddin.DEU
2017-03-28 19:24 - 2017-03-28 19:24 - 003990136 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\PDFMaker\Common\AdobePDFMakerX.dll
2016-04-23 13:32 - 2016-04-23 13:32 - 001446912 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\sharepoint.com -> hxxps://htlsalzburg-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\127.0.0.1 -> hxxp://127.0.0.1
IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\sharepoint.com -> hxxps://htlsalzburg.sharepoint.com
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2017-08-24 21:11 - 000004317 _____ C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 ac3.msn.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads.msn.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 a-msedge.net
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 c.atdmt.com
Da befinden sich 77 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\genas_000\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img4.jpg
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{7DCA83E0-AED3-4A40-A274-EC1D2CCFB027}] => (Allow) LPort=8888
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/10/2017 02:51:24 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (09/10/2017 02:38:24 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (09/10/2017 02:37:20 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (09/09/2017 10:11:50 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (09/09/2017 09:31:56 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (09/09/2017 09:31:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BrcmSetSecurity.exe, Version: 1.0.0.1, Zeitstempel: 0x516df51d
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.1532, Zeitstempel: 0x5965abad
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002f7fb
ID des fehlerhaften Prozesses: 0x11dc
Startzeit der fehlerhaften Anwendung: 0x01d329a2403ddf07
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 57a2e20f-8e72-4661-8a08-769efc0676e9
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/08/2017 10:05:24 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (09/08/2017 10:05:09 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (09/08/2017 10:04:18 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (09/08/2017 09:56:54 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Systemfehler:
=============
Error: (09/10/2017 02:59:51 PM) (Source: DCOM) (EventID: 10010) (User: BigCom)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/10/2017 02:58:47 PM) (Source: DCOM) (EventID: 10010) (User: BigCom)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/10/2017 02:53:09 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/10/2017 02:53:09 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/10/2017 02:53:09 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
und der APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/10/2017 02:53:09 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/10/2017 02:51:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HWDeviceService64.exe" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/10/2017 02:51:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. RunOuc" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (09/10/2017 02:51:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. RunOuc erreicht.
Error: (09/10/2017 02:50:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2017-09-06 15:58:09.788
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltDll64.dll that did not meet the Store signing level requirements.
Date: 2017-09-06 15:49:15.976
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltDll64.dll that did not meet the Store signing level requirements.
Date: 2016-09-28 22:25:30.242
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.240
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.236
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.233
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.229
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.226
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.214
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.201
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 8104.27 MB
Verfügbarer physikalischer RAM: 4278.46 MB
Summe virtueller Speicher: 9384.27 MB
Verfügbarer virtueller Speicher: 5101.08 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:122.8 GB) (Free:20.3 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Zwieschenspeicher) (Fixed) (Total:25 GB) (Free:4.78 GB) NTFS
Drive g: (LENOVO_S) (Fixed) (Total:51.88 GB) (Free:1.32 GB) NTFS
Drive h: (Volume) (Fixed) (Total:23.17 GB) (Free:6.88 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: BC09B5DB)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
10.09.2017, 20:00
| #11 |
| /// TB-Ausbilder | Trojaner Verdacht, Win10 64bit Servus, Schritt 1
Schritt 2 Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop: SystemLook (32 bit) | SystemLook (64 bit)
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
10.09.2017, 21:16
| #12 |
| | Trojaner Verdacht, Win10 64bitCode:
ATTFilter CloseProcesses:
HKLM-x32\...\Run: [] => [X]
Task: {01267627-A5D2-44DE-B56B-A85703097784} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {1395D612-2190-44B0-A672-C8420DF26B86} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {26022CA4-A54C-4B08-8BCB-416A4A669B2F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {52AA9BF9-EC9D-4F59-BF25-8F9F64E91635} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {73F37D5B-1887-430D-8AF3-4A8C48517A73} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {835D682E-AF26-4F49-A80B-1F370544DDA3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {88FEE2BE-9F38-4350-8652-A605E311C0E7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {90983A60-D055-4DEB-A400-D7A6127FE537} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {9DC13746-7A1F-4F11-8EE1-6A96FCDEB4E8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {AB54D929-72E4-4012-B905-9F022AAC3B22} - \Lenovo\Lenovo Service Bridge\S-1-5-21-4288807228-2172792055-1580508024-1002 -> Keine Datei <==== ACHTUNG
Task: {EE06876A-F8FF-493F-9DBD-3B2C43B72CF0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {F2F9BE46-A019-4347-A469-CECFC7E691EC} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {F64242DF-4744-4098-BF1E-6CD406336300} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 10-09-2017
durchgeführt von **************** (10-09-2017 21:54:03) Run:1
Gestartet von C:\Users\Gena_2\Downloads
Geladene Profile: **************** & Gena_2 (Verfügbare Profile: **************** & Gena_2 & Lilia & Gast & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
Task: {01267627-A5D2-44DE-B56B-A85703097784} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {1395D612-2190-44B0-A672-C8420DF26B86} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {26022CA4-A54C-4B08-8BCB-416A4A669B2F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {52AA9BF9-EC9D-4F59-BF25-8F9F64E91635} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {73F37D5B-1887-430D-8AF3-4A8C48517A73} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {835D682E-AF26-4F49-A80B-1F370544DDA3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {88FEE2BE-9F38-4350-8652-A605E311C0E7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {90983A60-D055-4DEB-A400-D7A6127FE537} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {9DC13746-7A1F-4F11-8EE1-6A96FCDEB4E8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {AB54D929-72E4-4012-B905-9F022AAC3B22} - \Lenovo\Lenovo Service Bridge\S-1-5-21-4288807228-2172792055-1580508024-1002 -> Keine Datei <==== ACHTUNG
Task: {EE06876A-F8FF-493F-9DBD-3B2C43B72CF0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {F2F9BE46-A019-4347-A469-CECFC7E691EC} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {F64242DF-4744-4098-BF1E-6CD406336300} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
*****************
Prozesse erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{01267627-A5D2-44DE-B56B-A85703097784} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01267627-A5D2-44DE-B56B-A85703097784} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1395D612-2190-44B0-A672-C8420DF26B86} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1395D612-2190-44B0-A672-C8420DF26B86} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26022CA4-A54C-4B08-8BCB-416A4A669B2F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26022CA4-A54C-4B08-8BCB-416A4A669B2F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{52AA9BF9-EC9D-4F59-BF25-8F9F64E91635} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52AA9BF9-EC9D-4F59-BF25-8F9F64E91635} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73F37D5B-1887-430D-8AF3-4A8C48517A73} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73F37D5B-1887-430D-8AF3-4A8C48517A73} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{835D682E-AF26-4F49-A80B-1F370544DDA3} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{835D682E-AF26-4F49-A80B-1F370544DDA3} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88FEE2BE-9F38-4350-8652-A605E311C0E7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88FEE2BE-9F38-4350-8652-A605E311C0E7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90983A60-D055-4DEB-A400-D7A6127FE537} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90983A60-D055-4DEB-A400-D7A6127FE537} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9DC13746-7A1F-4F11-8EE1-6A96FCDEB4E8} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DC13746-7A1F-4F11-8EE1-6A96FCDEB4E8} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AB54D929-72E4-4012-B905-9F022AAC3B22} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB54D929-72E4-4012-B905-9F022AAC3B22} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Service Bridge\S-1-5-21-4288807228-2172792055-1580508024-1002 => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE06876A-F8FF-493F-9DBD-3B2C43B72CF0} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE06876A-F8FF-493F-9DBD-3B2C43B72CF0} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F2F9BE46-A019-4347-A469-CECFC7E691EC} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2F9BE46-A019-4347-A469-CECFC7E691EC} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F64242DF-4744-4098-BF1E-6CD406336300} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F64242DF-4744-4098-BF1E-6CD406336300} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => Schlüssel erfolgreich entfernt
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Auflosungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zuruckgesetzt.
Sie mussen den Computer neu starten, um den Vorgang abzuschlie?en.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 3007608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11573966 B
Java, Flash, Steam htmlcache => 717 B
Code:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 21:59 on 10/09/2017 by ***************
Administrator - Elevation successful
========== filefind ==========
Searching for "*yuna software*"
No files found.
Searching for "*FLV and Media Player*"
C:\AdwCleaner\Quarantine\x3CF3EDNhm\FLV and Media Player.lnk --a---- 1356 bytes [12:37 10/09/2017] [10:45 25/01/2015] 8CB838E47772092383CEEF12C3ADCEE3
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies\FLV and Media Player Uninstall.lnk --a---- 1167 bytes [10:45 25/01/2015] [10:45 25/01/2015] 43E5A37F356CE5D90F0C84485F04A2B3
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies\FLV and Media Player.lnk --a---- 1374 bytes [10:45 25/01/2015] [10:45 25/01/2015] 2B5538F9E6CDAAA972FDC8EE5DD4F9CA
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Applian Technologies\FLV and Media Player Uninstall.lnk --a---- 1167 bytes [10:45 25/01/2015] [10:45 25/01/2015] 43E5A37F356CE5D90F0C84485F04A2B3
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Applian Technologies\FLV and Media Player.lnk --a---- 1374 bytes [10:45 25/01/2015] [10:45 25/01/2015] 2B5538F9E6CDAAA972FDC8EE5DD4F9CA
========== folderfind ==========
Searching for "*yuna software*"
No folders found.
