| |
| |||||||
Log-Analyse und Auswertung: Win10 Adware+Trojaner? LeistungsabfallWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
14.11.2017, 17:29
| #1 |
 |  Win10 Adware+Trojaner? Leistungsabfall Hallo, ich habe seit einiger Zeit probleme mit meinem Laptop. Es handelt sich dabei um einen 2 Jahre alten HP Envy 15, mit 16 Gb RAM, i7-Prozessor und NVIDIA Geforce GTX 850M-Grafikkarte. Nun ist der Laptop extrem langsam geworden. Schon bei Progammen wie Firefox und Adobe Acrobat Reader DC hat er Schwierigkeiten sie flüssig abzuspielen, dazu stürzen die Programme häufig ab. Ich habe schon seit bestimmt einem Jahr Dateien in der Quarantäne bei Avira Antivirus (ich weiß, dass es dumm von mir ist, dass ich nicht direkt kam, aber dachte es passt wenn die Dateien in der Quarantäne sind). Fast alle von denen sind (glaube ich) Adware. Darunter sind: CC/BotConf.Gen, Adware/Dealbeaver.B, BDS/Pinger.A und HTML/Infected.WebPage.Gen2. Ich hoffe einer kann und will mir trotz meiner Dummheit weiterhelfen. Ich bedanke mich schon mal ! FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2017 03
durchgeführt von Leonardo (Administrator) auf LEOSPC (14-11-2017 16:23:17)
Gestartet von C:\Users\Leonardo\Desktop
Geladene Profile: Leonardo (Verfügbare Profile: Leonardo)
Platform: Windows 10 Home Version 1703 15063.674 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(HP) C:\Windows\System32\HP3DDGService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Blue Coat Systems, Inc.) C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Program Files\Intel Driver and Support Assistant\SUR\SurSvc.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(%CFullName%) C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-11-02] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2198872 2014-03-28] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-10-20] (Apple Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [T-Online Kinderschutz-Software] => "C:\Program Files (x86)\JusProg\JusProg-Software\TO_KSSW.exe"
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1224704 2017-05-17] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [131360 2017-09-18] (Intel)
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Leonardo\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Run: [Spotify] => C:\Users\Leonardo\AppData\Roaming\Spotify\Spotify.exe [21025392 2017-11-10] (Spotify Ltd)
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd)
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Run: [Spotify Web Helper] => C:\Users\Leonardo\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-10] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Proxomitron - Verknüpfung.lnk [2017-08-31]
ShortcutTarget: Proxomitron - Verknüpfung.lnk -> C:\Program Files (x86)\Proxomitron4.51-S-3.3.2\Proxomitron.exe (Keine Datei)
Startup: C:\Users\Leonardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Proxomitron - Verknüpfung.lnk [2017-08-31]
ShortcutTarget: Proxomitron - Verknüpfung.lnk -> C:\Program Files (x86)\Proxomitron4.51-S-3.3.2\Proxomitron.exe (Keine Datei)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyServer: [S-1-5-21-2329687503-3892960193-289530943-1001] => 127.0.0.1:8080
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{11e6d63b-2b63-4177-995c-81c53c84ab5e}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1c70429f-f5fa-4606-91d6-3d01ce1b74af}: [DhcpNameServer] 80.69.96.12 81.210.129.4
Tcpip\..\Interfaces\{4d274ac5-adf7-4a89-9d9b-3e18d3bc76b7}: [NameServer] 192.168.2.1,8.8.8.8
Tcpip\..\Interfaces\{4d274ac5-adf7-4a89-9d9b-3e18d3bc76b7}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{a227283f-d63d-45d0-ad32-cd21addc0869}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{cc23774b-1326-4863-b0bc-9faad331c49d}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {4C1E2F72-3952-4417-BB0A-5B413232F2BD} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {4C1E2F72-3952-4417-BB0A-5B413232F2BD} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2329687503-3892960193-289530943-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2329687503-3892960193-289530943-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2329687503-3892960193-289530943-1001 -> {4C1E2F72-3952-4417-BB0A-5B413232F2BD} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-10-21] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-10-21] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-09-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-30] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-10-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-30] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-23] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-23] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-23] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-23] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 8b2c5xsk.default
FF ProfilePath: C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\8b2c5xsk.default [2017-11-14]
FF NewTab: Mozilla\Firefox\Profiles\8b2c5xsk.default -> hxxp://www.google.de/
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\8b2c5xsk.default -> Bing®
FF Homepage: Mozilla\Firefox\Profiles\8b2c5xsk.default -> hxxp://www.google.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\8b2c5xsk.default -> no_proxies_on", ""
FF NetworkProxy: Mozilla\Firefox\Profiles\8b2c5xsk.default -> type", 0
FF Extension: (AdBlocker Ultimate) - C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\8b2c5xsk.default\Extensions\adblockultimate@adblockultimate.net.xpi [2017-10-05]
FF Extension: (Proxy Tool) - C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\8b2c5xsk.default\Extensions\proxytool@proxylist.co.xpi [2017-08-15]
FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\8b2c5xsk.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-11-09]
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-10-25] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-25] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-23] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-23] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [bhldmkghjkldhclddpjebfjpaijaajmm] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fidikogfgleiaefnjbmnjaplmgknppkg] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-10-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-10-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-10-17] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1525240 2017-10-17] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [407408 2017-10-26] (Avira Operations GmbH & Co. KG)
R2 bckwfs; C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2619096 2016-08-19] (Blue Coat Systems, Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-11-10] ()
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2017-05-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122800 2017-10-04] (Microsoft Corporation)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2017\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [Datei ist nicht signiert]
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22816 2017-09-18] (Intel)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
R2 hp3ddgsrv; C:\WINDOWS\system32\HP3DDGService.exe [130072 2017-10-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [350312 2015-11-02] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [269480 2017-08-07] ()
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-09-16] (NVIDIA Corporation)
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20539168 2014-03-28] (NVIDIA Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [124928 2015-07-02] (Softex Inc.) [Datei ist nicht signiert]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-11-02] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver and Support Assistant\SUR\SurSvc.exe [157456 2017-03-07] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
S2 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [44544 2015-03-03] (Synaptics Incorporated) [Datei ist nicht signiert]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3756200 2017-08-07] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [54296 2017-10-03] (HP)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [176224 2017-10-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-08-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 bckd; C:\WINDOWS\System32\drivers\bckd.sys [125144 2016-08-19] (Blue Coat Systems, Inc.)
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [40472 2017-10-03] (HP)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2017-03-09] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3521032 2017-10-10] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_f0b2a5e1e71031b3\nvlddmkm.sys [15620208 2017-10-16] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-11-02] (Realtek )
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [220672 2017-03-18] (Microsoft Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-03-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2015-04-20] (Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-14 16:23 - 2017-11-14 16:24 - 000025123 _____ C:\Users\Leonardo\Desktop\FRST.txt
2017-11-14 16:23 - 2017-11-14 16:23 - 000000000 ____D C:\FRST
2017-11-14 16:22 - 2017-11-14 16:22 - 002392576 _____ (Farbar) C:\Users\Leonardo\Desktop\FRST64.exe
2017-11-14 15:05 - 2017-10-24 22:14 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-14 15:05 - 2017-10-24 22:14 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-14 14:33 - 2017-11-14 14:33 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-11-13 20:52 - 2017-11-13 20:52 - 000000000 ___HD C:\$WINDOWS.~BT
2017-11-13 20:20 - 2017-11-13 20:20 - 000002426 _____ C:\WINDOWS\system32\default_error_stack-000001-000000.txt
2017-11-13 20:12 - 2017-11-13 20:12 - 000002426 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt
2017-11-13 20:11 - 2017-11-13 20:12 - 000448112 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-13 19:47 - 2017-11-13 19:47 - 000000000 ____D C:\Users\Leonardo\Downloads\Intel Components
2017-11-13 19:45 - 2017-11-13 19:49 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2017-11-13 19:45 - 2017-11-13 19:45 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel
2017-11-13 19:45 - 2017-11-13 19:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver and Support Assistant
2017-11-13 19:44 - 2017-11-13 19:45 - 000002524 _____ C:\WINDOWS\System32\Tasks\USER_ESRV_SVC_QUEENCREEK
2017-11-13 19:44 - 2017-11-13 19:44 - 000000000 ____D C:\Program Files\Intel Driver and Support Assistant
2017-11-13 19:44 - 2016-10-18 17:14 - 000021984 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2017-11-13 17:58 - 2017-11-13 18:07 - 000000358 _____ C:\WINDOWS\Tasks\HPCeeScheduleForLeonardo.job
2017-11-13 17:58 - 2017-11-13 17:58 - 000003262 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForLeonardo
2017-11-10 17:23 - 2017-11-10 17:25 - 000001332 _____ C:\Users\Public\Desktop\Ashampoo WinOptimizer 2017.lnk
2017-11-10 17:23 - 2017-11-10 17:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2017-11-10 17:23 - 2009-08-24 22:13 - 000034304 _____ (mst software GmbH, Germany) C:\WINDOWS\system32\DfSdkBt.exe
2017-11-10 17:22 - 2017-11-13 19:56 - 000000000 ____D C:\ProgramData\Ashampoo
2017-11-10 17:22 - 2017-11-10 17:22 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2017-11-10 17:21 - 2017-11-13 20:41 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Razer
2017-11-10 16:36 - 2017-11-13 20:42 - 000000000 ____D C:\ProgramData\Razer
2017-11-10 16:36 - 2017-11-13 20:41 - 000000000 ____D C:\Program Files (x86)\Razer
2017-11-10 15:57 - 2017-11-10 15:57 - 000000000 ____D C:\Users\Leonardo\AppData\Local\UnrealEngine
2017-11-10 15:57 - 2017-11-10 15:57 - 000000000 ____D C:\Users\Leonardo\AppData\Local\TslGame
2017-11-09 19:27 - 2017-11-09 19:27 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-11-09 19:27 - 2017-11-09 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-09 19:27 - 2017-10-04 13:15 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-11-09 19:26 - 2017-11-09 19:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-09 19:26 - 2017-11-09 19:26 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-06 17:30 - 2017-11-06 17:30 - 001771051 _____ C:\Users\Leonardo\Downloads\Musterlösungen_SRÜ_Strahlung.zip
2017-11-06 17:30 - 2017-11-06 17:30 - 000001200 _____ C:\Users\Public\Desktop\Avira.lnk
2017-11-05 13:39 - 2017-11-05 13:39 - 000001823 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-11-05 13:39 - 2017-11-05 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-11-05 13:39 - 2017-11-05 13:39 - 000000000 ____D C:\Program Files\iPod
2017-11-05 13:38 - 2017-11-05 13:39 - 000000000 ____D C:\Program Files\iTunes
2017-10-30 23:36 - 2017-10-30 23:36 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\VOWSoft
2017-10-30 23:30 - 2017-10-30 23:31 - 001533960 _____ (CHIP Digital GmbH) C:\Users\Leonardo\Downloads\iBackupBot for iTunes - CHIP-Installer.exe
2017-10-28 17:39 - 2017-10-28 17:39 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-10-28 17:39 - 2017-10-28 17:39 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2017-10-26 10:55 - 2017-10-26 10:55 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-10-26 10:55 - 2017-07-20 18:21 - 000905504 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-10-26 10:55 - 2017-07-20 18:21 - 000776992 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-10-26 10:55 - 2017-07-20 18:21 - 000578848 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-10-26 10:55 - 2017-07-20 18:21 - 000477472 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-10-25 18:10 - 2017-10-25 18:10 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2017-10-25 18:09 - 2017-10-25 18:09 - 010427120 _____ (Piriform Ltd) C:\Users\Leonardo\Downloads\ccsetup536.exe
2017-10-23 18:47 - 2017-10-23 18:47 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-23 18:39 - 2017-09-30 06:45 - 000511896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2017-10-23 18:39 - 2017-09-30 06:40 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-10-23 18:39 - 2017-09-30 06:40 - 000173976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2017-10-23 18:39 - 2017-09-30 03:29 - 001408536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-23 18:39 - 2017-09-30 03:29 - 000804784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-10-23 18:39 - 2017-09-30 03:26 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-23 18:39 - 2017-09-30 03:26 - 001292872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-10-23 18:39 - 2017-09-30 03:10 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-10-23 18:39 - 2017-09-30 03:10 - 000606072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-10-23 18:39 - 2017-09-30 03:10 - 000508344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-23 18:39 - 2017-09-30 03:10 - 000480920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2017-10-23 18:39 - 2017-09-30 03:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-10-23 18:39 - 2017-09-30 03:09 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-10-23 18:39 - 2017-09-30 03:06 - 004471368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-10-23 18:39 - 2017-09-30 03:05 - 005827744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-10-23 18:39 - 2017-09-30 03:05 - 002603744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2017-10-23 18:39 - 2017-09-30 03:05 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-10-23 18:39 - 2017-09-30 03:05 - 000750488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-10-23 18:39 - 2017-09-30 03:05 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-10-23 18:39 - 2017-09-30 03:04 - 004215184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-10-23 18:39 - 2017-09-30 03:04 - 000612120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-10-23 18:39 - 2017-09-30 03:04 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-10-23 18:39 - 2017-09-30 03:04 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-10-23 18:39 - 2017-09-30 03:04 - 000347544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-23 18:39 - 2017-09-30 03:04 - 000182680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-10-23 18:39 - 2017-09-30 03:03 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-10-23 18:39 - 2017-09-30 03:03 - 006768288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-23 18:39 - 2017-09-30 03:03 - 001439032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-10-23 18:39 - 2017-09-30 03:02 - 000175512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-10-23 18:39 - 2017-09-30 03:01 - 000124544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-23 18:39 - 2017-09-29 08:45 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-10-23 18:39 - 2017-09-29 08:44 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-23 18:39 - 2017-09-29 08:43 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-10-23 18:39 - 2017-09-29 08:43 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-10-23 18:39 - 2017-09-29 08:43 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-10-23 18:39 - 2017-09-29 08:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll
2017-10-23 18:39 - 2017-09-29 08:41 - 013844992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-10-23 18:39 - 2017-09-29 08:41 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2017-10-23 18:39 - 2017-09-29 08:40 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-10-23 18:39 - 2017-09-29 08:40 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-10-23 18:39 - 2017-09-29 08:40 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-10-23 18:39 - 2017-09-29 08:39 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 001135616 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-10-23 18:39 - 2017-09-29 08:37 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2017-10-23 18:39 - 2017-09-29 08:37 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-10-23 18:39 - 2017-09-29 08:36 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-10-23 18:39 - 2017-09-29 08:34 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-23 18:39 - 2017-09-29 08:34 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-10-23 18:39 - 2017-09-29 08:34 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-10-23 18:39 - 2017-09-29 08:34 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-10-23 18:39 - 2017-09-29 08:33 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-10-23 18:39 - 2017-09-29 08:33 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-10-23 18:39 - 2017-09-29 08:33 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-10-23 18:39 - 2017-09-29 08:32 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-10-23 18:39 - 2017-09-29 08:32 - 002340864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-10-23 18:39 - 2017-09-29 08:32 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-23 18:39 - 2017-09-29 08:32 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-10-23 18:39 - 2017-09-29 08:32 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-10-23 18:39 - 2017-09-29 08:32 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-23 18:39 - 2017-09-29 08:31 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-10-23 18:39 - 2017-09-29 08:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-10-23 18:39 - 2017-09-29 08:29 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-10-23 18:39 - 2017-09-29 08:29 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-10-23 18:39 - 2017-09-29 08:28 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-10-23 18:39 - 2017-09-29 08:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-10-23 18:39 - 2017-09-29 08:28 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2017-10-23 18:39 - 2017-09-29 08:28 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2017-10-23 18:39 - 2017-09-29 08:28 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cipher.exe
2017-10-23 18:39 - 2017-09-29 08:24 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-10-23 18:39 - 2017-09-29 06:40 - 000804312 _____ C:\WINDOWS\SysWOW64\locale.nls
2017-10-23 18:39 - 2017-09-29 06:40 - 000804312 _____ C:\WINDOWS\system32\locale.nls
2017-10-23 18:39 - 2017-09-20 16:08 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-23 18:39 - 2017-09-20 16:08 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-23 18:39 - 2017-09-20 16:08 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-23 18:39 - 2017-09-19 00:09 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-10-23 18:39 - 2017-09-18 23:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2017-10-23 18:39 - 2017-09-18 23:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-10-23 18:39 - 2017-09-05 06:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-10-23 18:39 - 2017-09-05 06:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-10-23 18:39 - 2017-09-05 06:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-10-23 18:39 - 2017-09-05 06:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-10-23 18:39 - 2017-09-05 05:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-10-23 18:39 - 2017-09-05 05:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-10-23 18:39 - 2017-09-05 05:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-10-23 18:39 - 2017-09-05 05:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-10-23 18:39 - 2017-09-05 05:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-10-23 18:39 - 2017-09-05 05:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-10-23 18:39 - 2017-09-05 05:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-10-23 18:39 - 2017-09-05 05:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-10-23 18:39 - 2017-09-05 05:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-10-23 18:39 - 2017-09-05 05:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-10-23 18:39 - 2017-09-05 05:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-10-23 18:39 - 2017-09-05 05:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-10-23 18:39 - 2017-09-05 05:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-10-23 18:39 - 2017-09-05 05:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-10-23 18:39 - 2017-09-05 05:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-10-23 18:39 - 2017-09-05 05:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-10-23 18:39 - 2017-09-05 05:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-10-23 18:39 - 2017-09-05 05:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-10-23 18:39 - 2017-09-05 05:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-10-23 18:39 - 2017-09-05 05:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-10-23 18:39 - 2017-09-05 05:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-10-23 18:39 - 2017-09-05 05:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-10-23 18:39 - 2017-09-05 05:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-10-23 18:39 - 2017-09-05 05:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-10-23 18:39 - 2017-09-05 05:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-10-23 18:39 - 2017-09-05 05:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-10-23 18:39 - 2017-09-05 05:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-10-23 18:39 - 2017-09-05 05:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-10-23 18:39 - 2017-09-05 05:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-10-23 18:39 - 2017-09-05 05:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-10-23 18:39 - 2017-09-05 05:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-10-23 18:39 - 2017-09-05 05:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-10-23 18:39 - 2017-09-05 05:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-10-23 18:39 - 2017-09-05 05:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-10-23 18:39 - 2017-09-05 05:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-10-23 18:39 - 2017-09-05 05:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-10-23 18:39 - 2017-09-05 05:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-10-23 18:39 - 2017-09-05 05:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-10-23 18:39 - 2017-09-05 05:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-10-23 18:39 - 2017-09-05 05:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-10-23 18:39 - 2017-09-05 05:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-10-23 18:39 - 2017-09-05 05:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-10-23 18:39 - 2017-09-05 05:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-10-23 18:39 - 2017-09-05 05:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-10-23 18:39 - 2017-09-05 05:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-10-23 18:39 - 2017-09-05 05:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-10-23 18:39 - 2017-09-05 05:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-10-23 18:39 - 2017-09-05 05:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-10-23 18:39 - 2017-09-05 05:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-10-23 18:39 - 2017-09-05 05:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-10-23 18:39 - 2017-09-05 05:14 - 004544000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2017-10-23 18:39 - 2017-09-05 05:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-10-23 18:39 - 2017-09-05 05:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-10-23 18:39 - 2017-09-05 05:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-10-23 18:39 - 2017-09-05 05:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-10-23 18:39 - 2017-09-05 05:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-10-23 18:39 - 2017-09-05 05:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-10-23 18:39 - 2017-09-05 05:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-10-23 18:39 - 2017-09-05 05:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-10-23 18:39 - 2017-09-05 05:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-10-23 18:39 - 2017-09-05 05:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-10-23 18:39 - 2017-09-05 05:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-10-23 18:39 - 2017-09-05 05:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-10-23 18:39 - 2017-09-05 05:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-10-23 18:39 - 2017-09-05 05:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-10-23 18:39 - 2017-09-05 05:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-10-23 18:38 - 2017-09-30 06:51 - 000661224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-23 18:38 - 2017-09-30 06:49 - 001004136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-10-23 18:38 - 2017-09-30 06:49 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-10-23 18:38 - 2017-09-30 06:49 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-23 18:38 - 2017-09-30 06:48 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-23 18:38 - 2017-09-30 06:48 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-10-23 18:38 - 2017-09-30 06:48 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-23 18:38 - 2017-09-30 06:47 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-10-23 18:38 - 2017-09-30 06:47 - 001194792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-10-23 18:38 - 2017-09-30 06:44 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-23 18:38 - 2017-09-30 06:42 - 000820120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-10-23 18:38 - 2017-09-30 06:41 - 005304496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-10-23 18:38 - 2017-09-30 06:41 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-10-23 18:38 - 2017-09-30 06:41 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-10-23 18:38 - 2017-09-30 06:40 - 000724704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-10-23 18:38 - 2017-09-30 06:38 - 007910072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-23 18:38 - 2017-09-30 06:38 - 002239136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-10-23 18:38 - 2017-09-30 06:36 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-10-23 18:38 - 2017-09-30 06:36 - 000057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-10-23 18:38 - 2017-09-30 03:10 - 001150776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-10-23 18:38 - 2017-09-29 08:46 - 023678976 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-10-23 18:38 - 2017-09-29 08:39 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-10-23 18:38 - 2017-09-29 08:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-10-23 18:38 - 2017-09-29 08:36 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-23 18:38 - 2017-09-29 08:35 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-23 18:38 - 2017-09-29 08:34 - 017370624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-10-23 18:38 - 2017-09-29 08:34 - 006255616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-10-23 18:38 - 2017-09-29 08:33 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-10-23 18:38 - 2017-09-29 08:32 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-23 18:38 - 2017-09-29 08:32 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll
2017-10-23 18:38 - 2017-09-29 08:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-10-23 18:38 - 2017-09-29 08:31 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-10-23 18:38 - 2017-09-29 08:31 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-10-23 18:38 - 2017-09-29 08:30 - 023686144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-23 18:38 - 2017-09-29 08:29 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-10-23 18:38 - 2017-09-29 08:29 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-10-23 18:38 - 2017-09-29 08:29 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-10-23 18:38 - 2017-09-29 08:29 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-10-23 18:38 - 2017-09-29 08:28 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-10-23 18:38 - 2017-09-29 08:28 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-23 18:38 - 2017-09-29 08:27 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-10-23 18:38 - 2017-09-29 08:27 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-23 18:38 - 2017-09-29 08:27 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2017-10-23 18:38 - 2017-09-29 08:26 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-10-23 18:38 - 2017-09-29 08:25 - 008199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-10-23 18:38 - 2017-09-29 08:25 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-10-23 18:38 - 2017-09-29 08:24 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-10-23 18:38 - 2017-09-29 08:23 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-10-23 18:38 - 2017-09-29 08:23 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-23 18:38 - 2017-09-29 08:23 - 003140096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-10-23 18:38 - 2017-09-29 08:23 - 001887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-10-23 18:38 - 2017-09-29 08:23 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-10-23 18:38 - 2017-09-29 08:23 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-23 18:38 - 2017-09-29 08:22 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-10-23 18:38 - 2017-09-29 08:21 - 003304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-10-23 18:38 - 2017-09-29 08:21 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-10-23 18:38 - 2017-09-29 08:21 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-23 18:38 - 2017-09-29 08:21 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-10-23 18:38 - 2017-09-29 08:20 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-10-23 18:38 - 2017-09-29 08:20 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2017-10-23 18:38 - 2017-09-29 08:20 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-23 18:38 - 2017-09-29 08:20 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2017-10-23 18:38 - 2017-09-29 08:19 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-10-23 18:38 - 2017-09-29 08:19 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2017-10-23 18:38 - 2017-09-29 08:19 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-10-23 18:38 - 2017-09-29 08:18 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2017-10-23 18:38 - 2017-09-29 08:18 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-10-23 18:38 - 2017-09-19 00:20 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-10-23 18:38 - 2017-09-19 00:20 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-10-23 18:38 - 2017-09-19 00:17 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-10-23 18:38 - 2017-09-19 00:17 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-10-23 18:38 - 2017-09-18 23:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2017-10-23 18:38 - 2017-09-18 23:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-10-23 18:38 - 2017-09-05 06:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-10-23 18:38 - 2017-09-05 06:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-10-23 18:38 - 2017-09-05 06:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-10-23 18:38 - 2017-09-05 06:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-10-23 18:38 - 2017-09-05 06:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-10-23 18:38 - 2017-09-05 06:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-10-23 18:38 - 2017-09-05 06:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-10-23 18:38 - 2017-09-05 06:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-10-23 18:38 - 2017-09-05 06:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-10-23 18:38 - 2017-09-05 06:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-10-23 18:38 - 2017-09-05 06:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-10-23 18:38 - 2017-09-05 06:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-10-23 18:38 - 2017-09-05 06:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-10-23 18:38 - 2017-09-05 06:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-10-23 18:38 - 2017-09-05 06:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-10-23 18:38 - 2017-09-05 06:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-10-23 18:38 - 2017-09-05 06:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-10-23 18:38 - 2017-09-05 06:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-10-23 18:38 - 2017-09-05 05:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-10-23 18:38 - 2017-09-05 05:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-10-23 18:38 - 2017-09-05 05:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-10-23 18:38 - 2017-09-05 05:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-10-23 18:38 - 2017-09-05 05:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-10-23 18:38 - 2017-09-05 05:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-10-23 18:38 - 2017-09-05 05:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-10-23 18:38 - 2017-09-05 05:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-10-23 18:38 - 2017-09-05 05:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-10-23 18:38 - 2017-09-05 05:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-10-23 18:38 - 2017-09-05 05:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-10-23 18:38 - 2017-09-05 05:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-10-23 18:38 - 2017-09-05 05:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-10-23 18:38 - 2017-09-05 05:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-10-23 18:38 - 2017-09-05 05:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-10-23 18:38 - 2017-09-05 05:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-10-23 18:38 - 2017-09-05 05:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-10-23 18:38 - 2017-09-05 05:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-10-23 18:38 - 2017-09-05 05:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-10-23 18:38 - 2017-09-05 05:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-10-23 18:38 - 2017-09-05 05:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-10-23 18:38 - 2017-09-05 05:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-10-23 18:38 - 2017-09-05 05:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-10-23 18:38 - 2017-09-05 05:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-10-23 18:38 - 2017-09-05 05:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-10-23 18:38 - 2017-09-05 05:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-10-23 18:38 - 2017-09-05 05:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-10-23 18:38 - 2017-09-05 05:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-10-23 18:38 - 2017-09-05 05:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-10-23 18:38 - 2017-09-05 05:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-10-23 18:38 - 2017-09-05 05:19 - 005776384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2017-10-23 18:38 - 2017-09-05 05:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-10-23 18:38 - 2017-09-05 05:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-10-23 18:38 - 2017-09-05 05:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-10-23 18:38 - 2017-09-05 05:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-10-23 18:38 - 2017-09-05 05:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-10-23 18:38 - 2017-09-05 05:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-10-23 18:38 - 2017-09-05 05:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-10-23 18:38 - 2017-09-05 05:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-10-23 18:38 - 2017-09-05 05:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-10-23 18:38 - 2017-09-05 05:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-10-23 18:38 - 2017-09-05 05:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-10-23 18:38 - 2017-09-05 05:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-10-23 18:38 - 2017-09-05 05:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-10-23 18:38 - 2017-09-05 05:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-10-23 18:38 - 2017-09-01 06:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-10-23 18:37 - 2017-09-30 06:52 - 001595152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-23 18:37 - 2017-09-30 06:51 - 001458320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-23 18:37 - 2017-09-30 06:51 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-10-23 18:37 - 2017-09-30 06:50 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-10-23 18:37 - 2017-09-30 06:50 - 001068208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-10-23 18:37 - 2017-09-30 06:50 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-10-23 18:37 - 2017-09-30 06:48 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2017-10-23 18:37 - 2017-09-30 06:44 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-10-23 18:37 - 2017-09-30 06:43 - 007318888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-10-23 18:37 - 2017-09-30 06:43 - 002442136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-10-23 18:37 - 2017-09-30 06:42 - 004848952 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-10-23 18:37 - 2017-09-30 06:42 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-23 18:37 - 2017-09-30 06:41 - 005477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-10-23 18:37 - 2017-09-30 06:41 - 002086808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-10-23 18:37 - 2017-09-30 06:41 - 000961944 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-10-23 18:37 - 2017-09-30 06:41 - 000651672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-10-23 18:37 - 2017-09-30 06:41 - 000257432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-10-23 18:37 - 2017-09-30 06:41 - 000228248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-23 18:37 - 2017-09-30 06:40 - 000642680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-23 18:37 - 2017-09-30 06:40 - 000558912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-10-23 18:37 - 2017-09-30 06:40 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-23 18:37 - 2017-09-30 06:40 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2017-10-23 18:37 - 2017-09-30 06:40 - 000072944 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2017-10-23 18:37 - 2017-09-30 06:39 - 021351760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-10-23 18:37 - 2017-09-30 06:39 - 000203672 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-10-23 18:37 - 2017-09-29 08:34 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-10-23 18:37 - 2017-09-29 08:33 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-23 18:37 - 2017-09-29 08:32 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-10-23 18:37 - 2017-09-29 08:32 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-10-23 18:37 - 2017-09-29 08:32 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-10-23 18:37 - 2017-09-29 08:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-10-23 18:37 - 2017-09-29 08:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-10-23 18:37 - 2017-09-29 08:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2017-10-23 18:37 - 2017-09-29 08:30 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-10-23 18:37 - 2017-09-29 08:30 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-10-23 18:37 - 2017-09-29 08:30 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2017-10-23 18:37 - 2017-09-29 08:30 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-10-23 18:37 - 2017-09-29 08:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-23 18:37 - 2017-09-29 08:29 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-23 18:37 - 2017-09-29 08:29 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-23 18:37 - 2017-09-29 08:29 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-10-23 18:37 - 2017-09-29 08:29 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-10-23 18:37 - 2017-09-29 08:29 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe
