Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Anhänge einfügen in jedem Browser, System bleibt hängen! Was eingefangen? (https://www.trojaner-board.de/183813-anhaenge-einfuegen-browser-system-bleibt-haengen-eingefangen.html)

Itzak 05.01.2017 11:45
Anhänge einfügen in jedem Browser, System bleibt hängen! Was eingefangen?
 
Hallo!

Ich habe seit einiger Zeit folgendes Problem:

Wenn ich (nutze allgemein Chrome) z.B. in einem Forum unterwegs bin, aber auch z.B. bei Ebay Kleinanzeigen eine Datei anhängen will, geht ja ein Explorerfenster auf, in welcher ich die Datei anwählen soll. Und genau da kann ich für ca. 30 Sekunden nichts anwählen.
Bei einem zweiten Versuch, in dem Fenster etwas auszuwählen, erscheint oben "Keine Reaktion".
Nach ca. 30 Sekunden ist der Spuk vorbei und ich kann normal weiter arbeiten. Auch kann ich danach weiter Fenster öffnen und Anhänge einfügen.
Erst nach schließen des Browsers und erneutem Versuch, kommt es wieder dazu.

Hab auch schon FF und IE versucht, gleiches Ergebnis, sodass es eigentlich nicht am Browser (Chrome) liegen kann.
Ein gleichzeitig geöffneter Taskmanager zeigt nichts ungewöhnliches an. Laufwerke mit ChristalDiskInfo geprüft, alle bei 100%.

Ich habe bereits einige Logs erstellt. Bei ESET sind drei auffällige Dateien erschienen (noch nicht gelöscht).
Vielleicht könnt ihr mir helfen :)

Grüße!

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
durchgeführt von Itzak (Administrator) auf ITZAK-PC (05-01-2017 11:19:41)
Gestartet von D:\Downloads
Geladene Profile: Itzak (Verfügbare Profile: Itzak & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
() C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Electronic Arts) D:\Program Files (x86)\Origin\OriginWebHelperService.exe
(SanDisk Corporation) C:\Program Files (x86)\SanDisk\SSD Dashboard\SanDiskSSDDashboardService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
() D:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) D:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Itzak\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Itzak\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Samsung Electronics.) D:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-01-2017
durchgeführt von Itzak (05-01-2017 11:20:09)
Gestartet von D:\Downloads
Windows 10 Pro Version 1607 (X64) (2016-08-03 14:53:02)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-604251109-3447910946-4235510674-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-604251109-3447910946-4235510674-503 - Limited - Disabled)
Gast (S-1-5-21-604251109-3447910946-4235510674-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-604251109-3447910946-4235510674-1005 - Limited - Enabled)
Itzak (S-1-5-21-604251109-3447910946-4235510674-1000 - Administrator - Enabled) => C:\Users\Itzak