Searching for "*FLV and Media Player*"
C:\Program Files (x86)\Applian Technologies\FLV and Media Player d-a---- [10:45 25/01/2015]
========== regfind ==========
Searching for "yuna software"
[HKEY_LOCAL_MACHINE\SOFTWARE\G Data\AVK_WaechterLog\NonApprovedModules]
"C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe"="05/01/16 12:47:20: <unsigned>"
Searching for "FLV and Media Player"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"26"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies\FLV and Media Player.lnk C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe -I skins2 --one-instance"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3g2]
@="FLV and Media Player media file (.3g2)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3g2\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3g2\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3g2\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3g2\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3g2\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3g2\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3ga]
@="FLV and Media Player media file (.3ga)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3ga\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3ga\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3ga\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3ga\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3ga\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3ga\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp]
@="FLV and Media Player media file (.3gp)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp2]
@="FLV and Media Player media file (.3gp2)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp2\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp2\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp2\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp2\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp2\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp2\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gpp]
@="FLV and Media Player media file (.3gpp)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gpp\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gpp\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gpp\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gpp\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gpp\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gpp\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.669]
@="FLV and Media Player media file (.669)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.669\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.669\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.669\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.669\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.669\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.669\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.a52]
@="FLV and Media Player media file (.a52)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.a52\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.a52\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.a52\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.a52\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.a52\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.a52\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aac]
@="FLV and Media Player media file (.aac)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aac\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aac\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aac\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aac\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aac\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aac\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ac3]
@="FLV and Media Player media file (.ac3)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ac3\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ac3\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ac3\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ac3\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ac3\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ac3\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adt]
@="FLV and Media Player media file (.adt)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adt\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adt\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adt\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adt\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adt\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adt\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adts]
@="FLV and Media Player media file (.adts)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adts\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adts\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adts\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adts\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adts\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adts\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aif]
@="FLV and Media Player media file (.aif)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aif\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aif\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aif\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aif\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aif\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aif\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aifc]
@="FLV and Media Player media file (.aifc)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aifc\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aifc\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aifc\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aifc\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aifc\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aifc\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aiff]
@="FLV and Media Player media file (.aiff)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aiff\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aiff\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aiff\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aiff\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aiff\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aiff\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amr]
@="FLV and Media Player media file (.amr)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amr\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amr\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amr\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amr\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amr\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amr\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amv]
@="FLV and Media Player media file (.amv)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amv\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amv\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amv\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amv\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amv\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amv\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aob]
@="FLV and Media Player media file (.aob)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aob\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aob\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aob\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aob\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aob\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aob\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ape]
@="FLV and Media Player media file (.ape)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ape\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ape\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ape\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ape\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ape\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ape\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asf]
@="FLV and Media Player media file (.asf)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asf\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asf\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asf\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asf\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asf\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asf\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asx]
@="FLV and Media Player media file (.asx)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asx\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asx\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asx\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asx\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asx\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asx\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.au]
@="FLV and Media Player media file (.au)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.au\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.au\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.au\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.au\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.au\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.au\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.avi]
@="FLV and Media Player media file (.avi)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.avi\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.avi\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.avi\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.avi\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.avi\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.avi\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.b4s]
@="FLV and Media Player media file (.b4s)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.b4s\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.b4s\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.b4s\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.b4s\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.b4s\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.b4s\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.bin]
@="FLV and Media Player media file (.bin)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.bin\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.bin\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.bin\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.bin\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.bin\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.bin\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.caf]
@="FLV and Media Player media file (.caf)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.caf\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.caf\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.caf\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.caf\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.caf\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.caf\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cda]
@="FLV and Media Player media file (.cda)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cda\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cda\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cda\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cda\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cda\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cda\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.CDAudio\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.CDAudio\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file cdda:///%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cue]
@="FLV and Media Player media file (.cue)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cue\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cue\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cue\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cue\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cue\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cue\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.divx]
@="FLV and Media Player media file (.divx)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.divx\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.divx\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.divx\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.divx\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.divx\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.divx\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.drc]
@="FLV and Media Player media file (.drc)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.drc\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.drc\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.drc\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.drc\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.drc\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.drc\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dts]
@="FLV and Media Player media file (.dts)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dts\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dts\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dts\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dts\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dts\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dts\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dv]
@="FLV and Media Player media file (.dv)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dv\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dv\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dv\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dv\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dv\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dv\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.DVDMovie\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.DVDMovie\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file dvd:///%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.f4v]
@="FLV and Media Player media file (.f4v)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.f4v\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.f4v\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.f4v\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.f4v\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.f4v\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.f4v\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flac]
@="FLV and Media Player media file (.flac)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flac\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flac\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flac\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flac\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flac\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flac\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flv]
@="FLV and Media Player media file (.flv)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flv\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flv\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flv\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flv\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flv\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flv\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gvi]
@="FLV and Media Player media file (.gvi)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gvi\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gvi\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gvi\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gvi\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gvi\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gvi\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gxf]
@="FLV and Media Player media file (.gxf)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gxf\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gxf\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gxf\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gxf\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gxf\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gxf\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ifo]
@="FLV and Media Player media file (.ifo)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ifo\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ifo\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ifo\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ifo\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ifo\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ifo\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.it]
@="FLV and Media Player media file (.it)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.it\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.it\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.it\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.it\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.it\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.it\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m1v]
@="FLV and Media Player media file (.m1v)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m1v\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m1v\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m1v\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m1v\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m1v\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m1v\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2t]
@="FLV and Media Player media file (.m2t)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2t\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2t\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2t\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2t\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2t\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2t\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2ts]
@="FLV and Media Player media file (.m2ts)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2ts\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2ts\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2ts\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2ts\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2ts\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2ts\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2v]
@="FLV and Media Player media file (.m2v)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2v\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2v\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2v\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2v\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2v\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2v\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u]
@="FLV and Media Player media file (.m3u)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u8]
@="FLV and Media Player media file (.m3u8)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u8\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u8\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u8\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u8\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u8\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u8\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4a]
@="FLV and Media Player media file (.m4a)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4a\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4a\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4a\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4a\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4a\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4a\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4p]
@="FLV and Media Player media file (.m4p)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4p\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4p\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4p\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4p\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4p\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4p\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4v]
@="FLV and Media Player media file (.m4v)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4v\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4v\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4v\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4v\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4v\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4v\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mid]
@="FLV and Media Player media file (.mid)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mid\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mid\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mid\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mid\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mid\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mid\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mka]
@="FLV and Media Player media file (.mka)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mka\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mka\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mka\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mka\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mka\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mka\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mkv]
@="FLV and Media Player media file (.mkv)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mkv\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mkv\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mkv\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mkv\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mkv\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mkv\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mlp]
@="FLV and Media Player media file (.mlp)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mlp\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mlp\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mlp\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mlp\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mlp\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mlp\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mod]
@="FLV and Media Player media file (.mod)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mod\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mod\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mod\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mod\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mod\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mod\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mov]
@="FLV and Media Player media file (.mov)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mov\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mov\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mov\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mov\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mov\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mov\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp1]
@="FLV and Media Player media file (.mp1)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp1\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp1\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp1\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp1\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp1\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp1\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2]
@="FLV and Media Player media file (.mp2)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2v]
@="FLV and Media Player media file (.mp2v)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2v\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2v\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2v\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2v\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2v\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2v\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp3]
@="FLV and Media Player media file (.mp3)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp3\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp3\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp3\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp3\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp3\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp3\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4]
@="FLV and Media Player media file (.mp4)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4v]
@="FLV and Media Player media file (.mp4v)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4v\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4v\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4v\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4v\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4v\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4v\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpa]
@="FLV and Media Player media file (.mpa)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpa\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpa\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpa\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpa\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpa\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpa\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpc]
@="FLV and Media Player media file (.mpc)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpc\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpc\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpc\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpc\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpc\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpc\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpe]
@="FLV and Media Player media file (.mpe)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpe\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpe\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpe\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpe\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpe\shell\PlayWithVLC]
|
|
10.09.2017, 21:18
| #13 |
| | Trojaner Verdacht, Win10 64bit Teil 2 Code:
ATTFilter @="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpe\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg]
@="FLV and Media Player media file (.mpeg)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg1]
@="FLV and Media Player media file (.mpeg1)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg1\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg1\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg1\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg1\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg1\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg1\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg2]
@="FLV and Media Player media file (.mpeg2)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg2\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg2\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg2\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg2\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg2\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg2\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg4]
@="FLV and Media Player media file (.mpeg4)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg4\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg4\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg4\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg4\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg4\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg4\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpg]
@="FLV and Media Player media file (.mpg)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpg\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpg\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpg\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpg\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpg\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpg\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpga]
@="FLV and Media Player media file (.mpga)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpga\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpga\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpga\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpga\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpga\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpga\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpv2]
@="FLV and Media Player media file (.mpv2)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpv2\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpv2\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpv2\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpv2\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpv2\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpv2\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mts]
@="FLV and Media Player media file (.mts)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mts\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mts\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mts\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mts\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mts\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mts\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mtv]
@="FLV and Media Player media file (.mtv)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mtv\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mtv\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mtv\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mtv\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mtv\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mtv\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mxf]
@="FLV and Media Player media file (.mxf)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mxf\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mxf\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mxf\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mxf\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mxf\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mxf\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nsv]
@="FLV and Media Player media file (.nsv)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nsv\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nsv\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nsv\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nsv\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nsv\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nsv\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nuv]
@="FLV and Media Player media file (.nuv)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nuv\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nuv\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nuv\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nuv\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nuv\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nuv\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oga]
@="FLV and Media Player media file (.oga)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oga\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oga\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oga\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oga\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oga\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oga\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogg]
@="FLV and Media Player media file (.ogg)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogg\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogg\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogg\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogg\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogg\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogg\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogm]
@="FLV and Media Player media file (.ogm)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogm\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogm\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogm\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogm\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogm\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogm\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogv]
@="FLV and Media Player media file (.ogv)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogv\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogv\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogv\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogv\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogv\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogv\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogx]
@="FLV and Media Player media file (.ogx)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogx\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogx\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogx\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogx\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogx\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogx\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oma]