2017-10-23 18:37 - 2017-09-29 08:28 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-23 18:37 - 2017-09-29 08:28 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-10-23 18:37 - 2017-09-29 08:28 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-10-23 18:37 - 2017-09-29 08:28 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-10-23 18:37 - 2017-09-29 08:27 - 001321984 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2017-10-23 18:37 - 2017-09-29 08:27 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-10-23 18:37 - 2017-09-29 08:27 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2017-10-23 18:37 - 2017-09-29 08:27 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-23 18:37 - 2017-09-29 08:27 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-10-23 18:37 - 2017-09-29 08:27 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-10-23 18:37 - 2017-09-29 08:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-23 18:37 - 2017-09-29 08:26 - 001468928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-23 18:37 - 2017-09-29 08:26 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-10-23 18:37 - 2017-09-29 08:26 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-10-23 18:37 - 2017-09-29 08:26 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2017-10-23 18:37 - 2017-09-29 08:26 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-10-23 18:37 - 2017-09-29 08:25 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-10-23 18:37 - 2017-09-29 08:25 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-10-23 18:37 - 2017-09-29 08:24 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-23 18:37 - 2017-09-29 08:24 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-10-23 18:37 - 2017-09-29 08:24 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-23 18:37 - 2017-09-29 08:24 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-10-23 18:37 - 2017-09-29 08:24 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-10-23 18:37 - 2017-09-29 08:23 - 002446336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-10-23 18:37 - 2017-09-29 08:23 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-10-23 18:37 - 2017-09-29 08:22 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-23 18:37 - 2017-09-29 08:22 - 001438208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-10-23 18:37 - 2017-09-29 08:22 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-10-23 18:37 - 2017-09-29 08:21 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-23 18:37 - 2017-09-29 08:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-10-23 18:37 - 2017-09-29 08:21 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll
2017-10-23 18:37 - 2017-09-29 08:21 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2017-10-23 18:37 - 2017-09-29 08:20 - 001811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-10-23 18:37 - 2017-09-29 08:20 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2017-10-23 18:37 - 2017-09-29 08:19 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-10-23 18:37 - 2017-09-29 08:18 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-10-23 18:37 - 2017-09-29 08:18 - 001527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-10-23 18:37 - 2017-09-29 08:18 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-10-23 18:37 - 2017-09-29 08:18 - 000603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-10-23 18:37 - 2017-09-29 08:18 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-10-23 18:37 - 2017-09-29 08:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2017-10-23 18:37 - 2017-09-29 08:18 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\cipher.exe
2017-10-23 18:37 - 2017-09-19 00:18 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-10-23 18:37 - 2017-09-19 00:17 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-10-23 18:37 - 2017-09-19 00:11 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-10-23 18:37 - 2017-09-18 23:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2017-10-23 18:37 - 2017-09-18 23:23 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2017-10-23 18:37 - 2017-09-05 06:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-10-23 18:37 - 2017-09-05 06:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-10-23 18:37 - 2017-09-05 06:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-10-23 18:37 - 2017-09-05 06:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-10-23 18:37 - 2017-09-05 06:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-10-23 18:37 - 2017-09-05 06:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-10-23 18:37 - 2017-09-05 06:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-10-23 18:37 - 2017-09-05 06:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-10-23 18:37 - 2017-09-05 06:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-10-23 18:37 - 2017-09-05 06:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-10-23 18:37 - 2017-09-05 06:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-10-23 18:37 - 2017-09-05 06:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-10-23 18:37 - 2017-09-05 06:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-10-23 18:37 - 2017-09-05 06:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-10-23 18:37 - 2017-09-05 06:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-10-23 18:37 - 2017-09-05 06:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-10-23 18:37 - 2017-09-05 05:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-10-23 18:37 - 2017-09-05 05:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-10-23 18:37 - 2017-09-05 05:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-10-23 18:37 - 2017-09-05 05:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-10-23 18:37 - 2017-09-05 05:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-10-23 18:37 - 2017-09-05 05:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-10-23 18:37 - 2017-09-05 05:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-10-23 18:37 - 2017-09-05 05:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-10-23 18:37 - 2017-09-05 05:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-10-23 18:37 - 2017-09-05 05:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-10-23 18:37 - 2017-09-05 05:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-10-23 18:37 - 2017-09-05 05:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-10-23 18:37 - 2017-09-05 05:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-10-23 18:37 - 2017-09-05 05:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-10-23 18:37 - 2017-09-05 05:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-10-23 18:37 - 2017-09-05 05:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-10-23 18:37 - 2017-09-05 05:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-10-23 18:37 - 2017-09-05 05:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-10-23 18:37 - 2017-09-05 05:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-10-23 18:37 - 2017-09-05 05:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-10-23 18:37 - 2017-09-05 05:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-10-23 18:37 - 2017-09-05 05:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-10-23 18:37 - 2017-09-05 05:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-10-23 18:37 - 2017-09-05 05:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-10-23 18:37 - 2017-09-05 05:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-10-23 18:37 - 2017-09-05 05:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-10-23 18:37 - 2017-09-05 05:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-10-23 18:37 - 2017-09-05 05:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-10-23 18:37 - 2017-09-05 05:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-10-23 18:37 - 2017-09-05 05:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-10-23 18:37 - 2017-09-05 05:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-10-23 18:37 - 2017-09-05 05:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-10-23 18:37 - 2017-09-05 05:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-10-23 18:37 - 2017-09-05 05:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-10-23 18:37 - 2017-09-05 05:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-10-23 18:37 - 2017-09-05 05:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-10-23 18:37 - 2017-09-05 05:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-10-23 18:37 - 2017-09-05 05:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-10-23 18:37 - 2017-09-05 05:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-10-23 18:37 - 2017-09-05 05:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-10-23 18:37 - 2017-09-05 05:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-10-23 18:37 - 2017-09-05 05:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-10-23 18:37 - 2017-09-05 05:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-10-23 18:37 - 2017-09-05 05:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-10-23 18:37 - 2017-09-05 05:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-10-23 18:37 - 2017-09-05 05:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-10-23 18:37 - 2017-09-05 05:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-10-23 18:37 - 2017-09-05 05:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-10-23 18:37 - 2017-09-05 05:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-10-23 18:37 - 2017-09-05 05:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-10-23 18:37 - 2017-09-05 05:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-10-23 18:37 - 2017-09-05 05:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-10-23 18:37 - 2017-09-05 05:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-10-23 18:37 - 2017-09-05 05:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-10-23 18:37 - 2017-09-05 05:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-10-19 18:09 - 2017-10-19 18:09 - 001314569 _____ C:\Users\Leonardo\Downloads\SEC_Folien_RT_Kapitel2.pdf
2017-10-16 00:18 - 2017-10-16 00:18 - 035934136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-10-16 00:18 - 2017-10-16 00:18 - 029028792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-10-16 00:13 - 2017-10-16 00:13 - 000981616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-10-16 00:13 - 2017-10-16 00:13 - 000932976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-10-16 00:13 - 2017-10-16 00:13 - 000618424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-10-16 00:13 - 2017-10-16 00:13 - 000507832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-10-16 00:12 - 2017-10-16 00:12 - 001996912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438569.dll
2017-10-16 00:12 - 2017-10-16 00:12 - 001615288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438569.dll
2017-10-16 00:12 - 2017-10-16 00:12 - 001076664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-10-16 00:12 - 2017-10-16 00:12 - 001013872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-10-16 00:11 - 2017-10-16 00:11 - 040248760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-10-16 00:11 - 2017-10-16 00:11 - 035322808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-10-16 00:11 - 2017-10-16 00:11 - 023343840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-10-16 00:11 - 2017-10-16 00:11 - 019023464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-10-16 00:11 - 2017-10-16 00:11 - 012357696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-10-16 00:11 - 2017-10-16 00:11 - 010184544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-10-16 00:11 - 2017-10-16 00:11 - 004153784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-10-16 00:11 - 2017-10-16 00:11 - 003584440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-10-16 00:10 - 2017-10-16 00:10 - 001312216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-10-16 00:10 - 2017-10-16 00:10 - 001026600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-10-16 00:10 - 2017-10-16 00:10 - 000797568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-10-16 00:10 - 2017-10-16 00:10 - 000705448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-10-16 00:10 - 2017-10-16 00:10 - 000631592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-10-16 00:10 - 2017-10-16 00:10 - 000592024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-10-16 00:09 - 2017-10-16 00:09 - 013912344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-10-16 00:09 - 2017-10-16 00:09 - 011804040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-10-16 00:09 - 2017-10-16 00:09 - 003753392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-10-15 23:55 - 2017-10-15 23:55 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-10-15 23:55 - 2017-10-15 23:55 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-14 15:22 - 2017-05-14 12:05 - 000004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F2DAF3C6-4610-4899-99BA-B5505364FA34}
2017-11-14 15:05 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-14 15:04 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-14 15:04 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-14 14:35 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-11-14 14:33 - 2017-05-14 11:28 - 000000000 ____D C:\ProgramData\Validity
2017-11-14 14:33 - 2015-03-29 11:13 - 000000000 __SHD C:\Users\Leonardo\IntelGraphicsProfiles
2017-11-13 20:54 - 2017-05-14 11:32 - 000000000 ____D C:\Users\Leonardo
2017-11-13 20:54 - 2017-05-14 11:31 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-13 20:52 - 2017-05-08 11:36 - 000000000 ___DC C:\WINDOWS\Panther
2017-11-13 20:42 - 2015-05-15 14:34 - 000000000 ____D C:\Program Files (x86)\Steam
2017-11-13 20:26 - 2017-05-14 11:32 - 005389340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-13 20:26 - 2017-03-20 05:35 - 002693302 _____ C:\WINDOWS\system32\perfh007.dat
2017-11-13 20:26 - 2017-03-20 05:35 - 000702468 _____ C:\WINDOWS\system32\perfc007.dat
2017-11-13 20:20 - 2017-05-14 12:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-13 20:10 - 2017-03-18 12:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-11-13 19:56 - 2014-08-05 02:36 - 000000000 ____D C:\ProgramData\Intel
2017-11-13 19:55 - 2015-10-30 07:28 - 000000000 ____D C:\Users\Default.migrated
2017-11-13 19:54 - 2017-05-14 11:30 - 000000000 ____D C:\Program Files\Intel
2017-11-13 19:54 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-11-13 19:54 - 2015-05-05 16:36 - 000000000 ____D C:\Program Files\Common Files\Intel
2017-11-13 19:54 - 2014-08-05 02:31 - 000000000 ____D C:\Program Files (x86)\Intel
2017-11-13 19:53 - 2014-08-05 02:46 - 000000000 ____D C:\ProgramData\Package Cache
2017-11-13 19:31 - 2017-05-14 11:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-10 18:18 - 2015-05-26 14:10 - 000000000 ____D C:\Users\Leonardo\AppData\LocalLow\Temp
2017-11-10 17:45 - 2017-03-01 15:48 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\DS4Windows
2017-11-10 16:19 - 2015-03-29 11:13 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Packages
2017-11-10 15:57 - 2015-03-29 11:13 - 000000000 ____D C:\Users\Leonardo\AppData\Local\NVIDIA Corporation
2017-11-10 15:17 - 2015-04-02 14:15 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Spotify
2017-11-10 14:31 - 2015-04-02 14:15 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Spotify
2017-11-07 20:07 - 2016-12-09 15:55 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Google
2017-11-07 20:07 - 2016-12-09 15:55 - 000000000 ____D C:\Program Files (x86)\Google
2017-11-07 20:06 - 2016-11-02 19:57 - 000000000 ____D C:\ProgramData\Skype
2017-11-07 19:53 - 2015-03-30 13:47 - 000000000 ____D C:\Users\Leonardo\AppData\Local\CrashDumps
2017-11-06 17:30 - 2015-04-29 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-11-03 14:08 - 2017-07-27 17:14 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2329687503-3892960193-289530943-1001
2017-11-03 14:08 - 2015-09-26 17:21 - 000002436 _____ C:\Users\Leonardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-03 14:08 - 2015-03-29 11:16 - 000000000 __RDO C:\Users\Leonardo\OneDrive
2017-10-30 23:21 - 2016-11-15 17:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-10-30 23:21 - 2015-03-29 11:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-28 17:39 - 2015-12-23 17:46 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-10-26 16:50 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-10-26 10:55 - 2015-06-24 13:06 - 000000000 ____D C:\TEMP
2017-10-26 08:52 - 2015-09-10 06:37 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-25 18:53 - 2017-03-20 05:35 - 000000000 ____D C:\WINDOWS\system32\de
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\setup
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-10-25 18:52 - 2017-03-18 22:03 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-10-25 18:52 - 2017-03-18 22:03 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2017-10-25 18:43 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-10-25 18:10 - 2017-10-06 14:31 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-10-25 18:10 - 2017-10-06 14:31 - 000000000 ____D C:\Program Files\CCleaner
2017-10-25 17:29 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-10-25 17:29 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-10-23 19:08 - 2015-03-29 22:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-23 18:46 - 2015-03-29 22:44 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-23 16:31 - 2014-05-06 20:53 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-10-21 13:20 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-10-16 16:43 - 2017-03-18 12:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-10-16 00:18 - 2017-02-10 17:58 - 015620208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2017-10-16 00:09 - 2017-02-10 17:48 - 004256264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-10-15 23:55 - 2017-02-10 13:24 - 000046443 _____ C:\WINDOWS\system32\nvinfo.pb
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-11-13 18:52
==================== Ende von FRST.txt ============================
|
|
14.11.2017, 17:49
| #2 |
| /// TB-Ausbilder   | Win10 Adware+Trojaner? Leistungsabfall Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Du hast am 09.11. bereits MBAM ausgeführt. Bitte die dazugehörige Logdatei posten. |
|
14.11.2017, 18:52
| #3 |
| | Win10 Adware+Trojaner? Leistungsabfall Hallo Matthias,
__________________vielen Dank für die schnelle Antwort. Hier die LogFile von MBam: Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 09.11.17
Scan-Zeit: 19:29
Protokolldatei: ebdf39ee-c57b-11e7-9504-8cdcd484f3e4.json
Administrator: Ja
-Softwaredaten-
Version: 3.2.2.2029
Komponentenversion: 1.0.212
Version des Aktualisierungspakets: 1.0.3215
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 15063.674)
CPU: x64
Dateisystem: NTFS
Benutzer: LEOSPC\Leonardo
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 464614
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 10 Min., 5 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 13.11.17
Scan-Zeit: 19:48
Protokolldatei: 35173556-c8a3-11e7-969b-8cdcd484f3e4.json
Administrator: Ja
-Softwaredaten-
Version: 3.2.2.2029
Komponentenversion: 1.0.212
Version des Aktualisierungspakets: 1.0.3247
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 15063.674)
CPU: x64
Dateisystem: NTFS
Benutzer: LEOSPC\Leonardo
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 465972
Erkannte Bedrohungen: 1
In die Quarantäne verschobene Bedrohungen: 1
Abgelaufene Zeit: 6 Min., 58 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 1
PUP.Optional.AshampooDriverUpdater, C:\PROGRAMDATA\ASHAMPOO\ICO_ASHAMPOO_DEALS.ICO, In Quarantäne, [2329], [354924],1.0.3247
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Geändert von Lecro (14.11.2017 um 19:13 Uhr) |
|
14.11.2017, 20:51
| #4 |
| /// TB-Ausbilder | Win10 Adware+Trojaner? Leistungsabfall Servus, Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
Schritt 2
Bitte poste mit deiner nächsten Antwort
|
|
15.11.2017, 16:06
| #5 |
| | Win10 Adware+Trojaner? Leistungsabfall Hallo hab es durchgeführt. Hier die LogFile von adwCleaner: Code:
ATTFilter # AdwCleaner 7.0.4.0 - Logfile created on Wed Nov 15 14:51:34 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\ProgramData\IObit\Advanced SystemCare
Deleted: C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted: C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted: C:\Users\All Users\IObit\Advanced SystemCare
Deleted: C:\Users\Leonardo\AppData\LocalLow\IObit\Advanced SystemCare
Deleted: C:\Users\Leonardo\AppData\Roaming\IObit\Advanced SystemCare
Deleted: C:\ProgramData\Application Data\lavasoft\web companion
Deleted: C:\Users\Default\AppData\Local\Pokki
Deleted: C:\Users\Default User\AppData\Local\Pokki
Deleted: C:\Users\Public\Pokki
Deleted: C:\ProgramData\IObit\ASCDownloader
Deleted: C:\Users\All Users\IObit\ASCDownloader
Deleted: C:\Users\Leonardo\AppData\Local\Downloaded Installations\{DAD82379-C684-4D04-83D5-2B9934A9C362}
***** [ Files ] *****
Deleted: C:\Windows\System32\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysNative\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysNative\LavasoftTcpService64.dll
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\IOBIT\ASC
Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\chip 1-click download service
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [3384 B] - [2017/11/15 14:29:52]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2017 03
durchgeführt von Leonardo (Administrator) auf LEOSPC (15-11-2017 16:01:21)
Gestartet von C:\Users\Leonardo\Desktop
Geladene Profile: Leonardo (Verfügbare Profile: Leonardo)
Platform: Windows 10 Home Version 1703 15063.674 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(HP) C:\Windows\System32\HP3DDGService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Blue Coat Systems, Inc.) C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files\Intel Driver and Support Assistant\SUR\SurSvc.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(%CFullName%) C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.410_none_9e914f9d2d85dacb\TiWorker.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-11-02] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2198872 2014-03-28] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-10-20] (Apple Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [T-Online Kinderschutz-Software] => "C:\Program Files (x86)\JusProg\JusProg-Software\TO_KSSW.exe"
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1224704 2017-05-17] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [131360 2017-09-18] (Intel)
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Leonardo\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Run: [Spotify] => C:\Users\Leonardo\AppData\Roaming\Spotify\Spotify.exe [21025392 2017-11-10] (Spotify Ltd)
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd)
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Run: [Spotify Web Helper] => C:\Users\Leonardo\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-10] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Proxomitron - Verknüpfung.lnk [2017-08-31]
ShortcutTarget: Proxomitron - Verknüpfung.lnk -> C:\Program Files (x86)\Proxomitron4.51-S-3.3.2\Proxomitron.exe (Keine Datei)
Startup: C:\Users\Leonardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Proxomitron - Verknüpfung.lnk [2017-08-31]
ShortcutTarget: Proxomitron - Verknüpfung.lnk -> C:\Program Files (x86)\Proxomitron4.51-S-3.3.2\Proxomitron.exe (Keine Datei)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{11e6d63b-2b63-4177-995c-81c53c84ab5e}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1c70429f-f5fa-4606-91d6-3d01ce1b74af}: [DhcpNameServer] 80.69.96.12 81.210.129.4
Tcpip\..\Interfaces\{4d274ac5-adf7-4a89-9d9b-3e18d3bc76b7}: [NameServer] 192.168.2.1,8.8.8.8
Tcpip\..\Interfaces\{4d274ac5-adf7-4a89-9d9b-3e18d3bc76b7}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{a227283f-d63d-45d0-ad32-cd21addc0869}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{cc23774b-1326-4863-b0bc-9faad331c49d}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {4C1E2F72-3952-4417-BB0A-5B413232F2BD} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {4C1E2F72-3952-4417-BB0A-5B413232F2BD} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2329687503-3892960193-289530943-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2329687503-3892960193-289530943-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2329687503-3892960193-289530943-1001 -> {4C1E2F72-3952-4417-BB0A-5B413232F2BD} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-10-21] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-10-21] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-09-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-30] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-10-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-30] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-23] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-23] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-23] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-23] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 8b2c5xsk.default
FF ProfilePath: C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\8b2c5xsk.default [2017-11-15]
FF NewTab: Mozilla\Firefox\Profiles\8b2c5xsk.default -> hxxp://www.google.de/
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\8b2c5xsk.default -> Bing®
FF Homepage: Mozilla\Firefox\Profiles\8b2c5xsk.default -> hxxp://www.google.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\8b2c5xsk.default -> no_proxies_on", ""
FF NetworkProxy: Mozilla\Firefox\Profiles\8b2c5xsk.default -> type", 0
FF Extension: (AdBlocker Ultimate) - C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\8b2c5xsk.default\Extensions\adblockultimate@adblockultimate.net.xpi [2017-10-05]
FF Extension: (Proxy Tool) - C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\8b2c5xsk.default\Extensions\proxytool@proxylist.co.xpi [2017-08-15]
FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\8b2c5xsk.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-11-09]
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll [2017-10-25] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-25] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-23] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-23] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [bhldmkghjkldhclddpjebfjpaijaajmm] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fidikogfgleiaefnjbmnjaplmgknppkg] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-10-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-10-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-10-17] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1525240 2017-10-17] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [407408 2017-10-26] (Avira Operations GmbH & Co. KG)
R2 bckwfs; C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2619096 2016-08-19] (Blue Coat Systems, Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-11-10] ()
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2017-05-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122800 2017-10-04] (Microsoft Corporation)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2017\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [Datei ist nicht signiert]
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22816 2017-09-18] (Intel)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
R2 hp3ddgsrv; C:\WINDOWS\system32\HP3DDGService.exe [130072 2017-10-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [350312 2015-11-02] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [269480 2017-08-07] ()
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-09-16] (NVIDIA Corporation)
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20539168 2014-03-28] (NVIDIA Corporation)
S2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [124928 2015-07-02] (Softex Inc.) [Datei ist nicht signiert]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-11-02] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver and Support Assistant\SUR\SurSvc.exe [157456 2017-03-07] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
S2 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [44544 2015-03-03] (Synaptics Incorporated) [Datei ist nicht signiert]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3756200 2017-08-07] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [54296 2017-10-03] (HP)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [176224 2017-10-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-08-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 bckd; C:\WINDOWS\System32\drivers\bckd.sys [125144 2016-08-19] (Blue Coat Systems, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-10-04] ()
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [40472 2017-10-03] (HP)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2017-03-09] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [192952 2017-11-14] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-11-15] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [45504 2017-11-15] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-11-15] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-11-15] (Malwarebytes)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3521032 2017-10-10] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_f0b2a5e1e71031b3\nvlddmkm.sys [15620208 2017-10-16] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-11-02] (Realtek )
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [220672 2017-03-18] (Microsoft Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-03-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2015-04-20] (Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-15 16:03 - 2017-11-05 02:40 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-15 16:03 - 2017-11-05 02:40 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-15 15:58 - 2017-11-15 15:58 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-11-15 15:55 - 2017-11-15 15:55 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-11-15 15:54 - 2017-11-15 15:54 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-11-15 15:54 - 2017-11-15 15:54 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-11-15 15:54 - 2017-11-15 15:54 - 000045504 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-11-15 15:53 - 2017-11-15 15:53 - 000002426 _____ C:\WINDOWS\system32\default_error_stack-000001-000000.txt
2017-11-15 15:20 - 2017-11-15 15:51 - 000000000 ____D C:\AdwCleaner
2017-11-15 15:18 - 2017-11-15 15:18 - 008261584 _____ (Malwarebytes) C:\Users\Leonardo\Desktop\adwcleaner_7.0.4.0.exe
2017-11-15 15:03 - 2017-11-15 15:03 - 000002426 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt
2017-11-14 17:27 - 2017-11-14 17:27 - 000026917 _____ C:\Users\Leonardo\Desktop\Addition+Avira.zip
2017-11-14 16:40 - 2017-11-14 16:40 - 000129858 _____ C:\Users\Leonardo\Desktop\quarantaene.txt
2017-11-14 16:29 - 2017-11-14 16:29 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2017-11-14 16:25 - 2017-11-14 16:25 - 000083250 _____ C:\Users\Leonardo\Desktop\Addition.txt
2017-11-14 16:23 - 2017-11-15 16:02 - 000025573 _____ C:\Users\Leonardo\Desktop\FRST.txt
2017-11-14 16:23 - 2017-11-15 16:01 - 000000000 ____D C:\FRST
2017-11-14 16:22 - 2017-11-14 16:22 - 002392576 _____ (Farbar) C:\Users\Leonardo\Desktop\FRST64.exe
2017-11-13 20:52 - 2017-11-13 20:52 - 000000000 ___HD C:\$WINDOWS.~BT
2017-11-13 20:11 - 2017-11-15 15:54 - 000448112 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-13 19:47 - 2017-11-13 19:47 - 000000000 ____D C:\Users\Leonardo\Downloads\Intel Components
2017-11-13 19:45 - 2017-11-13 19:49 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2017-11-13 19:45 - 2017-11-13 19:45 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel
2017-11-13 19:45 - 2017-11-13 19:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver and Support Assistant
2017-11-13 19:44 - 2017-11-13 19:45 - 000002524 _____ C:\WINDOWS\System32\Tasks\USER_ESRV_SVC_QUEENCREEK
2017-11-13 19:44 - 2017-11-13 19:44 - 000000000 ____D C:\Program Files\Intel Driver and Support Assistant
2017-11-13 19:44 - 2016-10-18 17:14 - 000021984 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2017-11-13 17:58 - 2017-11-13 18:07 - 000000358 _____ C:\WINDOWS\Tasks\HPCeeScheduleForLeonardo.job
2017-11-13 17:58 - 2017-11-13 17:58 - 000003262 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForLeonardo
2017-11-10 17:23 - 2017-11-10 17:25 - 000001332 _____ C:\Users\Public\Desktop\Ashampoo WinOptimizer 2017.lnk
2017-11-10 17:23 - 2017-11-10 17:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2017-11-10 17:23 - 2009-08-24 22:13 - 000034304 _____ (mst software GmbH, Germany) C:\WINDOWS\system32\DfSdkBt.exe
2017-11-10 17:22 - 2017-11-13 19:56 - 000000000 ____D C:\ProgramData\Ashampoo
2017-11-10 17:22 - 2017-11-10 17:22 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2017-11-10 17:21 - 2017-11-13 20:41 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Razer
2017-11-10 16:36 - 2017-11-13 20:42 - 000000000 ____D C:\ProgramData\Razer
2017-11-10 16:36 - 2017-11-13 20:41 - 000000000 ____D C:\Program Files (x86)\Razer
2017-11-10 15:57 - 2017-11-10 15:57 - 000000000 ____D C:\Users\Leonardo\AppData\Local\UnrealEngine
2017-11-10 15:57 - 2017-11-10 15:57 - 000000000 ____D C:\Users\Leonardo\AppData\Local\TslGame
2017-11-09 19:27 - 2017-11-09 19:27 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-11-09 19:27 - 2017-11-09 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-09 19:27 - 2017-10-04 13:15 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-11-09 19:26 - 2017-11-09 19:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-09 19:26 - 2017-11-09 19:26 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-06 17:30 - 2017-11-06 17:30 - 001771051 _____ C:\Users\Leonardo\Downloads\Musterlösungen_SRÜ_Strahlung.zip
2017-11-06 17:30 - 2017-11-06 17:30 - 000001200 _____ C:\Users\Public\Desktop\Avira.lnk
2017-11-05 13:39 - 2017-11-05 13:39 - 000001823 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-11-05 13:39 - 2017-11-05 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-11-05 13:39 - 2017-11-05 13:39 - 000000000 ____D C:\Program Files\iPod
2017-11-05 13:38 - 2017-11-05 13:39 - 000000000 ____D C:\Program Files\iTunes
2017-10-30 23:36 - 2017-10-30 23:36 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\VOWSoft
2017-10-30 23:30 - 2017-10-30 23:31 - 001533960 _____ (CHIP Digital GmbH) C:\Users\Leonardo\Downloads\iBackupBot for iTunes - CHIP-Installer.exe
2017-10-28 17:39 - 2017-10-28 17:39 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-10-28 17:39 - 2017-10-28 17:39 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2017-10-26 10:55 - 2017-10-26 10:55 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-10-26 10:55 - 2017-07-20 18:21 - 000905504 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-10-26 10:55 - 2017-07-20 18:21 - 000776992 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-10-26 10:55 - 2017-07-20 18:21 - 000578848 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-10-26 10:55 - 2017-07-20 18:21 - 000477472 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-10-25 18:10 - 2017-10-25 18:10 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2017-10-25 18:09 - 2017-10-25 18:09 - 010427120 _____ (Piriform Ltd) C:\Users\Leonardo\Downloads\ccsetup536.exe