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 8.8.0.1020 - 360 Security Center)
Acronis True Image 2015 (HKLM-x32\...\{2F70A6E6-2F71-4907-8441-BDC5D300310B}Visible) (Version: 18.0.6613 - Acronis)
Acronis True Image 2015 (x32 Version: 18.0.6613 - Acronis) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Amazon Cloud Drive (HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Amazon Cloud Drive) (Version: 2.4.2.25 - Amazon Digital Services, LLC.)
AmoK Exif Sorter 2.5.6 (nur deinstallieren) (HKLM-x32\...\AmoKExifSorter2) (Version:  - )
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.1.6.0000 - Asmedia Technology)
Audiograbber 1.83 SE  (HKLM-x32\...\Audiograbber) (Version: 1.83 SE  - Audiograbber)
Audiograbber MP3-Plugin (64 bit) (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
AusweisApp2 (HKLM-x32\...\{385F3958-A62E-49B8-9C2B-9A451664325C}) (Version: 1.8.0 - Governikus GmbH & Co. KG)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.47.30570 - Electronic Arts)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother P-touch Editor 5.1 (HKLM-x32\...\{39270390-A851-4E4B-94A9-D5C468216ED3}) (Version: 5.1.0610 - Brother Industries, Ltd.)
Brother P-touch Update Software (HKLM-x32\...\{FC5EDFE4-E073-4863-BC3F-2560AFA63B73}) (Version: 1.0.0110 - Brother Industries, Ltd.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon Inkjet Printer Driver Add-On Module V2.00 (HKLM\...\CANONIJINBOXADDON200) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Construction-Simulator 2015 (HKLM-x32\...\Steam App 289950) (Version:  - weltenbauer. Software Entwicklung GmbH)
Cover Me (HKLM-x32\...\{3EFEF383-059A-4426-8419-A2469F4B1BC8}_is1) (Version: 2.3 - Programm- & Webdesign)
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 7.3.2 - REINER SCT)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deutsche Post E-Porto (HKLM-x32\...\{5CCF8330-F742-411A-8A04-719806D168B5}) (Version: 2.3.0 - Deutsche Post AG)
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version:  - )
Dropbox (HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Dropbox) (Version: 17.3.32 - Dropbox, Inc.)
eM Client (HKLM-x32\...\{B922E1AE-C0E5-4318-8BC2-410E045905B6}) (Version: 7.0.26482.0 - eM Client Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
FileBot (HKLM\...\{2AF4D8A0-16BC-47AF-AA89-FF4E0ADAFD6D}) (Version: 4.7.5 - Reinhard Pointner)
FolderSort (HKLM-x32\...\FolderSort) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FrameManager (x32 Version: 3.00.0000 - Samsung) Hidden
Free Video Editor (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.53.831 - Digital Wave Ltd)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin)
GlassWire 1.2 (remove only) (HKLM-x32\...\GlassWire 1.2) (Version: 1.2.79 - SecureMix LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Hager prerequisites (HKLM-x32\...\{EB733D93-1923-4F2E-97D1-125AAA8DD59D}) (Version: 1.00.0000 - hager)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
iCloud (HKLM\...\{4BB313CE-D3D1-424C-8823-15CF85B00B05}) (Version: 6.1.0.30 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.13 - Intel(R) Corporation) Hidden
IPCWebComponents 3.1.0.9 (HKLM-x32\...\{4740E1B2-51CF-4083-8976-D6B3B5A5064F}_is1) (Version: 3.1.0.9 - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java SE Development Kit 8 Update 20 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180200}) (Version: 8.0.200.26 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 2 (HKLM\...\0630-0716-3135-7887) (Version: 2 - AppWork GmbH)
KeePass Password Safe 1.32 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.32 - Dominik Reichl)
Lame ACM MP3 Codec (HKLM-x32\...\LameACM) (Version:  - )
Logitech Gaming Software 8.83 (HKLM\...\Logitech Gaming Software) (Version: 8.83.85 - Logitech Inc.)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
MyHarmony (HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Notepad++ (HKLM\...\Notepad++) (Version: 7 - Notepad++ Team)
NVIDIA GeForce Experience 3.2.0.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.0.96 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 4.3.20 (HKLM\...\{DD8F7A7A-852F-4648-8A73-B8FC1DF5F082}) (Version: 4.3.20 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.)
Photo Station Uploader (remove only) (HKLM-x32\...\Photo Station Uploader) (Version:  - Synology)
POIbase 2.0.11 (HKLM-x32\...\POIbase_is1) (Version:  - POIbase)
Potplayer-64 bit (HKLM\...\PotPlayer64) (Version:  - Kakao Corp.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7719 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SanDisk SSD Dashboard (HKLM-x32\...\SanDisk SSD Dashboard) (Version: 1.4.2 - SanDisk Corporation)
SanDisk SSD Dashboard Service (HKLM-x32\...\{EE9255E4-283A-4318-ABB6-A75BEE59ACA3}) (Version: 1.0.0 - SanDisk Corporation)
SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
Silhouette Studio (HKLM-x32\...\{EAF328EC-5F1A-4F2F-875C-331BFC389F73}) (Version: 3.8.118 - Silhouette America)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 34.7.35161 - Sonos, Inc.)
Spotify (HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Spotify) (Version: 1.0.44.100.ga60c0ce1 - Spotify AB)
SRC System™ Upgrades (HKLM-x32\...\{EB38E598-181D-4CD7-800F-A4F525ECEC56}) (Version: 3.0.6 - SRC Systems)
StarMoney (x32 Version: 3.0.3.21 - StarFinanz) Hidden
StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney (x32 Version: 5.0.0.226 - StarFinanz) Hidden
StarMoney 10  (HKLM-x32\...\{20104F01-DE87-4B04-B6E0-7B796DB07A90}) (Version: 10 - Star Finanz GmbH)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steuer 2014 (HKLM-x32\...\{2EE860C7-4551-479F-AF01-328B8AA46051}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Steuer 2015 (HKLM-x32\...\{E262CD3B-8825-4D56-AEF1-5E127F2FBB05}) (Version: 23.00.1146 - Buhl Data Service GmbH)
Steuer 2016 (HKLM-x32\...\{284354A5-0D3A-4065-A997-C21762D0160E}) (Version: 24.00.1375 - Buhl Data Service GmbH)
SurveillanceHelper (HKLM-x32\...\{29004F05-17B9-4A06-9628-2C5159BE8717}) (Version: 1.0.0.5 - Synology)
SurveillancePlugin (HKLM-x32\...\{F42010FB-1772-4BA3-B4F3-43532CC6F9BD}) (Version: 1.0.0.1135 - Synology)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )
Synology Cloud Station Backup (HKLM-x32\...\{8EF0D9E8-B32E-43B8-B29D-55B8B374EF83}) (Version: 4.0.4164 - Synology)
Tablegallery Creator 0.9.3 (HKLM-x32\...\{41E8B73B-7E5B-4C0A-B79D-46571B34675C}_is1) (Version:  - PA-S.de)
Thunder Master v2.24 (HKLM-x32\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 2.24.0.4 - Palit Microsystems Ltd.)
TomTom HOME (HKLM-x32\...\{F76EFA2A-BF0B-47BC-9AD5-857FFBD3CC79}) (Version: 2.9.93 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.57a - Ghisler Software GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
Train Simulator 2015 (HKLM-x32\...\Steam App 24010) (Version:  - Dovetail Games)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Tyre (HKLM\...\Tyre_is1) (Version: 6.4.7.1 - 't Schrijverke)
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
Virtual Com port driver V1.4.0 (HKLM-x32\...\{AF0ACDD1-3842-47C7-B153-B8DB92CDA42D}) (Version: 1.4.0 - STMicroelectronics)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WhoCrashed 4.02 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.0 - Sysprogs)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - STMicroelectronics (usbser) Ports  (08/02/2013 1.4.0) (HKLM\...\04B4996F06620A7ECFBFE8F9BCC458F9761E39F7) (Version: 08/02/2013 1.4.0 - STMicroelectronics)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
WinSCP 5.7.6 (HKLM-x32\...\winscp3_is1) (Version: 5.7.6 - Martin Prikryl)