@="FLV and Media Player media file (.oma)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oma\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oma\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oma\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oma\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oma\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oma\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.OPENFolder\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.OPENFolder\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance %1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.opus]
@="FLV and Media Player media file (.opus)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.opus\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.opus\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.opus\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.opus\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.opus\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.opus\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.pls]
@="FLV and Media Player media file (.pls)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.pls\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.pls\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.pls\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.pls\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.pls\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.pls\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.qcp]
@="FLV and Media Player media file (.qcp)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.qcp\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.qcp\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.qcp\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.qcp\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.qcp\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.qcp\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ra]
@="FLV and Media Player media file (.ra)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ra\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ra\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ra\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ra\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ra\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ra\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ram]
@="FLV and Media Player media file (.ram)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ram\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ram\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ram\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ram\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ram\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ram\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rec]
@="FLV and Media Player media file (.rec)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rec\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rec\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rec\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rec\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rec\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rec\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rm]
@="FLV and Media Player media file (.rm)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rm\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rm\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rm\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rm\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rm\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rm\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmi]
@="FLV and Media Player media file (.rmi)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmi\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmi\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmi\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmi\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmi\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmi\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmvb]
@="FLV and Media Player media file (.rmvb)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmvb\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmvb\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmvb\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmvb\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmvb\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmvb\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.s3m]
@="FLV and Media Player media file (.s3m)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.s3m\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.s3m\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.s3m\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.s3m\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.s3m\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.s3m\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.sdp]
@="FLV and Media Player media file (.sdp)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.sdp\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.sdp\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.sdp\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.sdp\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.sdp\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.sdp\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.snd]
@="FLV and Media Player media file (.snd)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.snd\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.snd\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.snd\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.snd\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.snd\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.snd\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.spx]
@="FLV and Media Player media file (.spx)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.spx\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.spx\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.spx\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.spx\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.spx\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.spx\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.SVCDMovie\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.SVCDMovie\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file vcd:///%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tod]
@="FLV and Media Player media file (.tod)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tod\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tod\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tod\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tod\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tod\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tod\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ts]
@="FLV and Media Player media file (.ts)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ts\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ts\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ts\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ts\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ts\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ts\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tta]
@="FLV and Media Player media file (.tta)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tta\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tta\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tta\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tta\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tta\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tta\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tts]
@="FLV and Media Player media file (.tts)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tts\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tts\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tts\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tts\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tts\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tts\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.VCDMovie\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.VCDMovie\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file vcd:///%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vlc]
@="FLV and Media Player media file (.vlc)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vlc\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vlc\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vlc\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vlc\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vlc\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vlc\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vob]
@="FLV and Media Player media file (.vob)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vob\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vob\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vob\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vob\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vob\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vob\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.voc]
@="FLV and Media Player media file (.voc)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.voc\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.voc\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.voc\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.voc\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.voc\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.voc\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vqf]
@="FLV and Media Player media file (.vqf)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vqf\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vqf\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vqf\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vqf\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vqf\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vqf\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vro]
@="FLV and Media Player media file (.vro)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vro\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vro\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vro\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vro\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vro\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vro\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.w64]
@="FLV and Media Player media file (.w64)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.w64\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.w64\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.w64\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.w64\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.w64\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.w64\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wav]
@="FLV and Media Player media file (.wav)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wav\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wav\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wav\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wav\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wav\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wav\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.webm]
@="FLV and Media Player media file (.webm)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.webm\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.webm\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.webm\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.webm\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.webm\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.webm\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wma]
@="FLV and Media Player media file (.wma)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wma\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wma\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wma\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wma\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wma\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wma\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wmv]
@="FLV and Media Player media file (.wmv)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wmv\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wmv\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wmv\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wmv\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wmv\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wmv\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wv]
@="FLV and Media Player media file (.wv)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wv\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wv\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wv\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wv\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wv\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wv\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wvx]
@="FLV and Media Player media file (.wvx)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wvx\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wvx\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wvx\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wvx\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wvx\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wvx\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xa]
@="FLV and Media Player media file (.xa)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xa\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xa\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xa\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xa\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xa\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xa\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xesc]
@="FLV and Media Player media file (.xesc)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xesc\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xesc\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xesc\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xesc\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xesc\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xesc\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xm]
@="FLV and Media Player media file (.xm)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xm\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xm\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xm\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xm\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xm\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xm\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xspf]
@="FLV and Media Player media file (.xspf)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xspf\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xspf\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xspf\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xspf\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xspf\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xspf\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\amp.exe]
"FriendlyAppName"="FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\amp.exe\shell\Open]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\amp.exe\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AudioCD\shell\PlayWithApplianMP]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AudioCD\shell\PlayWithApplianMP\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file cdda:///%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DVD\shell\PlayWithApplianMP]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DVD\shell\PlayWithApplianMP\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file dvd:///%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\ApplianMP]
@="FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\ApplianMP\Capabilities]
"ApplicationName"="FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\ApplianMP\Capabilities]
"ApplicationDescription"="FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\ApplianMP\InstallInfo]
"HideIconsCommand"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\spad-setup.exe" /HideIcons /S"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\ApplianMP\InstallInfo]
"ShowIconsCommand"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\spad-setup.exe" /ShowIcons /S"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\ApplianMP\InstallInfo]
"ReinstallCommand"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\spad-setup.exe" /Reinstall /S"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayCDAudioOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayCDAudioOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayDVDAudioOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayDVDAudioOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayDVDMovieOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayDVDMovieOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayMusicFilesOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayMusicFilesOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlaySVCDMovieOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlaySVCDMovieOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayVCDMovieOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayVCDMovieOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayVideoFilesOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayVideoFilesOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications]
"FLV and Media Player"="Software\Clients\Media\ApplianMP\Capabilities"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Applian Technologies\Applian FLV and Media Player]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Applian Technologies\Applian FLV and Media Player]
"InstallDir"="C:\Program Files (x86)\Applian Technologies\FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Applian Technologies\Applian FLV and Media Player]
@="C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Applian Technologies\FLV and Media Player]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Applian Technologies\FLV and Media Player]
"InstallDir"="C:\Program Files (x86)\Applian Technologies\FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Applian Technologies\FLV and Media Player]
@="C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayCDAudioOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayCDAudioOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayDVDAudioOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayDVDAudioOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayDVDMovieOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayDVDMovieOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayMusicFilesOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayMusicFilesOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlaySVCDMovieOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlaySVCDMovieOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayVCDMovieOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayVCDMovieOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayVideoFilesOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayVideoFilesOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Clients\Media\ApplianMP]
@="FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Clients\Media\ApplianMP\Capabilities]
"ApplicationName"="FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Clients\Media\ApplianMP\Capabilities]
"ApplicationDescription"="FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Clients\Media\ApplianMP\InstallInfo]
"HideIconsCommand"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\spad-setup.exe" /HideIcons /S"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Clients\Media\ApplianMP\InstallInfo]
"ShowIconsCommand"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\spad-setup.exe" /ShowIcons /S"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Clients\Media\ApplianMP\InstallInfo]
"ReinstallCommand"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\spad-setup.exe" /Reinstall /S"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\RegisteredApplications]
"FLV and Media Player"="Software\Clients\Media\ApplianMP\Capabilities"
[HKEY_USERS\S-1-5-21-4288807228-2172792055-1580508024-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"26"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies\FLV and Media Player.lnk C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe -I skins2 --one-instance"
[HKEY_USERS\S-1-5-21-4288807228-2172792055-1580508024-1003\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\eb009fa6_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0283&subsys_17aa4026&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume5\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-4288807228-2172792055-1580508024-1003\SOFTWARE\Classes\dat_auto_file\shell\Open]
@="Play with FLV and Media Player"
[HKEY_USERS\S-1-5-21-4288807228-2172792055-1580508024-1003\SOFTWARE\Classes\dat_auto_file\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_USERS\S-1-5-21-4288807228-2172792055-1580508024-1003\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe.FriendlyAppName"="FLV and Media Player"
[HKEY_USERS\S-1-5-21-4288807228-2172792055-1580508024-1003\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe.ApplicationCompany"="Applian Technologies Inc"
[HKEY_USERS\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\dat_auto_file\shell\Open]
@="Play with FLV and Media Player"
[HKEY_USERS\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\dat_auto_file\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_USERS\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe.FriendlyAppName"="FLV and Media Player"
[HKEY_USERS\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe.ApplicationCompany"="Applian Technologies Inc"
-= EOF =-
|
|
10.09.2017, 21:26
| #14 |
| | Trojaner Verdacht, Win10 64bitCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 10-09-2017
durchgeführt von *************** (Administrator) auf BIGCOM (10-09-2017 22:23:51)
Gestartet von C:\Users\Gena_2\Downloads
Geladene Profile: *************** & Gena_2 (Verfügbare Profile: *************** & Gena_2 & Lilia & Gast & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(MKS Software Inc.) C:\Windows\System32\nutsrv4.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
() C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
() C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-16] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2014-02-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [101360 2014-02-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM\...\Run: [USB Safely Remove] => "C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe" /startup
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-28] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [NuTCSetupEnviron] => C:\Program Files\PTC\MKS Toolkit\bin\ncoeenv.exe [37248 2012-10-12] (MKS Software Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-07-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-07-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-05-10] (Seagate Technology LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [442856 2017-06-08] (G DATA Software AG)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4295360 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-05-18] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [SurfEasy] => C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyVPN.exe startup
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-05-10] (Seagate Technology LLC)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[C0].tx
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\MountPoints2: {50b30d4b-8405-11e6-bf7b-fcf8ae9ac78d} - "E:\run.exe"
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\MountPoints2: {cba4bbd6-565a-11e6-bf56-fcf8ae9ac78d} - "J:\HPLauncher.exe"
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2352832 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe [763416 2017-07-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-05-10] (Seagate Technology LLC)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4295360 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Polar Sync] => *:\program files\polar\polar sync\********************************************************************************************************************************************************************** (Der Dateneintrag hat 59 mehr Zeichen).
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\MountPoints2: {be3b4032-83bd-11e6-bf7a-fcf8ae9ac78d} - "I:\start-win.exe"
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-05-18] (Garmin Ltd. or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2014-02-11]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Motion Control.lnk [2014-02-11]
ShortcutTarget: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe ()
Startup: C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZenMate.bat [2017-08-13] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2be6f6e2-00a5-4ce8-95ef-87a8efc7ebb5}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3a45b7cf-7020-4447-8c63-994d33d62839}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=625119&clcid=0x419
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=625119&clcid=0x419
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U280DF&PC=U280&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> {26B3CAA3-DAC0-4C35-B5A8-06D7ABF7F9C4} URL =
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> {26B3CAA3-DAC0-4C35-B5A8-06D7ABF7F9C4} URL =
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-19] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-19] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-12-15] (DVDVideoSoft Ltd.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-07-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle Corporation)
BHO-x32: IE 4.x-6.x BHO for Download Master -> {9961627E-4059-41B4-8E0E-A7D6B3854ADF} -> C:\Program Files (x86)\Download Master\dmiehlp.dll [2014-12-29] (WestByte)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-07-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2016-01-19] (DVDVideoSoft Ltd.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-04-05] (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\genas_000\AppData\Roaming\Mozilla\Firefox\Profiles\30yofb6a.default-1460833065739 [2017-09-06]
FF Extension: (SaveFrom.net helper) - C:\Users\genas_000\AppData\Roaming\Mozilla\Firefox\Profiles\30yofb6a.default-1460833065739\Extensions\helper-sig@savefrom.net.xpi [2017-07-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-08-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-27] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-07-13] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-27] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\CanonBJ\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-04] (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-07-19] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-08-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-07-13] (Adobe Systems)
FF Plugin-x32: Sony Corporation/PMCADownloader -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\npPMCADownloader.dll [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderHelper -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\PMCADownloaderHelper.exe [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderLib -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\PMCADownloaderLib.dll [2012-10-17] (Sony Network Entertainment International LLC)
Chrome:
=======
CHR HomePage: Default -> bing.com/?pc=__PARAM__
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default [2017-09-10]
CHR Extension: (Google Präsentationen) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-12]
CHR Extension: (Google Docs) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-12]
CHR Extension: (Google Drive) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-12]
CHR Extension: (YouTube) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-12]
CHR Extension: (Adobe Acrobat) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-12]
CHR Extension: (Google Tabellen) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-12]
CHR Extension: (Google Docs Offline) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-12]
CHR Extension: (Skype) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-01-12]
CHR Extension: (Bing) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfedoihopcjdfjihhhojdclnfdgomdho [2017-01-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-12]
CHR Extension: (PlayMemories Camera Apps Downloader) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlghnkgcadghcdodlcjfhogekonhdei [2017-01-12]
CHR Extension: (Google Mail) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-12]
CHR Extension: (Chrome Media Router) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-12]
CHR HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-07-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-07-13] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [5017224 2017-06-23] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [3328112 2017-06-08] (G Data Software AG)
S2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
S2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3705536 2017-07-03] (Microsoft Corporation)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [432528 2013-04-17] (Nuance Communications, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [437224 2016-10-27] (Digital Wave Ltd.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2017-07-06] () [Datei ist nicht signiert]
S3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1458368 2016-06-09] (Disc Soft Ltd)
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1093136 2017-05-18] (Garmin Ltd. or its subsidiaries)
S3 GDBackupSvc; C:\Program Files (x86)\G Data\InternetSecurity\AVKBackup\AVKBackupService.exe [3997160 2017-06-23] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3419552 2017-06-08] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [884328 2017-06-08] (G DATA Software AG)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] ()
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-06-05] (Lenovo Group Limited)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-09] (Intel Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-08-16] () [Datei ist nicht signiert]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NuTCRACKERService; C:\WINDOWS\system32\nutsrv4.exe [574776 2012-10-12] (MKS Software Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16120 2017-05-10] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143560 2017-05-10] (Seagate Technology LLC)
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [35272 2016-05-04] (SHAREit Technologies Co.Ltd)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 SurfEasyVPN; C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe [1663368 2017-03-14] ()
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-06-09] ()
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-08-01] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 dcrypt; C:\WINDOWS\System32\drivers\dcrypt.sys [210632 2014-07-09] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-09-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-09-26] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] ()
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [109568 2013-01-25] (Huawei Technologies Co., Ltd.)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [200728 2017-08-13] (G Data Software AG)
R3 gddcd; C:\WINDOWS\System32\drivers\gddcd64.sys [79872 2015-03-23] (G Data Software AG)
R1 gddcv; C:\WINDOWS\System32\drivers\gddcv64.sys [59904 2015-03-23] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2017-02-20] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [46104 2017-08-13] (G Data Software AG)
R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [38984 2017-08-13] (G DATA Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [309784 2017-08-13] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [162328 2017-08-13] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [86584 2017-08-13] (G DATA Software AG)
S3 GRD; C:\WINDOWS\system32\drivers\GRD.sys [125640 2017-09-10] (G Data Software)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [157720 2017-08-13] (G Data Software AG)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [121728 2013-12-10] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\system32\DRIVERS\ew_wwanecm.sys [376704 2013-12-10] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-09-08] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-10] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-10] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-10] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.)
S3 MosIrUsb; C:\WINDOWS\System32\drivers\MosIrUsb.sys [27648 2007-10-11] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3776792 2015-06-22] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_e512e33140587627\nvlddmkm.sys [14841784 2017-04-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-05-03] (NVIDIA Corporation)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [759552 2015-09-21] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-16] (Realtek Semiconductor Corp.)