2017-10-23 18:47 - 2017-10-23 18:47 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-23 18:39 - 2017-09-30 06:45 - 000511896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2017-10-23 18:39 - 2017-09-30 06:40 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-10-23 18:39 - 2017-09-30 06:40 - 000173976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2017-10-23 18:39 - 2017-09-30 03:29 - 001408536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-23 18:39 - 2017-09-30 03:29 - 000804784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-10-23 18:39 - 2017-09-30 03:26 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-23 18:39 - 2017-09-30 03:26 - 001292872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-10-23 18:39 - 2017-09-30 03:10 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-10-23 18:39 - 2017-09-30 03:10 - 000606072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-10-23 18:39 - 2017-09-30 03:10 - 000508344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-23 18:39 - 2017-09-30 03:10 - 000480920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2017-10-23 18:39 - 2017-09-30 03:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-10-23 18:39 - 2017-09-30 03:09 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-10-23 18:39 - 2017-09-30 03:06 - 004471368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-10-23 18:39 - 2017-09-30 03:05 - 005827744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-10-23 18:39 - 2017-09-30 03:05 - 002603744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2017-10-23 18:39 - 2017-09-30 03:05 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-10-23 18:39 - 2017-09-30 03:05 - 000750488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-10-23 18:39 - 2017-09-30 03:05 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-10-23 18:39 - 2017-09-30 03:04 - 004215184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-10-23 18:39 - 2017-09-30 03:04 - 000612120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-10-23 18:39 - 2017-09-30 03:04 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-10-23 18:39 - 2017-09-30 03:04 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-10-23 18:39 - 2017-09-30 03:04 - 000347544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-23 18:39 - 2017-09-30 03:04 - 000182680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-10-23 18:39 - 2017-09-30 03:03 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-10-23 18:39 - 2017-09-30 03:03 - 006768288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-23 18:39 - 2017-09-30 03:03 - 001439032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-10-23 18:39 - 2017-09-30 03:02 - 000175512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-10-23 18:39 - 2017-09-30 03:01 - 000124544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-23 18:39 - 2017-09-29 08:45 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-10-23 18:39 - 2017-09-29 08:44 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-23 18:39 - 2017-09-29 08:43 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-10-23 18:39 - 2017-09-29 08:43 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-10-23 18:39 - 2017-09-29 08:43 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-10-23 18:39 - 2017-09-29 08:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll
2017-10-23 18:39 - 2017-09-29 08:41 - 013844992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-10-23 18:39 - 2017-09-29 08:41 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2017-10-23 18:39 - 2017-09-29 08:40 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-10-23 18:39 - 2017-09-29 08:40 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-10-23 18:39 - 2017-09-29 08:40 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-10-23 18:39 - 2017-09-29 08:39 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 001135616 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-10-23 18:39 - 2017-09-29 08:37 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2017-10-23 18:39 - 2017-09-29 08:37 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-10-23 18:39 - 2017-09-29 08:36 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-10-23 18:39 - 2017-09-29 08:34 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-23 18:39 - 2017-09-29 08:34 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-10-23 18:39 - 2017-09-29 08:34 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-10-23 18:39 - 2017-09-29 08:34 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-10-23 18:39 - 2017-09-29 08:33 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-10-23 18:39 - 2017-09-29 08:33 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-10-23 18:39 - 2017-09-29 08:33 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-10-23 18:39 - 2017-09-29 08:32 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-10-23 18:39 - 2017-09-29 08:32 - 002340864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-10-23 18:39 - 2017-09-29 08:32 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-23 18:39 - 2017-09-29 08:32 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-10-23 18:39 - 2017-09-29 08:32 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-10-23 18:39 - 2017-09-29 08:32 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-23 18:39 - 2017-09-29 08:31 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-10-23 18:39 - 2017-09-29 08:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-10-23 18:39 - 2017-09-29 08:29 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-10-23 18:39 - 2017-09-29 08:29 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-10-23 18:39 - 2017-09-29 08:28 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-10-23 18:39 - 2017-09-29 08:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-10-23 18:39 - 2017-09-29 08:28 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2017-10-23 18:39 - 2017-09-29 08:28 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2017-10-23 18:39 - 2017-09-29 08:28 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cipher.exe
2017-10-23 18:39 - 2017-09-29 08:24 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-10-23 18:39 - 2017-09-29 06:40 - 000804312 _____ C:\WINDOWS\SysWOW64\locale.nls
2017-10-23 18:39 - 2017-09-29 06:40 - 000804312 _____ C:\WINDOWS\system32\locale.nls
2017-10-23 18:39 - 2017-09-20 16:08 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-23 18:39 - 2017-09-20 16:08 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-23 18:39 - 2017-09-20 16:08 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-23 18:39 - 2017-09-19 00:09 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-10-23 18:39 - 2017-09-18 23:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2017-10-23 18:39 - 2017-09-18 23:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-10-23 18:39 - 2017-09-05 06:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-10-23 18:39 - 2017-09-05 06:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-10-23 18:39 - 2017-09-05 06:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-10-23 18:39 - 2017-09-05 06:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-10-23 18:39 - 2017-09-05 05:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-10-23 18:39 - 2017-09-05 05:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-10-23 18:39 - 2017-09-05 05:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-10-23 18:39 - 2017-09-05 05:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-10-23 18:39 - 2017-09-05 05:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-10-23 18:39 - 2017-09-05 05:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-10-23 18:39 - 2017-09-05 05:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-10-23 18:39 - 2017-09-05 05:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-10-23 18:39 - 2017-09-05 05:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-10-23 18:39 - 2017-09-05 05:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-10-23 18:39 - 2017-09-05 05:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-10-23 18:39 - 2017-09-05 05:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-10-23 18:39 - 2017-09-05 05:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-10-23 18:39 - 2017-09-05 05:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-10-23 18:39 - 2017-09-05 05:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-10-23 18:39 - 2017-09-05 05:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-10-23 18:39 - 2017-09-05 05:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-10-23 18:39 - 2017-09-05 05:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-10-23 18:39 - 2017-09-05 05:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-10-23 18:39 - 2017-09-05 05:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-10-23 18:39 - 2017-09-05 05:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-10-23 18:39 - 2017-09-05 05:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-10-23 18:39 - 2017-09-05 05:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-10-23 18:39 - 2017-09-05 05:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-10-23 18:39 - 2017-09-05 05:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-10-23 18:39 - 2017-09-05 05:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-10-23 18:39 - 2017-09-05 05:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-10-23 18:39 - 2017-09-05 05:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-10-23 18:39 - 2017-09-05 05:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-10-23 18:39 - 2017-09-05 05:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-10-23 18:39 - 2017-09-05 05:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-10-23 18:39 - 2017-09-05 05:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-10-23 18:39 - 2017-09-05 05:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-10-23 18:39 - 2017-09-05 05:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-10-23 18:39 - 2017-09-05 05:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-10-23 18:39 - 2017-09-05 05:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-10-23 18:39 - 2017-09-05 05:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-10-23 18:39 - 2017-09-05 05:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-10-23 18:39 - 2017-09-05 05:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-10-23 18:39 - 2017-09-05 05:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-10-23 18:39 - 2017-09-05 05:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-10-23 18:39 - 2017-09-05 05:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-10-23 18:39 - 2017-09-05 05:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-10-23 18:39 - 2017-09-05 05:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-10-23 18:39 - 2017-09-05 05:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-10-23 18:39 - 2017-09-05 05:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-10-23 18:39 - 2017-09-05 05:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-10-23 18:39 - 2017-09-05 05:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-10-23 18:39 - 2017-09-05 05:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-10-23 18:39 - 2017-09-05 05:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-10-23 18:39 - 2017-09-05 05:14 - 004544000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2017-10-23 18:39 - 2017-09-05 05:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-10-23 18:39 - 2017-09-05 05:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-10-23 18:39 - 2017-09-05 05:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-10-23 18:39 - 2017-09-05 05:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-10-23 18:39 - 2017-09-05 05:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-10-23 18:39 - 2017-09-05 05:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-10-23 18:39 - 2017-09-05 05:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-10-23 18:39 - 2017-09-05 05:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-10-23 18:39 - 2017-09-05 05:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-10-23 18:39 - 2017-09-05 05:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-10-23 18:39 - 2017-09-05 05:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-10-23 18:39 - 2017-09-05 05:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-10-23 18:39 - 2017-09-05 05:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-10-23 18:39 - 2017-09-05 05:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-10-23 18:39 - 2017-09-05 05:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-10-23 18:38 - 2017-09-30 06:51 - 000661224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-23 18:38 - 2017-09-30 06:49 - 001004136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-10-23 18:38 - 2017-09-30 06:49 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-10-23 18:38 - 2017-09-30 06:49 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-23 18:38 - 2017-09-30 06:48 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-23 18:38 - 2017-09-30 06:48 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-10-23 18:38 - 2017-09-30 06:48 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-23 18:38 - 2017-09-30 06:47 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-10-23 18:38 - 2017-09-30 06:47 - 001194792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-10-23 18:38 - 2017-09-30 06:44 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-23 18:38 - 2017-09-30 06:42 - 000820120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-10-23 18:38 - 2017-09-30 06:41 - 005304496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-10-23 18:38 - 2017-09-30 06:41 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-10-23 18:38 - 2017-09-30 06:41 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-10-23 18:38 - 2017-09-30 06:40 - 000724704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-10-23 18:38 - 2017-09-30 06:38 - 007910072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-23 18:38 - 2017-09-30 06:38 - 002239136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-10-23 18:38 - 2017-09-30 06:36 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-10-23 18:38 - 2017-09-30 06:36 - 000057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-10-23 18:38 - 2017-09-30 03:10 - 001150776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-10-23 18:38 - 2017-09-29 08:46 - 023678976 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-10-23 18:38 - 2017-09-29 08:39 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-10-23 18:38 - 2017-09-29 08:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-10-23 18:38 - 2017-09-29 08:36 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-23 18:38 - 2017-09-29 08:35 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-23 18:38 - 2017-09-29 08:34 - 017370624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-10-23 18:38 - 2017-09-29 08:34 - 006255616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-10-23 18:38 - 2017-09-29 08:33 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-10-23 18:38 - 2017-09-29 08:32 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-23 18:38 - 2017-09-29 08:32 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll
2017-10-23 18:38 - 2017-09-29 08:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-10-23 18:38 - 2017-09-29 08:31 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-10-23 18:38 - 2017-09-29 08:31 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-10-23 18:38 - 2017-09-29 08:30 - 023686144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-23 18:38 - 2017-09-29 08:29 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-10-23 18:38 - 2017-09-29 08:29 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-10-23 18:38 - 2017-09-29 08:29 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-10-23 18:38 - 2017-09-29 08:29 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-10-23 18:38 - 2017-09-29 08:28 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-10-23 18:38 - 2017-09-29 08:28 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-23 18:38 - 2017-09-29 08:27 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-10-23 18:38 - 2017-09-29 08:27 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-23 18:38 - 2017-09-29 08:27 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2017-10-23 18:38 - 2017-09-29 08:26 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-10-23 18:38 - 2017-09-29 08:25 - 008199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-10-23 18:38 - 2017-09-29 08:25 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-10-23 18:38 - 2017-09-29 08:24 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-10-23 18:38 - 2017-09-29 08:23 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-10-23 18:38 - 2017-09-29 08:23 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-23 18:38 - 2017-09-29 08:23 - 003140096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-10-23 18:38 - 2017-09-29 08:23 - 001887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-10-23 18:38 - 2017-09-29 08:23 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-10-23 18:38 - 2017-09-29 08:23 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-23 18:38 - 2017-09-29 08:22 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-10-23 18:38 - 2017-09-29 08:21 - 003304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-10-23 18:38 - 2017-09-29 08:21 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-10-23 18:38 - 2017-09-29 08:21 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-23 18:38 - 2017-09-29 08:21 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-10-23 18:38 - 2017-09-29 08:20 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-10-23 18:38 - 2017-09-29 08:20 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2017-10-23 18:38 - 2017-09-29 08:20 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-23 18:38 - 2017-09-29 08:20 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2017-10-23 18:38 - 2017-09-29 08:19 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-10-23 18:38 - 2017-09-29 08:19 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2017-10-23 18:38 - 2017-09-29 08:19 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-10-23 18:38 - 2017-09-29 08:18 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2017-10-23 18:38 - 2017-09-29 08:18 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-10-23 18:38 - 2017-09-19 00:20 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-10-23 18:38 - 2017-09-19 00:20 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-10-23 18:38 - 2017-09-19 00:17 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-10-23 18:38 - 2017-09-19 00:17 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-10-23 18:38 - 2017-09-18 23:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2017-10-23 18:38 - 2017-09-18 23:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-10-23 18:38 - 2017-09-05 06:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-10-23 18:38 - 2017-09-05 06:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-10-23 18:38 - 2017-09-05 06:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-10-23 18:38 - 2017-09-05 06:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-10-23 18:38 - 2017-09-05 06:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-10-23 18:38 - 2017-09-05 06:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-10-23 18:38 - 2017-09-05 06:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-10-23 18:38 - 2017-09-05 06:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-10-23 18:38 - 2017-09-05 06:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-10-23 18:38 - 2017-09-05 06:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-10-23 18:38 - 2017-09-05 06:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-10-23 18:38 - 2017-09-05 06:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-10-23 18:38 - 2017-09-05 06:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-10-23 18:38 - 2017-09-05 06:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-10-23 18:38 - 2017-09-05 06:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-10-23 18:38 - 2017-09-05 06:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-10-23 18:38 - 2017-09-05 06:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-10-23 18:38 - 2017-09-05 06:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-10-23 18:38 - 2017-09-05 05:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-10-23 18:38 - 2017-09-05 05:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-10-23 18:38 - 2017-09-05 05:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-10-23 18:38 - 2017-09-05 05:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-10-23 18:38 - 2017-09-05 05:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-10-23 18:38 - 2017-09-05 05:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-10-23 18:38 - 2017-09-05 05:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-10-23 18:38 - 2017-09-05 05:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-10-23 18:38 - 2017-09-05 05:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-10-23 18:38 - 2017-09-05 05:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-10-23 18:38 - 2017-09-05 05:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-10-23 18:38 - 2017-09-05 05:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-10-23 18:38 - 2017-09-05 05:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-10-23 18:38 - 2017-09-05 05:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-10-23 18:38 - 2017-09-05 05:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-10-23 18:38 - 2017-09-05 05:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-10-23 18:38 - 2017-09-05 05:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-10-23 18:38 - 2017-09-05 05:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-10-23 18:38 - 2017-09-05 05:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-10-23 18:38 - 2017-09-05 05:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-10-23 18:38 - 2017-09-05 05:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-10-23 18:38 - 2017-09-05 05:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-10-23 18:38 - 2017-09-05 05:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-10-23 18:38 - 2017-09-05 05:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-10-23 18:38 - 2017-09-05 05:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-10-23 18:38 - 2017-09-05 05:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-10-23 18:38 - 2017-09-05 05:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-10-23 18:38 - 2017-09-05 05:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-10-23 18:38 - 2017-09-05 05:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-10-23 18:38 - 2017-09-05 05:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-10-23 18:38 - 2017-09-05 05:19 - 005776384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2017-10-23 18:38 - 2017-09-05 05:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-10-23 18:38 - 2017-09-05 05:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-10-23 18:38 - 2017-09-05 05:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-10-23 18:38 - 2017-09-05 05:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-10-23 18:38 - 2017-09-05 05:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-10-23 18:38 - 2017-09-05 05:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-10-23 18:38 - 2017-09-05 05:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-10-23 18:38 - 2017-09-05 05:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-10-23 18:38 - 2017-09-05 05:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-10-23 18:38 - 2017-09-05 05:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-10-23 18:38 - 2017-09-05 05:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-10-23 18:38 - 2017-09-05 05:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-10-23 18:38 - 2017-09-05 05:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-10-23 18:38 - 2017-09-05 05:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-10-23 18:38 - 2017-09-01 06:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-10-23 18:37 - 2017-09-30 06:52 - 001595152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-23 18:37 - 2017-09-30 06:51 - 001458320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-23 18:37 - 2017-09-30 06:51 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-10-23 18:37 - 2017-09-30 06:50 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-10-23 18:37 - 2017-09-30 06:50 - 001068208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-10-23 18:37 - 2017-09-30 06:50 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-10-23 18:37 - 2017-09-30 06:48 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2017-10-23 18:37 - 2017-09-30 06:44 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-10-23 18:37 - 2017-09-30 06:43 - 007318888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-10-23 18:37 - 2017-09-30 06:43 - 002442136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-10-23 18:37 - 2017-09-30 06:42 - 004848952 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-10-23 18:37 - 2017-09-30 06:42 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-23 18:37 - 2017-09-30 06:41 - 005477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-10-23 18:37 - 2017-09-30 06:41 - 002086808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-10-23 18:37 - 2017-09-30 06:41 - 000961944 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-10-23 18:37 - 2017-09-30 06:41 - 000651672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-10-23 18:37 - 2017-09-30 06:41 - 000257432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-10-23 18:37 - 2017-09-30 06:41 - 000228248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-23 18:37 - 2017-09-30 06:40 - 000642680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-23 18:37 - 2017-09-30 06:40 - 000558912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-10-23 18:37 - 2017-09-30 06:40 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-23 18:37 - 2017-09-30 06:40 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2017-10-23 18:37 - 2017-09-30 06:40 - 000072944 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2017-10-23 18:37 - 2017-09-30 06:39 - 021351760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-10-23 18:37 - 2017-09-30 06:39 - 000203672 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-10-23 18:37 - 2017-09-29 08:34 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-10-23 18:37 - 2017-09-29 08:33 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-23 18:37 - 2017-09-29 08:32 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-10-23 18:37 - 2017-09-29 08:32 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-10-23 18:37 - 2017-09-29 08:32 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-10-23 18:37 - 2017-09-29 08:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-10-23 18:37 - 2017-09-29 08:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-10-23 18:37 - 2017-09-29 08:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2017-10-23 18:37 - 2017-09-29 08:30 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-10-23 18:37 - 2017-09-29 08:30 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-10-23 18:37 - 2017-09-29 08:30 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2017-10-23 18:37 - 2017-09-29 08:30 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-10-23 18:37 - 2017-09-29 08:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-23 18:37 - 2017-09-29 08:29 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-23 18:37 - 2017-09-29 08:29 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-23 18:37 - 2017-09-29 08:29 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-10-23 18:37 - 2017-09-29 08:29 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-10-23 18:37 - 2017-09-29 08:29 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe
2017-10-23 18:37 - 2017-09-29 08:28 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-23 18:37 - 2017-09-29 08:28 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-10-23 18:37 - 2017-09-29 08:28 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-10-23 18:37 - 2017-09-29 08:28 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-10-23 18:37 - 2017-09-29 08:27 - 001321984 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2017-10-23 18:37 - 2017-09-29 08:27 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-10-23 18:37 - 2017-09-29 08:27 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2017-10-23 18:37 - 2017-09-29 08:27 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-23 18:37 - 2017-09-29 08:27 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-10-23 18:37 - 2017-09-29 08:27 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-10-23 18:37 - 2017-09-29 08:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-23 18:37 - 2017-09-29 08:26 - 001468928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-23 18:37 - 2017-09-29 08:26 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-10-23 18:37 - 2017-09-29 08:26 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-10-23 18:37 - 2017-09-29 08:26 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2017-10-23 18:37 - 2017-09-29 08:26 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-10-23 18:37 - 2017-09-29 08:25 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-10-23 18:37 - 2017-09-29 08:25 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-10-23 18:37 - 2017-09-29 08:24 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-23 18:37 - 2017-09-29 08:24 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-10-23 18:37 - 2017-09-29 08:24 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-23 18:37 - 2017-09-29 08:24 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-10-23 18:37 - 2017-09-29 08:24 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-10-23 18:37 - 2017-09-29 08:23 - 002446336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-10-23 18:37 - 2017-09-29 08:23 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-10-23 18:37 - 2017-09-29 08:22 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-23 18:37 - 2017-09-29 08:22 - 001438208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-10-23 18:37 - 2017-09-29 08:22 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-10-23 18:37 - 2017-09-29 08:21 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-23 18:37 - 2017-09-29 08:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-10-23 18:37 - 2017-09-29 08:21 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll
2017-10-23 18:37 - 2017-09-29 08:21 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2017-10-23 18:37 - 2017-09-29 08:20 - 001811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-10-23 18:37 - 2017-09-29 08:20 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2017-10-23 18:37 - 2017-09-29 08:19 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-10-23 18:37 - 2017-09-29 08:18 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-10-23 18:37 - 2017-09-29 08:18 - 001527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-10-23 18:37 - 2017-09-29 08:18 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-10-23 18:37 - 2017-09-29 08:18 - 000603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-10-23 18:37 - 2017-09-29 08:18 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-10-23 18:37 - 2017-09-29 08:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2017-10-23 18:37 - 2017-09-29 08:18 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\cipher.exe
2017-10-23 18:37 - 2017-09-19 00:18 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-10-23 18:37 - 2017-09-19 00:17 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-10-23 18:37 - 2017-09-19 00:11 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-10-23 18:37 - 2017-09-18 23:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2017-10-23 18:37 - 2017-09-18 23:23 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2017-10-23 18:37 - 2017-09-05 06:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-10-23 18:37 - 2017-09-05 06:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-10-23 18:37 - 2017-09-05 06:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-10-23 18:37 - 2017-09-05 06:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-10-23 18:37 - 2017-09-05 06:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-10-23 18:37 - 2017-09-05 06:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-10-23 18:37 - 2017-09-05 06:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-10-23 18:37 - 2017-09-05 06:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-10-23 18:37 - 2017-09-05 06:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-10-23 18:37 - 2017-09-05 06:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-10-23 18:37 - 2017-09-05 06:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-10-23 18:37 - 2017-09-05 06:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-10-23 18:37 - 2017-09-05 06:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-10-23 18:37 - 2017-09-05 06:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-10-23 18:37 - 2017-09-05 06:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-10-23 18:37 - 2017-09-05 06:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-10-23 18:37 - 2017-09-05 05:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-10-23 18:37 - 2017-09-05 05:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-10-23 18:37 - 2017-09-05 05:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-10-23 18:37 - 2017-09-05 05:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-10-23 18:37 - 2017-09-05 05:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-10-23 18:37 - 2017-09-05 05:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-10-23 18:37 - 2017-09-05 05:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-10-23 18:37 - 2017-09-05 05:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-10-23 18:37 - 2017-09-05 05:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-10-23 18:37 - 2017-09-05 05:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-10-23 18:37 - 2017-09-05 05:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-10-23 18:37 - 2017-09-05 05:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-10-23 18:37 - 2017-09-05 05:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-10-23 18:37 - 2017-09-05 05:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-10-23 18:37 - 2017-09-05 05:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-10-23 18:37 - 2017-09-05 05:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-10-23 18:37 - 2017-09-05 05:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-10-23 18:37 - 2017-09-05 05:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-10-23 18:37 - 2017-09-05 05:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-10-23 18:37 - 2017-09-05 05:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-10-23 18:37 - 2017-09-05 05:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-10-23 18:37 - 2017-09-05 05:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-10-23 18:37 - 2017-09-05 05:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-10-23 18:37 - 2017-09-05 05:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-10-23 18:37 - 2017-09-05 05:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-10-23 18:37 - 2017-09-05 05:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-10-23 18:37 - 2017-09-05 05:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-10-23 18:37 - 2017-09-05 05:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-10-23 18:37 - 2017-09-05 05:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-10-23 18:37 - 2017-09-05 05:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-10-23 18:37 - 2017-09-05 05:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-10-23 18:37 - 2017-09-05 05:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-10-23 18:37 - 2017-09-05 05:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-10-23 18:37 - 2017-09-05 05:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-10-23 18:37 - 2017-09-05 05:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-10-23 18:37 - 2017-09-05 05:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-10-23 18:37 - 2017-09-05 05:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-10-23 18:37 - 2017-09-05 05:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-10-23 18:37 - 2017-09-05 05:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-10-23 18:37 - 2017-09-05 05:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-10-23 18:37 - 2017-09-05 05:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-10-23 18:37 - 2017-09-05 05:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-10-23 18:37 - 2017-09-05 05:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-10-23 18:37 - 2017-09-05 05:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-10-23 18:37 - 2017-09-05 05:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-10-23 18:37 - 2017-09-05 05:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-10-23 18:37 - 2017-09-05 05:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-10-23 18:37 - 2017-09-05 05:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-10-23 18:37 - 2017-09-05 05:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-10-23 18:37 - 2017-09-05 05:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-10-23 18:37 - 2017-09-05 05:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-10-23 18:37 - 2017-09-05 05:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-10-23 18:37 - 2017-09-05 05:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-10-23 18:37 - 2017-09-05 05:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-10-23 18:37 - 2017-09-05 05:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-10-19 18:09 - 2017-10-19 18:09 - 001314569 _____ C:\Users\Leonardo\Downloads\SEC_Folien_RT_Kapitel2.pdf
2017-10-16 00:18 - 2017-10-16 00:18 - 035934136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-10-16 00:18 - 2017-10-16 00:18 - 029028792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-10-16 00:13 - 2017-10-16 00:13 - 000981616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-10-16 00:13 - 2017-10-16 00:13 - 000932976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-10-16 00:13 - 2017-10-16 00:13 - 000618424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-10-16 00:13 - 2017-10-16 00:13 - 000507832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-10-16 00:12 - 2017-10-16 00:12 - 001996912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438569.dll
2017-10-16 00:12 - 2017-10-16 00:12 - 001615288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438569.dll
2017-10-16 00:12 - 2017-10-16 00:12 - 001076664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-10-16 00:12 - 2017-10-16 00:12 - 001013872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-10-16 00:11 - 2017-10-16 00:11 - 040248760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-10-16 00:11 - 2017-10-16 00:11 - 035322808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-10-16 00:11 - 2017-10-16 00:11 - 023343840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-10-16 00:11 - 2017-10-16 00:11 - 019023464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-10-16 00:11 - 2017-10-16 00:11 - 012357696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-10-16 00:11 - 2017-10-16 00:11 - 010184544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-10-16 00:11 - 2017-10-16 00:11 - 004153784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-10-16 00:11 - 2017-10-16 00:11 - 003584440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-10-16 00:10 - 2017-10-16 00:10 - 001312216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-10-16 00:10 - 2017-10-16 00:10 - 001026600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-10-16 00:10 - 2017-10-16 00:10 - 000797568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-10-16 00:10 - 2017-10-16 00:10 - 000705448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-10-16 00:10 - 2017-10-16 00:10 - 000631592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-10-16 00:10 - 2017-10-16 00:10 - 000592024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-10-16 00:09 - 2017-10-16 00:09 - 013912344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-10-16 00:09 - 2017-10-16 00:09 - 011804040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-10-16 00:09 - 2017-10-16 00:09 - 003753392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-15 16:00 - 2017-05-14 11:32 - 005482730 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-15 16:00 - 2017-03-20 05:35 - 002744128 _____ C:\WINDOWS\system32\perfh007.dat
