| |
| |||||||
Log-Analyse und Auswertung: Chrome wird von "Organisation verwaltet" - lässt sich nicht ändernWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
| |
27.07.2019, 10:48
| #1 |
 |  Chrome wird von "Organisation verwaltet" - lässt sich nicht ändern Guten Tag, in den Einstellungen von Chrome ist bei mir zu lesen, dass mein Chrome "von ihrer Organisation" verwaltet wird. Habe mehrere Dinge versucht: mehrere Malware-Scanner (adware, malwarebytes) inkl. bereinigung, alle Erweiterungen gelöscht (PS: eine yahoo-Erweiterung taucht ungefragt immer wieder von neuem auf). Habe nun Angst, dass mein Rechner befallen sein könnte. VIELEN DANK IM VORAUS Hier die Logfiles von FRST Logfile FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-07-2019 01
durchgeführt von HerrMustermann (Administrator) auf HerrMustermann-DESKTOP (Gigabyte Technology Co., Ltd. GA-MA770T-UD3P) (27-07-2019 11:29:55)
Gestartet von K:\browser download
Geladene Profile: HerrMustermann (Verfügbare Profile: HerrMustermann)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc.) [Datei ist nicht signiert] C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(AnchorFree Inc -> AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(AnchorFree Inc -> AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
(Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfService.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Users\HerrMustermann\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Users\HerrMustermann\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Users\HerrMustermann\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Users\HerrMustermann\AppData\Roaming\Dropbox\bin\77.4.131\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Users\HerrMustermann\AppData\Roaming\Dropbox\bin\77.4.131\QtWebEngineProcess.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
(LastPass (Marvasol Inc) -> LastPass) C:\Program Files (x86)\LastPass\nplastpass.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe
(Realtek Semiconductor Corp -> Realtek) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe
(Realtek Semiconductor Corp -> Realtek) C:\Windows\SwUSB.exe
(Realtek Semiconductor Corp.) [Datei ist nicht signiert] C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWLan.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(SEIKO EPSON CORPORATION) [Datei ist nicht signiert] C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Synology Inc. -> ) C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
(Synology Inc. -> ) C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
(Synology Inc. -> Synology Inc.) C:\Users\HerrMustermann\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-connect.exe
(Synology Inc. -> Synology Inc.) C:\Users\HerrMustermann\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-daemon.exe
(Synology Inc. -> Synology Inc.) C:\Users\HerrMustermann\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-ui.exe
(Synology Inc. -> Synology Inc.) C:\Users\HerrMustermann\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-connect.exe
(Synology Inc. -> Synology Inc.) C:\Users\HerrMustermann\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-daemon.exe
(Synology Inc. -> Synology Inc.) C:\Users\HerrMustermann\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-ui.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Wolters Kluwer Deutschland GmbH -> ) C:\Program Files (x86)\AAVUpdateManager\aavus.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [790432 2018-10-25] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [587168 2018-10-25] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKU\S-1-5-21-2991059459-3680970099-1061886961-1001\...\Run: [Dropbox Update] => C:\Users\HerrMustermann\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-2991059459-3680970099-1061886961-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [7388488 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [127488 2013-01-06] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\i420vfw.dll [70656 2004-01-25] (www.helixcommunity.org) [Datei ist nicht signiert]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [84480 2009-04-02] () [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [720384 2010-02-19] (DivX, Inc.) [Datei ist nicht signiert]
HKLM\...\Drivers32: [vidc.yv12] => C:\Windows\SysWOW64\yv12vfw.dll [70656 2004-01-25] (www.helixcommunity.org) [Datei ist nicht signiert]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [Nitro PDF Professional] -> cscript //B "C:\Program Files (x86)\Nitro PDF\Professional\RemoveOldAddins.vbs"
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{5355DA8C-FE32-49b4-A567-A67535C86592}] -> C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BLEtokenCredentialProvider.dll [2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\Users\HerrMustermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2019-07-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\HerrMustermann\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
Startup: C:\Users\HerrMustermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Backup.lnk [2019-07-27]
ShortcutTarget: Synology Cloud Station Backup.lnk -> C:\Program Files (x86)\Synology\CloudStationBackup\bin\launcher.exe (Synology Inc. -> Synology Inc.)