S3 SD11CL64; C:\WINDOWS\system32\DRIVERS\SD11CL64.sys [96512 2011-01-24] (SCM Microsystems Inc.)
S3 SDI01164; C:\WINDOWS\system32\DRIVERS\SDI01164.SYS [75904 2011-01-24] (SCM Microsystems Inc.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2017-03-21] (Anchorfree Inc.)
R0 TS4NT; C:\WINDOWS\System32\Drivers\TS4nt.sys [98760 2015-03-23] (G Data Software)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-09-10] ()
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
U3 dmwappushsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-10 22:21 - 2017-09-10 22:21 - 000000000 ____D C:\Users\Gena_2\Downloads\TB
2017-09-10 22:20 - 2017-09-10 22:20 - 000094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-09-10 21:54 - 2017-09-10 22:09 - 000009982 _____ C:\Users\Gena_2\Downloads\Fixlog.txt
2017-09-10 21:54 - 2017-09-10 21:54 - 000001801 _____ C:\Users\Gena_2\Downloads\fixlist.txt
2017-09-10 21:50 - 2017-09-10 22:20 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2017-09-10 15:38 - 2017-09-10 15:38 - 007091575 _____ C:\Users\Gena_2\Downloads\Локхарт Джош - Современный PHP.pdf
2017-09-10 15:37 - 2017-09-10 15:37 - 003311064 _____ (BitTorrent Inc.) C:\Users\Gena_2\Downloads\BitTorrent.exe
2017-09-10 15:30 - 2017-09-10 15:30 - 000000020 _____ C:\Users\Gena_2\Downloads\pass.txt
2017-09-10 15:16 - 2017-09-10 15:16 - 000277555 _____ C:\Users\Gena_2\Downloads\Specialist.ru_94_in_1.torrent
2017-09-10 15:15 - 2017-09-10 15:32 - 2097152000 _____ C:\Users\Gena_2\Downloads\Python_Jango.part2.rar
2017-09-10 15:15 - 2017-09-10 15:22 - 511922197 _____ C:\Users\Gena_2\Downloads\Python_Jango.part3.rar
2017-09-10 15:14 - 2017-09-10 15:30 - 2097152000 _____ C:\Users\Gena_2\Downloads\Python_Jango.part1.rar
2017-09-10 14:58 - 2017-09-10 21:52 - 002396672 _____ (Farbar) C:\Users\Gena_2\Downloads\FRST64.exe
2017-09-10 14:58 - 2017-09-10 21:52 - 000000000 ____D C:\Users\Gena_2\Downloads\FRST-OlderVersion
2017-09-10 14:51 - 2017-09-10 22:20 - 000000022 _____ C:\WINDOWS\S.dirmngr
2017-09-10 14:32 - 2017-09-10 14:37 - 000000000 ____D C:\AdwCleaner
2017-09-10 14:29 - 2017-09-10 14:32 - 008182736 _____ (Malwarebytes) C:\Users\Gena_2\Downloads\adwcleaner_7.0.2.1.exe
2017-09-09 23:01 - 2017-09-09 23:04 - 390343134 _____ C:\Users\Gena_2\Downloads\2012_[www.youryoga.org].AVI
2017-09-09 21:57 - 2017-09-09 22:03 - 000130884 _____ C:\TDSSKiller.3.1.0.15_09.09.2017_21.57.24_log.txt
2017-09-09 21:54 - 2017-09-09 21:57 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Gena_2\Downloads\tdsskiller.exe
2017-09-09 21:45 - 2017-09-10 22:23 - 000040786 _____ C:\Users\Gena_2\Downloads\FRST.txt
2017-09-09 21:45 - 2017-09-10 15:05 - 000072380 _____ C:\Users\Gena_2\Downloads\Addition.txt
2017-09-08 23:26 - 2017-09-08 23:26 - 000000000 ____D C:\Users\Gena_2\Desktop\txt
2017-09-08 22:11 - 2017-09-08 22:11 - 000001456 _____ C:\Users\Gena_2\Desktop\Start Tor Browser.lnk
2017-09-08 21:56 - 2017-09-10 21:55 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-08 21:56 - 2017-09-10 14:51 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-08 21:56 - 2017-09-10 14:51 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-08 21:56 - 2017-09-10 14:51 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-08 21:56 - 2017-09-08 21:56 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-08 21:56 - 2017-09-08 21:56 - 000001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-08 21:56 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-08 21:55 - 2017-09-08 21:55 - 066347240 _____ (Malwarebytes ) C:\Users\Gena_2\Downloads\mb3-setup-consumer-3.2.2.2018.exe
2017-09-08 21:33 - 2017-09-08 21:47 - 000079617 _____ C:\Users\genas_000\Downloads\Addition.txt
2017-09-08 21:32 - 2017-09-10 22:23 - 000000000 ____D C:\FRST
2017-09-08 21:32 - 2017-09-08 21:45 - 000100731 _____ C:\Users\genas_000\Downloads\FRST.txt
2017-09-08 21:29 - 2017-09-08 21:32 - 002395648 _____ (Farbar) C:\Users\genas_000\Downloads\FRST64.exe
2017-09-08 21:20 - 2017-09-08 21:20 - 007178424 _____ (VS Revo Group ) C:\Users\genas_000\Downloads\revosetup_v2.0.3.exe
2017-09-08 21:05 - 2017-09-08 21:05 - 000000970 _____ C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-09-08 21:05 - 2017-09-08 21:05 - 000000922 _____ C:\Users\genas_000\Desktop\Start Tor Browser.lnk
2017-09-08 21:04 - 2017-09-08 21:05 - 000000000 ____D C:\Users\genas_000\Desktop\Tor Browser
2017-09-08 15:57 - 2017-09-08 15:57 - 000007290 _____ C:\Users\Gena_2\AppData\Local\recently-used.xbel
2017-09-08 15:57 - 2017-09-08 15:57 - 000000037 _____ C:\Users\Gena_2\.gtk-bookmarks
2017-09-07 19:59 - 2017-09-10 22:20 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2017-09-06 16:22 - 2017-09-06 20:25 - 001314861 _____ () C:\hoe.dll
2017-09-06 16:01 - 2017-09-06 16:01 - 000002447 _____ C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-04 20:54 - 2017-09-04 20:54 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign24b0aab944a0f2f8
2017-09-04 20:53 - 2017-09-04 20:53 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign7e4b5e0ba9a3c64c
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignfed5aacc0dc13da6
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign41a2d2e3a16ca90a
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign0ce8cd98bb0e703f
2017-09-03 19:24 - 2017-09-03 19:24 - 000184837 _____ C:\Users\Gena_2\Documents\Paracelsus-Versand.pdf
2017-09-02 23:31 - 2017-09-02 23:31 - 001781226 _____ C:\Users\Gena_2\Documents\Ahnenblatt-Handbuch.pdf
2017-09-02 20:38 - 2017-09-06 21:16 - 000000000 ____D C:\Users\Gena_2\Documents\Ahnenblatt
2017-09-02 20:38 - 2017-09-06 19:22 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 20:38 - 000000000 ____D C:\Users\genas_000\AppData\Roaming\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000001175 _____ C:\Users\Public\Desktop\Ahnenblatt.lnk
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\Users\genas_000\Documents\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\Program Files (x86)\Ahnenblatt
2017-09-02 16:59 - 2017-09-02 16:59 - 007164912 _____ (Dirk Böttcher ) C:\Users\Gena_2\Downloads\absetup.exe
2017-08-24 18:54 - 2017-08-24 18:54 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2017-08-24 18:54 - 2017-08-24 18:54 - 000002220 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2017-08-22 21:09 - 2017-09-10 22:20 - 000034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-08-19 13:15 - 2017-08-19 13:15 - 000000000 ____D C:\Users\genas_000\AppData\Local\keepassx
2017-08-19 13:14 - 2017-08-19 13:14 - 000000000 ____D C:\Users\Gena_2\Downloads\KeePassX-2.0.3
2017-08-19 13:12 - 2017-08-19 13:12 - 000000801 _____ C:\Users\Gena_2\Downloads\KeePassX-2.0.3.zip.sig
2017-08-19 11:38 - 2017-08-24 21:06 - 000000000 ____D C:\Users\Gena_2\Downloads\windows
2017-08-14 18:28 - 2017-08-14 18:28 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign1b4a29de636be42f
2017-08-14 18:23 - 2017-08-14 18:23 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignc0bab0ec0cf11e06
2017-08-14 18:17 - 2017-08-14 18:17 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign991be756ff36d9ed
2017-08-14 18:16 - 2017-08-14 18:16 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignad11cc61bf043d49
2017-08-14 18:16 - 2017-08-14 18:16 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsigna9351cf5d5af130d
2017-08-14 18:15 - 2017-08-14 18:15 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign880927f307097e96
2017-08-14 18:15 - 2017-08-14 18:15 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign68131fe99be3bf8d
2017-08-13 12:46 - 2017-08-13 12:46 - 001781359 _____ (pendrivelinux.com) C:\Users\Gena_2\Downloads\Universal-USB-Installer.exe
2017-08-13 12:17 - 2017-09-10 14:46 - 000125640 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2017-08-13 12:17 - 2017-08-13 12:17 - 000037544 _____ (G DATA Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000086584 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000046104 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBB64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000038984 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000002102 _____ C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2017-08-13 10:45 - 2017-08-13 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2017-08-13 10:43 - 2017-08-13 10:43 - 000309784 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000200728 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000162328 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000157720 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2017-08-13 10:35 - 2017-08-13 10:36 - 014890128 _____ (G DATA Software AG) C:\Users\Gena_2\Downloads\GDATA_INTERNETSECURITY_WEB_WEU.exe
2017-08-13 00:19 - 2017-08-13 00:19 - 001781359 _____ (pendrivelinux.com) C:\Users\genas_000\Downloads\Universal-USB-Installer.exe
2017-08-13 00:16 - 2017-08-13 00:16 - 000506984 _____ C:\Users\Gena_2\Documents\GDataSettings.gds
2017-08-12 23:22 - 2017-08-12 23:22 - 000459593 _____ C:\Users\Gena_2\Downloads\tails-signing.key
2017-08-12 22:30 - 2017-09-08 21:55 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\gnupg
2017-08-12 22:30 - 2017-08-12 22:33 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\.kde
2017-08-12 22:30 - 2017-08-12 22:30 - 000002063 _____ C:\Users\Public\Desktop\Kleopatra.lnk
2017-08-12 22:30 - 2017-08-12 22:30 - 000001203 _____ C:\Users\Public\Desktop\GPA.lnk
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\Users\Public\Desktop\Документация Gpg4win
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\Users\Gena_2\AppData\Local\GNU
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gpg4win
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\Users\genas_000\AppData\Roaming\gnupg
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\ProgramData\GNU
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\Program Files (x86)\GNU
2017-08-12 21:20 - 2017-08-12 21:20 - 054531880 _____ C:\Users\Gena_2\Downloads\torbrowser-install-7.0.4_ru.exe
2017-08-12 20:47 - 2017-08-12 20:47 - 018239617 _____ C:\Users\Gena_2\Downloads\i2pinstall_0.9.31_windows.exe
2017-08-12 20:07 - 2017-08-12 20:07 - 018583016 _____ (freenetproject.org ) C:\Users\Gena_2\Downloads\FreenetInstaller-1478.exe
2017-08-12 18:22 - 2017-08-12 18:22 - 033954414 _____ C:\Users\Gena_2\Downloads\Bitmessage_x64_0.6.2.exe
2017-08-12 18:12 - 2017-08-12 18:12 - 001468831 _____ C:\Users\Gena_2\Downloads\dcrypt_1.1.846.118_src.zip
2017-08-12 18:12 - 2017-08-12 18:12 - 001001880 _____ (hxxp://diskcryptor.net/ ) C:\Users\Gena_2\Downloads\dcrypt_setup.exe
2017-08-12 18:12 - 2017-08-12 18:12 - 000000836 _____ C:\Users\genas_000\Desktop\DiskCryptor.lnk
2017-08-12 18:12 - 2017-08-12 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCryptor
2017-08-12 18:12 - 2017-08-12 18:12 - 000000000 ____D C:\Program Files\dcrypt
2017-08-12 18:12 - 2014-07-09 10:42 - 000210632 _____ C:\WINDOWS\system32\Drivers\dcrypt.sys
2017-08-12 16:57 - 2017-08-13 01:11 - 000000000 ____D C:\Users\Gena_2\AppData\Local\ZenMate
2017-08-12 16:57 - 2017-08-13 00:53 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZenGuard GmbH
2017-08-12 16:57 - 2017-08-12 16:57 - 000000000 ____D C:\Users\Gena_2\AppData\Local\SquirrelTemp
2017-08-12 16:57 - 2017-08-12 16:57 - 000000000 ____D C:\Users\Gena_2\AppData\Local\IsolatedStorage
2017-08-12 16:47 - 2017-08-12 16:47 - 014932432 _____ (AnchorFree Inc.) C:\Users\Gena_2\Downloads\HotspotShield-6.9.2-9040555.exe
2017-08-12 15:25 - 2017-08-12 15:25 - 083516376 _____ (GitHub, Inc.) C:\Users\Gena_2\Downloads\GitHubDesktopSetup.exe
2017-08-12 14:34 - 2017-08-12 14:34 - 023584794 _____ (Tox) C:\Users\Gena_2\Downloads\setup-qtox64-1.11.0.exe
2017-08-11 23:06 - 2017-08-11 23:06 - 006492712 _____ C:\Users\Gena_2\Downloads\BleachBit-1.12-setup.exe
2017-08-11 21:34 - 2017-08-19 13:12 - 007941944 _____ C:\Users\Gena_2\Downloads\KeePassX-2.0.3.zip
2017-08-11 19:39 - 2017-08-12 18:09 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_setup.exe.asc
2017-08-11 19:39 - 2017-08-11 19:39 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_winpe.zip.asc
2017-08-11 19:39 - 2017-08-11 19:39 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_1.1.846.118_src.zip.asc
2017-08-11 19:09 - 2017-08-01 21:21 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-11 19:09 - 2017-08-01 21:20 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-08-11 19:09 - 2017-08-01 20:32 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-11 19:09 - 2017-08-01 20:27 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-08-11 19:09 - 2017-08-01 20:27 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-08-11 19:09 - 2017-08-01 19:20 - 002264344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-11 19:09 - 2017-08-01 19:20 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-08-11 19:09 - 2017-08-01 19:20 - 000781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-11 19:09 - 2017-08-01 19:20 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000577976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000339896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000266080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-11 19:09 - 2017-08-01 19:19 - 000120416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-11 19:09 - 2017-08-01 19:18 - 000139104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-11 19:09 - 2017-08-01 19:16 - 006665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-11 19:09 - 2017-08-01 19:16 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-08-11 19:09 - 2017-08-01 19:16 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-08-11 19:09 - 2017-08-01 19:10 - 000306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-08-11 19:09 - 2017-08-01 19:07 - 005686784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-11 19:09 - 2017-08-01 18:59 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-11 19:09 - 2017-08-01 18:58 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-08-11 19:09 - 2017-08-01 18:56 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-08-11 19:09 - 2017-08-01 18:56 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-08-11 19:09 - 2017-08-01 18:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-11 19:09 - 2017-08-01 18:54 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-08-11 19:09 - 2017-08-01 18:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-08-11 19:09 - 2017-08-01 18:54 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-11 19:09 - 2017-08-01 18:53 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-08-11 19:09 - 2017-08-01 18:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2017-08-11 19:09 - 2017-08-01 18:52 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-11 19:09 - 2017-08-01 18:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-11 19:09 - 2017-08-01 18:50 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-08-11 19:09 - 2017-08-01 18:49 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-11 19:09 - 2017-08-01 18:48 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-08-11 19:09 - 2017-08-01 18:48 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-08-11 19:09 - 2017-08-01 18:45 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-08-11 19:09 - 2017-08-01 18:45 - 001985536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certmgr.dll