2017-11-15 16:00 - 2017-03-20 05:35 - 000716676 _____ C:\WINDOWS\system32\perfc007.dat
2017-11-15 15:58 - 2017-05-14 12:05 - 000004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F2DAF3C6-4610-4899-99BA-B5505364FA34}
2017-11-15 15:55 - 2015-03-29 11:13 - 000000000 __SHD C:\Users\Leonardo\IntelGraphicsProfiles
2017-11-15 15:54 - 2017-05-14 11:31 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-15 15:53 - 2017-05-14 12:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-15 15:53 - 2017-05-14 11:28 - 000000000 ____D C:\ProgramData\Validity
2017-11-15 15:52 - 2017-03-18 12:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-11-15 15:51 - 2017-05-14 11:32 - 000000000 ____D C:\Users\Leonardo
2017-11-15 15:50 - 2017-08-02 13:46 - 000000000 ____D C:\ProgramData\IObit
2017-11-15 15:50 - 2017-06-02 13:43 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Downloaded Installations
2017-11-15 15:48 - 2017-08-02 13:47 - 000000000 ____D C:\Users\Leonardo\AppData\LocalLow\IObit
2017-11-15 15:48 - 2017-08-02 13:46 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\IObit
2017-11-15 15:48 - 2017-08-02 13:46 - 000000000 ____D C:\Program Files (x86)\IObit
2017-11-15 15:47 - 2017-05-14 11:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-15 15:42 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-15 15:21 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-14 20:01 - 2015-04-02 14:15 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Spotify
2017-11-14 19:41 - 2015-04-02 14:15 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Spotify
2017-11-14 18:29 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-11-14 15:04 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-13 20:52 - 2017-05-08 11:36 - 000000000 ___DC C:\WINDOWS\Panther
2017-11-13 20:42 - 2015-05-15 14:34 - 000000000 ____D C:\Program Files (x86)\Steam
2017-11-13 19:56 - 2014-08-05 02:36 - 000000000 ____D C:\ProgramData\Intel
2017-11-13 19:55 - 2015-10-30 07:28 - 000000000 ____D C:\Users\Default.migrated
2017-11-13 19:54 - 2017-05-14 11:30 - 000000000 ____D C:\Program Files\Intel
2017-11-13 19:54 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-11-13 19:54 - 2015-05-05 16:36 - 000000000 ____D C:\Program Files\Common Files\Intel
2017-11-13 19:54 - 2014-08-05 02:31 - 000000000 ____D C:\Program Files (x86)\Intel
2017-11-13 19:53 - 2014-08-05 02:46 - 000000000 ____D C:\ProgramData\Package Cache
2017-11-10 18:18 - 2015-05-26 14:10 - 000000000 ____D C:\Users\Leonardo\AppData\LocalLow\Temp
2017-11-10 17:45 - 2017-03-01 15:48 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\DS4Windows
2017-11-10 16:19 - 2015-03-29 11:13 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Packages
2017-11-10 15:57 - 2015-03-29 11:13 - 000000000 ____D C:\Users\Leonardo\AppData\Local\NVIDIA Corporation
2017-11-07 20:07 - 2016-12-09 15:55 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Google
2017-11-07 20:07 - 2016-12-09 15:55 - 000000000 ____D C:\Program Files (x86)\Google
2017-11-07 20:06 - 2016-11-02 19:57 - 000000000 ____D C:\ProgramData\Skype
2017-11-07 19:53 - 2015-03-30 13:47 - 000000000 ____D C:\Users\Leonardo\AppData\Local\CrashDumps
2017-11-06 17:30 - 2015-04-29 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-11-03 14:08 - 2017-07-27 17:14 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2329687503-3892960193-289530943-1001
2017-11-03 14:08 - 2015-09-26 17:21 - 000002436 _____ C:\Users\Leonardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-03 14:08 - 2015-03-29 11:16 - 000000000 __RDO C:\Users\Leonardo\OneDrive
2017-10-30 23:21 - 2016-11-15 17:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-10-30 23:21 - 2015-03-29 11:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-28 17:39 - 2015-12-23 17:46 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-10-26 16:50 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-10-26 10:55 - 2015-06-24 13:06 - 000000000 ____D C:\TEMP
2017-10-26 08:52 - 2015-09-10 06:37 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-25 18:53 - 2017-03-20 05:35 - 000000000 ____D C:\WINDOWS\system32\de
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\setup
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-10-25 18:52 - 2017-03-18 22:03 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-10-25 18:52 - 2017-03-18 22:03 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2017-10-25 18:43 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-10-25 18:10 - 2017-10-06 14:31 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-10-25 18:10 - 2017-10-06 14:31 - 000000000 ____D C:\Program Files\CCleaner
2017-10-25 17:29 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-10-25 17:29 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-10-23 19:08 - 2015-03-29 22:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-23 18:46 - 2015-03-29 22:44 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-23 16:31 - 2014-05-06 20:53 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-10-21 13:20 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-10-16 16:43 - 2017-03-18 12:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-10-16 00:18 - 2017-02-10 17:58 - 015620208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2017-10-16 00:09 - 2017-02-10 17:48 - 004256264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-11-13 18:52
==================== Ende von FRST.txt ============================
|
|
15.11.2017, 16:08
| #6 |
| | Win10 Adware+Trojaner? Leistungsabfall und Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-11-2017 03
durchgeführt von Leonardo (15-11-2017 16:03:35)
Gestartet von C:\Users\Leonardo\Desktop
Windows 10 Home Version 1703 15063.674 (X64) (2017-05-14 11:17:40)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2329687503-3892960193-289530943-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2329687503-3892960193-289530943-503 - Limited - Disabled)
Gast (S-1-5-21-2329687503-3892960193-289530943-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2329687503-3892960193-289530943-1003 - Limited - Enabled)
Leonardo (S-1-5-21-2329687503-3892960193-289530943-1001 - Administrator - Enabled) => C:\Users\Leonardo
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
. . (HKLM\...\{8FD6FE5A-E1E1-47F3-BBE6-FE2B1364DCB8}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{2394186A-5445-4293-B739-352009350342}) (Version: 3.0.0.9 - Intel) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.183 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.69 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Ashampoo WinOptimizer 2017 (HKLM-x32\...\{4209F371-6CE9-533C-2CDC-94E053273B35}_is1) (Version: 14.00.04 - Ashampoo GmbH & Co. KG)
Avira (HKLM-x32\...\{bd94e862-c44b-4f68-98ca-b35ddf9dbbfc}) (Version: 1.2.98.37213 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{D03EC4B7-E520-4A6F-974C-4F48533838EC}) (Version: 1.2.98.37213 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.32.12 - Avira Operations GmbH & Co. KG)
AzureTools.Notifications (HKLM-x32\...\{3FBFCF2C-392A-4632-9442-14C305B44D5E}) (Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (HKLM-x32\...\{0B5E43C7-965D-4AF4-A33E-5FA35B6660C8}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (HKLM-x32\...\{EBC890A6-DE7C-44B4-AA03-119B6190D3E1}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (HKLM-x32\...\{81ABB3E1-2F83-4422-B836-8F705B850BBB}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (HKLM-x32\...\{0C03A66F-1FF0-45F9-8D67-0D806EBFFBA1}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blue Coat K9 Web Protection (HKLM\...\Blue Coat K9 Web Protection) (Version: 4.5.1001 - Blue Coat Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Build Tools - amd64 (HKLM\...\{F74753A3-C93C-34F5-A199-993CAF602B7D}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (HKLM-x32\...\{FB3A15FD-FC67-3A2F-892B-6890B0C56EA9}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (HKLM\...\{0C697351-1576-384C-B478-080FEADF30D8}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (HKLM-x32\...\{118528BF-8504-33A4-940B-DCA4EB96C0FB}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.4.03034 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{EB629A98-5E69-40E8-BA9E-C393899F959D}) (Version: 4.4.03034 - Cisco Systems, Inc.) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2013 (HKLM-x32\...\{B2686344-675D-36A1-8736-708DE7B1FC2E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dotfuscator and Analytics Community Edition (HKLM-x32\...\{2386192E-D6DB-4AD2-9564-65586A0AE53E}) (Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (HKLM-x32\...\{4288C330-5D64-42EA-886A-8F1FFEB3EF2B}) (Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Eco Materials Adviser for Autodesk Inventor 2014 (64-bit) (HKLM\...\{530B8614-C5DE-475B-AF6F-71BED461552C}) (Version: 4.4.1.0 - Granta Design Limited)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{4BBA238C-9E5D-40F9-8AC6-FACB736752B9}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.46 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.5.37.19 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.8.37.11 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{36F80C5F-DC0D-4DF4-AF09-DC1867F0EB0A}) (Version: 2.4.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.46 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.46 - Softex Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{8B4EA042-9E21-46FB-8286-225F4D51CC52}) (Version: 4.2.41.2710 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{FD46588A-DB19-4C43-B657-EA898E280812}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{01f3f6b8-1a81-4b10-b51f-f69af12e1d69}) (Version: 3.0.0.9 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{8060a69f-ee27-444b-b126-775f861232ea}) (Version: 20.0.2 - Intel Corporation)
iTunes (HKLM\...\{24607015-8D34-4AF3-9092-AC83847AE073}) (Version: 12.7.1.14 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JavaScript Tooling (HKLM\...\{2044FC4C-4EA3-4113-BC1E-962DF568D201}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Language Pack (DEU) für freigegebene Windows Azure-Komponenten für Microsoft Visual Studio 2013 - v1.0 (HKLM-x32\...\{49851B40-6615-4D06-82E0-5F7636AA4092}) (Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
LocalESPC Dev12 (HKLM-x32\...\{492498A3-F88C-FE2F-755C-9B1B91724CA5}) (Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de Dev12 (HKLM-x32\...\{C21CC041-4347-804E-1BB0-87AC539335C7}) (Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8201.2200 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{c59d30df-4d25-44da-be52-3e17381c68c1}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Mozilla Firefox 56.0.2 (x64 de) (HKLM\...\Mozilla Firefox 56.0.2 (x64 de)) (Version: 56.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.2.6506 - Mozilla)
NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.69 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.22 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8201.2200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8201.2200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8201.2200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (HKLM-x32\...\{3EA16E23-14D2-466A-8268-D7CD40DC46B6}) (Version: 2.5.5631 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (HKLM-x32\...\{63045916-32E7-31D6-BD8E-C13406E137B5}) (Version: 4.5.21005 - Microsoft Corporation) Hidden
PlanetSide 2 (HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
PreEmptive Analytics Client German Language Pack (HKLM-x32\...\{C0C08B71-8D97-47C0-91E2-D8F570A06994}) (Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{943F3FB1-3F9C-4FB7-A4E2-6D53617068C3}) (Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Python Tools - Umleitungsvorlage (HKLM-x32\...\{24AF7EE2-5C90-4BC6-BAAB-BB8D1EB570A0}) (Version: 1.1 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.40 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
SharePoint Client Components (HKLM\...\{95150001-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 1.8.315 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Spotify) (Version: 1.0.67.582.g19436fa3 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Synaptics WBF DDK (HKLM\...\{963DDEF5-52CF-4313-81D9-B186B89C0A57}) (Version: 4.5.289.0 - Synaptics)
Team Explorer for Microsoft Visual Studio 2013 (HKLM-x32\...\{C9E7751E-88ED-36CF-B610-71A1D262E906}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
WCF Data Services 5.6.0 DEU Language Pack (HKLM-x32\...\{284F5338-4886-460A-BE3E-E510888517BA}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (HKLM-x32\...\{46910786-E4AC-41E4-A4A0-C086EA85242D}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (HKLM-x32\...\{BF3E2194-F89B-44FB-A801-464BF787599F}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 DEU Language Pack (HKLM-x32\...\{7204D64A-D3C5-4781-929C-A8D4BF55819C}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Workflow Manager Client 1.0 (HKLM\...\{F9286DE4-666B-44A9-8257-7827FF70359F}) (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (HKLM\...\{CF706662-0A17-4493-846E-721686927968}) (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> "C:\Program Files\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> "C:\Program Files\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> "C:\Program Files\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\InvTXTStack.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => Keine Datei
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-10-17] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-11-02] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2015-11-02] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-09-16] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-10-17] (Avira Operations GmbH & Co. KG)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {021F7221-DB1E-4587-B7C1-A38C481685D2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {0338615A-3266-42D6-8B1B-ED001B710EE3} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {BA9C316D-A77B-4652-A148-2A9C7BDECFFC} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: {05317D0A-02FA-4A3C-AABB-CAA9AC4D4E6E} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2015-07-02] (Hewlett-Packard)
Task: {11ADB3E3-7435-4670-9A2F-CC4536453454} - System32\Tasks\S-1-5-21-2329687503-3892960193-289530943-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation)
Task: {21CDE175-C14C-4EC6-9892-764D058DC999} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-04] (Microsoft Corporation)
Task: {23E2B0CD-F7A0-4BC7-9A8D-8B3187D494A2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-23] ()
Task: {26F7A6B2-58D7-4E66-9503-C1A762D3BD5F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-10-21] (Microsoft Corporation)
Task: {277C640F-38E5-485C-9033-DE565DEC973B} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2017-10-17] (Avira Operations GmbH & Co. KG)
Task: {27BA89CD-9179-4D98-B0E3-02705881E70A} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {374A0DD5-C6E6-4EE5-AB8A-27F2F15E65FA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {3BE4452C-D2F1-4B0A-9665-D098EB5CD368} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-10-21] (Microsoft Corporation)
Task: {3EBBF7D3-A56A-4202-8D87-295404C12863} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {409F1EF7-D11F-43D3-B286-0B5662AD2121} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {45C1CE52-26AD-43C0-B1BD-5B1734DF0265} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {465BAAFE-F0E7-4E1F-B2C3-0817461F8855} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {4D7FE53A-5889-42D1-8904-2ACFCAD2AC55} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {62A2E126-5195-4B9D-9AF6-F44C53D76B46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd)
Task: {6ADA7647-CD34-428F-94ED-23EE8323B893} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd)
Task: {6B93E546-AB44-4071-B404-B098A3C8BBF0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {6CC65CE6-330F-4BE8-832A-D6C932B39FE3} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
Task: {70DD82E1-D657-4111-93E0-B518420DE686} - System32\Tasks\{22499B4E-3F08-4E9B-9DA4-500F1E745333} => C:\Windows\system32\pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {7233E710-2C82-4641-8680-0D055EC28E9C} - System32\Tasks\{91E1B231-7FA7-4AFC-AC83-A01D526AB719} => C:\Windows\system32\pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {747B9D86-6A53-4D2C-AFB0-5336A249073A} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2015-07-02] (Hewlett-Packard)
Task: {76387D1C-D525-4C90-AD05-8DBCA70E5341} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {7D9A5BCC-AB7F-4B4B-8C74-2CD13F9F3698} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe
Task: {7E137034-D59C-4A3D-9A80-61F1B5682722} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {8024EFB5-7E67-49D6-8D97-C02C53727C0F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {860CE3F9-0B38-4D12-8E49-8800B8ABD887} - System32\Tasks\HPCeeScheduleForLeonardo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {96A50A45-4E40-409F-9C0F-866EBFC6BD5E} - System32\Tasks\EPSON XP-312 313 315 Series Update {BA9C316D-A77B-4652-A148-2A9C7BDECFFC} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: {9CF03812-E9FD-4B08-8A81-0C1DF6D59B28} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-04] (Microsoft Corporation)
Task: {A230BB56-2EEE-4B5E-AE9F-F326089FDDA7} - System32\Tasks\EPSON XP-312 313 315 Series Update {FC56C74F-5415-4549-8235-283E0587E55B} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: {AB0E694D-6642-497B-AD1F-B97390F4741D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {AE3B21BE-84AC-4510-9706-9B3C6B90F01D} - System32\Tasks\avastBCLRestart_firefox.exe => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {B37E3ACC-AEA3-4426-B3AB-5D2C6F211097} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {B440F306-4776-4AA2-A6C6-A0C919A878BC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {B773FCBE-F578-4197-B41B-05A56CAE74EF} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
Task: {BE21072B-41EB-41BA-AF24-23D127B233AC} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2015-07-02] (Hewlett-Packard)
Task: {BF3F48E8-6FC7-446E-B4B2-DE637BA20E16} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {C27DB605-F816-4AC7-9670-3CBC43A1F509} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {FC56C74F-5415-4549-8235-283E0587E55B} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: {C35BE54D-4DA0-4A10-898F-10503FD30C57} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {CC70C4E1-6156-404B-AEAD-25F80980004E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CD8C8E07-7CE0-4DE0-BB7F-0D2545664648} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-10-21] (Microsoft Corporation)
Task: {D18C7CC2-F1A9-4BE3-A386-A9E1F0AFABDE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {D99885DE-A15E-4CDB-9127-246A8F58E36C} - System32\Tasks\{D5FB6E9E-18FD-460D-8A7C-0B90D89024C4} => C:\Windows\system32\pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {E1237023-9DA6-410D-9646-13CEED17FBDB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {F1A829C5-ED3C-4A60-BE18-655F373725AB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-09-25] (HP Inc.)
Task: {F844FDA7-97A7-4CBC-BE3E-7BED3812D936} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-10-11] (HP Inc.)
Task: {FD68CEA8-6964-4F63-8DDA-1444AECBCB6B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-25] (Adobe Systems Incorporated)
Task: {FF0D7A0D-8481-49BE-A618-223B6EE68E1F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-23] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Invitation {BA9C316D-A77B-4652-A148-2A9C7BDECFFC}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Invitation {FC56C74F-5415-4549-8235-283E0587E55B}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Update {BA9C316D-A77B-4652-A148-2A9C7BDECFFC}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{BA9C316D-A77B-4652-A148-2A9C7BDECFFC} /F:UpdateWORKGROUP\LEOSPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Update {FC56C74F-5415-4549-8235-283E0587E55B}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{FC56C74F-5415-4549-8235-283E0587E55B} /F:UpdateWORKGROUP\LEOSPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\HPCeeScheduleForLeonardo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-11-13 19:44 - 2017-03-07 19:15 - 000824592 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
2017-11-13 19:44 - 2017-03-07 19:18 - 001981712 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_modeler.dll
2017-11-13 19:44 - 2017-03-07 19:10 - 000248080 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\acpi_battery_input.dll
2017-11-13 19:44 - 2017-03-07 19:09 - 000213776 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\wifi_input.dll
2017-11-13 19:44 - 2017-03-07 19:10 - 000175376 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\devices_use_input.dll
2017-11-13 19:44 - 2017-03-07 19:09 - 000204048 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_system_power_state_input.dll
2017-11-13 19:44 - 2017-03-07 19:08 - 000337680 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_process_input.dll
2017-11-13 19:44 - 2017-03-07 19:05 - 000148240 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_winstat_input.dll
2017-11-13 19:44 - 2017-03-07 19:05 - 000178448 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_acdc_setting_input.dll
2017-11-13 19:44 - 2017-03-07 19:10 - 000213776 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\sema_thermal_input.dll
2017-11-13 19:44 - 2017-03-07 19:06 - 000229648 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_quality_and_reliability_input.dll
2017-11-13 19:44 - 2017-03-07 19:07 - 000225040 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_sampler_input.dll
2017-11-13 19:44 - 2017-03-07 19:05 - 000212752 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_stress_odometer_input.dll
2017-11-13 19:44 - 2017-03-07 19:07 - 000220432 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_turbo_input.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-09 19:27 - 2017-10-04 13:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-11-09 19:27 - 2017-10-04 13:15 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-07 19:04 - 2017-03-07 19:04 - 000157456 _____ () C:\Program Files\Intel Driver and Support Assistant\SUR\SurSvc.exe
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 21:59 - 2017-03-20 05:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-13 19:44 - 2017-03-07 19:13 - 000747792 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
2017-11-13 19:44 - 2017-03-07 19:11 - 000238864 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\foreground_window_input.dll
2017-11-13 19:44 - 2017-03-07 19:08 - 000218384 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_user_waiting_input.dll
2017-05-17 13:16 - 2017-05-17 13:16 - 000073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\sony.com -> sony.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Leonardo\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\xyzjzul.jpg
DNS Servers: 192.168.2.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\StartupFolder: => "Proxomitron - Verknüpfung.lnk"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\StartupFolder: => "Proxomitron - Verknüpfung.lnk"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{B5716AB0-B7F1-464C-AFB1-C21B74282FFF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DDE308C8-AD7D-41ED-B9B7-1674F02FB338}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{0855A4F0-FF0A-4DE1-9B87-A09B8E815A9F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{26F116CB-9A48-413E-B4ED-6AC504DE34C5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CF4555A0-BB44-42ED-84F8-B875C44FD0AB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{72EE13C6-A4A1-4905-833F-4572EC1027C9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0A6E62EE-AA19-4E03-A466-78D9B2CC95E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{54924409-5B5C-4889-9958-942DF4C669D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{165016FB-773E-40BD-AAA5-0D9DFC3780CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C74A4257-BC41-4659-9D9F-7D2BADF81DC1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{24E97DA4-EAF2-4FD0-B298-FEB105EB3F2D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7F5F2110-F52A-4BF3-B3E2-4A55747C2243}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1507B54F-4E61-471D-AFF4-888F3B29F212}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{1B96B93F-5A96-4692-80E1-D2875EC2BB62}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [TCP Query User{11D2781F-2A1A-471A-90CD-66211E157542}C:\users\leonardo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leonardo\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6AA388DE-B937-4FB1-A260-FBA7E5C95559}C:\users\leonardo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leonardo\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{5F04D073-3398-4870-A2AB-48B38DD80198}C:\users\leonardo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leonardo\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{777084FD-91F9-4661-886C-D228503ECE14}C:\users\leonardo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leonardo\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{C7E3830B-418A-4D16-95D3-A41C81DEC73E}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{644EBB51-F3A8-42F3-B5A1-410785B86FA1}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [{B42D3B73-86D9-4F53-91AB-4D2A5FC5A9D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E228C6BA-2DAC-4F76-920E-1DFCDD051EF5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{E9D9FA23-F6BD-4BB4-8A38-F59530F2914F}C:\users\leonardo\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\leonardo\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{D845339C-DE1F-4023-AF32-5E177E61D84F}C:\users\leonardo\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\leonardo\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{5DCE9CB4-6EB7-42B1-ABB3-5C046378E95F}C:\users\leonardo\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\leonardo\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{B4C09D3B-9D60-4B55-B503-B30D822F4F29}C:\users\leonardo\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\leonardo\appdata\local\akamai\netsession_win.exe
FirewallRules: [{5BDCC8E7-5B26-4CB0-BFB0-94C07FE40AAC}] => (Allow) C:\Users\Leonardo\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{17BA23BC-EDFA-4E07-B179-BBB80B85D5E1}] => (Allow) C:\Users\Leonardo\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{C6D18CF8-9337-4B4B-9C34-CB8A0D7FFBCA}] => (Allow) C:\Users\Leonardo\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{C87207D0-67AE-404C-9B67-47F23239E152}] => (Allow) C:\Users\Leonardo\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{DFF91E19-0CF0-4E8D-AE51-04CCB0653575}] => (Allow) C:\Users\Leonardo\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{1025977F-F07B-4FA3-84E9-9FFF8999FB3B}] => (Allow) C:\Users\Leonardo\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{BE91D5EB-71F7-452B-BC70-A8AA81DF05A9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3B09438E-8EBE-4AB4-8DC6-C519201F2F3F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6DC77217-28A7-40A5-BCAA-5AE892713806}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6AAE15A1-2474-4B47-8B1B-26457EEEAE9D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B33FB65C-E570-4B5A-99B8-3DEB2FEE4147}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D4AB001F-4584-4F32-814B-09EA951101EF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C44A9C7C-0BE8-4CCE-A481-D919715D54D0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ABE69CFF-3499-4D55-A476-9E412E8B5AB9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{A0E00CD6-CDCA-451E-874A-8E4EFBB6052B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{08EF3A72-122F-4742-A19F-542359EFE8C0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{787B377B-9DA2-4463-A002-45F38585A337}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{5DEB92F6-A42B-4FDB-9C6B-7638EC99E440}] => (Allow) LPort=12292
FirewallRules: [{5DFC9FA7-AEFE-44BE-A49A-C6EAC781F194}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4794455F-70F0-46F4-8811-DE8404D6F45F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{978FA865-7F7F-4F50-AE74-8E4AD8A72AD4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{7ECB6170-E492-4F2A-B55D-0A6263829BC2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{4D437832-33B4-44A7-BB8F-D62EC56A1423}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{62BF6454-78CE-4CB5-9F1F-5E2093CC8337}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{926C0F11-D505-42FF-8078-7F9FABB4F516}C:\program files (x86)\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{65C96C66-E09B-44BA-B264-C7A3398C162F}C:\program files (x86)\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{C7ACE5E1-FD5F-40AD-8B20-9B95126F7B46}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{612B702D-4296-4614-839A-B2846F6C914E}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{1061D3EC-A54F-4631-A8B4-B845077B90DA}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
==================== Wiederherstellungspunkte =========================
14-11-2017 15:01:52 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 #2
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/15/2017 03:54:09 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (11/15/2017 03:54:09 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (11/15/2017 03:54:09 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (11/15/2017 03:54:09 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (11/15/2017 03:54:09 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (11/15/2017 03:54:09 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (11/15/2017 03:53:56 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (11/15/2017 03:53:56 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (11/15/2017 03:33:35 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\redist\1031\vcredist_arm.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/15/2017 03:12:00 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Systemfehler:
=============
Error: (11/15/2017 03:58:05 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/15/2017 03:53:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "USER_ESRV_SVC_QUEENCREEK" wurde mit folgendem Fehler beendet:
%%497
Error: (11/15/2017 03:53:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "hpsrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (11/15/2017 03:53:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst hpsrv erreicht.
Error: (11/15/2017 03:53:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "omniserv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (11/15/2017 03:53:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst omniserv erreicht.
Error: (11/15/2017 03:53:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (11/15/2017 03:52:08 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll
Error: (11/15/2017 03:52:08 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll
Error: (11/15/2017 03:51:59 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll
CodeIntegrity:
===================================
Date: 2017-10-16 17:44:37.290
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-16 17:44:37.277
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 16314.15 MB
Verfügbarer physikalischer RAM: 13318.75 MB
Summe virtueller Speicher: 18746.15 MB
Verfügbarer virtueller Speicher: 15682.12 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:909.51 GB) (Free:763.59 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:20.05 GB) (Free:1.97 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E1B0F7F4)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
15.11.2017, 21:19
| #7 |
| /// TB-Ausbilder | Win10 Adware+Trojaner? Leistungsabfall Servus, Schritt 1
Schritt 2
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
16.11.2017, 18:31
| #8 |
| | Win10 Adware+Trojaner? Leistungsabfall Hallo Matthias, danke nochmal für die starke Unterstützung. Hier die FixlogFile: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-11-2017
durchgeführt von Leonardo (16-11-2017 17:58:44) Run:1
Gestartet von C:\Users\Leonardo\Desktop
Geladene Profile: Leonardo (Verfügbare Profile: Leonardo)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CloseProcesses:
Task: {021F7221-DB1E-4587-B7C1-A38C481685D2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {374A0DD5-C6E6-4EE5-AB8A-27F2F15E65FA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {3EBBF7D3-A56A-4202-8D87-295404C12863} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {409F1EF7-D11F-43D3-B286-0B5662AD2121} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {4D7FE53A-5889-42D1-8904-2ACFCAD2AC55} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {8024EFB5-7E67-49D6-8D97-C02C53727C0F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {AB0E694D-6642-497B-AD1F-B97390F4741D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {AE3B21BE-84AC-4510-9706-9B3C6B90F01D} - System32\Tasks\avastBCLRestart_firefox.exe => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {B37E3ACC-AEA3-4426-B3AB-5D2C6F211097} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {BF3F48E8-6FC7-446E-B4B2-DE637BA20E16} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {C35BE54D-4DA0-4A10-898F-10503FD30C57} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {CC70C4E1-6156-404B-AEAD-25F80980004E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
CMD: dir "C:\"
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
*****************
Prozesse erfolgreich geschlossen.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{021F7221-DB1E-4587-B7C1-A38C481685D2} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{021F7221-DB1E-4587-B7C1-A38C481685D2} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{374A0DD5-C6E6-4EE5-AB8A-27F2F15E65FA} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{374A0DD5-C6E6-4EE5-AB8A-27F2F15E65FA} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3EBBF7D3-A56A-4202-8D87-295404C12863} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EBBF7D3-A56A-4202-8D87-295404C12863} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{409F1EF7-D11F-43D3-B286-0B5662AD2121} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{409F1EF7-D11F-43D3-B286-0B5662AD2121} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D7FE53A-5889-42D1-8904-2ACFCAD2AC55} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D7FE53A-5889-42D1-8904-2ACFCAD2AC55} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8024EFB5-7E67-49D6-8D97-C02C53727C0F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8024EFB5-7E67-49D6-8D97-C02C53727C0F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AB0E694D-6642-497B-AD1F-B97390F4741D} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB0E694D-6642-497B-AD1F-B97390F4741D} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE3B21BE-84AC-4510-9706-9B3C6B90F01D} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE3B21BE-84AC-4510-9706-9B3C6B90F01D} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\avastBCLRestart_firefox.exe => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avastBCLRestart_firefox.exe => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B37E3ACC-AEA3-4426-B3AB-5D2C6F211097} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B37E3ACC-AEA3-4426-B3AB-5D2C6F211097} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BF3F48E8-6FC7-446E-B4B2-DE637BA20E16} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF3F48E8-6FC7-446E-B4B2-DE637BA20E16} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C35BE54D-4DA0-4A10-898F-10503FD30C57} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C35BE54D-4DA0-4A10-898F-10503FD30C57} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC70C4E1-6156-404B-AEAD-25F80980004E} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC70C4E1-6156-404B-AEAD-25F80980004E} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt
========= dir "%ProgramFiles%" =========
Datentr„ger in Laufwerk C: ist Windows
Volumeseriennummer: E413-645F
Verzeichnis von C:\Program Files
13.11.2017 19:44 <DIR> .
13.11.2017 19:44 <DIR> ..
06.05.2014 20:52 <DIR> 7-Zip
04.05.2016 21:26 <DIR> Application Verifier
09.12.2016 12:35 <DIR> Autodesk
27.08.2017 16:43 <DIR> Blue Coat K9 Web Protection
23.12.2015 17:46 <DIR> Bonjour
25.10.2017 18:10 <DIR> CCleaner
14.05.2017 11:42 <DIR> Common Files
05.08.2014 03:16 <DIR> Hewlett-Packard
14.05.2017 11:42 <DIR> IIS
04.05.2016 21:22 <DIR> IIS Express
13.11.2017 19:54 <DIR> Intel
13.11.2017 19:44 <DIR> Intel Driver and Support Assistant
25.10.2017 18:53 <DIR> Internet Explorer
05.11.2017 13:39 <DIR> iPod
05.11.2017 13:39 <DIR> iTunes
09.11.2017 19:26 <DIR> Malwarebytes
04.05.2016 21:29 <DIR> Microsoft Identity Extensions
22.10.2016 11:34 <DIR> Microsoft Office 15
15.06.2017 12:04 <DIR> Microsoft Silverlight
04.05.2016 21:27 <DIR> Microsoft SQL Server
04.05.2016 21:27 <DIR> Microsoft SQL Server Compact Edition
04.05.2016 21:09 <DIR> Microsoft Visual Studio 12.0
14.05.2017 11:58 <DIR> MSBuild
01.06.2017 13:38 <DIR> NVIDIA Corporation
14.05.2017 11:31 <DIR> Realtek
14.05.2017 12:09 <DIR> Reference Assemblies
08.10.2016 13:15 <DIR> SharePoint Client Components
14.05.2017 11:42 <DIR> Synaptics
03.05.2017 08:12 <DIR> UNP
12.07.2017 16:57 <DIR> Windows Defender
14.05.2017 12:09 <DIR> Windows Identity Foundation
25.10.2017 18:53 <DIR> Windows Mail
20.03.2017 05:36 <DIR> Windows Media Player
18.03.2017 22:03 <DIR> Windows Multimedia Platform
14.05.2017 12:17 <DIR> Windows NT
25.10.2017 18:53 <DIR> Windows Photo Viewer
18.03.2017 22:03 <DIR> Windows Portable Devices
18.03.2017 22:03 <DIR> Windows Security
18.03.2017 22:03 <DIR> WindowsPowerShell
0 Datei(en), 0 Bytes
41 Verzeichnis(se), 814.982.373.376 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramFiles(x86)%" =========
Datentr„ger in Laufwerk C: ist Windows
Volumeseriennummer: E413-645F
Verzeichnis von C:\Program Files (x86)
13.11.2017 19:45 <DIR> .
13.11.2017 19:45 <DIR> ..