Startup: C:\Users\HerrMustermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Drive.lnk [2019-07-27]
ShortcutTarget: Synology Cloud Station Drive.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc. -> Synology Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0733555F-824F-46FC-9564-0ABC86D6CDCE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6441536 2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {0FE72F8C-E4BE-47E8-805B-13468D1407AA} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-09] (Adobe Inc. -> Adobe)
Task: {33A6F218-A6BD-4F67-82E1-3C0811F9365B} - System32\Tasks\{D854F776-DE5B-48B0-9197-2369BD5EA6E1} => msiexec.exe /package "G:\ActivePython-2.7.5.6-win32-x86.msi"
Task: {38471739-B852-4F82-8344-5F83F6A23D71} - System32\Tasks\AdobeGCInvoker-1.0-HerrMustermann-Desktop-HerrMustermann => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {384E1342-AD36-4075-9324-9CC8C983C03F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {3D6E6985-7A90-495D-8788-9C6803B127A6} - System32\Tasks\Connect => C:\Program Files (x86)\MAGIX\Connect\connect.exe [356936 2017-08-02] (MAGIX Software GmbH -> MAGIX Software GmbH)
Task: {42887EDB-1162-4CC6-8AC4-CCEA0AAC29DE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6441536 2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {5D0C2C6F-6478-4887-AA27-19B067D288D8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2991059459-3680970099-1061886961-1001Core => C:\Users\HerrMustermann\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {6419F64E-C0F1-4F4C-8B01-49CB8956E691} - System32\Tasks\{44FFA1D4-4295-47E3-A53E-11543A5CDA04} => "c:\users\HerrMustermann\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?page=tsMain
Task: {694CBBA2-A9EA-4C52-959D-4956318CBEB5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {6C4EA0A6-BF96-4F74-9C43-A707B6065A9B} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {7472D217-3058-42BC-8536-86119CA3395E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2991059459-3680970099-1061886961-1001UA1ce27b3e41d2efe => C:\Users\HerrMustermann\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {7748F888-E12E-4B16-9004-A0AF1D8E3681} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208400 2019-07-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {7839C515-6535-4594-B493-85DA8D994C57} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208400 2019-07-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {86E55752-9FCD-42C0-9709-9AF95E66E86D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [152112 2019-07-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {8B3481E9-98B7-4880-BE02-B5876323B14C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2991059459-3680970099-1061886961-1001Core1ce27b3df957303 => C:\Users\HerrMustermann\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {8D8A9768-9B94-499B-B44D-AB9254FAAC43} - System32\Tasks\MT66 Software Update => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe [634152 2009-11-18] (Medien-Team 66 Verlags GmbH -> MedienTeam66) [Datei ist nicht signiert]
Task: {8F6F52A9-8E5E-4E1F-87C5-AE80EB2A9E2C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {989F4C90-A5E9-4523-8318-70CA64457C2F} - System32\Tasks\AdobeAAMUpdater-1.0-HerrMustermann-Desktop-HerrMustermann => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {9A4DF175-DE5B-47F3-86D1-6F92B92771FD} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2991059459-3680970099-1061886961-1001UA => C:\Users\HerrMustermann\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.)
Task: {9DD8463A-518B-45FE-98C7-83A6AC3924F7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe)
Task: {9E342D3C-0B26-46BE-AE39-37C9EE75226F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2991059459-3680970099-1061886961-1001Core => C:\Users\HerrMustermann\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.)