XMedia Recode Version 3.3.5.4 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.3.5.4 - XMedia Recode)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Itzak\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\ContextMenu.dll => Ke (Der Dateneintrag hat 9 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Itzak\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Itzak\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll => Ke (Der Dateneintrag hat 9 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Itzak\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll => Ke (Der Dateneintrag hat 9 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Itzak\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll => Ke (Der Dateneintrag hat 9 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Itzak\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll => Ke (Der Dateneintrag hat 9 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Itzak\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll => Ke (Der Dateneintrag hat 9 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Itzak\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03DA1727-1E7E-4647-9107-125841E554CC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-604251109-3447910946-4235510674-1000UA1d2206a1ad5b733 => C:\Users\Itzak\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-10-07] (Dropbox, Inc.)
Task: {04A6CB63-02AC-498A-AEF7-F34213F80FFC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-13] (NVIDIA Corporation)
Task: {0E644A6A-465E-446F-BCA2-C6B1DA3C7B44} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {10C7E449-B1AE-4F0C-B42D-3B14C03EA353} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {13F7280A-FC30-4C60-AE9F-103A22A04761} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {148C5B6D-0BA4-45AA-930C-58603A370419} - System32\Tasks\ThunderMaster => C:\Program Files (x86)\Thunder Master\THPanel.exe [2016-10-26] (Palit Microsystems Ltd.)
Task: {16818169-C5FF-4FFF-8463-EAE76DE325B4} - System32\Tasks\Auto Re-Aktivierung => C:\WINDOWS\Re-Aktivierung\TriggerKMS.exe
Task: {1A438826-8381-44D6-A6B9-8F489490F86D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1BE75B25-9E44-4F82-95D6-D79F60FF3247} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1C6DD77D-AB5E-418E-B080-7465A113AA72} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {1DB68B97-5E42-4243-BEAC-352D4631D448} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {1DE85612-34FA-429A-9D31-5CDBC2650323} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {28AF8722-4067-428D-8BE0-E65205185B0B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2C5221B0-8B83-4B8E-906D-780929431FF7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-22] (Adobe Systems Incorporated)
Task: {2E10089B-1905-4ED7-A1B8-17F8A282C937} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {30BF04BD-51F6-4C3C-B750-B353D96C790B} - System32\Tasks\{F85FDCD8-FFDA-4C6F-9039-10578B75D43C} => pcalua.exe -a "D:\Downloads\CDM v2.12.00 WHQL Certified.exe" -d D:\Downloads
Task: {321BC64F-22B4-4376-A69F-320A591125C3} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {363C68F3-5108-4C94-9983-22B6B52E53E8} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {3C5D9AEF-95DD-4319-ADD1-36358CC31355} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {3EEB8463-7733-4D40-8E4F-CBABDC0ACE94} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {44E5FC0B-7C72-45E2-9C56-43CC558E11E3} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {527B5428-05E5-403D-B2D7-755ED2A1DEFB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {5499FFD0-826B-4096-8C27-30A24297365B} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {58B2726F-506A-407F-B9E7-FAD0DD8619E6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5CE0D393-4B2E-4944-9805-0BD380767BC1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {62288C56-DDDF-4142-BD1B-F2CA98561609} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {632484DB-1288-42DB-B76E-83BEC2218227} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6560F753-677B-4BE0-A2BC-A91590BFA8F9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-12-04] (Microsoft Corporation)
Task: {6A634882-1CC1-47AE-9E53-AB984D364811} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {6FF09415-7C69-4BD7-8EF6-6A9DC235EA5F} - System32\Tasks\Synology Data Replicator 3-MicrosoftAccount-Itzak => D:\Program Files (x86)\Synology Data Replicator  3\Backup.exe
Task: {70F31CE2-B841-4129-99F4-B4823E566B60} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {729E051B-73D4-4664-B011-0946DD0503EC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-13] (NVIDIA Corporation)
Task: {79BE931D-60F4-41CF-968F-6C2B2E59C472} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {7C94D902-6042-4C63-9E48-BB6585BFA4E8} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7D06D97B-AD42-4992-967C-8C418A313842} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {7F2B149E-C668-4E50-A541-94CB10212B52} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {7FFB4346-F6CE-46BD-B04C-70751983D698} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {81AA9449-0338-4196-AB82-C8EB4802916D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {820EA85A-972F-4EBE-A45E-D5CF5CC41D10} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-12-14] (Microsoft Corporation)
Task: {86B3D654-3432-4D56-987D-80CE54A524BE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-12-04] (Microsoft Corporation)
Task: {8E6552C0-1141-45A4-8D28-92FC52F385F1} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {940F77E4-F09F-4AA0-BE28-652B174DA722} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-604251109-3447910946-4235510674-1000Core1d2206a1abd9e22 => C:\Users\Itzak\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-10-07] (Dropbox, Inc.)
Task: {9AE661AD-32D1-4A04-99D0-D58B7CDB48F3} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A25740DF-EDB7-4A45-AD60-2AA78AC01EF5} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {A2D6F1EF-5B92-4C7F-B8F7-1BE485C64CB9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {A655583C-D998-407F-860A-D7C5A2699017} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {ACD4ADF0-2F7F-4B57-804A-8CC5EA627F17} - System32\Tasks\eM Client Database Backup => C:\Program Files (x86)\eM Client\DbBackup.exe [2016-07-04] ()
Task: {AD623EF0-0C13-40CB-860C-2F12DAE21D1A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {B14BE625-F4EE-4F3A-AD35-B91AC588CDD2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {B63AE05A-08FC-47F0-AEC9-853F0EDD2525} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {BEE9CE76-88FB-41FB-B94E-36A4B7A35958} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C14B2F09-47D5-4543-A6A0-2A0AF1E879AC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {C5ED53C6-CC1A-402F-B665-7E2EBC15CD43} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-12-13] (NVIDIA Corporation)
Task: {D5EAEB49-5195-4869-99F4-B092EA0AA9C9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DADF524D-EEC1-4628-832F-20418DBAD74F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {DDBC1508-AF66-413F-80A3-49CCB18896AD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {DF7DD8B8-432C-4233-B1B2-4F721381514B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {E12A349D-7047-4102-A1A7-9CAB00DE3533} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {E518C07C-FA41-4267-BD27-7BCE1EE2293D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E57344A7-1763-48EC-BC91-CE875741ABAA} - System32\Tasks\SamsungMagician => d:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {E78D8472-DFBD-4C2D-A673-62E6802DBEAE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {EBD96801-4989-42DA-A8EB-0D580E64A981} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {EFBE991D-2AB8-42F8-BA1D-C936AD834C64} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F67C96C7-EEBA-4552-BC60-6BEE7AA937C1} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {FABBEB4E-6065-4957-8BFD-1BA469C1CCA8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-604251109-3447910946-4235510674-1000Core1d2206a1abd9e22.job => C:\Users\Itzak\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-604251109-3447910946-4235510674-1000UA1d2206a1ad5b733.job => C:\Users\Itzak\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\Synology Data Replicator 3-MicrosoftAccount-Itzak.job => D:\Program Files (x86)\Synology Data Replicator  3\Backup.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Itzak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\VXG Media Player.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hncknjnnbahamgpjoafdebabmoamcnni