13.08.2015 13:52 <DIR> Adobe
30.03.2015 13:59 <DIR> AGEIA Technologies
28.10.2017 17:39 <DIR> Apple Software Update
04.05.2016 21:26 <DIR> Application Verifier
10.11.2017 17:22 <DIR> Ashampoo
06.07.2015 17:32 <DIR> Avira
23.12.2015 17:46 <DIR> Bonjour
18.09.2017 14:40 <DIR> Cisco
13.11.2017 20:41 <DIR> Common Files
02.02.2016 20:38 <DIR> FreeCodecPack
07.11.2017 20:07 <DIR> Google
23.12.2015 17:01 <DIR> Hewlett-Packard
02.11.2015 19:19 <DIR> HP
04.05.2016 21:14 <DIR> HTML Help Workshop
04.05.2016 21:22 <DIR> IIS
04.05.2016 21:22 <DIR> IIS Express
10.12.2016 10:31 <DIR> iMobie
13.11.2017 19:54 <DIR> Intel
13.11.2017 19:49 <DIR> Intel Driver and Support Assistant
25.10.2017 18:53 <DIR> Internet Explorer
15.11.2017 15:48 <DIR> IObit
30.08.2015 14:27 <DIR> Java
29.04.2015 09:43 <DIR> McAfee
04.05.2016 21:29 <DIR> Microsoft
04.05.2016 21:24 <DIR> Microsoft ASP.NET
04.05.2016 21:14 <DIR> Microsoft Help Viewer
23.10.2017 16:31 <DIR> Microsoft Office
04.05.2016 21:30 <DIR> Microsoft SDKs
15.06.2017 12:04 <DIR> Microsoft Silverlight
04.05.2016 21:27 <DIR> Microsoft SQL Server
04.05.2016 21:27 <DIR> Microsoft SQL Server Compact Edition
10.05.2017 14:39 <DIR> Microsoft Visual Studio 12.0
04.05.2016 21:22 <DIR> Microsoft WCF Data Services
04.05.2016 21:23 <DIR> Microsoft Web Tools
06.08.2015 22:29 <DIR> Microsoft WSE
14.05.2017 11:42 <DIR> Microsoft.NET
30.10.2017 23:21 <DIR> Mozilla Firefox
30.10.2017 23:21 <DIR> Mozilla Maintenance Service
14.05.2017 11:42 <DIR> MSBuild
04.05.2016 21:22 <DIR> NuGet
14.05.2017 11:42 <DIR> NVIDIA Corporation
29.03.2015 11:13 <DIR> Online Services
04.05.2016 21:29 <DIR> Open XML SDK
09.12.2016 14:00 <DIR> PTC
23.12.2015 17:38 <DIR> QuickTime
13.11.2017 20:41 <DIR> Razer
02.11.2015 20:04 <DIR> Realtek
14.05.2017 12:09 <DIR> Reference Assemblies
06.10.2017 16:04 <DIR> Spybot - Search & Destroy 2
13.11.2017 20:42 <DIR> Steam
26.10.2017 10:55 <DIR> VulkanRT
29.03.2015 11:20 <DIR> WildTangent Games
12.07.2017 16:57 <DIR> Windows Defender
04.05.2016 21:25 <DIR> Windows Kits
25.10.2017 18:53 <DIR> Windows Mail
20.03.2017 05:36 <DIR> Windows Media Player
18.03.2017 22:03 <DIR> Windows Multimedia Platform
18.03.2017 22:03 <DIR> Windows NT
25.10.2017 18:53 <DIR> Windows Photo Viewer
18.03.2017 22:03 <DIR> Windows Portable Devices
18.03.2017 22:03 <DIR> WindowsPowerShell
04.05.2016 21:29 <DIR> Workflow Manager Tools
0 Datei(en), 0 Bytes
64 Verzeichnis(se), 814.982.311.936 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramData%" =========
Datentr„ger in Laufwerk C: ist Windows
Volumeseriennummer: E413-645F
Verzeichnis von C:\ProgramData
13.08.2015 13:54 <DIR> Adobe
23.12.2015 17:45 <DIR> Apple
29.03.2015 12:53 <DIR> Apple Computer
13.01.2016 16:36 <DIR> Application Data
13.11.2017 19:56 <DIR> Ashampoo
09.12.2016 14:14 <DIR> Autodesk
02.08.2017 13:47 <DIR> AVAST Software
11.06.2015 10:50 <DIR> Avira
11.08.2015 13:52 <DIR> boost_interprocess
20.12.2016 19:20 <DIR> Canneverbe Limited
18.09.2017 14:40 <DIR> Cisco
16.07.2016 12:47 <DIR> Comms
09.12.2016 14:01 <DIR> CyberLink
04.05.2016 18:28 <DIR> Dynasim
08.07.2015 13:56 <DIR> E1864A66-75E3-486a-BD95-D1B7D99A84A7
09.12.2016 14:00 <DIR> EPSON
06.08.2015 22:32 <DIR> FARO
06.08.2015 22:55 <DIR> FLEXnet
28.12.2015 15:24 <DIR> Hewlett-Packard
01.06.2016 09:15 <DIR> HP
05.08.2014 03:13 <DIR> install_clap
13.11.2017 19:56 <DIR> Intel
15.11.2017 15:50 <DIR> IObit
09.11.2017 19:26 <DIR> Malwarebytes
29.04.2015 09:43 <DIR> McAfee
14.05.2017 12:21 <DIR> Microsoft OneDrive
29.03.2015 11:31 <DIR> Mozilla
04.05.2016 21:22 <DIR> NuGet
16.11.2017 17:58 <DIR> NVIDIA
14.05.2017 11:42 <DIR> NVIDIA Corporation
30.08.2015 14:27 <DIR> Oracle
13.11.2017 19:53 <DIR> Package Cache
09.12.2016 13:28 <DIR> PDF Architect 4
14.01.2016 21:41 <DIR> pdfforge
04.05.2016 21:24 <DIR> PreEmptive Solutions
02.08.2017 13:47 <DIR> ProductData
13.11.2017 20:42 <DIR> Razer
21.10.2017 13:20 <DIR> regid.1991-06.com.microsoft
14.07.2015 15:13 <DIR> Riot Games
05.08.2014 02:45 <DIR> Roaming
07.11.2017 20:06 <DIR> Skype
18.03.2017 22:03 <DIR> SoftwareDistribution
06.10.2017 16:01 <DIR> Spybot - Search & Destroy
11.05.2015 13:41 <DIR> Sun
05.08.2014 02:50 <DIR> Synaptics
05.08.2014 03:13 <DIR> Temp
14.05.2017 11:38 <DIR> USOPrivate
14.05.2017 11:38 <DIR> USOShared
15.11.2017 15:53 <DIR> Validity
02.08.2017 13:52 <DIR> VS Revo Group
29.03.2015 11:20 <DIR> WildTangent
04.05.2016 21:26 <DIR> Windows App Certification Kit
20.03.2017 05:37 <DIR> WindowsHolographicDevices
0 Datei(en), 0 Bytes
53 Verzeichnis(se), 814.982.250.496 Bytes frei
========= Ende von CMD: =========
========= dir "%Appdata%" =========
Datentr„ger in Laufwerk C: ist Windows
Volumeseriennummer: E413-645F
Verzeichnis von C:\Users\Leonardo\AppData\Roaming
30.10.2017 23:36 <DIR> .
30.10.2017 23:36 <DIR> ..
13.08.2015 13:53 <DIR> Adobe
10.04.2015 12:01 <DIR> Apple Computer
06.08.2015 22:58 <DIR> Autodesk
09.11.2015 12:56 <DIR> AVAST Software
29.04.2015 09:39 <DIR> Avira
20.12.2016 19:20 <DIR> Canneverbe Limited
30.04.2015 13:47 <DIR> CyberLink
10.11.2017 17:45 <DIR> DS4Windows
22.12.2016 13:04 <DIR> DVDVideoSoft
04.05.2016 18:28 <DIR> Dynasim
13.07.2015 13:46 <DIR> EFX
29.03.2015 11:38 <DIR> Hewlett-Packard
05.05.2015 15:31 <DIR> hpqlog
03.04.2015 15:49 <DIR> Identities
09.12.2016 12:32 <DIR> iMobie
29.03.2015 11:13 <DIR> Intel
15.11.2017 15:48 <DIR> IObit
29.01.2016 23:08 <DIR> LolClient
29.03.2015 11:19 <DIR> Macromedia
29.03.2015 11:31 <DIR> Mozilla
19.08.2015 23:10 <DIR> NVIDIA
05.10.2016 08:48 <DIR> PDF Architect 4
13.07.2015 17:19 <DIR> ptc
24.04.2015 20:16 <DIR> Riot Games
09.11.2016 01:41 <DIR> Skype
15.11.2017 16:34 <DIR> Spotify
30.08.2015 14:27 <DIR> Sun
29.03.2015 11:13 <DIR> Synaptics
26.07.2017 19:34 <DIR> TS3Client
30.10.2017 23:36 <DIR> VOWSoft
29.03.2015 11:20 <DIR> WildTangent
0 Datei(en), 0 Bytes
33 Verzeichnis(se), 814.982.189.056 Bytes frei
========= Ende von CMD: =========
========= dir "%LocalAppdata%" =========
Datentr„ger in Laufwerk C: ist Windows
Volumeseriennummer: E413-645F
Verzeichnis von C:\Users\Leonardo\AppData\Local
14.11.2017 14:51 <DIR> .
14.11.2017 14:51 <DIR> ..
23.12.2015 16:26 <DIR> ActiveSync
19.01.2017 16:56 <DIR> Adobe
04.11.2016 12:41 <DIR> Akamai
29.03.2015 12:51 <DIR> Apple
29.03.2015 12:54 <DIR> Apple Computer
21.02.2017 22:55 <DIR> Arktos Entertainment
09.12.2016 14:14 <DIR> Autodesk
06.08.2015 22:58 <DIR> Autodesk,_Inc
06.08.2015 21:50 <DIR> CEF
29.03.2015 23:06 <DIR> Cisco
27.03.2017 19:01 <DIR> Comms
14.05.2017 12:27 <DIR> ConnectedDevicesPlatform
07.11.2017 19:53 <DIR> CrashDumps
21.02.2017 22:51 <DIR> CrashRpt
07.04.2015 16:38 <DIR> CyberLink
27.08.2015 09:36 <DIR> Daybreak Game Company
17.05.2017 06:50 <DIR> DBG
18.09.2017 13:39 <DIR> Diagnostics
15.11.2017 15:50 <DIR> Downloaded Installations
30.06.2015 16:59 <DIR> Eclipse
18.09.2017 13:39 <DIR> ElevatedDiagnostics
21.02.2017 22:51 <DIR> FredaikisAB
07.11.2017 20:07 <DIR> Google
06.08.2015 22:55 <DIR> Granta Design
24.07.2015 13:27 <DIR> GWX
04.01.2016 16:13 <DIR> Hewlett-Packard
09.12.2016 12:32 <DIR> iMobie_Inc
29.03.2015 13:25 <DIR> Macromedia
03.08.2017 17:05 <DIR> Microsoft
06.12.2015 15:42 <DIR> Microsoft Help
26.09.2015 23:57 <DIR> MicrosoftEdge
29.03.2015 11:31 <DIR> Mozilla
26.09.2015 17:20 <DIR> NetworkTiles
30.03.2015 13:49 <DIR> NVIDIA
10.11.2017 15:57 <DIR> NVIDIA Corporation
10.11.2017 16:19 <DIR> Packages
26.07.2015 22:44 <DIR> Programs
13.07.2015 17:20 <DIR> PTC
26.09.2015 17:18 <DIR> Publishers
13.11.2017 20:41 <DIR> Razer
29.03.2015 13:12 <DIR> SCE
30.03.2015 13:48 <DIR> Sony Online Entertainment
15.11.2017 16:53 <DIR> Spotify
21.02.2017 22:13 <DIR> Steam
02.07.2016 14:03 <DIR> TeamSpeak 3 Client
16.11.2017 17:49 <DIR> Temp
26.09.2015 17:17 <DIR> TileDataLayer
10.11.2017 15:57 <DIR> TslGame
03.05.2017 08:54 <DIR> UNP
10.11.2017 15:57 <DIR> UnrealEngine
20.12.2016 19:18 <DIR> VirtualStore
20.08.2015 00:01 <DIR> Warframe
0 Datei(en), 0 Bytes
54 Verzeichnis(se), 814.982.135.808 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramFiles(x86)%" =========
Datentr„ger in Laufwerk C: ist Windows
Volumeseriennummer: E413-645F
Verzeichnis von C:\Program Files (x86)\Common Files
13.11.2017 20:41 <DIR> .
13.11.2017 20:41 <DIR> ..
13.08.2015 13:52 <DIR> Adobe
23.12.2015 17:46 <DIR> Apple
09.12.2016 14:14 <DIR> Autodesk Shared
10.11.2017 20:10 <DIR> BattlEye
21.10.2017 13:19 <DIR> DESIGNER
22.12.2016 13:04 <DIR> DVDVideoSoft
05.08.2014 02:39 <DIR> InstallShield
14.05.2017 11:30 <DIR> Intel
05.08.2014 02:44 <DIR> Intel Corporation
15.11.2017 15:48 <DIR> IObit
30.08.2015 14:27 <DIR> Java
29.04.2015 09:43 <DIR> mcafee
04.05.2016 21:25 <DIR> Merge Modules
04.05.2016 21:25 <DIR> Microsoft
21.10.2017 13:19 <DIR> Microsoft Shared
05.08.2014 03:14 <DIR> Nikon
05.08.2014 02:35 <DIR> postureAgent
18.03.2017 22:03 <DIR> Services
10.11.2017 15:57 <DIR> Steam
20.03.2017 05:35 <DIR> System
0 Datei(en), 0 Bytes
22 Verzeichnis(se), 814.981.206.016 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramW6432%" =========
Datentr„ger in Laufwerk C: ist Windows
Volumeseriennummer: E413-645F
Verzeichnis von C:\Program Files\Common Files
14.05.2017 11:42 <DIR> .
14.05.2017 11:42 <DIR> ..
27.03.2017 10:17 <DIR> Apple
29.03.2015 13:01 <DIR> EPSON
13.11.2017 19:54 <DIR> Intel
14.05.2017 11:42 <DIR> microsoft shared
18.03.2017 22:03 <DIR> Services
20.03.2017 05:35 <DIR> System
0 Datei(en), 0 Bytes
8 Verzeichnis(se), 814.981.152.768 Bytes frei
========= Ende von CMD: =========
========= dir "%UserProfile%" =========
Datentr„ger in Laufwerk C: ist Windows
Volumeseriennummer: E413-645F
Verzeichnis von C:\Users\Leonardo
15.11.2017 15:51 <DIR> .
15.11.2017 15:51 <DIR> ..
29.05.2015 14:07 <DIR> .android
25.07.2016 18:33 <DIR> .cisco
30.08.2015 14:27 <DIR> .oracle_jre_usage
26.10.2017 08:52 <DIR> Contacts
16.11.2017 17:58 <DIR> Desktop
26.10.2017 08:52 <DIR> Documents
13.11.2017 19:47 <DIR> Downloads
26.10.2017 08:52 <DIR> Favorites
02.11.2015 19:43 <DIR> Intel
03.11.2017 14:08 <DIR> Links
26.10.2017 08:52 <DIR> Music
03.11.2017 14:08 <DIR> OneDrive
26.10.2017 08:52 <DIR> Pictures
05.08.2014 02:45 <DIR> Roaming
26.10.2017 08:52 <DIR> Saved Games
26.10.2017 08:52 <DIR> Searches
02.11.2016 19:58 <DIR> Tracing
26.10.2017 08:52 <DIR> Videos
11.05.2015 15:48 <DIR> workspace
0 Datei(en), 0 Bytes
21 Verzeichnis(se), 814.981.091.328 Bytes frei
========= Ende von CMD: =========
========= dir "C:\" =========
Datentr„ger in Laufwerk C: ist Windows
Volumeseriennummer: E413-645F
Verzeichnis von C:\
15.11.2017 15:51 <DIR> AdwCleaner
06.08.2015 21:48 <DIR> Autodesk
29.03.2015 16:16 <DIR> Crash
07.11.2007 07:00 17.734 eula.1028.txt
07.11.2007 07:00 17.734 eula.1031.txt
07.11.2007 07:00 10.134 eula.1033.txt
07.11.2007 07:00 17.734 eula.1036.txt
07.11.2007 07:00 17.734 eula.1040.txt
07.11.2007 07:00 118 eula.1041.txt
07.11.2007 07:00 17.734 eula.1042.txt
07.11.2007 07:00 17.734 eula.2052.txt
07.11.2007 07:00 17.734 eula.3082.txt
16.11.2017 17:59 <DIR> FRST
07.11.2007 07:00 1.110 globdata.ini
14.05.2017 12:09 <DIR> inetpub
07.11.2007 07:03 562.688 install.exe
07.11.2007 07:00 843 install.ini
07.11.2007 07:03 76.304 install.res.1028.dll
07.11.2007 07:03 96.272 install.res.1031.dll
07.11.2007 07:03 91.152 install.res.1033.dll
07.11.2007 07:03 97.296 install.res.1036.dll
07.11.2007 07:03 95.248 install.res.1040.dll
07.11.2007 07:03 81.424 install.res.1041.dll
07.11.2007 07:03 79.888 install.res.1042.dll
07.11.2007 07:03 75.792 install.res.2052.dll
07.11.2007 07:03 96.272 install.res.3082.dll
26.09.2015 17:17 <DIR> Intel
21.02.2017 22:12 <DIR> Logs
18.03.2017 22:03 <DIR> PerfLogs
13.01.2016 16:43 126 Prefs.js
13.11.2017 19:44 <DIR> Program Files
13.11.2017 19:45 <DIR> Program Files (x86)
24.04.2015 20:27 <DIR> rads
29.03.2015 12:23 <DIR> Riot Games
13.01.2016 16:37 <DIR> searchplugins
04.01.2016 18:58 <DIR> SWSetup
26.10.2017 10:55 <DIR> TEMP
14.05.2017 11:42 <DIR> Users
07.11.2007 07:00 5.686 vcredist.bmp
07.11.2007 07:09 1.442.522 VC_RED.cab
07.11.2007 07:12 232.960 VC_RED.MSI
15.11.2017 16:04 <DIR> Windows
25 Datei(en), 3.169.973 Bytes
17 Verzeichnis(se), 814.981.029.888 Bytes frei
========= Ende von CMD: =========
================== ExportKey: ===================
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Extensions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\TemporaryPaths]
=== Ende von ExportKey ===
========= RemoveProxy: =========
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => Schlüssel erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 52516368 B
Java, Flash, Steam htmlcache => 223278328 B
Windows/system/drivers => 831614 B
Edge => 0 B
Chrome => 0 B
Firefox => 398510922 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 5714 B
NetworkService => 0 B
Leonardo => 20240025 B
RecycleBin => 0 B
EmptyTemp: => 673.4 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 18:00:03 ====
Code:
ATTFilter Farbar Recovery Scan Tool (x64) Version: 15-11-2017
durchgeführt von Leonardo (16-11-2017 18:07:21)
Gestartet von C:\Users\Leonardo\Desktop
Start-Modus: Normal
================== Datei-Suche: "SearchAll: Advanced SystemCare;AdvancedSystemCare;web companion;webcompanion;Pokki;ASCDownloader;LavasoftTcpService;chip 1-click;chip1-click;Chip Digital" =============
Datei:
========
C:\SYSTEM.SAV\Logs\PokkiInstall.log
[2014-08-05 03:14][2014-08-05 03:15] 000000026 _____ () F3E76567156B8DE2B16E865853D54398 [Datei ist nicht signiert]
C:\SYSTEM.SAV\Logs\wizinstallerPokki.log
[2014-08-05 03:14][2014-08-05 03:15] 000000912 _____ () B33F7E57DB1831A4D8DF353D6A28271F [Datei ist nicht signiert]
C:\SYSTEM.SAV\Logs\BB\Pokki.LOG
[2014-08-05 03:14][2014-08-05 03:15] 000001251 _____ () 32F80AF5AB837283B3075FE72CED6F69 [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\zdGc81tBDK\LavasoftTcpServiceOff.ini
[2017-11-15 15:50][2016-01-13 16:36] 000002848 _____ () AD932F8F5FED2C8AE219C6BB452C86D2 [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\xrpMCARCr4\LavasoftTcpServiceOff.ini
[2017-11-15 15:50][2016-01-13 16:36] 000002848 _____ () AD932F8F5FED2C8AE219C6BB452C86D2 [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\sMlaZTXC1O\LavasoftTcpService64.dll
[2017-11-15 15:50][2016-01-13 16:36] 000425744 _____ (Lavasoft Limited) 88A78227691B60F686CD103819AC263B [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\exuieaoEiI\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\pokkistore.js
[2017-11-15 15:50][2014-01-17 17:07] 000000594 _____ () 16FCB9D66D5E7D25F0A59D7AF809A306 [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\exuieaoEiI\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\lib\pokkiHelper.js
[2017-11-15 15:50][2014-01-17 17:07] 000006470 _____ () 82C56D3875D29FAF35867873F0761526 [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\exuieaoEiI\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\lib\pokkiHostedFramework-2.1.1.js
[2017-11-15 15:50][2014-01-17 17:07] 000019835 _____ () 7D60EFD1316202268585B90D28845883 [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\exuieaoEiI\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\lib\pokkiHostedFramework-2.1.1.min.js
[2017-11-15 15:50][2014-01-17 17:06] 000009448 _____ () 80A4C29A34DA7768DDFC978E0777E53C [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\exuieaoEiI\Pokkies\34e8f5c0c9e5744bf2cdb514283762dd0524776b\js\lib\pokkiHelper.js
[2017-11-15 15:50][2014-02-27 06:36] 000006470 _____ () 82C56D3875D29FAF35867873F0761526 [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\exuieaoEiI\Pokkies\34e8f5c0c9e5744bf2cdb514283762dd0524776b\js\lib\pokkiHostedFramework-2.0.1.min.js
[2017-11-15 15:50][2014-02-27 06:36] 000008227 _____ () 1CB54942923BF83D9E34E26F6C76259B [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\exuieaoEiI\Engine\libPokki.dll
[2017-11-15 15:48][2014-03-26 23:35] 049324544 _____ (The Chromium Authors) ADA4564254737C28694168D828DB1369 [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\exuieaoEiI\Engine\sysapps\notifications\assets\scripts\platform\views\pokkiApp.js
[2017-11-15 15:48][2014-02-24 19:21] 000004908 _____ () D382AE873AB82AE575910EF79F8EF018 [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\exuieaoEiI\Engine\sysapps\notifications\assets\scripts\platform\templates\pokkiApp.handlebars
[2017-11-15 15:48][2014-01-17 17:06] 000000511 _____ () 9FBCA64AA76DF50BE494A33C3EBC8E18 [Datei ist nicht signiert]
C:\AdwCleaner\Quarantine\3soLBPh71Y\Logs\Webcompanion\webcompanion.log
[2017-11-15 15:48][2016-01-13 16:43] 000018150 _____ () 5EDADF4FA8BC6200F9F31C88E54B4A6D [Datei ist nicht signiert]
Ordner:
========
2017-11-15 15:50 - 2017-11-15 15:50 _____ C:\AdwCleaner\Quarantine\exuieaoEiI\Pokkies
2017-11-15 15:48 - 2017-11-15 15:48 _____ C:\AdwCleaner\Quarantine\3soLBPh71Y\Logs\Webcompanion
Registry:
========
===================== Suchergebnis für "Advanced SystemCare" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\IObit\Advanced SystemCare]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\IObit\Advanced SystemCare]
"apppath"="C:\Program Files (x86)\IObit\Advanced SystemCare\"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\IObit\RealTimeProtector]
"InstallLocation"="C:\Program Files (x86)\IObit\Advanced SystemCare\"
[HKEY_USERS\S-1-5-21-2329687503-3892960193-289530943-1001\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{7590F63B-EF18-441F-AF39-5C3A18927EFC}]
"AppPath"="C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe"
[HKEY_USERS\S-1-5-21-2329687503-3892960193-289530943-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"39"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare\Advanced SystemCare 10.lnk
C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
/manual"
[HKEY_USERS\S-1-5-21-2329687503-3892960193-289530943-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"40"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare\Advanced SystemCare entfernen.lnk
C:\Program Files (x86)\IObit\Advanced SystemCare\unins000.exe
"
[HKEY_USERS\S-1-5-21-2329687503-3892960193-289530943-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"41"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare\Protect.lnk
C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
/Protect"
[HKEY_USERS\S-1-5-21-2329687503-3892960193-289530943-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"42"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare\Speed Up.lnk
C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
/turboboost"
[HKEY_USERS\S-1-5-21-2329687503-3892960193-289530943-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"43"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare\Toolbox.lnk
C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
/toolbox"
[HKEY_USERS\S-1-5-21-2329687503-3892960193-289530943-1001\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"44"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare\Advanced SystemCare 10.lnk
C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
/manual"
[HKEY_USERS\S-1-5-21-2329687503-3892960193-289530943-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe"="0x5341435001000000000000000700000028000000203D6B00CD0D6C0001000000000000000000000A00210000E63F486B2AA0D2010000000000000000020000002800000000000000000000000000000000000000000000000000000019090000000000000100000001000000"
[HKEY_USERS\S-1-5-21-2329687503-3892960193-289530943-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\IObit\Advanced SystemCare\unins000.exe"="0x534143500100000000000000070000002800000020711200B5EC120001000000000000000000000A00210000E63F486B2AA0D201000000000000000002000000280000000000000000000040000000000000000000000000000000009A2A0000000000000100000001000000"
===================== Suchergebnis für "AdvancedSystemCare" ==========
===================== Suchergebnis für "web companion" ==========
[HKEY_USERS\S-1-5-21-2329687503-3892960193-289530943-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe"="0x5341435001000000000000000700000028000000107904004AC7040003000000000000000000000AF122000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000076833500000000000100000001000000"
===================== Suchergebnis für "webcompanion" ==========
[HKEY_USERS\S-1-5-21-2329687503-3892960193-289530943-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe"="0x5341435001000000000000000700000028000000107904004AC7040003000000000000000000000AF122000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000076833500000000000100000001000000"
===================== Suchergebnis für "Pokki" ==========
[HKEY_USERS\S-1-5-21-2329687503-3892960193-289530943-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Leonardo\AppData\Local\Pokki\Engine\StartMenuIndexer.exe"="0x534143500100000000000000070000002800000048532F005531300001000000000000000000030673220000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000E2952901000000000100000001000000"
[HKEY_USERS\S-1-5-21-2329687503-3892960193-289530943-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Leonardo\AppData\Local\Pokki\Engine\HostAppService.exe"="0x5341435001000000000000000700000028000000000E780007DF780001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000AA370000000000002100000021000000"
[HKEY_USERS\S-1-5-21-2329687503-3892960193-289530943-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Leonardo\AppData\Local\Pokki\Engine\ServiceHostApp.exe"="0x534143500100000000000000070000002800000000207800FDAC780001000000000000000000000A002100006A920CE5B7BAD00100000000000000000200000028000000000000000000000000000000000000000000000000000000AA030000000000000800000008000000"
===================== Suchergebnis für "ASCDownloader" ==========
===================== Suchergebnis für "LavasoftTcpService" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer\CurVer]
""="LavasoftTcpServiceLib.DataContainer.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController\CurVer]
""="LavasoftTcpServiceLib.DataController.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable\CurVer]
""="LavasoftTcpServiceLib.DataTable.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields\CurVer]
""="LavasoftTcpServiceLib.DataTableFields.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder\CurVer]
""="LavasoftTcpServiceLib.DataTableHolder.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic\CurVer]
""="LavasoftTcpServiceLib.LSPLogic.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager\CurVer]
""="LavasoftTcpServiceLib.ReadOnlyManager.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController\CurVer]
""="LavasoftTcpServiceLib.WFPController.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1]
===================== Suchergebnis für "chip 1-click" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\chip 1-click installer_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\chip 1-click installer_RASMANCS]
===================== Suchergebnis für "chip1-click" ==========
===================== Suchergebnis für "Chip Digital" ==========
====== Ende von Suche ======
|
|
16.11.2017, 18:36
| #9 |
| | Win10 Adware+Trojaner? Leistungsabfall Hier FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-11-2017
durchgeführt von Leonardo (Administrator) auf LEOSPC (16-11-2017 18:22:28)
Gestartet von C:\Users\Leonardo\Desktop
Geladene Profile: Leonardo (Verfügbare Profile: Leonardo)
Platform: Windows 10 Home Version 1703 15063.674 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(HP) C:\Windows\System32\HP3DDGService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Blue Coat Systems, Inc.) C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\Intel Driver and Support Assistant\SUR\SurSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(%CFullName%) C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\TBD158A.tmp
() C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Adobe Systems Incorporated) C:\Config.Msi\ce422.rbf
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8497368 2015-11-02] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2198872 2014-03-28] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-10-20] (Apple Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [T-Online Kinderschutz-Software] => "C:\Program Files (x86)\JusProg\JusProg-Software\TO_KSSW.exe"
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1224704 2017-05-17] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [131360 2017-09-18] (Intel)
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [3102496 2017-10-31] (Valve Corporation)
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Leonardo\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Run: [Spotify] => C:\Users\Leonardo\AppData\Roaming\Spotify\Spotify.exe [21025392 2017-11-10] (Spotify Ltd)
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd)
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Run: [Spotify Web Helper] => C:\Users\Leonardo\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-11-10] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Proxomitron - Verknüpfung.lnk [2017-08-31]
ShortcutTarget: Proxomitron - Verknüpfung.lnk -> C:\Program Files (x86)\Proxomitron4.51-S-3.3.2\Proxomitron.exe (Keine Datei)
Startup: C:\Users\Leonardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Proxomitron - Verknüpfung.lnk [2017-08-31]
ShortcutTarget: Proxomitron - Verknüpfung.lnk -> C:\Program Files (x86)\Proxomitron4.51-S-3.3.2\Proxomitron.exe (Keine Datei)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{11e6d63b-2b63-4177-995c-81c53c84ab5e}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1c70429f-f5fa-4606-91d6-3d01ce1b74af}: [DhcpNameServer] 80.69.96.12 81.210.129.4
Tcpip\..\Interfaces\{4d274ac5-adf7-4a89-9d9b-3e18d3bc76b7}: [NameServer] 192.168.2.1,8.8.8.8
Tcpip\..\Interfaces\{4d274ac5-adf7-4a89-9d9b-3e18d3bc76b7}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{a227283f-d63d-45d0-ad32-cd21addc0869}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{cc23774b-1326-4863-b0bc-9faad331c49d}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {4C1E2F72-3952-4417-BB0A-5B413232F2BD} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {4C1E2F72-3952-4417-BB0A-5B413232F2BD} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2329687503-3892960193-289530943-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2329687503-3892960193-289530943-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2329687503-3892960193-289530943-1001 -> {4C1E2F72-3952-4417-BB0A-5B413232F2BD} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-10-21] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-10-21] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-09-23] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-30] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-10-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-30] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-23] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-23] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-23] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-23] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 8b2c5xsk.default
FF ProfilePath: C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\8b2c5xsk.default [2017-11-16]
FF NewTab: Mozilla\Firefox\Profiles\8b2c5xsk.default -> hxxp://www.google.de/
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\8b2c5xsk.default -> Bing®
FF Homepage: Mozilla\Firefox\Profiles\8b2c5xsk.default -> hxxp://www.google.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\8b2c5xsk.default -> no_proxies_on", ""
FF NetworkProxy: Mozilla\Firefox\Profiles\8b2c5xsk.default -> type", 0
FF Extension: (AdBlocker Ultimate) - C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\8b2c5xsk.default\Extensions\adblockultimate@adblockultimate.net.xpi [2017-10-05]
FF Extension: (Proxy Tool) - C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\8b2c5xsk.default\Extensions\proxytool@proxylist.co.xpi [2017-08-15] [Legacy]
FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\Leonardo\AppData\Roaming\Mozilla\Firefox\Profiles\8b2c5xsk.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-11-09] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-23] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-23] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [bhldmkghjkldhclddpjebfjpaijaajmm] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fidikogfgleiaefnjbmnjaplmgknppkg] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1128432 2017-10-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [490968 2017-10-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [490968 2017-10-17] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1525240 2017-10-17] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
R2 bckwfs; C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2619096 2016-08-19] (Blue Coat Systems, Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-11-10] ()
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2017-05-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122800 2017-10-04] (Microsoft Corporation)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2017\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [Datei ist nicht signiert]
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22816 2017-09-18] (Intel)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
R2 hp3ddgsrv; C:\WINDOWS\system32\HP3DDGService.exe [130072 2017-10-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [323952 2017-09-27] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [350312 2015-11-02] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [269480 2017-08-07] ()
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-09-16] (NVIDIA Corporation)
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20539168 2014-03-28] (NVIDIA Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [124928 2015-07-02] (Softex Inc.) [Datei ist nicht signiert]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-11-02] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver and Support Assistant\SUR\SurSvc.exe [157456 2017-03-07] ()
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
S2 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [44544 2015-03-03] (Synaptics Incorporated) [Datei ist nicht signiert]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3756200 2017-08-07] (Intel® Corporation)
S2 Avira.ServiceHost; "C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe" [X]
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [54296 2017-10-03] (HP)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [176224 2017-10-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-08-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 bckd; C:\WINDOWS\System32\drivers\bckd.sys [125144 2016-08-19] (Blue Coat Systems, Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-10-04] ()
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [40472 2017-10-03] (HP)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2017-03-09] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21920 2013-08-13] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-08-13] ()
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [192952 2017-11-14] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-11-16] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [45504 2017-11-16] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-11-16] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-11-16] (Malwarebytes)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3521032 2017-10-10] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_f0b2a5e1e71031b3\nvlddmkm.sys [15620208 2017-10-16] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-11-02] (Realtek )
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [220672 2017-03-18] (Microsoft Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-03-13] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2015-04-20] (Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-16 18:18 - 2017-11-16 18:18 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-11-16 18:18 - 2017-11-16 18:18 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-16 18:07 - 2017-11-16 18:20 - 000012460 _____ C:\Users\Leonardo\Desktop\Search.txt
2017-11-16 18:03 - 2017-11-16 18:03 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-11-16 18:02 - 2017-11-16 18:02 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-11-16 18:02 - 2017-11-16 18:02 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-11-16 18:02 - 2017-11-16 18:02 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-11-16 18:02 - 2017-11-16 18:02 - 000045504 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-11-16 18:02 - 2017-11-16 18:02 - 000002426 _____ C:\WINDOWS\system32\default_error_stack-000000-000000.txt
2017-11-16 17:58 - 2017-11-16 18:00 - 000029693 _____ C:\Users\Leonardo\Desktop\Fixlog.txt
2017-11-16 17:56 - 2017-11-16 17:56 - 002392576 _____ (Farbar) C:\Users\Leonardo\Desktop\FRST64.exe
2017-11-16 17:56 - 2017-11-16 17:56 - 000000000 ____D C:\Users\Leonardo\Desktop\FRST-OlderVersion
2017-11-15 16:03 - 2017-11-05 02:40 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-15 16:03 - 2017-11-05 02:40 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-15 15:20 - 2017-11-15 15:51 - 000000000 ____D C:\AdwCleaner
2017-11-15 15:18 - 2017-11-15 15:18 - 008261584 _____ (Malwarebytes) C:\Users\Leonardo\Desktop\adwcleaner_7.0.4.0.exe
2017-11-14 17:27 - 2017-11-14 17:27 - 000026917 _____ C:\Users\Leonardo\Desktop\Addition+Avira.zip
2017-11-14 16:40 - 2017-11-14 16:40 - 000129858 _____ C:\Users\Leonardo\Desktop\quarantaene.txt
2017-11-14 16:29 - 2017-11-14 16:29 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2017-11-14 16:25 - 2017-11-15 16:04 - 000081924 _____ C:\Users\Leonardo\Desktop\Addition.txt
2017-11-14 16:23 - 2017-11-16 18:24 - 000025478 _____ C:\Users\Leonardo\Desktop\FRST.txt
2017-11-14 16:23 - 2017-11-16 18:22 - 000000000 ____D C:\FRST
2017-11-13 20:52 - 2017-11-13 20:52 - 000000000 ___HD C:\$WINDOWS.~BT
2017-11-13 20:11 - 2017-11-16 18:02 - 000448112 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-13 19:47 - 2017-11-13 19:47 - 000000000 ____D C:\Users\Leonardo\Downloads\Intel Components
2017-11-13 19:45 - 2017-11-13 19:49 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2017-11-13 19:45 - 2017-11-13 19:45 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel
2017-11-13 19:45 - 2017-11-13 19:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver and Support Assistant
2017-11-13 19:44 - 2017-11-13 19:45 - 000002524 _____ C:\WINDOWS\System32\Tasks\USER_ESRV_SVC_QUEENCREEK
2017-11-13 19:44 - 2017-11-13 19:44 - 000000000 ____D C:\Program Files\Intel Driver and Support Assistant
2017-11-13 19:44 - 2016-10-18 17:14 - 000021984 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2017-11-13 17:58 - 2017-11-13 18:07 - 000000358 _____ C:\WINDOWS\Tasks\HPCeeScheduleForLeonardo.job
2017-11-13 17:58 - 2017-11-13 17:58 - 000003262 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForLeonardo
2017-11-10 17:23 - 2017-11-10 17:25 - 000001332 _____ C:\Users\Public\Desktop\Ashampoo WinOptimizer 2017.lnk