Task: {AC424BD0-ADB2-4827-87EE-8C3523338E92} - \{5A72AA95-3F34-437B-9F10-22DB6A640CFE} -> Keine Datei <==== ACHTUNG
Task: {BDB4F558-8079-4D47-9C5B-CA2C921F392B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [152112 2019-07-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {BECB6FF8-0E16-41E0-94C9-24F667227927} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [462288 2018-11-15] (Bitdefender SRL -> Bitdefender)
Task: {D49741F5-19A9-4920-B8AB-D17D9D782CDC} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {D8866840-3B09-45B8-883A-6B30342CC7BA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {ED6D4A6F-9F6E-478A-AEE3-703287003DD4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF7C7900-002C-4503-9DBF-F11F3CF5868E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2991059459-3680970099-1061886961-1001UA => C:\Users\HerrMustermann\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Connect.job => C:\Program Files (x86)\MAGIX\Connect\connect.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2991059459-3680970099-1061886961-1001Core.job => C:\Users\HerrMustermann\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2991059459-3680970099-1061886961-1001UA.job => C:\Users\HerrMustermann\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2991059459-3680970099-1061886961-1001Core.job => C:\Users\HerrMustermann\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2991059459-3680970099-1061886961-1001UA.job => C:\Users\HerrMustermann\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MT66 Software Update.job => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [147456 2008-12-12] (Apple Inc.) [Datei ist nicht signiert]
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{AEE7A8FE-48CE-4BA8-A60B-880D9E0B2CFC}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{E443A445-B56B-4878-B661-76F15337F470}: [DhcpNameServer] 192.168.178.1
HKLM\System\...\Parameters\PersistentRoutes: [169.254.0.0,255.255.0.0,192.168.2.100,1]
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <==== ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2991059459-3680970099-1061886961-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKU\S-1-5-21-2991059459-3680970099-1061886961-1001 -> {A2E4AA5A-D3BE-40B0-BF34-963DBDECB730} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-08-05] (LastPass (Marvasol Inc) -> LastPass)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech Inc -> Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: FGCatchUrl -> {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} -> C:\Program Files (x86)\FlashGet\jccatch.dll [2007-08-06] (www.flashget.com) [Datei ist nicht signiert]
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (Canon Inc. -> CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-02-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-08-05] (LastPass (Marvasol Inc) -> LastPass)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech Inc -> Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2019-06-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: FlashGet GetFlash Class -> {F156768E-81EF-470C-9057-481BA8380DBA} -> C:\Program Files (x86)\FlashGet\getflash.dll [2007-05-18] (www.flashget.com) [Datei ist nicht signiert]
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2015-08-05] (LastPass (Marvasol Inc) -> LastPass)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2015-08-05] (LastPass (Marvasol Inc) -> LastPass)
Toolbar: HKLM-x32 - Recorder Toolbar - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files (x86)\MedienTeam66\CHIP Free MP3 converter for YouTube\IEPlugin.dll [2014-12-16] (Medien-Team 66 Verlags GmbH -> MedienTeam66) [Datei ist nicht signiert]
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-19] (Skype Technologies SA -> Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-10-25] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-10-25] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-10-25] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-10-25] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-10-25] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-10-25] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-10-25] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-10-25] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-10-25] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-10-25] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-10-25] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-10-25] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-10-25] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-10-25] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-10-25] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2018-10-25] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\HerrMustermann\AppData\Roaming\TomTom\HOME\Profiles\akkdhi2h.default [2019-05-30]
FF Extension: (Kein Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [nicht gefunden]
FF ProfilePath: C:\Users\HerrMustermann\AppData\Roaming\Mozilla\Firefox\Profiles\dl3upini.default [2019-07-19]
FF Homepage: Mozilla\Firefox\Profiles\dl3upini.default -> hxxps://de.yahoo.com/?fr=yset_ff_syc_oracle&type=orcl_hpset
FF NetworkProxy: Mozilla\Firefox\Profiles\dl3upini.default -> backup.ftp", ""
FF Extension: (Avira Browserschutz) - C:\Users\HerrMustermann\AppData\Roaming\Mozilla\Firefox\Profiles\dl3upini.default\Extensions\abs@avira.com.xpi [2017-09-23] [UpdateUrl:hxxps://download.avira.com/package/abs/firefox/update-webext.rdf]
FF Extension: (Session Manager) - C:\Users\HerrMustermann\AppData\Roaming\Mozilla\Firefox\Profiles\dl3upini.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2017-04-20] [Legacy]