2017-08-11 19:09 - 2017-08-01 18:41 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-08-11 19:09 - 2017-08-01 18:39 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-11 19:09 - 2017-08-01 18:39 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-11 19:09 - 2017-08-01 18:38 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-08-11 19:09 - 2017-08-01 18:37 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comuid.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-08-11 19:09 - 2017-08-01 18:36 - 007468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-08-11 19:09 - 2017-08-01 18:35 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-08-11 19:09 - 2017-08-01 18:33 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-08-11 19:09 - 2017-08-01 18:32 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-08-11 19:09 - 2017-08-01 18:32 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-08-11 19:09 - 2017-08-01 18:31 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 002997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-11 19:09 - 2017-08-01 18:30 - 002482688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-08-11 19:09 - 2017-08-01 18:29 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-08-11 19:09 - 2017-08-01 18:28 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-11 19:09 - 2017-07-12 08:17 - 000081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-08-11 19:09 - 2017-07-12 08:15 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-08-11 19:09 - 2017-07-12 08:12 - 001573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-08-11 19:09 - 2017-07-12 08:01 - 000715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-08-11 19:09 - 2017-07-12 08:00 - 000095584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2017-08-11 19:09 - 2017-07-12 07:56 - 000277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-11 19:09 - 2017-07-12 07:55 - 000607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-08-11 19:09 - 2017-07-12 07:55 - 000111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-08-11 19:09 - 2017-07-12 07:52 - 004312760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-08-11 19:09 - 2017-07-12 07:35 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dabapi.dll
2017-08-11 19:09 - 2017-07-12 07:32 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2017-08-11 19:09 - 2017-07-12 07:32 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\frprov.dll
2017-08-11 19:09 - 2017-07-12 07:31 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-11 19:09 - 2017-07-12 07:31 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2017-08-11 19:09 - 2017-07-12 07:30 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2017-08-11 19:09 - 2017-07-12 07:29 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-08-11 19:09 - 2017-07-12 07:29 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\httpapi.dll
2017-08-11 19:09 - 2017-07-12 07:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-08-11 19:09 - 2017-07-12 07:24 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys
2017-08-11 19:09 - 2017-07-12 07:23 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-11 19:09 - 2017-07-12 07:23 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-08-11 19:09 - 2017-07-12 07:21 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-11 19:09 - 2017-07-12 07:21 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2017-08-11 19:09 - 2017-07-12 07:19 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-08-11 19:09 - 2017-07-12 07:18 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-08-11 19:09 - 2017-07-12 07:15 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-11 19:09 - 2017-07-12 07:15 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsium.dll
2017-08-11 19:09 - 2017-07-12 07:14 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-11 19:09 - 2017-07-12 07:13 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-11 19:09 - 2017-07-12 07:12 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-08-11 19:09 - 2017-07-12 07:11 - 002154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-08-11 19:09 - 2017-07-12 07:10 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-11 19:09 - 2017-07-12 07:10 - 000546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-08-11 19:09 - 2017-07-12 07:09 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-08-11 19:09 - 2017-07-12 07:07 - 001572352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-08-11 19:09 - 2017-07-12 07:05 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-11 19:09 - 2017-07-12 04:49 - 000448629 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-08-11 19:09 - 2017-03-04 08:05 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-08-11 19:08 - 2017-08-01 21:32 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-08-11 19:08 - 2017-08-01 21:31 - 007780192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-11 19:08 - 2017-08-01 21:29 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-11 19:08 - 2017-08-01 21:27 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-11 19:08 - 2017-08-01 21:25 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-08-11 19:08 - 2017-08-01 21:22 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-08-11 19:08 - 2017-08-01 21:22 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 002759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-11 19:08 - 2017-08-01 21:21 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-08-11 19:08 - 2017-08-01 21:21 - 000295264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-08-11 19:08 - 2017-08-01 21:21 - 000124072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 000026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-08-11 19:08 - 2017-08-01 21:20 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000684344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000383776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000144736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-11 19:08 - 2017-08-01 21:20 - 000079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-11 19:08 - 2017-08-01 21:18 - 008169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 004260064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 022220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-08-11 19:08 - 2017-08-01 21:13 - 002532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-11 19:08 - 2017-08-01 21:13 - 001102176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-08-11 19:08 - 2017-08-01 21:13 - 000387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-11 19:08 - 2017-08-01 21:01 - 007218176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-11 19:08 - 2017-08-01 20:57 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-08-11 19:08 - 2017-08-01 20:54 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-11 19:08 - 2017-08-01 20:53 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 022569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-11 19:08 - 2017-08-01 20:51 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-11 19:08 - 2017-08-01 20:50 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-11 19:08 - 2017-08-01 20:48 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-08-11 19:08 - 2017-08-01 20:48 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-08-11 19:08 - 2017-08-01 20:48 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-11 19:08 - 2017-08-01 20:47 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-08-11 19:08 - 2017-08-01 20:46 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-11 19:08 - 2017-08-01 20:46 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-11 19:08 - 2017-08-01 20:45 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-11 19:08 - 2017-08-01 20:44 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-11 19:08 - 2017-08-01 20:44 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-11 19:08 - 2017-08-01 20:42 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-11 19:08 - 2017-08-01 20:42 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-11 19:08 - 2017-08-01 20:41 - 002222080 _____ (Microsoft Corporation) C:\WINDOWS\system32\certmgr.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 001281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-11 19:08 - 2017-08-01 20:38 - 013441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-08-11 19:08 - 2017-08-01 20:38 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-08-11 19:08 - 2017-08-01 20:37 - 013091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-11 19:08 - 2017-08-01 20:36 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-11 19:08 - 2017-08-01 20:36 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-08-11 19:08 - 2017-08-01 20:35 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-11 19:08 - 2017-08-01 20:34 - 001837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-08-11 19:08 - 2017-08-01 20:32 - 008114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-11 19:08 - 2017-08-01 20:32 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-08-11 19:08 - 2017-08-01 20:32 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 004743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-11 19:08 - 2017-08-01 20:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-08-11 19:08 - 2017-08-01 20:28 - 001490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 008076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-08-11 19:08 - 2017-08-01 20:26 - 001513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-11 19:08 - 2017-08-01 20:26 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-08-11 19:08 - 2017-08-01 20:25 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-08-11 19:08 - 2017-08-01 20:24 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-08-11 19:08 - 2017-08-01 20:23 - 003615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-11 19:08 - 2017-08-01 20:23 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-08-11 19:08 - 2017-08-01 18:51 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-11 19:08 - 2017-08-01 18:47 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-08-11 19:08 - 2017-08-01 18:47 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-11 19:08 - 2017-08-01 18:42 - 018364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-11 19:08 - 2017-08-01 18:40 - 019415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-11 19:08 - 2017-08-01 18:40 - 012187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-11 19:08 - 2017-08-01 18:37 - 012349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-08-11 19:08 - 2017-08-01 18:33 - 006031872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-11 19:08 - 2017-08-01 18:31 - 003664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-11 19:08 - 2017-07-12 08:16 - 000646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-08-11 19:08 - 2017-07-12 08:15 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-11 19:08 - 2017-07-12 08:15 - 000101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll
2017-08-11 19:08 - 2017-07-12 08:14 - 001886896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-08-11 19:08 - 2017-07-12 08:13 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-11 19:08 - 2017-07-12 08:12 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-11 19:08 - 2017-07-12 08:09 - 001181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-08-11 19:08 - 2017-07-12 08:02 - 002186592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-11 19:08 - 2017-07-12 08:02 - 000402776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-08-11 19:08 - 2017-07-12 08:01 - 000156000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2017-08-11 19:08 - 2017-07-12 08:00 - 000223072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-08-11 19:08 - 2017-07-12 08:00 - 000160608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2017-08-11 19:08 - 2017-07-12 07:59 - 001100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-08-11 19:08 - 2017-07-12 07:59 - 000989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-08-11 19:08 - 2017-07-12 07:59 - 000947040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-08-11 19:08 - 2017-07-12 07:59 - 000857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-08-11 19:08 - 2017-07-12 07:59 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-08-11 19:08 - 2017-07-12 07:55 - 004674872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-08-11 19:08 - 2017-07-12 07:25 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2017-08-11 19:08 - 2017-07-12 07:24 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2017-08-11 19:08 - 2017-07-12 07:24 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dabapi.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-08-11 19:08 - 2017-07-12 07:23 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-08-11 19:08 - 2017-07-12 07:23 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\frprov.dll