2017-11-10 17:23 - 2017-11-10 17:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2017-11-10 17:23 - 2009-08-24 22:13 - 000034304 _____ (mst software GmbH, Germany) C:\WINDOWS\system32\DfSdkBt.exe
2017-11-10 17:22 - 2017-11-13 19:56 - 000000000 ____D C:\ProgramData\Ashampoo
2017-11-10 17:22 - 2017-11-10 17:22 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2017-11-10 17:21 - 2017-11-13 20:41 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Razer
2017-11-10 16:36 - 2017-11-13 20:42 - 000000000 ____D C:\ProgramData\Razer
2017-11-10 16:36 - 2017-11-13 20:41 - 000000000 ____D C:\Program Files (x86)\Razer
2017-11-10 15:57 - 2017-11-10 15:57 - 000000000 ____D C:\Users\Leonardo\AppData\Local\UnrealEngine
2017-11-10 15:57 - 2017-11-10 15:57 - 000000000 ____D C:\Users\Leonardo\AppData\Local\TslGame
2017-11-09 19:27 - 2017-11-09 19:27 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-11-09 19:27 - 2017-11-09 19:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-09 19:27 - 2017-10-04 13:15 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-11-09 19:26 - 2017-11-09 19:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-09 19:26 - 2017-11-09 19:26 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-06 17:30 - 2017-11-06 17:30 - 001771051 _____ C:\Users\Leonardo\Downloads\Musterlösungen_SRÜ_Strahlung.zip
2017-11-06 17:30 - 2017-11-06 17:30 - 000001200 _____ C:\Users\Public\Desktop\Avira.lnk
2017-11-05 13:39 - 2017-11-05 13:39 - 000001823 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-11-05 13:39 - 2017-11-05 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-11-05 13:39 - 2017-11-05 13:39 - 000000000 ____D C:\Program Files\iPod
2017-11-05 13:38 - 2017-11-05 13:39 - 000000000 ____D C:\Program Files\iTunes
2017-10-30 23:36 - 2017-10-30 23:36 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\VOWSoft
2017-10-30 23:30 - 2017-10-30 23:31 - 001533960 _____ (CHIP Digital GmbH) C:\Users\Leonardo\Downloads\iBackupBot for iTunes - CHIP-Installer.exe
2017-10-28 17:39 - 2017-10-28 17:39 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-10-28 17:39 - 2017-10-28 17:39 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2017-10-26 10:55 - 2017-10-26 10:55 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-10-26 10:55 - 2017-07-20 18:21 - 000905504 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-10-26 10:55 - 2017-07-20 18:21 - 000776992 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-10-26 10:55 - 2017-07-20 18:21 - 000578848 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-10-26 10:55 - 2017-07-20 18:21 - 000477472 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-10-25 18:10 - 2017-10-25 18:10 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2017-10-25 18:09 - 2017-10-25 18:09 - 010427120 _____ (Piriform Ltd) C:\Users\Leonardo\Downloads\ccsetup536.exe
2017-10-23 18:47 - 2017-10-23 18:47 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-23 18:39 - 2017-09-30 06:45 - 000511896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2017-10-23 18:39 - 2017-09-30 06:40 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-10-23 18:39 - 2017-09-30 06:40 - 000173976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2017-10-23 18:39 - 2017-09-30 03:29 - 001408536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-23 18:39 - 2017-09-30 03:29 - 000804784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-10-23 18:39 - 2017-09-30 03:26 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-23 18:39 - 2017-09-30 03:26 - 001292872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-10-23 18:39 - 2017-09-30 03:10 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-10-23 18:39 - 2017-09-30 03:10 - 000606072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-10-23 18:39 - 2017-09-30 03:10 - 000508344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-23 18:39 - 2017-09-30 03:10 - 000480920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2017-10-23 18:39 - 2017-09-30 03:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-10-23 18:39 - 2017-09-30 03:09 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-10-23 18:39 - 2017-09-30 03:06 - 004471368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-10-23 18:39 - 2017-09-30 03:05 - 005827744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-10-23 18:39 - 2017-09-30 03:05 - 002603744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2017-10-23 18:39 - 2017-09-30 03:05 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-10-23 18:39 - 2017-09-30 03:05 - 000750488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-10-23 18:39 - 2017-09-30 03:05 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-10-23 18:39 - 2017-09-30 03:04 - 004215184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-10-23 18:39 - 2017-09-30 03:04 - 000612120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-10-23 18:39 - 2017-09-30 03:04 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-10-23 18:39 - 2017-09-30 03:04 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-10-23 18:39 - 2017-09-30 03:04 - 000347544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-23 18:39 - 2017-09-30 03:04 - 000182680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-10-23 18:39 - 2017-09-30 03:03 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-10-23 18:39 - 2017-09-30 03:03 - 006768288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-23 18:39 - 2017-09-30 03:03 - 001439032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-10-23 18:39 - 2017-09-30 03:02 - 000175512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-10-23 18:39 - 2017-09-30 03:01 - 000124544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-23 18:39 - 2017-09-29 08:45 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-10-23 18:39 - 2017-09-29 08:44 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-23 18:39 - 2017-09-29 08:43 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-10-23 18:39 - 2017-09-29 08:43 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-10-23 18:39 - 2017-09-29 08:43 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-10-23 18:39 - 2017-09-29 08:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll
2017-10-23 18:39 - 2017-09-29 08:41 - 013844992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-10-23 18:39 - 2017-09-29 08:41 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2017-10-23 18:39 - 2017-09-29 08:40 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-10-23 18:39 - 2017-09-29 08:40 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-10-23 18:39 - 2017-09-29 08:40 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-10-23 18:39 - 2017-09-29 08:39 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 001135616 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-23 18:39 - 2017-09-29 08:38 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-10-23 18:39 - 2017-09-29 08:37 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2017-10-23 18:39 - 2017-09-29 08:37 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-10-23 18:39 - 2017-09-29 08:36 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-10-23 18:39 - 2017-09-29 08:34 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-23 18:39 - 2017-09-29 08:34 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-10-23 18:39 - 2017-09-29 08:34 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-10-23 18:39 - 2017-09-29 08:34 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-10-23 18:39 - 2017-09-29 08:33 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-10-23 18:39 - 2017-09-29 08:33 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-10-23 18:39 - 2017-09-29 08:33 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-10-23 18:39 - 2017-09-29 08:32 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-10-23 18:39 - 2017-09-29 08:32 - 002340864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-10-23 18:39 - 2017-09-29 08:32 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-23 18:39 - 2017-09-29 08:32 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-10-23 18:39 - 2017-09-29 08:32 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-10-23 18:39 - 2017-09-29 08:32 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-23 18:39 - 2017-09-29 08:31 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-10-23 18:39 - 2017-09-29 08:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-10-23 18:39 - 2017-09-29 08:29 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-10-23 18:39 - 2017-09-29 08:29 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-10-23 18:39 - 2017-09-29 08:28 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-10-23 18:39 - 2017-09-29 08:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-10-23 18:39 - 2017-09-29 08:28 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2017-10-23 18:39 - 2017-09-29 08:28 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2017-10-23 18:39 - 2017-09-29 08:28 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cipher.exe
2017-10-23 18:39 - 2017-09-29 08:24 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-10-23 18:39 - 2017-09-29 06:40 - 000804312 _____ C:\WINDOWS\SysWOW64\locale.nls
2017-10-23 18:39 - 2017-09-29 06:40 - 000804312 _____ C:\WINDOWS\system32\locale.nls
2017-10-23 18:39 - 2017-09-20 16:08 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-23 18:39 - 2017-09-20 16:08 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-23 18:39 - 2017-09-20 16:08 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-23 18:39 - 2017-09-19 00:09 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-10-23 18:39 - 2017-09-18 23:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2017-10-23 18:39 - 2017-09-18 23:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-10-23 18:39 - 2017-09-05 06:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-10-23 18:39 - 2017-09-05 06:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-10-23 18:39 - 2017-09-05 06:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-10-23 18:39 - 2017-09-05 06:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-10-23 18:39 - 2017-09-05 05:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-10-23 18:39 - 2017-09-05 05:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-10-23 18:39 - 2017-09-05 05:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-10-23 18:39 - 2017-09-05 05:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-10-23 18:39 - 2017-09-05 05:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-10-23 18:39 - 2017-09-05 05:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-10-23 18:39 - 2017-09-05 05:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-10-23 18:39 - 2017-09-05 05:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-10-23 18:39 - 2017-09-05 05:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-10-23 18:39 - 2017-09-05 05:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-10-23 18:39 - 2017-09-05 05:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-10-23 18:39 - 2017-09-05 05:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-10-23 18:39 - 2017-09-05 05:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-10-23 18:39 - 2017-09-05 05:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-10-23 18:39 - 2017-09-05 05:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-10-23 18:39 - 2017-09-05 05:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-10-23 18:39 - 2017-09-05 05:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-10-23 18:39 - 2017-09-05 05:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-10-23 18:39 - 2017-09-05 05:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-10-23 18:39 - 2017-09-05 05:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-10-23 18:39 - 2017-09-05 05:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-10-23 18:39 - 2017-09-05 05:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-10-23 18:39 - 2017-09-05 05:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-10-23 18:39 - 2017-09-05 05:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-10-23 18:39 - 2017-09-05 05:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-10-23 18:39 - 2017-09-05 05:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-10-23 18:39 - 2017-09-05 05:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-10-23 18:39 - 2017-09-05 05:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-10-23 18:39 - 2017-09-05 05:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-10-23 18:39 - 2017-09-05 05:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-10-23 18:39 - 2017-09-05 05:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-10-23 18:39 - 2017-09-05 05:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-10-23 18:39 - 2017-09-05 05:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-10-23 18:39 - 2017-09-05 05:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-10-23 18:39 - 2017-09-05 05:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-10-23 18:39 - 2017-09-05 05:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-10-23 18:39 - 2017-09-05 05:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-10-23 18:39 - 2017-09-05 05:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-10-23 18:39 - 2017-09-05 05:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-10-23 18:39 - 2017-09-05 05:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-10-23 18:39 - 2017-09-05 05:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-10-23 18:39 - 2017-09-05 05:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-10-23 18:39 - 2017-09-05 05:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-10-23 18:39 - 2017-09-05 05:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-10-23 18:39 - 2017-09-05 05:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-10-23 18:39 - 2017-09-05 05:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-10-23 18:39 - 2017-09-05 05:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-10-23 18:39 - 2017-09-05 05:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-10-23 18:39 - 2017-09-05 05:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-10-23 18:39 - 2017-09-05 05:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-10-23 18:39 - 2017-09-05 05:14 - 004544000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2017-10-23 18:39 - 2017-09-05 05:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-10-23 18:39 - 2017-09-05 05:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-10-23 18:39 - 2017-09-05 05:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-10-23 18:39 - 2017-09-05 05:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-10-23 18:39 - 2017-09-05 05:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-10-23 18:39 - 2017-09-05 05:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-10-23 18:39 - 2017-09-05 05:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-10-23 18:39 - 2017-09-05 05:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-10-23 18:39 - 2017-09-05 05:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-10-23 18:39 - 2017-09-05 05:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-10-23 18:39 - 2017-09-05 05:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-10-23 18:39 - 2017-09-05 05:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-10-23 18:39 - 2017-09-05 05:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-10-23 18:39 - 2017-09-05 05:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-10-23 18:39 - 2017-09-05 05:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-10-23 18:38 - 2017-09-30 06:51 - 000661224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-23 18:38 - 2017-09-30 06:49 - 001004136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-10-23 18:38 - 2017-09-30 06:49 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-10-23 18:38 - 2017-09-30 06:49 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-23 18:38 - 2017-09-30 06:48 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-23 18:38 - 2017-09-30 06:48 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-10-23 18:38 - 2017-09-30 06:48 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-23 18:38 - 2017-09-30 06:47 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-10-23 18:38 - 2017-09-30 06:47 - 001194792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-10-23 18:38 - 2017-09-30 06:44 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-23 18:38 - 2017-09-30 06:42 - 000820120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-10-23 18:38 - 2017-09-30 06:41 - 005304496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-10-23 18:38 - 2017-09-30 06:41 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-10-23 18:38 - 2017-09-30 06:41 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-10-23 18:38 - 2017-09-30 06:40 - 000724704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-10-23 18:38 - 2017-09-30 06:38 - 007910072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-23 18:38 - 2017-09-30 06:38 - 002239136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-10-23 18:38 - 2017-09-30 06:36 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-10-23 18:38 - 2017-09-30 06:36 - 000057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-10-23 18:38 - 2017-09-30 03:10 - 001150776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-10-23 18:38 - 2017-09-29 08:46 - 023678976 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-10-23 18:38 - 2017-09-29 08:39 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-10-23 18:38 - 2017-09-29 08:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-10-23 18:38 - 2017-09-29 08:36 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-23 18:38 - 2017-09-29 08:35 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-23 18:38 - 2017-09-29 08:34 - 017370624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-10-23 18:38 - 2017-09-29 08:34 - 006255616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-10-23 18:38 - 2017-09-29 08:33 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-10-23 18:38 - 2017-09-29 08:32 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-23 18:38 - 2017-09-29 08:32 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll
2017-10-23 18:38 - 2017-09-29 08:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-10-23 18:38 - 2017-09-29 08:31 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-10-23 18:38 - 2017-09-29 08:31 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-10-23 18:38 - 2017-09-29 08:30 - 023686144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-23 18:38 - 2017-09-29 08:29 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-10-23 18:38 - 2017-09-29 08:29 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-10-23 18:38 - 2017-09-29 08:29 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-10-23 18:38 - 2017-09-29 08:29 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-10-23 18:38 - 2017-09-29 08:28 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-10-23 18:38 - 2017-09-29 08:28 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-23 18:38 - 2017-09-29 08:27 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-10-23 18:38 - 2017-09-29 08:27 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-23 18:38 - 2017-09-29 08:27 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2017-10-23 18:38 - 2017-09-29 08:26 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-10-23 18:38 - 2017-09-29 08:25 - 008199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-10-23 18:38 - 2017-09-29 08:25 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-10-23 18:38 - 2017-09-29 08:24 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-10-23 18:38 - 2017-09-29 08:23 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-10-23 18:38 - 2017-09-29 08:23 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-23 18:38 - 2017-09-29 08:23 - 003140096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-10-23 18:38 - 2017-09-29 08:23 - 001887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-10-23 18:38 - 2017-09-29 08:23 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-10-23 18:38 - 2017-09-29 08:23 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-23 18:38 - 2017-09-29 08:22 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-10-23 18:38 - 2017-09-29 08:21 - 003304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-10-23 18:38 - 2017-09-29 08:21 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-10-23 18:38 - 2017-09-29 08:21 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-23 18:38 - 2017-09-29 08:21 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-10-23 18:38 - 2017-09-29 08:20 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-10-23 18:38 - 2017-09-29 08:20 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2017-10-23 18:38 - 2017-09-29 08:20 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-23 18:38 - 2017-09-29 08:20 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2017-10-23 18:38 - 2017-09-29 08:19 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-10-23 18:38 - 2017-09-29 08:19 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2017-10-23 18:38 - 2017-09-29 08:19 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-10-23 18:38 - 2017-09-29 08:18 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2017-10-23 18:38 - 2017-09-29 08:18 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-10-23 18:38 - 2017-09-19 00:20 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-10-23 18:38 - 2017-09-19 00:20 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-10-23 18:38 - 2017-09-19 00:17 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-10-23 18:38 - 2017-09-19 00:17 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-10-23 18:38 - 2017-09-18 23:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2017-10-23 18:38 - 2017-09-18 23:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-10-23 18:38 - 2017-09-05 06:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-10-23 18:38 - 2017-09-05 06:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-10-23 18:38 - 2017-09-05 06:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-10-23 18:38 - 2017-09-05 06:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-10-23 18:38 - 2017-09-05 06:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-10-23 18:38 - 2017-09-05 06:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-10-23 18:38 - 2017-09-05 06:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-10-23 18:38 - 2017-09-05 06:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-10-23 18:38 - 2017-09-05 06:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-10-23 18:38 - 2017-09-05 06:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-10-23 18:38 - 2017-09-05 06:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-10-23 18:38 - 2017-09-05 06:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-10-23 18:38 - 2017-09-05 06:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-10-23 18:38 - 2017-09-05 06:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-10-23 18:38 - 2017-09-05 06:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-10-23 18:38 - 2017-09-05 06:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-10-23 18:38 - 2017-09-05 06:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-10-23 18:38 - 2017-09-05 06:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-10-23 18:38 - 2017-09-05 05:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-10-23 18:38 - 2017-09-05 05:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-10-23 18:38 - 2017-09-05 05:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-10-23 18:38 - 2017-09-05 05:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-10-23 18:38 - 2017-09-05 05:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-10-23 18:38 - 2017-09-05 05:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-10-23 18:38 - 2017-09-05 05:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-10-23 18:38 - 2017-09-05 05:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-10-23 18:38 - 2017-09-05 05:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-10-23 18:38 - 2017-09-05 05:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-10-23 18:38 - 2017-09-05 05:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-10-23 18:38 - 2017-09-05 05:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-10-23 18:38 - 2017-09-05 05:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-10-23 18:38 - 2017-09-05 05:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-10-23 18:38 - 2017-09-05 05:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-10-23 18:38 - 2017-09-05 05:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-10-23 18:38 - 2017-09-05 05:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-10-23 18:38 - 2017-09-05 05:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-10-23 18:38 - 2017-09-05 05:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-10-23 18:38 - 2017-09-05 05:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-10-23 18:38 - 2017-09-05 05:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-10-23 18:38 - 2017-09-05 05:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-10-23 18:38 - 2017-09-05 05:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-10-23 18:38 - 2017-09-05 05:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-10-23 18:38 - 2017-09-05 05:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-10-23 18:38 - 2017-09-05 05:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-10-23 18:38 - 2017-09-05 05:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-10-23 18:38 - 2017-09-05 05:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-10-23 18:38 - 2017-09-05 05:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-10-23 18:38 - 2017-09-05 05:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-10-23 18:38 - 2017-09-05 05:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-10-23 18:38 - 2017-09-05 05:19 - 005776384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2017-10-23 18:38 - 2017-09-05 05:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-10-23 18:38 - 2017-09-05 05:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-10-23 18:38 - 2017-09-05 05:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-10-23 18:38 - 2017-09-05 05:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-10-23 18:38 - 2017-09-05 05:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-10-23 18:38 - 2017-09-05 05:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-10-23 18:38 - 2017-09-05 05:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-10-23 18:38 - 2017-09-05 05:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-10-23 18:38 - 2017-09-05 05:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-10-23 18:38 - 2017-09-05 05:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-10-23 18:38 - 2017-09-05 05:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-10-23 18:38 - 2017-09-05 05:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-10-23 18:38 - 2017-09-05 05:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-10-23 18:38 - 2017-09-05 05:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-10-23 18:38 - 2017-09-05 05:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-10-23 18:38 - 2017-09-05 05:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-10-23 18:38 - 2017-09-01 06:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-10-23 18:37 - 2017-09-30 06:52 - 001595152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-23 18:37 - 2017-09-30 06:51 - 001458320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-23 18:37 - 2017-09-30 06:51 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-10-23 18:37 - 2017-09-30 06:50 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-10-23 18:37 - 2017-09-30 06:50 - 001068208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-10-23 18:37 - 2017-09-30 06:50 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-10-23 18:37 - 2017-09-30 06:48 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2017-10-23 18:37 - 2017-09-30 06:44 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-10-23 18:37 - 2017-09-30 06:43 - 007318888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-10-23 18:37 - 2017-09-30 06:43 - 002442136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-10-23 18:37 - 2017-09-30 06:42 - 004848952 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-10-23 18:37 - 2017-09-30 06:42 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-23 18:37 - 2017-09-30 06:41 - 005477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-10-23 18:37 - 2017-09-30 06:41 - 002086808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-10-23 18:37 - 2017-09-30 06:41 - 000961944 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-10-23 18:37 - 2017-09-30 06:41 - 000651672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-10-23 18:37 - 2017-09-30 06:41 - 000257432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-10-23 18:37 - 2017-09-30 06:41 - 000228248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-23 18:37 - 2017-09-30 06:40 - 000642680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-23 18:37 - 2017-09-30 06:40 - 000558912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-10-23 18:37 - 2017-09-30 06:40 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-23 18:37 - 2017-09-30 06:40 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2017-10-23 18:37 - 2017-09-30 06:40 - 000072944 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2017-10-23 18:37 - 2017-09-30 06:39 - 021351760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-10-23 18:37 - 2017-09-30 06:39 - 000203672 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-10-23 18:37 - 2017-09-29 08:34 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-10-23 18:37 - 2017-09-29 08:33 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-23 18:37 - 2017-09-29 08:32 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-10-23 18:37 - 2017-09-29 08:32 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-10-23 18:37 - 2017-09-29 08:32 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-10-23 18:37 - 2017-09-29 08:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-10-23 18:37 - 2017-09-29 08:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-10-23 18:37 - 2017-09-29 08:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2017-10-23 18:37 - 2017-09-29 08:30 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-10-23 18:37 - 2017-09-29 08:30 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-10-23 18:37 - 2017-09-29 08:30 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2017-10-23 18:37 - 2017-09-29 08:30 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-10-23 18:37 - 2017-09-29 08:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-23 18:37 - 2017-09-29 08:29 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-23 18:37 - 2017-09-29 08:29 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-23 18:37 - 2017-09-29 08:29 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-10-23 18:37 - 2017-09-29 08:29 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-10-23 18:37 - 2017-09-29 08:29 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe
2017-10-23 18:37 - 2017-09-29 08:28 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-23 18:37 - 2017-09-29 08:28 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-10-23 18:37 - 2017-09-29 08:28 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-10-23 18:37 - 2017-09-29 08:28 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-10-23 18:37 - 2017-09-29 08:27 - 001321984 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2017-10-23 18:37 - 2017-09-29 08:27 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-10-23 18:37 - 2017-09-29 08:27 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2017-10-23 18:37 - 2017-09-29 08:27 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-23 18:37 - 2017-09-29 08:27 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-10-23 18:37 - 2017-09-29 08:27 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-10-23 18:37 - 2017-09-29 08:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-23 18:37 - 2017-09-29 08:26 - 001468928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-23 18:37 - 2017-09-29 08:26 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-10-23 18:37 - 2017-09-29 08:26 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-10-23 18:37 - 2017-09-29 08:26 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2017-10-23 18:37 - 2017-09-29 08:26 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-10-23 18:37 - 2017-09-29 08:25 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-10-23 18:37 - 2017-09-29 08:25 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-10-23 18:37 - 2017-09-29 08:24 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-23 18:37 - 2017-09-29 08:24 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-10-23 18:37 - 2017-09-29 08:24 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-23 18:37 - 2017-09-29 08:24 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-10-23 18:37 - 2017-09-29 08:24 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-10-23 18:37 - 2017-09-29 08:23 - 002446336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-10-23 18:37 - 2017-09-29 08:23 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-10-23 18:37 - 2017-09-29 08:23 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-10-23 18:37 - 2017-09-29 08:22 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-23 18:37 - 2017-09-29 08:22 - 001438208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-10-23 18:37 - 2017-09-29 08:22 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-10-23 18:37 - 2017-09-29 08:21 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-23 18:37 - 2017-09-29 08:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-10-23 18:37 - 2017-09-29 08:21 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll
2017-10-23 18:37 - 2017-09-29 08:21 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2017-10-23 18:37 - 2017-09-29 08:20 - 001811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-10-23 18:37 - 2017-09-29 08:20 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2017-10-23 18:37 - 2017-09-29 08:19 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-10-23 18:37 - 2017-09-29 08:18 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-10-23 18:37 - 2017-09-29 08:18 - 001527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-10-23 18:37 - 2017-09-29 08:18 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-10-23 18:37 - 2017-09-29 08:18 - 000603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-10-23 18:37 - 2017-09-29 08:18 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-10-23 18:37 - 2017-09-29 08:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2017-10-23 18:37 - 2017-09-29 08:18 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\cipher.exe