FF Extension: (NoScript) - C:\Users\HerrMustermann\AppData\Roaming\Mozilla\Firefox\Profiles\dl3upini.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2018-04-08] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\HerrMustermann\AppData\Roaming\Mozilla\Firefox\Profiles\dl3upini.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-07-15] [Legacy]
FF Extension: (Tab Mix Plus) - C:\Users\HerrMustermann\AppData\Roaming\Mozilla\Firefox\Profiles\dl3upini.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2017-09-23] [Legacy]
FF Extension: (Greasemonkey) - C:\Users\HerrMustermann\AppData\Roaming\Mozilla\Firefox\Profiles\dl3upini.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2017-09-23] [Legacy]
FF ProfilePath: C:\Users\HerrMustermann\AppData\Roaming\KompoZer\Profiles\h1mo36l7.default [2013-01-05]
FF Extension: (DVDVideoSoft YouTube MP3 and Video Download) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2014-12-15] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-01-09] [Legacy] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [Keine Datei]
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-08-05] (LastPass (Marvasol Inc) -> LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.) [Datei ist nicht signiert]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2018-10-25] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (Electronic Sports Network i Sverige AB -> ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB) [Datei ist nicht signiert]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2015-08-05] (LastPass (Marvasol Inc) -> LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] (Nokia -> )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-02-14] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-2991059459-3680970099-1061886961-1001: @tools.google.com/Google Update;version=3 -> C:\Users\HerrMustermann\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-2991059459-3680970099-1061886961-1001: @tools.google.com/Google Update;version=9 -> C:\Users\HerrMustermann\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-2991059459-3680970099-1061886961-1001: SkypePlugin -> C:\Users\HerrMustermann\AppData\Local\SkypePlugin\7.16.0.22\npGatewayNpapi.dll [2016-03-04] (Microsoft Corporation -> Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-2991059459-3680970099-1061886961-1001: SkypePlugin64 -> C:\Users\HerrMustermann\AppData\Local\SkypePlugin\7.16.0.22\npGatewayNpapi-x64.dll [2016-03-04] (Microsoft Corporation -> Skype Technologies S.A.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default [2019-07-27]
CHR Extension: (Forge of Empires) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\anaphblkfplenhkephgneolhnmjminjg [2015-08-22]
CHR Extension: (Google Drive) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google-Suche) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Verrckte Achterbahn) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\eafhgomkapdagnpmmgilphbolnejepoc [2012-12-15]
CHR Extension: (Google Kalender) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-19]
CHR Extension: (Conquest Tower Defense) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekllldpmjfbnkdieckjdfhdglcbaikhl [2012-12-15]
CHR Extension: (HD Theme Park Videos) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\fajfeohbcakgclpjjhffplfnfeddjdmb [2012-12-15]
CHR Extension: (Die besten Deals im Blick) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhjmdobefakhdbfdpnnopoaldabldbgd [2016-11-19]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2019-07-26]
CHR Extension: (Isoball 3) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj [2013-08-25]
CHR Extension: (World Weather) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\jefnaahehlimdapgicdacbgklnedgoje [2015-07-15]
CHR Extension: (Command & Conquer Tiberium Alliances) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgaeopgjojikeoiidmfaejkifhgjoooe [2016-07-15]
CHR Extension: (Siege Hero Viking Vengeance) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfomhlbnciicmciejodphlggfbmhbbbo [2012-12-15]
CHR Extension: (Ustream Lounge) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\klpjjhflaaojjogkompcfpoejaneeika [2012-12-15]
CHR Extension: (Google Maps) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-18]
CHR Extension: (Die Farmer) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\loejpninlkglekflmghgjdommmkdghka [2012-12-15]
CHR Extension: (Plants vs Zombies) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina [2012-12-15]
CHR Extension: (WGT Golf Game) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpedbpkelbhcbkdaglillalioeeekbpb [2013-04-05]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Yahoo Partner) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2019-07-23]
CHR Extension: (Google Mail) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-28]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.I2ZHSE7GNPEESVJQAIKAEBROGY - C:\Users\HerrMustermann\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AAV UpdateService; C:\Program Files (x86)\AAVUpdateManager\aavus.exe [128296 2008-10-24] (Wolters Kluwer Deutschland GmbH -> )
R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2015-01-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-02-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [246784 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S3 becldr3Service; C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [176128 2011-04-19] () [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7013384 2018-03-23] (BattlEye Innovations e.K. -> )
R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