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-03-25 10:07 - 2010-06-17 20:56 - 00087040 _____ () C:\WINDOWS\System32\redmonnt.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-02-25 19:01 - 2016-02-25 19:01 - 00287240 _____ () C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
2016-10-07 08:16 - 2016-12-13 00:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-07 08:16 - 2016-12-13 00:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2014-02-25 02:28 - 2014-02-25 02:28 - 00248736 _____ () d:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 09:04 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-03 15:43 - 2016-12-11 19:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-14 09:04 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 09:04 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-10 11:11 - 2016-12-10 11:11 - 01678560 _____ () C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-09-15 09:51 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-14 09:04 - 2016-12-09 10:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 12:38 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 12:38 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 12:38 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 12:38 - 2016-11-02 11:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-09 12:38 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 12:38 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-04-28 23:49 - 2016-04-28 23:49 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-04-28 23:49 - 2016-04-28 23:49 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-04-17 09:27 - 2016-08-10 11:54 - 01153448 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
2016-12-13 09:10 - 2016-12-13 09:10 - 03810816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1612.3341.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-04-17 09:27 - 2016-08-10 11:54 - 00099240 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll
2016-12-14 11:53 - 2016-10-27 12:31 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-12-14 11:53 - 2016-10-27 12:31 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-12-14 11:53 - 2016-10-27 12:31 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-12-14 11:53 - 2016-10-27 12:31 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-10-12 09:19 - 2016-12-21 13:57 - 02493440 _____ () D:\Program Files (x86)\Origin\libGLESv2.dll
2016-12-01 10:55 - 2016-01-28 15:33 - 01058624 _____ () d:\Program Files (x86)\StarMoney 10\ouservice\libxml2.dll
2016-12-01 10:55 - 2011-01-13 10:44 - 00232800 _____ () d:\Program Files (x86)\StarMoney 10\ouservice\PATCHW32.dll
2015-07-20 09:08 - 2015-07-20 09:08 - 00034624 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2015-07-20 09:15 - 2015-07-20 09:15 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2015-07-20 09:10 - 2015-07-20 09:10 - 00129344 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll
2015-04-06 14:12 - 2016-12-13 00:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-07 08:16 - 2016-12-13 00:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-07 08:16 - 2016-12-13 00:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-10 11:11 - 2016-12-10 11:11 - 01244376 _____ () C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2016-11-17 01:29 - 2016-11-17 01:29 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2013-12-02 20:32 - 2014-09-28 17:59 - 00019872 _____ () d:\Program Files (x86)\Samsung SSD Magician\SAMSUNG_SSD.dll
2015-07-20 09:08 - 2015-07-20 09:08 - 00037696 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2015-04-17 09:27 - 2016-08-10 11:54 - 00582056 _____ () C:\Program Files (x86)\360\Total Security\safemon\wdui2.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 00123918 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\libgcc_s_dw2-1.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 01026062 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\libstdc++-6.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 00524460 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\libcurl-4.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 03036942 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\libsqlite3-0.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 01798570 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\icuuc53.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 00115214 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\zlib1.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 03095505 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\icuin53.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 21565192 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\icudt53.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 00712704 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\platforms\qwindows.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 00031744 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qgif.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 00046080 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qicns.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 00032768 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qico.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 00516608 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qjp2.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 00243200 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qjpeg.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 00431616 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qtiff.dll
2016-10-02 08:02 - 2016-12-08 02:00 - 00035792 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2017-01-05 09:26 - 2016-12-08 02:00 - 00145864 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-01-05 09:26 - 2016-12-08 02:01 - 00019408 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2017-01-05 09:26 - 2016-12-08 02:00 - 00116688 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-10-02 08:02 - 2016-12-08 02:04 - 00024528 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-10-02 08:02 - 2016-12-08 02:00 - 00100296 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-10-02 08:02 - 2016-12-08 02:04 - 00105928 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-10-02 08:02 - 2016-12-08 02:00 - 00018888 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\select.pyd
2016-10-02 08:02 - 2017-01-04 23:15 - 00019776 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-10-02 08:02 - 2016-12-08 02:00 - 00694224 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-01-05 09:26 - 2017-01-04 23:15 - 00020824 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-10-02 08:02 - 2016-12-08 02:01 - 00123856 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2017-01-05 09:26 - 2017-01-04 23:15 - 01682768 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-01-05 09:26 - 2017-01-04 23:15 - 00020816 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-10-02 08:02 - 2017-01-04 23:15 - 00021328 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-01-05 09:26 - 2017-01-04 23:15 - 00052032 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-01-05 09:26 - 2017-01-04 23:15 - 00038712 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\fastpath.pyd
2017-01-05 09:26 - 2016-12-08 02:00 - 00392144 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-01-05 09:26 - 2016-12-08 02:04 - 00020936 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-10-02 08:02 - 2016-12-08 02:04 - 00116176 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-10-02 08:02 - 2017-01-04 23:15 - 00381760 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-10-02 08:02 - 2016-12-08 02:04 - 00124880 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-10-02 08:02 - 2017-01-04 23:15 - 00025432 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-10-02 08:02 - 2016-12-08 02:04 - 00024016 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-10-02 08:02 - 2016-12-08 02:04 - 00175560 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-10-02 08:02 - 2016-12-08 02:04 - 00030160 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-10-02 08:02 - 2016-12-08 02:04 - 00043472 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-10-02 08:02 - 2016-12-08 02:04 - 00048592 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-10-02 08:02 - 2016-12-08 02:04 - 00057808 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-10-02 08:02 - 2016-12-08 02:04 - 00024016 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-01-05 09:26 - 2017-01-04 23:15 - 00246608 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2017-01-05 09:26 - 2017-01-04 23:15 - 00026464 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-10-02 08:02 - 2016-12-08 02:02 - 00241104 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2017-01-05 09:26 - 2017-01-04 23:15 - 00020288 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-10-02 08:02 - 2016-12-08 02:04 - 00028616 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-10-02 08:02 - 2017-01-04 23:15 - 00023384 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-10-02 08:02 - 2017-01-04 23:15 - 00020816 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-10-02 08:02 - 2017-01-04 23:15 - 00019792 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-10-02 08:02 - 2017-01-04 23:15 - 00020808 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-10-02 08:02 - 2016-12-08 02:04 - 00350152 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-10-02 08:02 - 2017-01-04 23:15 - 00022360 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-01-05 09:26 - 2017-01-04 23:15 - 00024400 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-01-05 09:26 - 2016-12-08 01:57 - 00036296 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\librsync.dll
2017-01-05 09:26 - 2017-01-04 23:15 - 00031576 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2017-01-05 09:26 - 2016-12-22 04:52 - 00293392 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2017-01-05 09:26 - 2017-01-04 23:15 - 00084288 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-01-05 09:26 - 2017-01-04 23:15 - 01826104 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-10-02 08:02 - 2016-12-08 02:01 - 00083912 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\sip.pyd
2017-01-05 09:26 - 2017-01-04 23:15 - 00531264 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-01-05 09:26 - 2017-01-04 23:15 - 03928896 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-01-05 09:26 - 2017-01-04 23:15 - 01972536 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-01-05 09:26 - 2017-01-04 23:15 - 00133432 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-01-05 09:26 - 2017-01-04 23:15 - 00224064 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-01-05 09:26 - 2017-01-04 23:15 - 00207680 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-10-02 08:02 - 2017-01-04 23:15 - 00020296 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2017-01-05 09:26 - 2016-12-08 02:08 - 00017864 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\libEGL.dll
2017-01-05 09:26 - 2016-12-08 02:08 - 01631184 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-01-05 09:26 - 2017-01-04 23:15 - 00042816 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-01-05 09:26 - 2017-01-04 23:15 - 00171336 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-01-05 09:26 - 2017-01-04 23:15 - 00357688 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-10-02 08:02 - 2016-12-08 02:04 - 00060880 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-10-02 08:02 - 2017-01-04 23:15 - 00037200 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd
2016-10-02 08:02 - 2017-01-04 23:15 - 00024920 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-01-05 09:26 - 2017-01-04 23:15 - 00546104 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-10-07 08:16 - 2016-12-12 15:36 - 00525760 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-07 08:16 - 2016-12-12 15:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-07 08:16 - 2016-12-12 15:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-07 08:16 - 2016-12-12 15:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-07 08:16 - 2016-12-12 15:36 - 00447424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-10-07 08:16 - 2016-12-12 15:36 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-07 08:16 - 2016-12-12 15:36 - 01003456 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-20 14:15 - 2016-12-12 15:36 - 00956472 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node
2016-12-11 10:04 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-11 10:04 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\127.0.0.1 -> hxxp://127.0.0.1