2017-10-23 18:37 - 2017-09-19 00:18 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-10-23 18:37 - 2017-09-19 00:17 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-10-23 18:37 - 2017-09-19 00:11 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-10-23 18:37 - 2017-09-18 23:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2017-10-23 18:37 - 2017-09-18 23:23 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2017-10-23 18:37 - 2017-09-05 06:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-10-23 18:37 - 2017-09-05 06:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-10-23 18:37 - 2017-09-05 06:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-10-23 18:37 - 2017-09-05 06:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-10-23 18:37 - 2017-09-05 06:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-10-23 18:37 - 2017-09-05 06:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-10-23 18:37 - 2017-09-05 06:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-10-23 18:37 - 2017-09-05 06:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-10-23 18:37 - 2017-09-05 06:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-10-23 18:37 - 2017-09-05 06:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-10-23 18:37 - 2017-09-05 06:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-10-23 18:37 - 2017-09-05 06:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-10-23 18:37 - 2017-09-05 06:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-10-23 18:37 - 2017-09-05 06:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-10-23 18:37 - 2017-09-05 06:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-10-23 18:37 - 2017-09-05 06:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-10-23 18:37 - 2017-09-05 05:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-10-23 18:37 - 2017-09-05 05:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-10-23 18:37 - 2017-09-05 05:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-10-23 18:37 - 2017-09-05 05:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-10-23 18:37 - 2017-09-05 05:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-10-23 18:37 - 2017-09-05 05:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-10-23 18:37 - 2017-09-05 05:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-10-23 18:37 - 2017-09-05 05:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-10-23 18:37 - 2017-09-05 05:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-10-23 18:37 - 2017-09-05 05:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-10-23 18:37 - 2017-09-05 05:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-10-23 18:37 - 2017-09-05 05:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-10-23 18:37 - 2017-09-05 05:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-10-23 18:37 - 2017-09-05 05:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-10-23 18:37 - 2017-09-05 05:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-10-23 18:37 - 2017-09-05 05:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-10-23 18:37 - 2017-09-05 05:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-10-23 18:37 - 2017-09-05 05:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-10-23 18:37 - 2017-09-05 05:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-10-23 18:37 - 2017-09-05 05:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-10-23 18:37 - 2017-09-05 05:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-10-23 18:37 - 2017-09-05 05:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-10-23 18:37 - 2017-09-05 05:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-10-23 18:37 - 2017-09-05 05:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-10-23 18:37 - 2017-09-05 05:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-10-23 18:37 - 2017-09-05 05:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-10-23 18:37 - 2017-09-05 05:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-10-23 18:37 - 2017-09-05 05:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-10-23 18:37 - 2017-09-05 05:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-10-23 18:37 - 2017-09-05 05:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-10-23 18:37 - 2017-09-05 05:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-10-23 18:37 - 2017-09-05 05:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-10-23 18:37 - 2017-09-05 05:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-10-23 18:37 - 2017-09-05 05:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-10-23 18:37 - 2017-09-05 05:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-10-23 18:37 - 2017-09-05 05:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-10-23 18:37 - 2017-09-05 05:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-10-23 18:37 - 2017-09-05 05:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-10-23 18:37 - 2017-09-05 05:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-10-23 18:37 - 2017-09-05 05:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-10-23 18:37 - 2017-09-05 05:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-10-23 18:37 - 2017-09-05 05:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-10-23 18:37 - 2017-09-05 05:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-10-23 18:37 - 2017-09-05 05:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-10-23 18:37 - 2017-09-05 05:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-10-23 18:37 - 2017-09-05 05:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-10-23 18:37 - 2017-09-05 05:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-10-23 18:37 - 2017-09-05 05:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-10-23 18:37 - 2017-09-05 05:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-10-23 18:37 - 2017-09-05 05:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-10-23 18:37 - 2017-09-05 05:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-10-23 18:37 - 2017-09-05 05:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-10-23 18:37 - 2017-09-05 05:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-10-23 18:37 - 2017-09-05 05:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-10-23 18:37 - 2017-09-05 05:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-10-19 18:09 - 2017-10-19 18:09 - 001314569 _____ C:\Users\Leonardo\Downloads\SEC_Folien_RT_Kapitel2.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-16 18:09 - 2017-05-14 11:32 - 005513860 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-16 18:09 - 2017-03-20 05:35 - 002761070 _____ C:\WINDOWS\system32\perfh007.dat
2017-11-16 18:09 - 2017-03-20 05:35 - 000721412 _____ C:\WINDOWS\system32\perfc007.dat
2017-11-16 18:04 - 2014-08-05 02:46 - 000000000 ____D C:\ProgramData\Package Cache
2017-11-16 18:03 - 2017-05-14 11:31 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-16 18:03 - 2015-03-29 11:13 - 000000000 __SHD C:\Users\Leonardo\IntelGraphicsProfiles
2017-11-16 18:02 - 2017-05-14 12:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-16 18:02 - 2017-05-14 11:28 - 000000000 ____D C:\ProgramData\Validity
2017-11-16 18:01 - 2017-03-18 12:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-11-16 17:46 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-16 17:46 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-16 17:41 - 2017-05-14 12:05 - 000004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F2DAF3C6-4610-4899-99BA-B5505364FA34}
2017-11-16 17:37 - 2017-05-14 12:05 - 000004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-11-16 17:37 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-11-16 17:37 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-11-15 16:53 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-15 16:53 - 2015-04-02 14:15 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Spotify
2017-11-15 16:34 - 2015-04-02 14:15 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\Spotify
2017-11-15 15:51 - 2017-05-14 11:32 - 000000000 ____D C:\Users\Leonardo
2017-11-15 15:50 - 2017-08-02 13:46 - 000000000 ____D C:\ProgramData\IObit
2017-11-15 15:50 - 2017-06-02 13:43 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Downloaded Installations
2017-11-15 15:48 - 2017-08-02 13:47 - 000000000 ____D C:\Users\Leonardo\AppData\LocalLow\IObit
2017-11-15 15:48 - 2017-08-02 13:46 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\IObit
2017-11-15 15:48 - 2017-08-02 13:46 - 000000000 ____D C:\Program Files (x86)\IObit
2017-11-15 15:47 - 2017-05-14 11:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-14 18:29 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-11-13 20:52 - 2017-05-08 11:36 - 000000000 ___DC C:\WINDOWS\Panther
2017-11-13 20:42 - 2015-05-15 14:34 - 000000000 ____D C:\Program Files (x86)\Steam
2017-11-13 19:56 - 2014-08-05 02:36 - 000000000 ____D C:\ProgramData\Intel
2017-11-13 19:55 - 2015-10-30 07:28 - 000000000 ____D C:\Users\Default.migrated
2017-11-13 19:54 - 2017-05-14 11:30 - 000000000 ____D C:\Program Files\Intel
2017-11-13 19:54 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-11-13 19:54 - 2015-05-05 16:36 - 000000000 ____D C:\Program Files\Common Files\Intel
2017-11-13 19:54 - 2014-08-05 02:31 - 000000000 ____D C:\Program Files (x86)\Intel
2017-11-10 18:18 - 2015-05-26 14:10 - 000000000 ____D C:\Users\Leonardo\AppData\LocalLow\Temp
2017-11-10 17:45 - 2017-03-01 15:48 - 000000000 ____D C:\Users\Leonardo\AppData\Roaming\DS4Windows
2017-11-10 16:19 - 2015-03-29 11:13 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Packages
2017-11-10 15:57 - 2015-03-29 11:13 - 000000000 ____D C:\Users\Leonardo\AppData\Local\NVIDIA Corporation
2017-11-07 20:07 - 2016-12-09 15:55 - 000000000 ____D C:\Users\Leonardo\AppData\Local\Google
2017-11-07 20:07 - 2016-12-09 15:55 - 000000000 ____D C:\Program Files (x86)\Google
2017-11-07 20:06 - 2016-11-02 19:57 - 000000000 ____D C:\ProgramData\Skype
2017-11-07 19:53 - 2015-03-30 13:47 - 000000000 ____D C:\Users\Leonardo\AppData\Local\CrashDumps
2017-11-06 17:30 - 2015-04-29 09:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-11-03 14:08 - 2017-07-27 17:14 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2329687503-3892960193-289530943-1001
2017-11-03 14:08 - 2015-09-26 17:21 - 000002436 _____ C:\Users\Leonardo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-03 14:08 - 2015-03-29 11:16 - 000000000 __RDO C:\Users\Leonardo\OneDrive
2017-10-30 23:21 - 2016-11-15 17:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-10-30 23:21 - 2015-03-29 11:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-28 17:39 - 2015-12-23 17:46 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-10-26 16:50 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-10-26 10:55 - 2015-06-24 13:06 - 000000000 ____D C:\TEMP
2017-10-26 08:52 - 2015-09-10 06:37 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-25 18:53 - 2017-03-20 05:35 - 000000000 ____D C:\WINDOWS\system32\de
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\setup
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-10-25 18:53 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-10-25 18:52 - 2017-03-18 22:03 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-10-25 18:52 - 2017-03-18 22:03 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2017-10-25 18:43 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-10-25 18:10 - 2017-10-06 14:31 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-10-25 18:10 - 2017-10-06 14:31 - 000000000 ____D C:\Program Files\CCleaner
2017-10-23 19:08 - 2015-03-29 22:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-23 18:46 - 2015-03-29 22:44 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-23 16:31 - 2014-05-06 20:53 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-10-21 13:20 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-11-13 18:52
==================== Ende von FRST.txt ============================
|
|
16.11.2017, 18:37
| #10 |
| | Win10 Adware+Trojaner? Leistungsabfall Hier Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-11-2017
durchgeführt von Leonardo (16-11-2017 18:25:51)
Gestartet von C:\Users\Leonardo\Desktop
Windows 10 Home Version 1703 15063.674 (X64) (2017-05-14 11:17:40)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2329687503-3892960193-289530943-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2329687503-3892960193-289530943-503 - Limited - Disabled)
Gast (S-1-5-21-2329687503-3892960193-289530943-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2329687503-3892960193-289530943-1003 - Limited - Enabled)
Leonardo (S-1-5-21-2329687503-3892960193-289530943-1001 - Administrator - Enabled) => C:\Users\Leonardo
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
. . (HKLM\...\{8FD6FE5A-E1E1-47F3-BBE6-FE2B1364DCB8}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{2394186A-5445-4293-B739-352009350342}) (Version: 3.0.0.9 - Intel) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.69 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Ashampoo WinOptimizer 2017 (HKLM-x32\...\{4209F371-6CE9-533C-2CDC-94E053273B35}_is1) (Version: 14.00.04 - Ashampoo GmbH & Co. KG)
Avira (HKLM-x32\...\{5a024a65-9f29-41b1-b178-946c9f826e72}) (Version: 1.2.99.31392 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.32.12 - Avira Operations GmbH & Co. KG)
AzureTools.Notifications (HKLM-x32\...\{3FBFCF2C-392A-4632-9442-14C305B44D5E}) (Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (HKLM-x32\...\{0B5E43C7-965D-4AF4-A33E-5FA35B6660C8}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (HKLM-x32\...\{EBC890A6-DE7C-44B4-AA03-119B6190D3E1}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (HKLM-x32\...\{81ABB3E1-2F83-4422-B836-8F705B850BBB}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (HKLM-x32\...\{0C03A66F-1FF0-45F9-8D67-0D806EBFFBA1}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blue Coat K9 Web Protection (HKLM\...\Blue Coat K9 Web Protection) (Version: 4.5.1001 - Blue Coat Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Build Tools - amd64 (HKLM\...\{F74753A3-C93C-34F5-A199-993CAF602B7D}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (HKLM-x32\...\{FB3A15FD-FC67-3A2F-892B-6890B0C56EA9}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (HKLM\...\{0C697351-1576-384C-B478-080FEADF30D8}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (HKLM-x32\...\{118528BF-8504-33A4-940B-DCA4EB96C0FB}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.4.03034 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{EB629A98-5E69-40E8-BA9E-C393899F959D}) (Version: 4.4.03034 - Cisco Systems, Inc.) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2013 (HKLM-x32\...\{B2686344-675D-36A1-8736-708DE7B1FC2E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dotfuscator and Analytics Community Edition (HKLM-x32\...\{2386192E-D6DB-4AD2-9564-65586A0AE53E}) (Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (HKLM-x32\...\{4288C330-5D64-42EA-886A-8F1FFEB3EF2B}) (Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Eco Materials Adviser for Autodesk Inventor 2014 (64-bit) (HKLM\...\{530B8614-C5DE-475B-AF6F-71BED461552C}) (Version: 4.4.1.0 - Granta Design Limited)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{4BBA238C-9E5D-40F9-8AC6-FACB736752B9}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.46 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.5.37.19 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.8.37.11 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{36F80C5F-DC0D-4DF4-AF09-DC1867F0EB0A}) (Version: 2.4.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.46 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.46 - Softex Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{8B4EA042-9E21-46FB-8286-225F4D51CC52}) (Version: 4.2.41.2710 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{FD46588A-DB19-4C43-B657-EA898E280812}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{01f3f6b8-1a81-4b10-b51f-f69af12e1d69}) (Version: 3.0.0.9 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{8060a69f-ee27-444b-b126-775f861232ea}) (Version: 20.0.2 - Intel Corporation)
iTunes (HKLM\...\{24607015-8D34-4AF3-9092-AC83847AE073}) (Version: 12.7.1.14 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JavaScript Tooling (HKLM\...\{2044FC4C-4EA3-4113-BC1E-962DF568D201}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Language Pack (DEU) für freigegebene Windows Azure-Komponenten für Microsoft Visual Studio 2013 - v1.0 (HKLM-x32\...\{49851B40-6615-4D06-82E0-5F7636AA4092}) (Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
LocalESPC Dev12 (HKLM-x32\...\{492498A3-F88C-FE2F-755C-9B1B91724CA5}) (Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de Dev12 (HKLM-x32\...\{C21CC041-4347-804E-1BB0-87AC539335C7}) (Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8201.2200 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{c59d30df-4d25-44da-be52-3e17381c68c1}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Mozilla Firefox 56.0.2 (x64 de) (HKLM\...\Mozilla Firefox 56.0.2 (x64 de)) (Version: 56.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.2.6506 - Mozilla)
NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.69 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.22 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8201.2200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8201.2200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8201.2200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (HKLM-x32\...\{3EA16E23-14D2-466A-8268-D7CD40DC46B6}) (Version: 2.5.5631 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (HKLM-x32\...\{63045916-32E7-31D6-BD8E-C13406E137B5}) (Version: 4.5.21005 - Microsoft Corporation) Hidden
PlanetSide 2 (HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
PreEmptive Analytics Client German Language Pack (HKLM-x32\...\{C0C08B71-8D97-47C0-91E2-D8F570A06994}) (Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{943F3FB1-3F9C-4FB7-A4E2-6D53617068C3}) (Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Python Tools - Umleitungsvorlage (HKLM-x32\...\{24AF7EE2-5C90-4BC6-BAAB-BB8D1EB570A0}) (Version: 1.1 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.40 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
SharePoint Client Components (HKLM\...\{95150001-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 1.8.315 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Spotify) (Version: 1.0.67.582.g19436fa3 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Synaptics WBF DDK (HKLM\...\{963DDEF5-52CF-4313-81D9-B186B89C0A57}) (Version: 4.5.289.0 - Synaptics)
Team Explorer for Microsoft Visual Studio 2013 (HKLM-x32\...\{C9E7751E-88ED-36CF-B610-71A1D262E906}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
WCF Data Services 5.6.0 DEU Language Pack (HKLM-x32\...\{284F5338-4886-460A-BE3E-E510888517BA}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (HKLM-x32\...\{46910786-E4AC-41E4-A4A0-C086EA85242D}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (HKLM-x32\...\{BF3E2194-F89B-44FB-A801-464BF787599F}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 DEU Language Pack (HKLM-x32\...\{7204D64A-D3C5-4781-929C-A8D4BF55819C}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Workflow Manager Client 1.0 (HKLM\...\{F9286DE4-666B-44A9-8257-7827FF70359F}) (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (HKLM\...\{CF706662-0A17-4493-846E-721686927968}) (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> "C:\Program Files\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> "C:\Program Files\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> "C:\Program Files\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\InvTXTStack.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => Keine Datei
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-10-17] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-11-02] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2015-11-02] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-09-16] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-10-17] (Avira Operations GmbH & Co. KG)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0338615A-3266-42D6-8B1B-ED001B710EE3} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {BA9C316D-A77B-4652-A148-2A9C7BDECFFC} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: {05317D0A-02FA-4A3C-AABB-CAA9AC4D4E6E} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2015-07-02] (Hewlett-Packard)
Task: {11ADB3E3-7435-4670-9A2F-CC4536453454} - System32\Tasks\S-1-5-21-2329687503-3892960193-289530943-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation)
Task: {180F9C5F-2D39-41C8-8AD4-104C7634153D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {21CDE175-C14C-4EC6-9892-764D058DC999} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-04] (Microsoft Corporation)
Task: {23E2B0CD-F7A0-4BC7-9A8D-8B3187D494A2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-23] ()
Task: {26F7A6B2-58D7-4E66-9503-C1A762D3BD5F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-10-21] (Microsoft Corporation)
Task: {277C640F-38E5-485C-9033-DE565DEC973B} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2017-10-17] (Avira Operations GmbH & Co. KG)
Task: {27BA89CD-9179-4D98-B0E3-02705881E70A} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3BE4452C-D2F1-4B0A-9665-D098EB5CD368} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-10-21] (Microsoft Corporation)
Task: {465BAAFE-F0E7-4E1F-B2C3-0817461F8855} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {62A2E126-5195-4B9D-9AF6-F44C53D76B46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd)
Task: {6ADA7647-CD34-428F-94ED-23EE8323B893} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd)
Task: {6B93E546-AB44-4071-B404-B098A3C8BBF0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {6CC65CE6-330F-4BE8-832A-D6C932B39FE3} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
Task: {70DD82E1-D657-4111-93E0-B518420DE686} - System32\Tasks\{22499B4E-3F08-4E9B-9DA4-500F1E745333} => C:\Windows\system32\pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {7233E710-2C82-4641-8680-0D055EC28E9C} - System32\Tasks\{91E1B231-7FA7-4AFC-AC83-A01D526AB719} => C:\Windows\system32\pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {747B9D86-6A53-4D2C-AFB0-5336A249073A} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2015-07-02] (Hewlett-Packard)
Task: {76387D1C-D525-4C90-AD05-8DBCA70E5341} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {7D9A5BCC-AB7F-4B4B-8C74-2CD13F9F3698} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe
Task: {7E137034-D59C-4A3D-9A80-61F1B5682722} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {860CE3F9-0B38-4D12-8E49-8800B8ABD887} - System32\Tasks\HPCeeScheduleForLeonardo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {96A50A45-4E40-409F-9C0F-866EBFC6BD5E} - System32\Tasks\EPSON XP-312 313 315 Series Update {BA9C316D-A77B-4652-A148-2A9C7BDECFFC} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: {9CF03812-E9FD-4B08-8A81-0C1DF6D59B28} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-04] (Microsoft Corporation)
Task: {A230BB56-2EEE-4B5E-AE9F-F326089FDDA7} - System32\Tasks\EPSON XP-312 313 315 Series Update {FC56C74F-5415-4549-8235-283E0587E55B} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: {B440F306-4776-4AA2-A6C6-A0C919A878BC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {B773FCBE-F578-4197-B41B-05A56CAE74EF} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
Task: {BE21072B-41EB-41BA-AF24-23D127B233AC} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2015-07-02] (Hewlett-Packard)
Task: {C27DB605-F816-4AC7-9670-3CBC43A1F509} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {FC56C74F-5415-4549-8235-283E0587E55B} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: {CD8C8E07-7CE0-4DE0-BB7F-0D2545664648} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-10-21] (Microsoft Corporation)
Task: {D18C7CC2-F1A9-4BE3-A386-A9E1F0AFABDE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {D99885DE-A15E-4CDB-9127-246A8F58E36C} - System32\Tasks\{D5FB6E9E-18FD-460D-8A7C-0B90D89024C4} => C:\Windows\system32\pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {E1237023-9DA6-410D-9646-13CEED17FBDB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {F1A829C5-ED3C-4A60-BE18-655F373725AB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-09-25] (HP Inc.)
Task: {F844FDA7-97A7-4CBC-BE3E-7BED3812D936} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-10-11] (HP Inc.)
Task: {FD68CEA8-6964-4F63-8DDA-1444AECBCB6B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-16] (Adobe Systems Incorporated)
Task: {FF0D7A0D-8481-49BE-A618-223B6EE68E1F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-23] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Invitation {BA9C316D-A77B-4652-A148-2A9C7BDECFFC}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Invitation {FC56C74F-5415-4549-8235-283E0587E55B}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Update {BA9C316D-A77B-4652-A148-2A9C7BDECFFC}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{BA9C316D-A77B-4652-A148-2A9C7BDECFFC} /F:UpdateWORKGROUP\LEOSPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Update {FC56C74F-5415-4549-8235-283E0587E55B}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{FC56C74F-5415-4549-8235-283E0587E55B} /F:UpdateWORKGROUP\LEOSPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\HPCeeScheduleForLeonardo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-11-13 19:44 - 2017-03-07 19:15 - 000824592 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
2017-11-13 19:44 - 2017-03-07 19:18 - 001981712 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_modeler.dll
2017-11-13 19:44 - 2017-03-07 19:10 - 000248080 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\acpi_battery_input.dll
2017-11-13 19:44 - 2017-03-07 19:09 - 000213776 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\wifi_input.dll
2017-11-13 19:44 - 2017-03-07 19:10 - 000175376 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\devices_use_input.dll
2017-11-13 19:44 - 2017-03-07 19:09 - 000204048 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_system_power_state_input.dll
2017-11-13 19:44 - 2017-03-07 19:08 - 000337680 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_process_input.dll
2017-11-13 19:44 - 2017-03-07 19:05 - 000148240 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_winstat_input.dll
2017-11-13 19:44 - 2017-03-07 19:05 - 000178448 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_acdc_setting_input.dll
2017-11-13 19:44 - 2017-03-07 19:10 - 000213776 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\sema_thermal_input.dll
2017-11-13 19:44 - 2017-03-07 19:06 - 000229648 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_quality_and_reliability_input.dll
2017-11-13 19:44 - 2017-03-07 19:07 - 000225040 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_sampler_input.dll
2017-11-13 19:44 - 2017-03-07 19:05 - 000212752 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_stress_odometer_input.dll
2017-11-13 19:44 - 2017-03-07 19:07 - 000220432 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_turbo_input.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-03-07 19:04 - 2017-03-07 19:04 - 000157456 _____ () C:\Program Files\Intel Driver and Support Assistant\SUR\SurSvc.exe
2017-11-09 19:27 - 2017-10-04 13:15 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-11-09 19:27 - 2017-10-04 13:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 21:59 - 2017-03-20 05:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-13 19:44 - 2017-03-07 19:13 - 000747792 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
2017-11-13 19:44 - 2017-03-07 19:11 - 000238864 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\foreground_window_input.dll
2017-11-13 19:44 - 2017-03-07 19:08 - 000218384 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_user_waiting_input.dll
2017-05-17 13:16 - 2017-05-17 13:16 - 000073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\sony.com -> sony.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Leonardo\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\xyzjzul.jpg
DNS Servers: 192.168.2.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\StartupFolder: => "Proxomitron - Verknüpfung.lnk"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\StartupFolder: => "Proxomitron - Verknüpfung.lnk"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{B5716AB0-B7F1-464C-AFB1-C21B74282FFF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DDE308C8-AD7D-41ED-B9B7-1674F02FB338}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{0855A4F0-FF0A-4DE1-9B87-A09B8E815A9F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{26F116CB-9A48-413E-B4ED-6AC504DE34C5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CF4555A0-BB44-42ED-84F8-B875C44FD0AB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{72EE13C6-A4A1-4905-833F-4572EC1027C9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0A6E62EE-AA19-4E03-A466-78D9B2CC95E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{54924409-5B5C-4889-9958-942DF4C669D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{165016FB-773E-40BD-AAA5-0D9DFC3780CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C74A4257-BC41-4659-9D9F-7D2BADF81DC1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{24E97DA4-EAF2-4FD0-B298-FEB105EB3F2D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7F5F2110-F52A-4BF3-B3E2-4A55747C2243}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1507B54F-4E61-471D-AFF4-888F3B29F212}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{1B96B93F-5A96-4692-80E1-D2875EC2BB62}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [TCP Query User{11D2781F-2A1A-471A-90CD-66211E157542}C:\users\leonardo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leonardo\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6AA388DE-B937-4FB1-A260-FBA7E5C95559}C:\users\leonardo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leonardo\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{5F04D073-3398-4870-A2AB-48B38DD80198}C:\users\leonardo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leonardo\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{777084FD-91F9-4661-886C-D228503ECE14}C:\users\leonardo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leonardo\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{C7E3830B-418A-4D16-95D3-A41C81DEC73E}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{644EBB51-F3A8-42F3-B5A1-410785B86FA1}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [{B42D3B73-86D9-4F53-91AB-4D2A5FC5A9D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E228C6BA-2DAC-4F76-920E-1DFCDD051EF5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{E9D9FA23-F6BD-4BB4-8A38-F59530F2914F}C:\users\leonardo\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\leonardo\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{D845339C-DE1F-4023-AF32-5E177E61D84F}C:\users\leonardo\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\leonardo\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{5DCE9CB4-6EB7-42B1-ABB3-5C046378E95F}C:\users\leonardo\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\leonardo\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{B4C09D3B-9D60-4B55-B503-B30D822F4F29}C:\users\leonardo\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\leonardo\appdata\local\akamai\netsession_win.exe
FirewallRules: [{5BDCC8E7-5B26-4CB0-BFB0-94C07FE40AAC}] => (Allow) C:\Users\Leonardo\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{17BA23BC-EDFA-4E07-B179-BBB80B85D5E1}] => (Allow) C:\Users\Leonardo\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{C6D18CF8-9337-4B4B-9C34-CB8A0D7FFBCA}] => (Allow) C:\Users\Leonardo\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{C87207D0-67AE-404C-9B67-47F23239E152}] => (Allow) C:\Users\Leonardo\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{DFF91E19-0CF0-4E8D-AE51-04CCB0653575}] => (Allow) C:\Users\Leonardo\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{1025977F-F07B-4FA3-84E9-9FFF8999FB3B}] => (Allow) C:\Users\Leonardo\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{BE91D5EB-71F7-452B-BC70-A8AA81DF05A9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3B09438E-8EBE-4AB4-8DC6-C519201F2F3F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6DC77217-28A7-40A5-BCAA-5AE892713806}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6AAE15A1-2474-4B47-8B1B-26457EEEAE9D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B33FB65C-E570-4B5A-99B8-3DEB2FEE4147}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D4AB001F-4584-4F32-814B-09EA951101EF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C44A9C7C-0BE8-4CCE-A481-D919715D54D0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ABE69CFF-3499-4D55-A476-9E412E8B5AB9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{A0E00CD6-CDCA-451E-874A-8E4EFBB6052B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{08EF3A72-122F-4742-A19F-542359EFE8C0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{787B377B-9DA2-4463-A002-45F38585A337}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{5DEB92F6-A42B-4FDB-9C6B-7638EC99E440}] => (Allow) LPort=12292
FirewallRules: [{5DFC9FA7-AEFE-44BE-A49A-C6EAC781F194}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4794455F-70F0-46F4-8811-DE8404D6F45F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{978FA865-7F7F-4F50-AE74-8E4AD8A72AD4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{7ECB6170-E492-4F2A-B55D-0A6263829BC2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{4D437832-33B4-44A7-BB8F-D62EC56A1423}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{62BF6454-78CE-4CB5-9F1F-5E2093CC8337}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{926C0F11-D505-42FF-8078-7F9FABB4F516}C:\program files (x86)\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{65C96C66-E09B-44BA-B264-C7A3398C162F}C:\program files (x86)\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{C7ACE5E1-FD5F-40AD-8B20-9B95126F7B46}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{612B702D-4296-4614-839A-B2846F6C914E}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{1061D3EC-A54F-4631-A8B4-B845077B90DA}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
==================== Wiederherstellungspunkte =========================
14-11-2017 15:01:52 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 #2
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/16/2017 06:15:58 PM) (Source: MsiInstaller) (EventID: 11704) (User: NT-AUTORITÄT)
Description: Product: Adobe Refresh Manager -- Error 1704.An installation for Avira is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?