R2 Cloud Station Backup VSS Service x64; C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe [352280 2019-04-03] (Synology Inc. -> )
R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [352280 2019-04-03] (Synology Inc. -> )
R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtOBEX-Dienst; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-10-02] (Digital Wave Ltd -> Digital Wave Ltd.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-23] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1284360 2019-01-15] (Bayerisches Landesamt fuer Steuern -> )
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [126464 2007-01-11] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2018-10-25] (FUTUREMARK INC -> Futuremark)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [52608 2018-10-19] (AnchorFree Inc -> AnchorFree Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2303792 2019-05-31] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3175728 2019-05-31] (Electronic Arts, Inc. -> Electronic Arts)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2016-12-20] (Geek Software GmbH -> Geek Software GmbH)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1293936 2018-11-15] (Bitdefender SRL -> Bitdefender)
R2 RealtekWlanU; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe [48856 2014-05-19] (Realtek Semiconductor Corp -> Realtek)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [241734 2008-10-06] () [Datei ist nicht signiert]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-05-20] (CyberLink Corp. -> CyberLink)
S2 RTLDHCPService; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-04-23] (Realtek Semiconductor Corp -> Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 WD Backup Drive Helper; C:\Windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [7168 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\Windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [7168 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\Windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [7168 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\Windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [7168 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [355184 2017-09-19] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 MainLSyncHost; c:\windows\syswow64\mpk\lsynchost.exe /startedbyscm:E4233B4F-40E3FE91-MPKService [X] <==== ACHTUNG
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DriverInstall.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 AFTrafMgr1.4; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_4_64.sys [56840 2018-10-10] (AnchorFree Inc -> AnchorFree Inc.)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [21622784 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [665088 2015-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [104976 2016-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 csravrcp; C:\Windows\System32\DRIVERS\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 CsrBthAudioHF; C:\Windows\System32\DRIVERS\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 CsrBtPort; C:\Windows\System32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrhfgcc; C:\Windows\System32\DRIVERS\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrpan; C:\Windows\System32\DRIVERS\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrserial; C:\Windows\System32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 csr_bthav; C:\Windows\System32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-10-30] () [Datei ist nicht signiert]
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-12-15] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [29672 2012-12-15] (Martin Malik - REALiX -> REALiX(tm))
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-07-22] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [224408 2019-07-27] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2019-07-27] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-07-27] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [106344 2019-07-27] (Malwarebytes Corporation -> Malwarebytes)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [26112 2012-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-01-11] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2013-01-11] (MiniTool Solution Ltd -> )
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Research In Motion Limited)
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [187392 2009-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Corporation )
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [3664600 2014-12-16] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-03-12] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [23200 2017-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2019-07-27 10:19 - 2019-07-27 10:19 - 000224408 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-07-27 10:19 - 2019-07-27 10:19 - 000106344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-07-27 10:19 - 2019-07-27 10:19 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-07-27 10:18 - 2019-07-27 10:18 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-07-26 07:32 - 2019-07-04 03:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-07-26 07:32 - 2019-07-04 03:14 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-07-22 10:25 - 2019-07-22 11:07 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-07-22 10:24 - 2019-07-22 10:24 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-22 10:24 - 2019-07-22 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-22 10:24 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-07-18 09:16 - 2019-07-18 09:16 - 000000000 ____D C:\Users\HerrMustermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-07-12 15:55 - 2019-07-19 22:45 - 000000000 ____D C:\Users\HerrMustermann\AppData\Roaming\mIRC