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2014-04-27 07:18 - 00000890 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 activation.acronis.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-604251109-3447910946-4235510674-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Itzak\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\hintergrundbild der windows-fotoanzeige.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "XboxStat"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [{4F0CCC1A-C0A0-49BA-AE30-022AF68421A9}] => C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{B0269778-0B87-4560-9089-2BCACA95FAD1}] => C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{D68F41DC-5DCE-4A8E-BDB4-F743C5A56854}] => C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{32E742D4-F2E3-4FD0-9F7B-6AF19BA33F5A}] => D:\Program Files (x86)\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{B05E5115-5788-4F5C-8C40-E5671F3FDBD8}] => D:\Program Files (x86)\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{D999AEA7-03CF-451E-A447-F1D6F120B972}] => D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BECDFF58-BAB7-479A-B314-3C99B27C99DA}] => D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{267A501C-9FA4-406B-93BE-DC8B744E3E99}] => D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D3B67742-245B-4A65-B738-CC09C2167E5C}] => D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4A3FAE8D-37EA-4B56-9815-9F98B9CCFE16}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B443CB71-17EE-43EF-9813-07E8CF4435D9}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{63F79AB6-14A8-44C0-AAD4-46F6DC5E0806}C:\program files (x86)\google\chrome\application\chrome.exe] => C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{DD196FD9-E837-410E-BDC4-BC5320DB4121}C:\program files (x86)\google\chrome\application\chrome.exe] => C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{FB237B61-6385-4A3F-AA5B-84AA742A769E}C:\users\itzak\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\itzak\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{AF060E2E-B5BA-4B3D-8E25-3FB1C3AA0985}C:\users\itzak\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\itzak\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{E41E8FCA-3595-47FA-9B50-33BA8D779A60}] => C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{CB3D1F40-9CC5-4FCC-AFD5-0B356B3EB7C1}] => C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [AusweisApp2-Firewall-Rule] => C:\Program Files (x86)\AusweisApp2 1.8.0\AusweisApp2.exe
FirewallRules: [{76D1B933-A554-4CEB-B25A-527E072E3AD5}] => D:\Program Files (x86)\Steam\SteamApps\common\ConSim2015\ConSim2015.exe
FirewallRules: [{F9AA33A9-A7B9-4713-BCB3-7270A6867D75}] => D:\Program Files (x86)\Steam\SteamApps\common\ConSim2015\ConSim2015.exe
FirewallRules: [TCP Query User{81040AB3-D91A-4B5E-94F8-FFBBC9D7F95B}C:\users\itzak\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-connect.exe] => C:\users\itzak\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-connect.exe
FirewallRules: [UDP Query User{8C2C5644-FEB8-44DF-BFC9-747D51BBB1B6}C:\users\itzak\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-connect.exe] => C:\users\itzak\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-connect.exe
FirewallRules: [{094A48FC-CE6E-4F2E-AB59-BC6D5BD02DF4}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7DAF97BA-76A1-4C14-ABE5-4444F34FB747}] => LPort=2869
FirewallRules: [{7D26F0BD-DF5A-4E91-9260-8014D8AD60F9}] => LPort=1900
FirewallRules: [TCP Query User{CA0EFE25-889E-4E45-AAA7-4761D3838EFA}C:\users\itzak\appdata\roaming\spotify\spotify.exe] => C:\users\itzak\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5A3C289A-EC34-4D35-9F99-715B1E3CD38B}C:\users\itzak\appdata\roaming\spotify\spotify.exe] => C:\users\itzak\appdata\roaming\spotify\spotify.exe
FirewallRules: [{6BFAB516-885E-4360-88DD-7EFB105EE4C1}] => C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{4F96BABA-43B9-4D0C-A21C-54137B03E248}] => C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [TCP Query User{B6199E25-7265-44A2-89D3-0787BDD9FC1D}C:\users\itzak\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\itzak\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B5306368-08A4-4F46-AA8A-3AF02EA5B480}C:\users\itzak\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\itzak\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{EA5B0FB2-4CC7-4C27-8BCF-F71D378CCED6}] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{6AE15612-93FB-49B6-B705-0F9C6EBF0EB1}] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [TCP Query User{DCAE1867-B3AD-453D-88C0-1969775D330B}D:\downloads\ipcamera.exe] => D:\downloads\ipcamera.exe
FirewallRules: [UDP Query User{39AE2B95-4AFB-44DF-8B53-798E1E9A0ADA}D:\downloads\ipcamera.exe] => D:\downloads\ipcamera.exe
FirewallRules: [{A664F6A7-F8DF-46C3-ADF7-7EADEF39BFFD}] => D:\downloads\ipcamera.exe
FirewallRules: [{A3107512-52C3-4453-BF45-50B897B15B2D}] => D:\downloads\ipcamera.exe
FirewallRules: [{A6BA4365-0114-476F-AE8A-685CABE4A04E}] => C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{EC965FC9-3458-411B-9BA0-F3C05781FF71}] => C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{1207813A-1864-4BD6-BF56-7E9DFF16E0DF}] => D:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{AA9BC20D-3AEF-4F0F-8146-B8E0978C1BD0}] => D:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{169BEF8E-B443-4177-B9A6-1AF00E7CC576}] => D:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{A94DCA6B-2A4F-43C5-B07B-E921475A3CBA}] => D:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{E9824D28-25B0-46C8-8961-FB4AE80CA706}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7CAF28B9-62A7-4D9D-98B0-EE1BEE5F0A24}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{E26B86CD-E592-4318-B6C1-C16C3FD3A9C0}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0E0B23B6-891A-47A3-9B4B-5DEBCF0018C0}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{33B71DCB-D5B8-4729-A45F-3308C7EAB4EA}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{60B31692-66A4-41A7-BD80-53045B171B67}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C6737FEF-D9E8-453E-9E17-8300B94C3B63}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E9D95019-C9B3-4C11-827B-017ABAA7F645}] => D:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{0FFC6FC5-BA8E-4F8F-B1C9-51411C81D8EC}] => D:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{F80E74D6-7EB8-445A-B0BB-8B0DA3FFA635}] => D:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{5ED17D8C-5C4A-44D0-B2D5-8238A3C8A816}] => D:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{2F9098A2-10BD-4570-B497-917A7F5F3C89}] => C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{81163227-44AC-4DF8-8B8A-187232D10F4D}] => C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{DBCA294F-2289-432B-88DC-7D5F02963128}] => C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{76BB2E00-270F-4D75-BA69-679419EBFB77}] => C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{0945861D-5348-4446-BF2F-24CA3B5F12D7}] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{7B8909DC-D108-4AD9-9951-F40728660545}] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/05/2017 09:45:10 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (01/05/2017 09:44:59 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (01/05/2017 09:44:20 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "D:\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (01/05/2017 09:34:43 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {7e47b561-971a-46e6-96b9-696eeaa53b2a}
  Generatorname: MSMQ Writer (MSMQ)
  Generatorinstanzname: MSMQ Writer (MSMQ)
  Generatorinstanz-ID: {3cb98c96-a818-42af-aa2e-4a5ec40e9e2b}