2017-08-11 19:08 - 2017-07-12 07:22 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2017-08-11 19:08 - 2017-07-12 07:20 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpapi.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-11 19:08 - 2017-07-12 07:17 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-08-11 19:08 - 2017-07-12 07:17 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-08-11 19:08 - 2017-07-12 07:16 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-08-11 19:08 - 2017-07-12 07:16 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-11 19:08 - 2017-07-12 07:15 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-08-11 19:08 - 2017-07-12 07:13 - 001478656 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-11 19:08 - 2017-07-12 07:12 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-11 19:08 - 2017-07-12 07:12 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-08-11 19:08 - 2017-07-12 07:12 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsium.dll
2017-08-11 19:08 - 2017-07-12 07:11 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-11 19:08 - 2017-07-12 07:10 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-11 19:08 - 2017-07-12 07:09 - 003291136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-08-11 19:08 - 2017-07-12 07:08 - 002861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-08-11 19:08 - 2017-07-12 07:07 - 000954880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-11 19:08 - 2017-07-12 07:07 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-08-11 19:08 - 2017-07-12 07:03 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-11 19:08 - 2017-07-12 07:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-11 19:08 - 2017-07-12 07:02 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-11 19:08 - 2017-07-12 07:01 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-11 19:08 - 2017-07-12 07:01 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-08-11 19:08 - 2017-07-12 07:00 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-08-11 19:08 - 2017-07-12 06:59 - 006664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-08-11 19:08 - 2017-07-12 06:59 - 002318336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-11 19:08 - 2017-07-12 06:59 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 001130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-11 19:08 - 2017-07-12 06:57 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-11 19:08 - 2017-07-12 06:56 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-08-11 19:08 - 2017-03-04 08:57 - 000372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-08-11 19:08 - 2017-03-04 08:16 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-08-11 19:08 - 2017-03-04 08:14 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-08-11 19:08 - 2017-03-04 08:07 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-08-11 19:08 - 2017-03-04 08:05 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-08-11 19:08 - 2016-08-02 10:13 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-11 19:01 - 2016-09-07 07:24 - 000057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-08-11 18:50 - 2017-09-08 21:04 - 054567688 _____ C:\Users\Gena_2\Downloads\torbrowser-install-7.0.4_de.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-10 22:22 - 2016-09-13 21:35 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-10 22:21 - 2016-09-17 14:50 - 000000000 ____D C:\Users\Gena_2\Documents\Outlook-Dateien
2017-09-10 22:21 - 2014-07-22 18:47 - 000000000 ____D C:\Users\genas_000\Documents\Outlook-Dateien
2017-09-10 22:20 - 2016-09-13 21:34 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-09-10 22:20 - 2016-07-17 00:51 - 001594806 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-10 22:20 - 2016-07-17 00:51 - 001102150 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-10 22:20 - 2016-05-27 13:54 - 000000000 ___RD C:\Users\Gena_2\Creative Cloud Files
2017-09-10 22:20 - 2015-08-07 21:06 - 005886828 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-10 22:20 - 2014-07-23 21:46 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Adobe
2017-09-10 22:20 - 2014-07-23 17:42 - 000000000 __SHD C:\Users\Gena_2\IntelGraphicsProfiles
2017-09-10 22:19 - 2016-09-13 21:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-10 22:19 - 2016-07-16 08:04 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2017-09-10 21:59 - 2016-11-16 19:56 - 000274091 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-09-10 21:54 - 2016-04-09 13:31 - 000000000 ____D C:\Users\genas_000\AppData\Local\CrashDumps
2017-09-10 21:52 - 2016-07-16 08:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-09-10 17:13 - 2016-09-13 21:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-08 15:57 - 2016-09-13 21:36 - 000000000 ____D C:\Users\Gena_2
2017-09-08 15:57 - 2015-03-07 17:49 - 000000000 ____D C:\Users\Gena_2\AppData\Local\gtk-2.0
2017-09-06 19:51 - 2016-12-20 23:21 - 000000000 ____D C:\Users\genas_000\AppData\LocalLow\Mozilla
2017-09-06 16:06 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-06 16:01 - 2017-07-23 12:18 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4288807228-2172792055-1580508024-1002
2017-09-06 16:01 - 2014-07-23 17:23 - 000000000 __RDO C:\Users\genas_000\OneDrive
2017-09-06 15:59 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-06 15:54 - 2014-07-23 17:58 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\DAEMON Tools Lite
2017-09-06 15:50 - 2017-05-24 21:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-06 15:50 - 2014-07-22 16:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-04 21:02 - 2016-09-25 23:00 - 000332800 ___SH C:\Users\Gena_2\Desktop\Thumbs.db
2017-09-01 23:29 - 2014-07-23 21:11 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-09-01 21:43 - 2016-11-24 19:07 - 000000000 ____D C:\Users\Gena_2\AppData\LocalLow\Mozilla
2017-08-29 15:45 - 2015-12-03 11:46 - 000002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-29 15:45 - 2015-12-03 11:46 - 000002223 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-27 14:07 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-27 14:07 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-27 14:06 - 2014-08-24 11:17 - 000000000 ____D C:\Users\genas_000\AppData\Local\Adobe
2017-08-24 21:11 - 2014-07-22 13:17 - 000000000 ____D C:\Users\genas_000\AppData\Local\Packages
2017-08-24 18:54 - 2015-03-07 17:33 - 000000000 ____D C:\Program Files (x86)\Google
2017-08-23 17:40 - 2014-07-23 17:42 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Packages
2017-08-19 11:57 - 2016-04-09 13:41 - 000000000 ____D C:\Users\Gena_2\AppData\Local\CrashDumps
2017-08-15 21:10 - 2017-05-21 16:23 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Garmin
2017-08-13 10:48 - 2014-08-07 17:32 - 000000000 ____D C:\ProgramData\G Data
2017-08-13 10:42 - 2016-07-16 13:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-08-13 10:42 - 2014-08-07 17:33 - 000000000 ____D C:\Program Files (x86)\G Data
2017-08-13 00:24 - 2016-09-13 21:36 - 000000000 ____D C:\Users\genas_000
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2017-08-13 00:17 - 2014-04-30 17:43 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-12 23:54 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF
2017-08-12 15:55 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\rescache
2017-08-12 11:16 - 2016-11-06 19:08 - 000000000 ____D C:\Users\Lilia
2017-08-12 11:16 - 2016-09-13 21:36 - 000000000 ____D C:\Users\Gast
2017-08-12 11:15 - 2016-09-13 21:33 - 000341032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ___RD C:\Program Files\Windows Defender
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\Provisioning
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\bcastdvr
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-08-11 19:18 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-07-22 13:18 - 2014-07-23 16:52 - 000005244 _____ () C:\Users\genas_000\AppData\Roaming\AbsoluteReminder.xml
2014-08-07 17:33 - 2014-08-07 17:33 - 000000000 _____ () C:\Users\genas_000\AppData\Roaming\gdfw.log
2014-08-07 17:33 - 2017-08-13 10:43 - 000001558 _____ () C:\Users\genas_000\AppData\Roaming\gdscan.log
2006-12-11 19:13 - 2006-12-11 19:13 - 000097336 _____ (Un4seen Developments) C:\Users\genas_000\AppData\Local\bass.dll
2006-12-11 19:13 - 2006-12-11 19:13 - 000013872 _____ (Un4seen Developments) C:\Users\genas_000\AppData\Local\basscd.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 000102912 _____ (Albert L Faber) C:\Users\genas_000\AppData\Local\CDRip.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 000155136 _____ () C:\Users\genas_000\AppData\Local\lame_enc.dll
2007-01-18 21:09 - 2007-01-18 21:09 - 000623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\genas_000\AppData\Local\No23 Recorder.exe
2005-08-23 22:34 - 2005-08-23 22:34 - 000029184 _____ () C:\Users\genas_000\AppData\Local\no23xwrapper.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 000015872 _____ () C:\Users\genas_000\AppData\Local\ogg.dll
2014-10-08 15:02 - 2014-10-08 19:51 - 000001451 _____ () C:\Users\genas_000\AppData\Local\RecConfig.xml
2014-08-09 18:40 - 2016-09-17 16:47 - 000007598 _____ () C:\Users\genas_000\AppData\Local\Resmon.ResmonCfg
2006-10-26 01:06 - 2006-10-26 01:06 - 000143872 _____ () C:\Users\genas_000\AppData\Local\vorbis.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 000064000 _____ () C:\Users\genas_000\AppData\Local\vorbisenc.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 000019456 _____ () C:\Users\genas_000\AppData\Local\vorbisfile.dll
2016-09-13 21:35 - 2016-09-13 21:35 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-07-17 21:11 - 2017-07-18 13:10 - 000006299 _____ () C:\ProgramData\hpzinstall.log
2016-04-09 11:39 - 2016-04-09 11:39 - 000000016 _____ () C:\ProgramData\mntemp
2013-03-19 12:32 - 2013-03-19 12:32 - 000010011 _____ () C:\ProgramData\regid.2012-01.com.intel.discover-at_512FCF1B-3685-45F2-A1E9-63AEF7F79B35.swidtag
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-09-08 20:21
==================== Ende von FRST.txt ============================
|
|
10.09.2017, 21:32
| #15 |
| | Trojaner Verdacht, Win10 64bitCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 10-09-2017
durchgeführt von *************** (10-09-2017 22:24:38)
Gestartet von C:\Users\Gena_2\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-13 19:51:32)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4288807228-2172792055-1580508024-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4288807228-2172792055-1580508024-1012 - Limited - Enabled)
DefaultAccount (S-1-5-21-4288807228-2172792055-1580508024-503 - Limited - Disabled)
Gast (S-1-5-21-4288807228-2172792055-1580508024-501 - Limited - Disabled) => C:\Users\Gast
*************** (S-1-5-21-4288807228-2172792055-1580508024-1002 - Administrator - Enabled) => C:\Users\genas_000
Gena_2 (S-1-5-21-4288807228-2172792055-1580508024-1003 - Limited - Enabled) => C:\Users\Gena_2
HomeGroupUser$ (S-1-5-21-4288807228-2172792055-1580508024-1022 - Limited - Enabled)
Lilia (S-1-5-21-4288807228-2172792055-1580508024-1046 - Limited - Enabled) => C:\Users\Lilia
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.0 - Absolute Software)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.22 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.8 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.10.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Ahnenblatt 2.97a (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.97.2.1 - Dirk Bцttcher)
Amolto Call Recorder Premium for Skype (HKLM-x32\...\{69F36B84-256D-47CA-A4AC-D04083709434}) (Version: 2.6.1 - Amolto)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 381.65 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (HKLM\...\{1B6B17C2-176C-433C-93F3-640D12825426}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
AusweisApp2 (HKLM-x32\...\{8BC126FD-2F56-4B56-9363-54C3D0027BC6}) (Version: 1.10.1 - Governikus GmbH & Co. KG)
Benutzerhandbuch (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo) Hidden
BlackVue HD (HKLM-x32\...\BlackVueHD) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (HKLM-x32\...\{3D73DC7A-2D1D-45CF-8A67-24873925C716}) (Version: 3.00.0000 - Hewlett-Packard) Hidden
Brief Vorlagen (HKLM-x32\...\Brief Vorlagen_is1) (Version: - )
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )
Canon MX340 series - регистрация пользователя (HKLM-x32\...\Canon MX340 series - регистрация пользователя) (Version: - )
Canon MX340 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series) (Version: - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
CrystalDiskMark 5.1.2 (HKLM\...\CrystalDiskMark5_is1) (Version: 5.1.2 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0191 - Disc Soft Ltd)
DIG-CAD 4.0 (HKLM-x32\...\DIG-CAD 4.0) (Version: - )
DiskCryptor 1.1 (HKLM\...\DiskCryptor_is1) (Version: 1.1 - hxxp://diskcryptor.net/)
Download Master version 6.0.3.1433 (HKLM-x32\...\Download Master_is1) (Version: 6.0.3.1433 - WestByte)
Dragon Assistant Application de-DE Version 1.5.5 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.5 - Nuance Communications, Inc.)