2019-07-12 15:55 - 2019-07-12 15:55 - 000000915 _____ C:\Users\Public\Desktop\mIRC.lnk
2019-07-12 15:55 - 2019-07-12 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
2019-07-12 15:55 - 2019-07-12 15:55 - 000000000 ____D C:\Program Files (x86)\mIRC
2019-07-09 22:44 - 2019-06-28 07:24 - 000887808 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-07-09 22:44 - 2019-06-28 07:24 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2019-07-09 22:44 - 2019-06-28 07:24 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2019-07-09 22:44 - 2019-06-28 07:24 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2019-07-09 22:44 - 2019-06-28 07:24 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2019-07-09 22:44 - 2019-06-28 07:23 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2019-07-09 22:44 - 2019-06-28 07:23 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2019-07-09 22:44 - 2019-06-28 07:23 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2019-07-09 22:44 - 2019-06-28 07:23 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2019-07-09 22:44 - 2019-06-21 05:09 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-07-09 22:44 - 2019-06-21 05:05 - 000628224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-07-09 22:44 - 2019-06-21 04:44 - 003229696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-07-09 22:44 - 2019-06-21 03:41 - 001251840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-07-09 22:44 - 2019-06-19 05:06 - 006135296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-07-09 22:44 - 2019-06-19 03:52 - 007081984 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-07-09 22:44 - 2019-06-18 08:41 - 001649664 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-07-09 22:44 - 2019-06-13 05:25 - 000160488 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-07-09 22:44 - 2019-06-13 05:21 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-07-09 22:44 - 2019-06-12 17:23 - 004057320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-07-09 22:44 - 2019-06-12 17:23 - 003964136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-07-09 22:44 - 2019-06-12 17:22 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-07-09 22:44 - 2019-06-12 17:21 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-07-09 22:44 - 2019-06-12 17:21 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-07-09 22:44 - 2019-06-12 17:21 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-07-09 22:44 - 2019-06-12 17:21 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-07-09 22:44 - 2019-06-12 17:21 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-07-09 22:44 - 2019-06-12 17:21 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-07-09 22:44 - 2019-06-12 17:21 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-07-09 22:44 - 2019-06-12 17:21 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-07-09 22:44 - 2019-06-12 17:21 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-07-09 22:44 - 2019-06-12 17:21 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-07-09 22:44 - 2019-06-12 17:21 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-07-09 22:44 - 2019-06-12 17:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:15 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-07-09 22:44 - 2019-06-12 17:11 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-07-09 22:44 - 2019-06-12 17:11 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-07-09 22:44 - 2019-06-12 17:11 - 000153832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-07-09 22:44 - 2019-06-12 17:11 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-07-09 22:44 - 2019-06-12 17:10 - 005550824 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-07-09 22:44 - 2019-06-12 17:10 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-07-09 22:44 - 2019-06-12 17:09 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-07-09 22:44 - 2019-06-12 17:08 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-07-09 22:44 - 2019-06-12 17:08 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-07-09 22:44 - 2019-06-12 17:08 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-07-09 22:44 - 2019-06-12 17:08 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-07-09 22:44 - 2019-06-12 17:08 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-07-09 22:44 - 2019-06-12 17:08 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-07-09 22:44 - 2019-06-12 17:08 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-07-09 22:44 - 2019-06-12 17:08 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-07-09 22:44 - 2019-06-12 17:08 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-07-09 22:44 - 2019-06-12 17:08 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-07-09 22:44 - 2019-06-12 17:08 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-07-09 22:44 - 2019-06-12 17:08 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-07-09 22:44 - 2019-06-12 17:08 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-07-09 22:44 - 2019-06-12 17:08 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-07-09 22:44 - 2019-06-12 17:08 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-07-09 22:44 - 2019-06-12 17:08 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-07-09 22:44 - 2019-06-12 17:08 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-07-09 22:44 - 2019-06-12 17:08 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-07-09 22:44 - 2019-06-12 17:07 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-07-09 22:44 - 2019-06-12 17:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 17:05 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-07-09 22:44 - 2019-06-12 17:04 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-07-09 22:44 - 2019-06-12 17:01 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-07-09 22:44 - 2019-06-12 16:55 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-07-09 22:44 - 2019-06-12 16:54 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-07-09 22:44 - 2019-06-12 16:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-07-09 22:44 - 2019-06-12 16:49 - 000205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dism.exe