Error: (01/05/2017 09:34:43 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {3eeb5246-ee59-4e98-9c9f-febc2f8d203e}

Error: (01/04/2017 11:49:00 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {7e47b561-971a-46e6-96b9-696eeaa53b2a}
  Generatorname: MSMQ Writer (MSMQ)
  Generatorinstanzname: MSMQ Writer (MSMQ)
  Generatorinstanz-ID: {3cb98c96-a818-42af-aa2e-4a5ec40e9e2b}

Error: (01/04/2017 11:49:00 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {3eeb5246-ee59-4e98-9c9f-febc2f8d203e}

Error: (01/04/2017 11:42:32 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {7e47b561-971a-46e6-96b9-696eeaa53b2a}
  Generatorname: MSMQ Writer (MSMQ)
  Generatorinstanzname: MSMQ Writer (MSMQ)
  Generatorinstanz-ID: {3cb98c96-a818-42af-aa2e-4a5ec40e9e2b}

Error: (01/04/2017 11:42:32 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {3eeb5246-ee59-4e98-9c9f-febc2f8d203e}

Error: (01/04/2017 11:35:23 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {3eeb5246-ee59-4e98-9c9f-febc2f8d203e}


Systemfehler:
=============
Error: (01/05/2017 09:52:35 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{F3B4E234-7A68-4E43-B813-E4BA55A065F6}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/05/2017 09:46:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (01/05/2017 09:46:26 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Itzak\AppData\Local\Temp\ehdrv.sys

Error: (01/05/2017 09:46:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (01/05/2017 09:46:25 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Itzak\AppData\Local\Temp\ehdrv.sys

Error: (01/05/2017 09:46:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (01/05/2017 09:46:25 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Itzak\AppData\Local\Temp\ehdrv.sys

Error: (01/05/2017 09:45:50 AM) (Source: BROWSER) (EventID: 8020) (User: )
Description: Der Suchdienst konnte sich nicht selbst zur Funktion als Hauptsuchdienst heraufstufen.
Der Computer, der zurzeit die Funktion als Hauptsuchdienst erfüllt, ist unbekannt.