Error: (11/16/2017 06:04:14 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (11/16/2017 06:02:29 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (11/16/2017 06:02:29 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (11/16/2017 06:02:29 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (11/16/2017 06:02:28 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (11/16/2017 06:02:28 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (11/16/2017 06:02:28 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (11/16/2017 06:02:23 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (11/16/2017 06:02:23 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Systemfehler:
=============
Error: (11/16/2017 06:06:42 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/16/2017 06:02:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "USER_ESRV_SVC_QUEENCREEK" wurde mit folgendem Fehler beendet:
%%497
Error: (11/16/2017 06:02:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "hpsrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (11/16/2017 06:02:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst hpsrv erreicht.
Error: (11/16/2017 06:02:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (11/16/2017 06:00:58 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll
Error: (11/16/2017 06:00:57 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll
Error: (11/16/2017 06:00:50 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "TrustedInstaller" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (11/16/2017 06:00:50 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "TrustedInstaller" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (11/16/2017 06:00:50 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "TrustedInstaller" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}
CodeIntegrity:
===================================
Date: 2017-10-16 17:44:37.290
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-16 17:44:37.277
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 22%
Installierter physikalischer RAM: 16314.15 MB
Verfügbarer physikalischer RAM: 12591.32 MB
Summe virtueller Speicher: 18746.15 MB
Verfügbarer virtueller Speicher: 15140.89 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:909.51 GB) (Free:758.22 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:20.05 GB) (Free:1.97 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E1B0F7F4)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
17.11.2017, 22:18
| #11 |
| /// TB-Ausbilder | Win10 Adware+Trojaner? Leistungsabfall Servus, wir entfernen noch ein bisschen was und kontrollieren nochmal alles. Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1
Schritt 2 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 3 Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)
Schritt 4
Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
18.11.2017, 10:56
| #12 |
| | Win10 Adware+Trojaner? Leistungsabfall Hier der Fixlog: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-11-2017
durchgeführt von Leonardo (18-11-2017 10:20:41) Run:2
Gestartet von C:\Users\Leonardo\Desktop
Geladene Profile: Leonardo (Verfügbare Profile: Leonardo)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CloseProcesses:
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\IObit\Advanced SystemCare
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\IObit\RealTimeProtector
DeleteValue: HKEY_USERS\S-1-5-21-2329687503-3892960193-289530943-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\chip 1-click installer_RASAPI32
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\chip 1-click installer_RASMANCS
EmptyTemp:
*****************
Prozesse erfolgreich geschlossen.
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\IObit\Advanced SystemCare => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\IObit\RealTimeProtector => Schlüssel erfolgreich entfernt
HKEY_USERS\S-1-5-21-2329687503-3892960193-289530943-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe => Wert erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1 => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1 => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1 => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1 => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1 => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1 => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1 => Schlüssel erfolgreich entfernt
================== ExportKey: ===================
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController]
""="WFPController Class"
[HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController\CLSID]
""="{FCAA532B-E807-4027-940C-BA16B9D50105}"
[HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController\CurVer]
""="LavasoftTcpServiceLib.WFPController.1"
=== Ende von ExportKey ===
================== ExportKey: ===================
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1]
""="WFPController Class"
[HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1\CLSID]
""="{FCAA532B-E807-4027-940C-BA16B9D50105}"
=== Ende von ExportKey ===
================== ExportKey: ===================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\chip 1-click installer_RASAPI32]
"EnableFileTracing"="0"
"EnableAutoFileTracing"="0"
"EnableConsoleTracing"="0"
"FileTracingMask"="-65536"
"ConsoleTracingMask"="-65536"
"MaxFileSize"="1048576"
"FileDirectory"="%windir%\tracing"
=== Ende von ExportKey ===
================== ExportKey: ===================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\chip 1-click installer_RASMANCS]
"EnableFileTracing"="0"
"EnableAutoFileTracing"="0"
"EnableConsoleTracing"="0"
"FileTracingMask"="-65536"
"ConsoleTracingMask"="-65536"
"MaxFileSize"="1048576"
"FileDirectory"="%windir%\tracing"
=== Ende von ExportKey ===
=========== EmptyTemp: ==========
BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8449488 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 7205123 B
Edge => 0 B
Chrome => 0 B
Firefox => 81564335 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1634 B
NetworkService => 0 B
Leonardo => 4392805 B
RecycleBin => 66773332 B
EmptyTemp: => 170.9 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 10:21:02 ====
Code:
ATTFilter
|
|
18.11.2017, 15:01
| #13 |
| /// TB-Ausbilder | Win10 Adware+Trojaner? Leistungsabfall Gut gemacht.  Es fehlen nur noch ESET und FRST sowie die Beantwortung der gestelltne Fragen. |
|
18.11.2017, 16:07
| #14 |
| | Win10 Adware+Trojaner? Leistungsabfall Danke ja Esset hat knapp 5 Stunden gedauert, es gabt aber keine Funde und ich konnte keine LogFile machen.Hier FRST: Code:
ATTFilter
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-11-2017
durchgeführt von Leonardo (18-11-2017 16:02:06)
Gestartet von C:\Users\Leonardo\Desktop
Windows 10 Home Version 1703 15063.674 (X64) (2017-05-14 11:17:40)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2329687503-3892960193-289530943-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2329687503-3892960193-289530943-503 - Limited - Disabled)
Gast (S-1-5-21-2329687503-3892960193-289530943-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2329687503-3892960193-289530943-1003 - Limited - Enabled)
Leonardo (S-1-5-21-2329687503-3892960193-289530943-1001 - Administrator - Enabled) => C:\Users\Leonardo
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
. . (HKLM\...\{8FD6FE5A-E1E1-47F3-BBE6-FE2B1364DCB8}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{2394186A-5445-4293-B739-352009350342}) (Version: 3.0.0.9 - Intel) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.69 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Ashampoo WinOptimizer 2017 (HKLM-x32\...\{4209F371-6CE9-533C-2CDC-94E053273B35}_is1) (Version: 14.00.04 - Ashampoo GmbH & Co. KG)
Avira (HKLM-x32\...\{5a024a65-9f29-41b1-b178-946c9f826e72}) (Version: 1.2.99.31392 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.32.12 - Avira Operations GmbH & Co. KG)
AzureTools.Notifications (HKLM-x32\...\{3FBFCF2C-392A-4632-9442-14C305B44D5E}) (Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (HKLM-x32\...\{0B5E43C7-965D-4AF4-A33E-5FA35B6660C8}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (HKLM-x32\...\{EBC890A6-DE7C-44B4-AA03-119B6190D3E1}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (HKLM-x32\...\{81ABB3E1-2F83-4422-B836-8F705B850BBB}) (Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (HKLM-x32\...\{0C03A66F-1FF0-45F9-8D67-0D806EBFFBA1}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blue Coat K9 Web Protection (HKLM\...\Blue Coat K9 Web Protection) (Version: 4.5.1001 - Blue Coat Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Build Tools - amd64 (HKLM\...\{F74753A3-C93C-34F5-A199-993CAF602B7D}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (HKLM-x32\...\{FB3A15FD-FC67-3A2F-892B-6890B0C56EA9}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (HKLM\...\{0C697351-1576-384C-B478-080FEADF30D8}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (HKLM-x32\...\{118528BF-8504-33A4-940B-DCA4EB96C0FB}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.4.03034 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{EB629A98-5E69-40E8-BA9E-C393899F959D}) (Version: 4.4.03034 - Cisco Systems, Inc.) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2013 (HKLM-x32\...\{B2686344-675D-36A1-8736-708DE7B1FC2E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dotfuscator and Analytics Community Edition (HKLM-x32\...\{2386192E-D6DB-4AD2-9564-65586A0AE53E}) (Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (HKLM-x32\...\{4288C330-5D64-42EA-886A-8F1FFEB3EF2B}) (Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Eco Materials Adviser for Autodesk Inventor 2014 (64-bit) (HKLM\...\{530B8614-C5DE-475B-AF6F-71BED461552C}) (Version: 4.4.1.0 - Granta Design Limited)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{4BBA238C-9E5D-40F9-8AC6-FACB736752B9}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.46 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.5.37.19 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.8.37.11 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{36F80C5F-DC0D-4DF4-AF09-DC1867F0EB0A}) (Version: 2.4.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.46 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.46 - Softex Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{8B4EA042-9E21-46FB-8286-225F4D51CC52}) (Version: 4.2.41.2710 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{FD46588A-DB19-4C43-B657-EA898E280812}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Driver & Support Assistant (HKLM-x32\...\{01f3f6b8-1a81-4b10-b51f-f69af12e1d69}) (Version: 3.0.0.9 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{8060a69f-ee27-444b-b126-775f861232ea}) (Version: 20.0.2 - Intel Corporation)
iTunes (HKLM\...\{24607015-8D34-4AF3-9092-AC83847AE073}) (Version: 12.7.1.14 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
JavaScript Tooling (HKLM\...\{2044FC4C-4EA3-4113-BC1E-962DF568D201}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Language Pack (DEU) für freigegebene Windows Azure-Komponenten für Microsoft Visual Studio 2013 - v1.0 (HKLM-x32\...\{49851B40-6615-4D06-82E0-5F7636AA4092}) (Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
LocalESPC Dev12 (HKLM-x32\...\{492498A3-F88C-FE2F-755C-9B1B91724CA5}) (Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de Dev12 (HKLM-x32\...\{C21CC041-4347-804E-1BB0-87AC539335C7}) (Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes Version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.8201.2200 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{c59d30df-4d25-44da-be52-3e17381c68c1}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Mozilla Firefox 57.0 (x64 de) (HKLM\...\Mozilla Firefox 57.0 (x64 de)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.0.6525 - Mozilla)
NVIDIA GeForce Experience 2.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0 - NVIDIA Corporation)
NVIDIA Grafiktreiber 385.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.69 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.22 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8201.2200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8201.2200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8201.2200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (HKLM-x32\...\{3EA16E23-14D2-466A-8268-D7CD40DC46B6}) (Version: 2.5.5631 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (HKLM-x32\...\{63045916-32E7-31D6-BD8E-C13406E137B5}) (Version: 4.5.21005 - Microsoft Corporation) Hidden
PlanetSide 2 (HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
PreEmptive Analytics Client German Language Pack (HKLM-x32\...\{C0C08B71-8D97-47C0-91E2-D8F570A06994}) (Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{943F3FB1-3F9C-4FB7-A4E2-6D53617068C3}) (Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Python Tools - Umleitungsvorlage (HKLM-x32\...\{24AF7EE2-5C90-4BC6-BAAB-BB8D1EB570A0}) (Version: 1.1 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.40 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
SharePoint Client Components (HKLM\...\{95150001-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 1.8.315 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\Spotify) (Version: 1.0.67.582.g19436fa3 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Synaptics WBF DDK (HKLM\...\{963DDEF5-52CF-4313-81D9-B186B89C0A57}) (Version: 4.5.289.0 - Synaptics)
Team Explorer for Microsoft Visual Studio 2013 (HKLM-x32\...\{C9E7751E-88ED-36CF-B610-71A1D262E906}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
WCF Data Services 5.6.0 DEU Language Pack (HKLM-x32\...\{284F5338-4886-460A-BE3E-E510888517BA}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (HKLM-x32\...\{46910786-E4AC-41E4-A4A0-C086EA85242D}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (HKLM-x32\...\{BF3E2194-F89B-44FB-A801-464BF787599F}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 DEU Language Pack (HKLM-x32\...\{7204D64A-D3C5-4781-929C-A8D4BF55819C}) (Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Workflow Manager Client 1.0 (HKLM\...\{F9286DE4-666B-44A9-8257-7827FF70359F}) (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (HKLM\...\{CF706662-0A17-4493-846E-721686927968}) (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> "C:\Program Files\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> "C:\Program Files\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> "C:\Program Files\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe" => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\InvTXTStack.exe /Automation => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2329687503-3892960193-289530943-1001_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => Keine Datei
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-10-17] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-11-02] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2015-11-02] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-09-16] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2017-10-17] (Avira Operations GmbH & Co. KG)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0338615A-3266-42D6-8B1B-ED001B710EE3} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {BA9C316D-A77B-4652-A148-2A9C7BDECFFC} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: {05317D0A-02FA-4A3C-AABB-CAA9AC4D4E6E} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2015-07-02] (Hewlett-Packard)
Task: {11ADB3E3-7435-4670-9A2F-CC4536453454} - System32\Tasks\S-1-5-21-2329687503-3892960193-289530943-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-03-18] (Microsoft Corporation)
Task: {180F9C5F-2D39-41C8-8AD4-104C7634153D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {21CDE175-C14C-4EC6-9892-764D058DC999} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-04] (Microsoft Corporation)
Task: {23E2B0CD-F7A0-4BC7-9A8D-8B3187D494A2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-23] ()
Task: {26F7A6B2-58D7-4E66-9503-C1A762D3BD5F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-10-21] (Microsoft Corporation)
Task: {277C640F-38E5-485C-9033-DE565DEC973B} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2017-10-17] (Avira Operations GmbH & Co. KG)
Task: {27BA89CD-9179-4D98-B0E3-02705881E70A} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3BE4452C-D2F1-4B0A-9665-D098EB5CD368} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-10-21] (Microsoft Corporation)
Task: {465BAAFE-F0E7-4E1F-B2C3-0817461F8855} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {62A2E126-5195-4B9D-9AF6-F44C53D76B46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd)
Task: {6ADA7647-CD34-428F-94ED-23EE8323B893} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd)
Task: {6B93E546-AB44-4071-B404-B098A3C8BBF0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {6CC65CE6-330F-4BE8-832A-D6C932B39FE3} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
Task: {70DD82E1-D657-4111-93E0-B518420DE686} - System32\Tasks\{22499B4E-3F08-4E9B-9DA4-500F1E745333} => C:\Windows\system32\pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {7233E710-2C82-4641-8680-0D055EC28E9C} - System32\Tasks\{91E1B231-7FA7-4AFC-AC83-A01D526AB719} => C:\Windows\system32\pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {747B9D86-6A53-4D2C-AFB0-5336A249073A} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2015-07-02] (Hewlett-Packard)
Task: {76387D1C-D525-4C90-AD05-8DBCA70E5341} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {7D9A5BCC-AB7F-4B4B-8C74-2CD13F9F3698} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe
Task: {7E137034-D59C-4A3D-9A80-61F1B5682722} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {860CE3F9-0B38-4D12-8E49-8800B8ABD887} - System32\Tasks\HPCeeScheduleForLeonardo => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {96A50A45-4E40-409F-9C0F-866EBFC6BD5E} - System32\Tasks\EPSON XP-312 313 315 Series Update {BA9C316D-A77B-4652-A148-2A9C7BDECFFC} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: {9CF03812-E9FD-4B08-8A81-0C1DF6D59B28} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-04] (Microsoft Corporation)
Task: {A230BB56-2EEE-4B5E-AE9F-F326089FDDA7} - System32\Tasks\EPSON XP-312 313 315 Series Update {FC56C74F-5415-4549-8235-283E0587E55B} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: {B440F306-4776-4AA2-A6C6-A0C919A878BC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {B773FCBE-F578-4197-B41B-05A56CAE74EF} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
Task: {BE21072B-41EB-41BA-AF24-23D127B233AC} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2015-07-02] (Hewlett-Packard)
Task: {C27DB605-F816-4AC7-9670-3CBC43A1F509} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {FC56C74F-5415-4549-8235-283E0587E55B} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: {CD8C8E07-7CE0-4DE0-BB7F-0D2545664648} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-10-21] (Microsoft Corporation)
Task: {D18C7CC2-F1A9-4BE3-A386-A9E1F0AFABDE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {D99885DE-A15E-4CDB-9127-246A8F58E36C} - System32\Tasks\{D5FB6E9E-18FD-460D-8A7C-0B90D89024C4} => C:\Windows\system32\pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
Task: {E1237023-9DA6-410D-9646-13CEED17FBDB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {F1A829C5-ED3C-4A60-BE18-655F373725AB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-09-25] (HP Inc.)
Task: {F844FDA7-97A7-4CBC-BE3E-7BED3812D936} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-10-11] (HP Inc.)
Task: {FD68CEA8-6964-4F63-8DDA-1444AECBCB6B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-16] (Adobe Systems Incorporated)
Task: {FF0D7A0D-8481-49BE-A618-223B6EE68E1F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-23] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Invitation {BA9C316D-A77B-4652-A148-2A9C7BDECFFC}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Invitation {FC56C74F-5415-4549-8235-283E0587E55B}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Update {BA9C316D-A77B-4652-A148-2A9C7BDECFFC}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{BA9C316D-A77B-4652-A148-2A9C7BDECFFC} /F:UpdateWORKGROUP\LEOSPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Update {FC56C74F-5415-4549-8235-283E0587E55B}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{FC56C74F-5415-4549-8235-283E0587E55B} /F:UpdateWORKGROUP\LEOSPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\HPCeeScheduleForLeonardo.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-11-09 19:27 - 2017-10-04 13:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-11-09 19:27 - 2017-10-04 13:15 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-07 19:04 - 2017-03-07 19:04 - 000157456 _____ () C:\Program Files\Intel Driver and Support Assistant\SUR\SurSvc.exe
2017-11-13 19:44 - 2017-03-07 19:15 - 000824592 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
2017-11-13 19:44 - 2017-03-07 19:18 - 001981712 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_modeler.dll
2017-11-13 19:44 - 2017-03-07 19:10 - 000248080 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\acpi_battery_input.dll
2017-11-13 19:44 - 2017-03-07 19:09 - 000213776 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\wifi_input.dll
2017-11-13 19:44 - 2017-03-07 19:10 - 000175376 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\devices_use_input.dll
2017-11-13 19:44 - 2017-03-07 19:09 - 000204048 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_system_power_state_input.dll
2017-11-13 19:44 - 2017-03-07 19:08 - 000337680 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_process_input.dll
2017-11-13 19:44 - 2017-03-07 19:05 - 000148240 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_winstat_input.dll
2017-11-13 19:44 - 2017-03-07 19:05 - 000178448 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_acdc_setting_input.dll
2017-11-13 19:44 - 2017-03-07 19:10 - 000213776 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\sema_thermal_input.dll
2017-11-13 19:44 - 2017-03-07 19:06 - 000229648 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_quality_and_reliability_input.dll
2017-11-13 19:44 - 2017-03-07 19:07 - 000225040 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_sampler_input.dll
2017-11-13 19:44 - 2017-03-07 19:05 - 000212752 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_stress_odometer_input.dll
2017-11-13 19:44 - 2017-03-07 19:07 - 000220432 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_turbo_input.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 21:59 - 2017-03-20 05:36 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-13 19:44 - 2017-03-07 19:13 - 000747792 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe
2017-11-13 19:44 - 2017-03-07 19:11 - 000238864 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\foreground_window_input.dll
2017-11-13 19:44 - 2017-03-07 19:08 - 000218384 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\intel_user_waiting_input.dll
2017-11-02 10:14 - 2017-11-02 10:14 - 001919680 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2017-11-02 10:14 - 2017-11-02 10:15 - 001226416 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2017-10-25 17:50 - 2017-10-25 17:51 - 003553704 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8700.40675.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-10-25 17:48 - 2017-10-25 17:50 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-10 17:37 - 2017-11-10 17:39 - 000022016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-11-10 17:37 - 2017-11-10 17:39 - 055109120 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-25 18:02 - 2017-10-25 18:03 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2017-11-10 17:37 - 2017-11-10 17:39 - 000164864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
2017-10-25 18:02 - 2017-10-25 18:03 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
2017-11-10 17:37 - 2017-11-10 17:39 - 003740160 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-11-10 17:37 - 2017-11-10 17:39 - 002051584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2017-11-10 17:37 - 2017-11-10 17:39 - 020759040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-11-10 17:37 - 2017-11-10 17:39 - 003607040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-11-10 17:37 - 2017-11-10 17:38 - 003150848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-08-29 14:42 - 2017-08-29 14:42 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-10 17:37 - 2017-11-10 17:39 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-11-10 17:37 - 2017-11-10 17:39 - 002493440 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.People.AutoSuggest.dll
2017-11-10 17:37 - 2017-11-10 17:39 - 000919040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.People.PeoplePicker.dll
2017-11-10 17:37 - 2017-11-10 17:39 - 001363968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-11-18 11:22 - 2017-11-18 11:23 - 035241472 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17085.22311.0_x64__8wekyb3d8bbwe\Music.UI.exe
2017-11-18 11:22 - 2017-11-18 11:23 - 009218560 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17085.22311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-08-23 15:16 - 2017-08-23 15:19 - 000957952 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17085.22311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2017-10-25 17:50 - 2017-10-25 17:51 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17085.22311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-18 11:22 - 2017-11-18 11:25 - 013224960 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17085.22311.0_x64__8wekyb3d8bbwe\Music.Visuals.dll
2017-05-17 13:16 - 2017-05-17 13:16 - 000073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\sony.com -> sony.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Leonardo\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\xyzjzul.jpg
DNS Servers: 192.168.2.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\StartupFolder: => "Proxomitron - Verknüpfung.lnk"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\StartupFolder: => "Proxomitron - Verknüpfung.lnk"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Autodesk Sync"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2329687503-3892960193-289530943-1001\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{B5716AB0-B7F1-464C-AFB1-C21B74282FFF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DDE308C8-AD7D-41ED-B9B7-1674F02FB338}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{0855A4F0-FF0A-4DE1-9B87-A09B8E815A9F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{26F116CB-9A48-413E-B4ED-6AC504DE34C5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CF4555A0-BB44-42ED-84F8-B875C44FD0AB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{72EE13C6-A4A1-4905-833F-4572EC1027C9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0A6E62EE-AA19-4E03-A466-78D9B2CC95E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{54924409-5B5C-4889-9958-942DF4C669D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{165016FB-773E-40BD-AAA5-0D9DFC3780CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C74A4257-BC41-4659-9D9F-7D2BADF81DC1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{24E97DA4-EAF2-4FD0-B298-FEB105EB3F2D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7F5F2110-F52A-4BF3-B3E2-4A55747C2243}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1507B54F-4E61-471D-AFF4-888F3B29F212}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{1B96B93F-5A96-4692-80E1-D2875EC2BB62}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [TCP Query User{11D2781F-2A1A-471A-90CD-66211E157542}C:\users\leonardo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leonardo\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6AA388DE-B937-4FB1-A260-FBA7E5C95559}C:\users\leonardo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leonardo\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{5F04D073-3398-4870-A2AB-48B38DD80198}C:\users\leonardo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leonardo\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{777084FD-91F9-4661-886C-D228503ECE14}C:\users\leonardo\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\leonardo\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{C7E3830B-418A-4D16-95D3-A41C81DEC73E}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{644EBB51-F3A8-42F3-B5A1-410785B86FA1}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [{B42D3B73-86D9-4F53-91AB-4D2A5FC5A9D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E228C6BA-2DAC-4F76-920E-1DFCDD051EF5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{E9D9FA23-F6BD-4BB4-8A38-F59530F2914F}C:\users\leonardo\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\leonardo\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{D845339C-DE1F-4023-AF32-5E177E61D84F}C:\users\leonardo\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\leonardo\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{5DCE9CB4-6EB7-42B1-ABB3-5C046378E95F}C:\users\leonardo\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\leonardo\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{B4C09D3B-9D60-4B55-B503-B30D822F4F29}C:\users\leonardo\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\leonardo\appdata\local\akamai\netsession_win.exe
FirewallRules: [{5BDCC8E7-5B26-4CB0-BFB0-94C07FE40AAC}] => (Allow) C:\Users\Leonardo\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{17BA23BC-EDFA-4E07-B179-BBB80B85D5E1}] => (Allow) C:\Users\Leonardo\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{C6D18CF8-9337-4B4B-9C34-CB8A0D7FFBCA}] => (Allow) C:\Users\Leonardo\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{C87207D0-67AE-404C-9B67-47F23239E152}] => (Allow) C:\Users\Leonardo\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{DFF91E19-0CF0-4E8D-AE51-04CCB0653575}] => (Allow) C:\Users\Leonardo\AppData\Local\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{1025977F-F07B-4FA3-84E9-9FFF8999FB3B}] => (Allow) C:\Users\Leonardo\AppData\Local\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{BE91D5EB-71F7-452B-BC70-A8AA81DF05A9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3B09438E-8EBE-4AB4-8DC6-C519201F2F3F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6DC77217-28A7-40A5-BCAA-5AE892713806}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6AAE15A1-2474-4B47-8B1B-26457EEEAE9D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B33FB65C-E570-4B5A-99B8-3DEB2FEE4147}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D4AB001F-4584-4F32-814B-09EA951101EF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C44A9C7C-0BE8-4CCE-A481-D919715D54D0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ABE69CFF-3499-4D55-A476-9E412E8B5AB9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{A0E00CD6-CDCA-451E-874A-8E4EFBB6052B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{08EF3A72-122F-4742-A19F-542359EFE8C0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{787B377B-9DA2-4463-A002-45F38585A337}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{5DEB92F6-A42B-4FDB-9C6B-7638EC99E440}] => (Allow) LPort=12292
FirewallRules: [{5DFC9FA7-AEFE-44BE-A49A-C6EAC781F194}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4794455F-70F0-46F4-8811-DE8404D6F45F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{978FA865-7F7F-4F50-AE74-8E4AD8A72AD4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{7ECB6170-E492-4F2A-B55D-0A6263829BC2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{4D437832-33B4-44A7-BB8F-D62EC56A1423}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{62BF6454-78CE-4CB5-9F1F-5E2093CC8337}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{926C0F11-D505-42FF-8078-7F9FABB4F516}C:\program files (x86)\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{65C96C66-E09B-44BA-B264-C7A3398C162F}C:\program files (x86)\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{C7ACE5E1-FD5F-40AD-8B20-9B95126F7B46}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{612B702D-4296-4614-839A-B2846F6C914E}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{1061D3EC-A54F-4631-A8B4-B845077B90DA}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
==================== Wiederherstellungspunkte =========================
14-11-2017 15:01:52 Windows Update
18-11-2017 10:52:37 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 #2
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/18/2017 02:00:17 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (11/18/2017 11:45:11 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Visual Studio 12.0\VC\redist\1031\vcredist_arm.exe".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (11/18/2017 10:39:25 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile 1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (11/18/2017 10:29:11 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (11/18/2017 10:23:00 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (11/18/2017 10:23:00 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (11/18/2017 10:22:57 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (11/18/2017 10:22:57 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (11/18/2017 10:22:57 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (11/18/2017 10:22:57 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Systemfehler:
=============
Error: (11/18/2017 03:59:29 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{F3B4E234-7A68-4E43-B813-E4BA55A065F6}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/18/2017 11:06:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (11/18/2017 11:06:06 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Leonardo\AppData\Local\Temp\ehdrv.sys
Error: (11/18/2017 11:06:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (11/18/2017 11:06:05 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Leonardo\AppData\Local\Temp\ehdrv.sys
Error: (11/18/2017 11:06:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (11/18/2017 11:06:05 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Leonardo\AppData\Local\Temp\ehdrv.sys
Error: (11/18/2017 11:06:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (11/18/2017 11:06:05 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Leonardo\AppData\Local\Temp\ehdrv.sys
Error: (11/18/2017 11:06:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
CodeIntegrity:
===================================
Date: 2017-10-16 17:44:37.290
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-10-16 17:44:37.277
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 16314.15 MB
Verfügbarer physikalischer RAM: 12491.85 MB
Summe virtueller Speicher: 18746.15 MB
Verfügbarer virtueller Speicher: 14601.18 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:909.51 GB) (Free:760.2 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:20.05 GB) (Free:1.97 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E1B0F7F4)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
18.11.2017, 21:20
| #15 |
| /// TB-Ausbilder | Win10 Adware+Trojaner? Leistungsabfall Servus, du hast nochmal die Logdatei von HitmanPro gepostet. Es fehlt die FRST.txt. Bitte nachreichen. |
|
| Themen zu Win10 Adware+Trojaner? Leistungsabfall |
| adobe, adware, akamai, anlage, antivirus, avdevprot, avdevprot.sys, avira, bonjour, defender, error, firefox, home, homepage, langsam, logfile, mozilla, prozesse, realtek, registry, scan, server, svchost.exe, system, trojaner, trojaner?, usb, windows |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