Dragon Assistant Core Recognition Service Version 1.1.9 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.9 - Nuance Communications, Inc.)
Dragon Assistant Language Data de-DE Version 1.1.2 (HKLM-x32\...\{FB671668-9AAC-41DC-872B-627418FB62D5}_is1) (Version: 1.1.2 - Nuance Communications, Inc.)
Dragon Assistant Version 1.5.5 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.5 - Nuance Communications, Inc.)
Elevated Installer (HKLM-x32\...\{BA007E03-72AE-4D2D-8A73-FA4B935D4015}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo)
Exif-Viewer 2.51 (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
Free DVD Video Converter (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.65.823 - Digital Wave Ltd)
Free MP4 Video Converter version 5.0.54.1215 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.54.1215 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.54.1215 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.54.1215 - DVDVideoSoft Ltd.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.1.119 - DVDVideoSoft Ltd.)
FRITZ!Fernzugang (HKLM\...\{DD57CC22-8864-4CCA-94D4-600D024C1207}) (Version: 1.3.1 - AVM Berlin)
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.4.0.1 - G DATA Software AG)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{2f694ffe-66ec-4674-a32d-ec690281ca57}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{BCEE507D-8D49-40FF-B437-70E3B9C2D51C}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{198E262D-8C4F-4131-91C7-1F81FB8688F1}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Gpg4win (2.3.4) (HKLM-x32\...\GPG4Win) (Version: 2.3.4 - The Gpg4win Project)
Intel Anti-Theft Discovery App (HKLM-x32\...\{707248B9-2D34-4D77-A5C6-2A8A54848E5A}) (Version: 1.1.0.7 - Intel Corporation)
Intel Experience Center - Configuration (HKLM-x32\...\{C73A16B7-AC35-4262-9BAF-DA9B2039A563}) (Version: 1.9.0.8 - Intel) Hidden
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.91.55 - Huawei Technologies Co.,Ltd)
IsoBuster 3.9 (HKLM-x32\...\IsoBuster_is1) (Version: 3.9 - Smart Projects)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
KÜCHEN QUELLE 3D (HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\SquareClock_Production_Home_KQ_Web) (Version: - 3DVIA SAS)
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version: - )
L&H TTS3000 Espaсol (HKLM-x32\...\LHTTSSPE) (Version: - )
L&H TTS3000 Franзais (HKLM-x32\...\LHTTSFRF) (Version: - )
L&H TTS3000 Italiano (HKLM-x32\...\LHTTSITI) (Version: - )
L&H TTS3000 Portuguкs (Brasil) (HKLM-x32\...\LHTTSPTB) (Version: - )
L&H TTS3000 Russian (HKLM-x32\...\LHTTSRUR) (Version: - )
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10233 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo System Interface Foundation Driver (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.078.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0059 - Lenovo)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version: - )
Malwarebytes Version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7766.2099 - Microsoft Corporation)
Microsoft Office 365 ProPlus - ru-ru (HKLM\...\O365ProPlusRetail - ru-ru) (Version: 16.0.7766.2099 - Microsoft Corporation)
Microsoft Office Language Pack 2013 - Russian/русский (HKLM-x32\...\Office15.OMUI.ru-ru) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation)
Microsoft Outlook-Sicherung für Persönliche Ordner (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MKS Platform Components 9.x (HKLM\...\{30276636-0000-0905-9ABB-000BDB5CF35D}) (Version: 9.5.0000 - Mortice Kern Systems)
Motion Control (HKLM\...\Motion Control) (Version: 1.2.45.0 - Lenovo)
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Mp3tag v2.71 (HKLM-x32\...\Mp3tag) (Version: v2.71 - Florian Heidenreich)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
No23 Recorder (HKLM-x32\...\{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}) (Version: 2.1.0.3 - No23) Hidden
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.65 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0419-0000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PlayMemories Camera Apps Downloader (HKLM-x32\...\{5C42BF1B-4586-4711-81A7-8D0F890A6A31}) (Version: 1.2.0.13221 - Sony Corporation)
Polar ProTrainer (HKLM-x32\...\{DF7DBA84-0A55-11D6-A0A6-6A7573736972}) (Version: 5.40.170 - )
Polar WebLink 2.4.15 (HKLM-x32\...\{2734FEDB-7A24-4F15-AC5C-3EC00414D4CC}) (Version: 02.50.0006 - Polar Electro Oy)
QUIK (HKLM-x32\...\{519A413F-6A45-4A48-AC2E-4A9C94C8F98A}_is1) (Version: - СМВБ-Информационные технологии)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21229 - Realtek Semiconductor Corp.)
REALTEK DTV USB DEVICE (HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Remote Camera Control (HKLM-x32\...\{A32B85B2-5731-41E9-B431-3F4F5D6E664F}) (Version: 3.7.00000 - Sony Corporation)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Portable SSD T3 (HKLM-x32\...\Samsung Portable SSD T3_is1) (Version: 1.3 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
SDI011 dual interface reader (HKLM-x32\...\{D0ED9100-DFFB-482C-8DB6-C626264757BD}) (Version: 1.01 - SCM Microsystems)
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.7.1.1 - Seagate)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0100-0419-0000-0000000FF1CE}_Office15.OMUI.ru-ru_{DFA82E00-94E0-456C-B143-A2E1A90B1950}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.5.0.1160 - Lenovo)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 7.0.0.0 - Stellar Information Technology Pvt Ltd.)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
SurfEasy VPN 3.9.542 (HKLM-x32\...\SurfEasy VPN) (Version: 3.9.542 - SurfEasy Inc)
Sweet Home 3D version 5.1.1 (HKLM\...\Sweet Home 3D_is1) (Version: 5.1.1 - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Update for Skype for Business 2015 (KB4011046) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0419-0000-0000000FF1CE}_Office15.OMUI.ru-ru_{4948A05E-E21F-4A6F-BF2A-7D106E339C9B}) (Version: - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
Vibraimage8 Lite (HKLM-x32\...\{32B4ED86-7931-47CC-B62C-52C9CB739E6F}_is1) (Version: - ELSYS Corp.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WD Quick View (HKLM-x32\...\{2CE08B2D-856C-47D9-9F6A-BC691911BCD9}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{B11B695F-B5BF-4667-8291-682B3A73B5F8}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Засоби перевірки правопису Microsoft Office 2013 – Українська версія (HKLM-x32\...\{90150000-001F-0422-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2013 — русский (HKLM-x32\...\{90150000-001F-0419-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Энциклопедия Фэн-Шуй (HKLM-x32\...\{2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F}) (Version: 1.00.0000 - Агенство Вызов)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002_Classes\CLSID\{784D0A2D-A305-4E18-3208-A1915D75B970}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-6F9128BD414A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll => Keine Datei
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2015-04-15] ()
ContextMenuHandlers1: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G Data\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\GNU\GnuPG\bin\gpgex.dll [2017-07-06] (g10 Code GmbH)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers1: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} => -> Keine Datei
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers3: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G Data\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\GNU\GnuPG\bin\gpgex.dll [2017-07-06] (g10 Code GmbH)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers4: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} => -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-04-01] (NVIDIA Corporation)
ContextMenuHandlers5: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} => -> Keine Datei
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G Data\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G Data\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {039B2D62-D86C-4D71-A3E5-9E1EF9AE46C8} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {0A27731B-0644-4062-ADF0-0AFD83B598EA} - System32\Tasks\Gena_2 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {0BF03656-1B3D-4867-8112-51DBA6467FAD} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-06-09] ()
Task: {0FABADAA-5079-48C6-8A0A-0ABD016CC58F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {198E00EF-0EC1-4025-911B-5CE90632D071} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {2B2E2AD2-8AC9-4185-8305-4F24390A902B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-03] (Microsoft Corporation)
Task: {2F88D19A-556E-4BBC-905F-3FB0FDFEEC1C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-08-05] (Microsoft Corporation)
Task: {2FFF98D8-7ECF-4660-B437-0AE36010B04D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-03] (Google Inc.)
Task: {32A8A4BB-A436-4B23-8F55-0C8B032A1856} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-05-18] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3B8B8F6B-77BC-432C-B0FD-AFAD1F998184} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {3DDDA922-4DD7-4912-9AF7-455BDE6C560B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {3F6A34E4-8F62-4D86-A60B-03BD7575611D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e9420e5d-5bdd-4a24-a5a5-a9aa7ef83862 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {4563D974-856B-42C7-A4A8-73967ABCD319} - System32\Tasks\AdobeAAMUpdater-1.0-BigCom-Gena_2 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {48E9D8C9-2761-4284-B55B-24C8EFCA456C} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe
Task: {4AF6F6B4-2BF2-4311-8579-9136AEE95063} - System32\Tasks\Gena_2 DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2017-05-10] (Seagate Technology LLC)
Task: {4C4B59C3-B8BC-43E6-9CB9-17EF37989396} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-08-10] (Microsoft Corporation)
Task: {547ECDD4-8BA2-4948-959A-2427DB30601C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {56A4F296-4DBB-4BA0-9DBF-31A9EDBF6FF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-03] (Google Inc.)