Error: (01/05/2017 09:45:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (01/05/2017 09:45:30 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Itzak\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2017-01-01 15:48:50.507
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-12-13 11:22:50.319
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-12-13 11:22:49.827
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-12-13 11:22:40.968
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-10-26 09:52:09.792
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-10-26 09:52:05.760
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 16333.91 MB
Verfügbarer physikalischer RAM: 12832.2 MB
Summe virtueller Speicher: 18765.91 MB
Verfügbarer virtueller Speicher: 11741.14 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:118.7 GB) (Free:21.21 GB) NTFS
Drive d: (Programme) (Fixed) (Total:238.47 GB) (Free:93.07 GB) NTFS
Drive e: (Dateien) (Fixed) (Total:133.02 GB) (Free:77.25 GB) NTFS
Drive f: (Media) (Fixed) (Total:105.46 GB) (Free:92.85 GB) NTFS
Drive g: (Serien) (Fixed) (Total:1863.01 GB) (Free:119.62 GB) NTFS
Drive u: (music) (Network) (Total:2746.22 GB) (Free:540.64 GB) NTFS
Drive v: (video) (Network) (Total:2746.22 GB) (Free:540.64 GB) NTFS
Drive w: (photo) (Network) (Total:2746.22 GB) (Free:540.64 GB) NTFS
Drive x: (BackupWin) (Network) (Total:2746.22 GB) (Free:540.64 GB) NTFS
Drive y: (XXX) (Network) (Total:2746.22 GB) (Free:540.64 GB) NTFS
Drive z: (Downloads) (Network) (Total:2746.22 GB) (Free:540.64 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 93C8D357)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 1C84C816)
Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 729954F6)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Itzak 05.01.2017 11:46
Code:
11:14:07.0173 0x3738  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
11:14:12.0132 0x3738  ============================================================
11:14:12.0132 0x3738  Current date / time: 2017/01/05 11:14:12.0132
11:14:12.0133 0x3738  SystemInfo:
11:14:12.0133 0x3738 
11:14:12.0133 0x3738  OS Version: 10.0.14393 ServicePack: 0.0
11:14:12.0133 0x3738  Product type: Workstation
11:14:12.0133 0x3738  ComputerName: ITZAK-PC
11:14:12.0133 0x3738  UserName: Itzak
11:14:12.0133 0x3738  Windows directory: C:\WINDOWS
11:14:12.0133 0x3738  System windows directory: C:\WINDOWS
11:14:12.0133 0x3738  Running under WOW64
11:14:12.0133 0x3738  Processor architecture: Intel x64
11:14:12.0133 0x3738  Number of processors: 4
11:14:12.0133 0x3738  Page size: 0x1000
11:14:12.0133 0x3738  Boot type: Normal boot
11:14:12.0133 0x3738  CodeIntegrityOptions = 0x00000001
11:14:12.0133 0x3738  ============================================================
11:14:13.0031 0x3738  KLMD registered as C:\WINDOWS\system32\drivers\27993463.sys
11:14:13.0031 0x3738  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.576, osProperties = 0x19
11:14:13.0065 0x3738  System UUID: {BF00BD93-0B5F-3BF6-E12C-03AA3746FBC0}
11:14:13.0238 0x3738  Drive \Device\Harddisk3\DR11 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:14:13.0239 0x3738  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0xE584, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
11:14:13.0240 0x3738  Drive \Device\Harddisk1\DR1 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:14:13.0655 0x3738  Drive \Device\Harddisk2\DR2 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:14:13.0666 0x3738  ============================================================
11:14:13.0666 0x3738  \Device\Harddisk3\DR11:
11:14:13.0670 0x3738  MBR partitions:
11:14:13.0670 0x3738  \Device\Harddisk3\DR11\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x10A09800
11:14:13.0670 0x3738  \Device\Harddisk3\DR11\Partition2: MBR, Type 0x7, StartLBA 0x10A0A000, BlocksNum 0xD2E9000
11:14:13.0670 0x3738  \Device\Harddisk0\DR0:
11:14:13.0670 0x3738  MBR partitions:
11:14:13.0670 0x3738  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:14:13.0670 0x3738  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xED68000
11:14:13.0671 0x3738  \Device\Harddisk1\DR1:
11:14:13.0671 0x3738  MBR partitions:
11:14:13.0671 0x3738  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1DCF2800
11:14:13.0671 0x3738  \Device\Harddisk2\DR2:
11:14:13.0671 0x3738  MBR partitions:
11:14:13.0671 0x3738  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
11:14:13.0671 0x3738  ============================================================
11:14:13.0673 0x3738  C: <-> \Device\Harddisk0\DR0\Partition2
11:14:13.0674 0x3738  D: <-> \Device\Harddisk1\DR1\Partition1
11:14:13.0677 0x3738  E: <-> \Device\Harddisk3\DR11\Partition1
11:14:13.0678 0x3738  F: <-> \Device\Harddisk3\DR11\Partition2
11:14:13.0713 0x3738  G: <-> \Device\Harddisk2\DR2\Partition1
11:14:13.0713 0x3738  ============================================================
11:14:13.0713 0x3738  Initialize success
11:14:13.0713 0x3738  ============================================================
11:15:07.0152 0x35e0  ============================================================
11:15:07.0152 0x35e0  Scan started
11:15:07.0152 0x35e0  Mode: Manual;
11:15:07.0152 0x35e0  ============================================================
11:15:07.0152 0x35e0  KSN ping started
11:15:07.0260 0x35e0  KSN ping finished: true
11:15:08.0708 0x35e0  ================ Scan system memory ========================
11:15:08.0708 0x35e0  System memory - ok
11:15:08.0708 0x35e0  ================ Scan services =============================
11:15:08.0747 0x35e0  1394ohci - ok
11:15:08.0753 0x35e0  [ EAC1B5ED7C6F2A93E42DB2FD68C0D22C, ADA587E24851F6BB96F31F7FCF958FF2687155D2BE99E34EB843910C7D278076 ] 360AntiHacker  C:\WINDOWS\system32\Drivers\360AntiHacker64.sys
11:15:08.0757 0x35e0  360AntiHacker - ok
11:15:08.0764 0x35e0  [ A97716E2D5238E451128908952FFD27E, 078CEBCE0BFFD98AB5E9EA833D55C0D00BC541B4D6358C2E53C2EF27324A1C53 ] 360AvFlt        C:\WINDOWS\system32\DRIVERS\360AvFlt.sys
11:15:08.0766 0x35e0  360AvFlt - ok
11:15:08.0774 0x35e0  [ AD6E28C62138DF9A5DD514B5B4353CBE, AB67A2D042B92878BED0EA516C6BF5BE4DCC3DC4AC6AD8E31A45D7FC82A9A1A9 ] 360Box64        C:\WINDOWS\system32\DRIVERS\360Box64.sys
11:15:08.0779 0x35e0  360Box64 - ok
11:15:08.0783 0x35e0  [ 0F0843D3F817CE4CACAF96E06F541956, CB004EBD4E0B88A077E90DF34BE6B35915579F2C5DF9B2E13B2EC52F45308829 ] 360Camera      C:\WINDOWS\system32\Drivers\360Camera64.sys
11:15:08.0784 0x35e0  360Camera - ok
11:15:08.0793 0x35e0  [ F54038239D6D7246F843AF915633B7D6, 9D9DD02A9EDB8FE2B2D659FD5C1A17EE45051BC09F2E78007E1E2376FE820F4C ] 360FsFlt        C:\WINDOWS\system32\DRIVERS\360FsFlt.sys
11:15:08.0798 0x35e0  360FsFlt - ok
11:15:08.0801 0x35e0  3ware - ok
11:15:08.0803 0x35e0  ACPI - ok
11:15:08.0805 0x35e0  AcpiDev - ok
11:15:08.0809 0x35e0  acpiex - ok
11:15:08.0811 0x35e0  acpipagr - ok
11:15:08.0813 0x35e0  AcpiPmi - ok