2019-07-09 22:44 - 2019-06-12 16:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-07-09 22:44 - 2019-06-12 16:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-07-09 22:44 - 2019-06-12 16:48 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-07-09 22:44 - 2019-06-12 16:48 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-07-09 22:44 - 2019-06-12 16:48 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-07-09 22:44 - 2019-06-12 16:48 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-07-09 22:44 - 2019-06-12 16:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-07-09 22:44 - 2019-06-12 16:46 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 16:46 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 16:46 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 16:46 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-07-09 22:44 - 2019-06-12 16:42 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-07-09 22:44 - 2019-06-12 16:42 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-07-09 22:44 - 2019-06-12 16:42 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-07-09 22:44 - 2019-06-12 16:42 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-07-09 22:44 - 2019-06-12 16:39 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-07-09 22:44 - 2019-06-12 16:39 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-07-09 22:44 - 2019-06-12 16:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-07-09 22:44 - 2019-06-12 16:37 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe
2019-07-09 22:44 - 2019-06-12 16:37 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-07-09 22:44 - 2019-06-12 16:37 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-07-09 22:44 - 2019-06-12 16:36 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-07-09 22:44 - 2019-06-12 16:36 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-07-09 22:44 - 2019-06-12 16:36 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-07-09 22:44 - 2019-06-12 16:36 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-07-09 22:44 - 2019-06-12 16:36 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-07-09 22:44 - 2019-06-12 16:36 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-07-09 22:44 - 2019-06-12 16:35 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-07-09 22:44 - 2019-06-12 16:35 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-07-09 22:44 - 2019-06-12 16:35 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-07-09 22:44 - 2019-06-12 16:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-07-09 22:44 - 2019-06-12 16:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-07-09 22:44 - 2019-06-12 16:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-07-09 22:44 - 2019-06-12 16:35 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-07-09 22:44 - 2019-06-11 04:59 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-07-09 22:44 - 2019-06-11 04:59 - 001712640 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-07-09 22:44 - 2019-06-11 04:59 - 000801792 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-07-09 22:44 - 2019-06-11 04:59 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-07-09 22:44 - 2019-06-11 04:59 - 000501760 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-07-09 22:44 - 2019-06-11 04:59 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-07-09 22:44 - 2019-06-11 04:59 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-07-09 22:44 - 2019-06-11 04:59 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-07-09 22:44 - 2019-06-07 17:18 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-07-09 22:44 - 2019-06-07 17:18 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-07-09 22:44 - 2019-06-07 17:08 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-07-09 22:44 - 2019-06-07 17:08 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-07-09 22:44 - 2019-06-07 17:08 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-07-09 22:44 - 2019-06-07 17:07 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-07-09 22:44 - 2019-06-07 16:55 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-07-09 22:44 - 2019-06-02 05:50 - 000216576 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2019-06-30 20:52 - 2019-07-02 20:27 - 000000607 _____ C:\Users\HerrMustermann\Desktop\Whatsapp an Rasbach.txt
==================== Ein Monat (geänderte) ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2019-07-27 11:29 - 2016-04-15 06:20 - 000000000 ____D C:\FRST
2019-07-27 10:40 - 2009-07-14 06:45 - 000013984 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-27 10:40 - 2009-07-14 06:45 - 000013984 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-07-27 10:35 - 2015-06-13 07:38 - 000001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2991059459-3680970099-1061886961-1001UA.job
2019-07-27 10:33 - 2012-12-15 12:23 - 000001124 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2991059459-3680970099-1061886961-1001UA.job