Task: {66BE7478-3082-4773-A506-64305CE3D70A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {70323029-858D-4ADD-90A8-2E72B7A2E07E} - System32\Tasks\Gena_22 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {77973E8A-CCB9-466D-8AF3-B9E2F87DC3FC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {7A3C259E-E121-49E4-9755-A251DFE47278} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {7BC249EA-4E18-47DB-B476-41EECC852802} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\025dd0d5-e4e2-4cfd-8202-bfe3010559ac => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {8E6988D4-EC82-402A-BF59-9C8F0B09B9B2} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-06-09] ()
Task: {97E4A251-A276-4D50-9078-630F149BA7C5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {97ED358D-36C8-4036-A210-DBF1729CFEA2} - System32\Tasks\Gena_21 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {986DA129-70AE-4B81-A3A8-C2F4D410DF13} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {9BC2B296-270E-455D-8911-77C889224D35} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {9ED4E3EA-4A16-4189-95B9-4D3F28867A03} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {AC1E0504-321F-4E19-8A49-4C3D89897DA4} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-08-05] (Microsoft Corporation)
Task: {B01C72EC-F17E-4965-881F-3A5FDE96C3A7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\acc6e65b-a614-4b95-a550-993bd2677a4a => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {B0C360A4-A098-4E2E-ACB7-E1DDF62984E3} - System32\Tasks\*************** => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {C3A1E82E-B71D-4E9C-B517-FEE16711404B} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2017-05-10] (Seagate Technology LLC)
Task: {D40095DF-2C22-4518-A3C7-6F63CD89DC85} - System32\Tasks\*************** DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2017-05-10] (Seagate Technology LLC)
Task: {D80986EA-20E0-4142-9888-6046758FDCCA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {DF1FACA5-2092-4B69-9F91-14BBA48448AF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-08-05] (Microsoft Corporation)
Task: {E6F85229-2129-4888-92D2-5E851347D80B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {EF0B1B4C-C6E7-471A-9D7D-646B40C81902} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {F03C4032-D500-4CDA-BD1D-B1D6EE650267} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8740b1f0-d4c2-4cf1-969b-e9df59ea92ba => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {FE51E7E7-011F-47E8-BCF3-0595F5E3B458} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-03] (Microsoft Corporation)
Task: {FF1133FB-0247-4224-8FC2-0411588B726D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\genas_000\Desktop\Поиграй!.lnk -> C:\Program Files (x86)\Download Master\games.url () <==== Cyrillic
Shortcut: C:\Users\genas_000\Desktop\Энциклопедия Фэн-Шуй.lnk -> C:\Users\genas_000\AppData\Roaming\Microsoft\Installer\{2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F}\_35987B591D36_44F6_A1C6_DD3345589997.exe () <==== Cyrillic
Shortcut: C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Энциклопедия Фэн-Шуй\Энциклопедия Фэн-Шуй.lnk -> C:\Users\genas_000\AppData\Roaming\Microsoft\Installer\{2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F}\_35987B591D36_44F6_A1C6_DD3345589997.exe () <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive для бизнеса.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype для бизнеса 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\QUIK БКС.lnk -> C:\BCS_Work\QUIK_BCS\info.exe (ARQA Technologies) <==== Cyrillic
ShortcutWithArgument: C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Энциклопедия Фэн-Шуй\Удаление.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F} <==== Cyrillic
ShortcutWithArgument: C:\Users\Public\Desktop\Аура VI+.lnk -> C:\ELSYS\Vibraimage8Lite\Vibraimage.exe (ELSYS Corp.) -> -type DZ <==== Cyrillic
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-07-12 16:27 - 2017-06-21 09:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-06 14:46 - 2017-07-06 14:46 - 000216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2013-10-28 04:02 - 2013-10-28 04:02 - 000351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-07-23 21:11 - 2009-09-08 14:12 - 000116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-04-15 16:45 - 2013-04-15 16:45 - 000182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 16:45 - 2013-04-15 16:45 - 000060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2017-04-06 20:22 - 2017-05-03 22:21 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-14 21:39 - 2017-03-14 21:39 - 001663368 _____ () C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
2015-05-04 20:47 - 2013-08-16 08:53 - 000671744 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2017-06-08 05:54 - 2017-06-08 05:54 - 000554984 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2016-03-01 17:09 - 2016-11-02 00:05 - 000401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-07-18 00:50 - 2017-07-18 00:50 - 000492112 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 000222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-09-16 19:54 - 2016-09-07 06:56 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 20:20 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 20:20 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 20:20 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 20:20 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-08-11 19:08 - 2017-03-04 08:05 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-08-11 19:08 - 2017-08-01 20:26 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-08-11 19:08 - 2017-08-01 20:31 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-24 20:44 - 2017-08-24 20:44 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-04-07 09:41 - 2017-04-07 09:41 - 000054488 _____ () C:\Program Files\CCleaner\branding.dll
2017-06-30 13:22 - 2017-06-30 13:22 - 000069632 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-02-11 07:34 - 2014-02-11 07:34 - 000172552 _____ () C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
2014-02-11 07:31 - 2013-04-17 16:26 - 000387984 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\fl_core.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 001165712 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_asr.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 000199056 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_base.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 001132944 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_pron.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 000035216 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_platform.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 000229264 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\sdxg.dll
2014-02-11 07:31 - 2013-04-17 16:25 - 000027648 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\WASAPIResamplingStreamCOMServer.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2017-07-06 14:33 - 2017-07-06 14:33 - 000222720 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2017-07-06 14:21 - 2017-07-06 14:21 - 000050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2017-07-06 14:33 - 2017-07-06 14:33 - 000073728 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2017-07-06 14:36 - 2017-07-06 14:36 - 000890880 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2017-07-06 14:27 - 2017-07-06 14:27 - 000103424 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2017-05-10 15:50 - 2017-05-10 15:50 - 000729792 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\PocoNet.dll
2017-03-14 21:40 - 2017-03-14 21:40 - 000078216 _____ () C:\Program Files (x86)\SurfEasy VPN\client\ZLIB1.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 000011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 000043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 002417152 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 001148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2017-04-06 20:22 - 2017-05-03 22:21 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-08-10 11:14 - 2016-08-10 11:14 - 040523480 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll
2014-02-11 07:34 - 2014-02-11 07:34 - 001623048 _____ () C:\Program Files (x86)\Lenovo\MotionControl\eyeKeys.dll
2014-02-11 07:34 - 2014-02-11 07:34 - 000030728 _____ () C:\Program Files (x86)\Lenovo\MotionControl\esmlib.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2017-06-22 18:56 - 2017-06-22 18:56 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-06-22 18:56 - 2017-06-22 18:56 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-06-22 18:55 - 2017-06-22 18:55 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-06-22 18:56 - 2017-06-22 18:56 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-07-13 10:12 - 2017-07-13 10:12 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-06-22 18:56 - 2017-06-22 18:56 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-05-19 23:50 - 2017-05-19 23:50 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-07-13 10:07 - 2017-07-13 10:07 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-05-19 23:49 - 2017-05-19 23:49 - 000098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2017-05-19 23:50 - 2017-05-19 23:50 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-04-23 13:32 - 2016-04-23 13:32 - 000131072 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_de\PDFMaker\PDFMOutlookAddin.DEU
2017-03-28 19:24 - 2017-03-28 19:24 - 003990136 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\PDFMaker\Common\AdobePDFMakerX.dll
2016-04-23 13:32 - 2016-04-23 13:32 - 001446912 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2014-02-11 07:09 - 2013-05-09 14:23 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\sharepoint.com -> hxxps://htlsalzburg-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\127.0.0.1 -> hxxp://127.0.0.1
IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\sharepoint.com -> hxxps://htlsalzburg.sharepoint.com
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2017-08-24 21:11 - 000004317 _____ C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 ac3.msn.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads.msn.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 a-msedge.net
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 c.atdmt.com
Da befinden sich 77 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\genas_000\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img4.jpg
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{7DCA83E0-AED3-4A40-A274-EC1D2CCFB027}] => (Allow) LPort=8888
FirewallRules: [{03BA6C7E-FC46-4AB9-B460-028AC671B4C6}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{F71698B4-9CFE-4827-9E7E-2994F642D8DC}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/10/2017 10:20:22 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (09/10/2017 10:20:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (09/10/2017 10:20:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BrcmSetSecurity.exe, Version: 1.0.0.1, Zeitstempel: 0x516df51d
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.1532, Zeitstempel: 0x5965abad
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002f7fb
ID des fehlerhaften Prozesses: 0xf34
Startzeit der fehlerhaften Anwendung: 0x01d32a722e74b59d
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: e45e2286-fae8-44ed-abca-8c79c0650020
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/10/2017 10:19:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BigCom)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/10/2017 09:54:28 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters Net Detect: Net Detect Supported Error Getting Adapter List Error=0x80040302\n
Error: (09/10/2017 09:54:14 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CWinPcapWrapper::InitializeDLL You must be running with Free version of WinPcap!!!
Error: (09/10/2017 09:54:14 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CWinPcapWrapper::InitializeDLL Error starting WinPcap Professional: Unable to copy the WinPcap Professional files. Administrative privileges are required for this operation.
Error: (09/10/2017 09:54:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FRST64.exe, Version: 10.9.2017.0, Zeitstempel: 0x59b57e97
Name des fehlerhaften Moduls: FRST64.exe, Version: 10.9.2017.0, Zeitstempel: 0x59b57e97
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000026519
ID des fehlerhaften Prozesses: 0x2988
Startzeit der fehlerhaften Anwendung: 0x01d32a6e71f7d903
Pfad der fehlerhaften Anwendung: C:\Users\Gena_2\Downloads\FRST64.exe
Pfad des fehlerhaften Moduls: C:\Users\Gena_2\Downloads\FRST64.exe
Berichtskennung: 20618a3c-d704-4d0f-9015-c84b5f14b58e
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (09/10/2017 09:53:10 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "K:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).
Error: (09/10/2017 09:50:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NVDisplay.Container.exe, Version: 1.2.0.0, Zeitstempel: 0x58df0aaf
Name des fehlerhaften Moduls: NvXDCore.dll_unloaded, Version: 8.17.13.8165, Zeitstempel: 0x58df0acc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000c1951
ID des fehlerhaften Prozesses: 0x578
Startzeit der fehlerhaften Anwendung: 0x01d32a337442f8a1
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Pfad des fehlerhaften Moduls: NvXDCore.dll
Berichtskennung: 501960bf-df2b-4352-b1e5-d6d7850b3a4d
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (09/10/2017 10:23:21 PM) (Source: DCOM) (EventID: 10010) (User: BigCom)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/10/2017 10:21:49 PM) (Source: DCOM) (EventID: 10010) (User: BigCom)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/10/2017 10:20:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BrcmSetSecurity" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/10/2017 10:20:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/10/2017 10:20:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/10/2017 10:20:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/10/2017 10:20:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (09/10/2017 10:20:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. RunOuc" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (09/10/2017 10:20:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. RunOuc erreicht.
Error: (09/10/2017 10:19:37 PM) (Source: DCOM) (EventID: 10010) (User: BigCom)
Description: Der Server "App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2017-09-06 15:58:09.788
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltDll64.dll that did not meet the Store signing level requirements.
Date: 2017-09-06 15:49:15.976
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltDll64.dll that did not meet the Store signing level requirements.
Date: 2016-09-28 22:25:30.242
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.240
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.236
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.233
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.229
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.226
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.214
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-28 22:25:30.201
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 8104.27 MB
Verfügbarer physikalischer RAM: 4501.24 MB
Summe virtueller Speicher: 9384.27 MB
Verfügbarer virtueller Speicher: 5479.84 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:122.8 GB) (Free:15.93 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Zwieschenspeicher) (Fixed) (Total:25 GB) (Free:4.78 GB) NTFS
Drive g: (LENOVO_S) (Fixed) (Total:51.88 GB) (Free:1.32 GB) NTFS
Drive h: (Volume) (Fixed) (Total:23.17 GB) (Free:6.88 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: BC09B5DB)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
| Themen zu Trojaner Verdacht, Win10 64bit |
| .dll, administrator, beim starten, canon, defender, desktop, explorer, firewall, g-data, gdata, home, internet, mozilla, node.js, nvidia, ordner, pdf, prozesse, realtek, registry, rundll, scan, security, software, starten, trojaner, usb, windowsapps |
Linear-Darstellung