2019-07-27 10:30 - 2012-12-15 20:11 - 000000000 ____D C:\Users\HerrMustermann\AppData\Local\Adobe
2019-07-27 10:27 - 2009-07-14 19:58 - 000699432 _____ C:\Windows\system32\perfh007.dat
2019-07-27 10:27 - 2009-07-14 19:58 - 000149572 _____ C:\Windows\system32\perfc007.dat
2019-07-27 10:27 - 2009-07-14 07:13 - 001620684 _____ C:\Windows\system32\PerfStringBackup.INI
2019-07-27 10:27 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-07-27 10:20 - 2019-03-07 17:07 - 000003648 _____ C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2019-07-27 10:18 - 2019-01-01 20:55 - 000000000 ____D C:\Users\HerrMustermann\AppData\Local\CloudStationBackup
2019-07-27 10:18 - 2019-01-01 12:59 - 000000000 ____D C:\Users\HerrMustermann\AppData\Local\CloudStation
2019-07-27 10:18 - 2018-04-28 00:18 - 000000346 _____ C:\Windows\Tasks\Connect.job
2019-07-27 10:18 - 2014-07-14 22:15 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-07-27 10:18 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-26 15:11 - 2019-01-04 11:13 - 000000000 ____D C:\Users\HerrMustermann\AppData\Local\Citrix
2019-07-26 11:33 - 2012-12-15 12:23 - 000001072 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2991059459-3680970099-1061886961-1001Core.job
2019-07-26 09:41 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2019-07-26 07:13 - 2012-12-15 18:29 - 000000000 ____D C:\Users\HerrMustermann\AppData\Roaming\vlc
2019-07-26 07:04 - 2015-01-13 22:37 - 000000000 ____D C:\Users\HerrMustermann\AppData\Local\CrashDumps
2019-07-23 00:49 - 2018-01-17 15:17 - 000000000 ____D C:\Windows\pss
2019-07-23 00:31 - 2014-02-07 21:22 - 000000000 ____D C:\AdwCleaner
2019-07-19 18:05 - 2016-12-30 19:05 - 000000316 _____ C:\Windows\Tasks\MT66 Software Update.job
2019-07-19 08:35 - 2015-06-13 07:38 - 000001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2991059459-3680970099-1061886961-1001Core.job
2019-07-18 09:16 - 2012-12-20 19:09 - 000000000 ____D C:\Users\HerrMustermann\AppData\Roaming\Dropbox
2019-07-16 23:53 - 2012-12-15 12:24 - 000002424 _____ C:\Users\HerrMustermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-16 23:45 - 2019-03-20 12:09 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-16 23:44 - 2019-02-21 00:35 - 000000000 ____D C:\Program Files\Microsoft Office
2019-07-11 09:47 - 2019-02-21 00:47 - 000003188 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2991059459-3680970099-1061886961-1001
2019-07-11 09:47 - 2015-10-16 07:10 - 000000000 ___RD C:\Users\HerrMustermann\OneDrive
2019-07-11 09:47 - 2014-12-13 11:42 - 000002185 _____ C:\Users\HerrMustermann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-07-10 06:37 - 2019-01-28 22:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-07-10 06:24 - 2009-07-14 06:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-07-10 06:23 - 2009-07-14 06:45 - 000815808 _____ C:\Windows\system32\FNTCACHE.DAT
2019-07-09 23:09 - 2015-04-10 07:07 - 000000000 ____D C:\Windows\system32\appraiser
2019-07-09 23:09 - 2014-04-25 21:59 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-07-09 23:09 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-07-09 23:09 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
2019-07-09 23:06 - 2013-09-21 19:33 - 001594028 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-07-09 23:03 - 2013-08-11 18:36 - 000000000 ____D C:\Windows\system32\MRT
2019-07-09 22:52 - 2012-12-15 13:00 - 136618864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-07-09 22:51 - 2018-03-14 11:51 - 000004530 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-07-09 22:51 - 2012-12-20 15:42 - 000004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-07-09 22:51 - 2012-12-15 12:22 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-07-09 22:51 - 2012-12-15 12:22 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-07-09 22:51 - 2012-12-15 12:22 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-07-09 22:51 - 2012-12-15 12:22 - 000000000 ____D C:\Windows\system32\Macromed
2019-07-09 22:05 - 2013-03-24 15:05 - 000741432 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-06-28 17:19 - 2019-06-04 21:10 - 000000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-06-27 01:20 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ================
2015-08-05 07:11 - 2015-08-05 07:12 - 016790552 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2013-02-01 00:03 - 2013-02-01 00:03 - 000038425 _____ () C:\Users\HerrMustermann\AppData\Roaming\Kommagetrennte Werte (DOS).ADR
2012-12-15 18:59 - 2019-06-04 21:47 - 000244224 _____ () C:\Users\HerrMustermann\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-10-10 06:34 - 2018-10-10 06:34 - 000000000 _____ () C:\Users\HerrMustermann\AppData\Local\oobelibMkey.log
2013-08-06 14:51 - 2013-11-15 11:38 - 000000337 _____ () C:\Users\HerrMustermann\AppData\Local\Perfmon.PerfmonCfg
2019-06-11 15:02 - 2019-06-11 15:02 - 000007086 _____ () C:\Users\HerrMustermann\AppData\Local\recently-used.xbel
2014-12-21 18:28 - 2014-12-21 18:28 - 000000000 _____ () C:\Users\HerrMustermann\AppData\Local\{358B97E5-48A6-4300-9A06-F7357ACCEB36}
==================== SigCheck ===============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
LastRegBack: 2019-07-26 09:34
==================== Ende von FRST.txt ============================
|
| Themen zu Chrome wird von "Organisation verwaltet" - lässt sich nicht ändern |
| adware, angst, befallen, beiträge, bereinigung, canon, chrome, dinge, einstellungen, erweiterungen, folge, folgende, folgenden, gelöscht, gen, guten, immer wieder, logfiles, malwarebytes, neuem, nicht, plug-in, rechner, sigcheck, taucht, tower, ungefragt, versuch, versucht |
Baum-Darstellung