11:15:08.0815 0x35e0  acpitime - ok
11:15:08.0838 0x35e0  [ 8EEC0269D86CFADD292C9B05F59F23ED, 779F863563F9F31B102EB7A7C1580281D73F083213B0DD17A82A9EF2886DFD79 ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
11:15:08.0851 0x35e0  AcrSch2Svc - ok
11:15:08.0856 0x35e0  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
11:15:08.0857 0x35e0  Adobe LM Service - ok
11:15:08.0861 0x35e0  [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:15:08.0863 0x35e0  AdobeARMservice - ok
11:15:08.0889 0x35e0  [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:15:08.0893 0x35e0  AdobeFlashPlayerUpdateSvc - ok
11:15:08.0897 0x35e0  ADP80XX - ok
11:15:08.0953 0x35e0  [ 3B0908381A28DEFD42F42DBA9F06D39B, 3179AC9F26338D684CB806F29CD37EA75BE7F4553834F682E65ECE6D6D797FD4 ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
11:15:09.0002 0x35e0  afcdpsrv - ok
11:15:09.0007 0x35e0  AFD - ok
11:15:09.0010 0x35e0  ahcache - ok
11:15:09.0012 0x35e0  AJRouter - ok
11:15:09.0014 0x35e0  ALG - ok
11:15:09.0016 0x35e0  AmdK8 - ok
11:15:09.0018 0x35e0  AmdPPM - ok
11:15:09.0020 0x35e0  amdsata - ok
11:15:09.0023 0x35e0  amdsbs - ok
11:15:09.0025 0x35e0  amdxata - ok
11:15:09.0029 0x35e0  [ 9F83C7EA6A97124DA6C207C1BE1FB3AC, 0C3315125F74C6252204016FE22591299208CE8EA076419D5B4FD92C09F569EB ] AnyDVD          C:\WINDOWS\system32\Drivers\AnyDVD.sys
11:15:09.0032 0x35e0  AnyDVD - ok
11:15:09.0035 0x35e0  AppHostSvc - ok
11:15:09.0037 0x35e0  AppID - ok
11:15:09.0039 0x35e0  AppIDSvc - ok
11:15:09.0042 0x35e0  Appinfo - ok
11:15:09.0049 0x35e0  [ 7D811EA7A2AAA49B0446D42CBC1CD338, AFECE5E44E48F756C7EB81D95C9237552AF8A9C02CBE756E0F3D3C6524DE49AD ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:15:09.0050 0x35e0  Apple Mobile Device Service - ok
11:15:09.0053 0x35e0  applockerfltr - ok
11:15:09.0055 0x35e0  AppMgmt - ok
11:15:09.0057 0x35e0  AppReadiness - ok
11:15:09.0059 0x35e0  AppVClient - ok
11:15:09.0061 0x35e0  AppvStrm - ok
11:15:09.0063 0x35e0  AppvVemgr - ok
11:15:09.0065 0x35e0  AppvVfs - ok
11:15:09.0069 0x35e0  AppXSvc - ok
11:15:09.0070 0x35e0  arcsas - ok
11:15:09.0084 0x35e0  aspnet_state - ok
11:15:09.0089 0x35e0  [ E42B80A2A0E0192626DC3AFCA1B95DE6, 8E8D9AC610B8D6D4CACC863CFAFB98E375632ADF1A6A96ECC2D131817C7564A9 ] asstahci64      C:\WINDOWS\system32\drivers\asstahci64.sys
11:15:09.0093 0x35e0  asstahci64 - ok
11:15:09.0095 0x35e0  AsyncMac - ok
11:15:09.0098 0x35e0  atapi - ok
11:15:09.0100 0x35e0  AudioEndpointBuilder - ok
11:15:09.0102 0x35e0  Audiosrv - ok
11:15:09.0104 0x35e0  AxInstSV - ok
11:15:09.0106 0x35e0  b06bdrv - ok
11:15:09.0112 0x35e0  [ 8ADCD9C011CD1C1E7C0C5A3292D0F6B0, 85BB3B538F0926B6A84AA76EFD19ED77D7F48F431B2F2574AE898BAC20421B07 ] BAPIDRV        C:\WINDOWS\system32\DRIVERS\BAPIDRV64.sys
11:15:09.0115 0x35e0  BAPIDRV - ok
11:15:09.0117 0x35e0  BasicDisplay - ok
11:15:09.0119 0x35e0  BasicRender - ok
11:15:09.0125 0x35e0  [ 2C969095C2827EF4536C7D6FA434F993, 3C1AD826355AB1509DFF74B9168929A98CC207D96F97E356650DF9F9C5ADD9BE ] BazisVirtualCDBus C:\WINDOWS\System32\drivers\BazisVirtualCDBus.sys
11:15:09.0128 0x35e0  BazisVirtualCDBus - ok
11:15:09.0130 0x35e0  bcmfn - ok
11:15:09.0132 0x35e0  bcmfn2 - ok
11:15:09.0135 0x35e0  BDESVC - ok
11:15:09.0136 0x35e0  Beep - ok
11:15:09.0138 0x35e0  BFE - ok
11:15:09.0141 0x35e0  BITS - ok
11:15:09.0150 0x35e0  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:15:09.0156 0x35e0  Bonjour Service - ok
11:15:09.0158 0x35e0  bowser - ok
11:15:09.0161 0x35e0  BrokerInfrastructure - ok
11:15:09.0163 0x35e0  Browser - ok
11:15:09.0165 0x35e0  BthAvrcpTg - ok
11:15:09.0167 0x35e0  BthHFEnum - ok
11:15:09.0169 0x35e0  bthhfhid - ok
11:15:09.0171 0x35e0  BthHFSrv - ok
11:15:09.0173 0x35e0  BTHMODEM - ok
11:15:09.0176 0x35e0  bthserv - ok
11:15:09.0179 0x35e0  [ 5A458422B4312BAEEFA3E64D321596E6, 1213D86B9B6FBB1414D1D3E5F4B0ED0C68D05EB98C902395AB0F0FC3D8A29AD5 ] busenum        C:\WINDOWS\System32\drivers\busenum.sys
11:15:09.0180 0x35e0  busenum - ok
11:15:09.0183 0x35e0  buttonconverter - ok
11:15:09.0185 0x35e0  CapImg - ok
11:15:09.0187 0x35e0  cdfs - ok
11:15:09.0189 0x35e0  CDPSvc - ok
11:15:09.0191 0x35e0  CDPUserSvc - ok
11:15:09.0197 0x35e0  cdrom - ok
11:15:09.0199 0x35e0  CertPropSvc - ok
11:15:09.0202 0x35e0  [ C58EC27035731337ADD1326880086B16, 1A48A57D7FF5332AD380AF7884F516548DB535CFE23F3AE7D5AF291307CBC435 ] CH341SER_A64    C:\WINDOWS\System32\Drivers\CH341S64.SYS
11:15:09.0206 0x35e0  CH341SER_A64 - ok
11:15:09.0208 0x35e0  cht4iscsi - ok
11:15:09.0210 0x35e0  cht4vbd - ok
11:15:09.0212 0x35e0  circlass - ok
11:15:09.0247 0x35e0  [ 877AA4ADBCA17CFD2B1B41F8F122E730, 00C8ECC055CEB9BFF0A3D6B8F5B1950CF562CF205D91141E0C6E2E706EA42615 ] cjpcsc          C:\WINDOWS\SysWoW64\cjpcsc.exe
11:15:09.0256 0x35e0  cjpcsc - ok
11:15:09.0259 0x35e0  [ E3B86AB029D1C523981C3476DE859521, F787284359F6322DB7135FCDFD3DA3EFD92FBBB95F3DC5C9D77B881A8351B080 ] cjusb          C:\WINDOWS\system32\DRIVERS\cjusb.sys
11:15:09.0260 0x35e0  cjusb - ok
11:15:09.0262 0x35e0  CLFS - ok
11:15:09.0351 0x35e0  [ 069565979759A32A7E7FFF1541906B3F, E840AA394EB60120F8E6C4E7880A7F061070CAC5CC9AB1F74F88F65A6572BE08 ] ClickToRunSvc  C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
11:15:09.0390 0x35e0  ClickToRunSvc - ok
11:15:09.0395 0x35e0  ClipSVC - ok
11:15:09.0405 0x35e0  [ 4F05DD7FBCC4BBD31A01BD7E519E3DDA, 7D4986157D59593449C5154FBAB06BF19E6AEC7C67B6232E5E78CC8EE409286E ] Cloud Station Backup VSS Service x64 C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
11:15:09.0409 0x35e0  Cloud Station Backup VSS Service x64 - ok
11:15:09.0412 0x35e0  clreg - ok
11:15:09.0417 0x35e0  CmBatt - ok
11:15:09.0419 0x35e0  CNG - ok
11:15:09.0422 0x35e0  cnghwassist - ok
11:15:09.0439 0x35e0  CompositeBus - ok
11:15:09.0441 0x35e0  COMSysApp - ok
11:15:09.0443 0x35e0  condrv - ok
11:15:09.0446 0x35e0  CoreMessagingRegistrar - ok
11:15:09.0466 0x35e0  cpuz140 - ok
11:15:09.0469 0x35e0  CryptSvc - ok
11:15:09.0471 0x35e0  CSC - ok
11:15:09.0473 0x35e0  CscService - ok
11:15:09.0475 0x35e0  dam - ok
11:15:09.0478 0x35e0  DcomLaunch - ok
11:15:09.0480 0x35e0  DcpSvc - ok
11:15:09.0482 0x35e0  defragsvc - ok
11:15:09.0484 0x35e0  DeviceAssociationService - ok
11:15:09.0486 0x35e0  DeviceInstall - ok
11:15:09.0488 0x35e0  DevQueryBroker - ok
11:15:09.0490 0x35e0  Dfsc - ok
11:15:09.0493 0x35e0  Dhcp - ok
11:15:09.0495 0x35e0  diagnosticshub.standardcollector.service - ok
11:15:09.0498 0x35e0  DiagTrack - ok
11:15:09.0510 0x35e0  [ BEFAFF2DB70CD9E10E27C32E9C43B279, D89B43EBCD05662327D5851BDF1A8CB4C6E5FA7C6BD1241C230F50057BD35189 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
11:15:09.0516 0x35e0  DigitalWave.Update.Service - ok
11:15:09.0519 0x35e0  disk - ok
11:15:09.0522 0x35e0  DmEnrollmentSvc - ok
11:15:09.0524 0x35e0  dmvsc - ok
11:15:09.0526 0x35e0  dmwappushservice - ok
11:15:09.0529 0x35e0  Dnscache - ok
11:15:09.0531 0x35e0  dot3svc - ok
11:15:09.0533 0x35e0  DPS - ok
11:15:09.0537 0x35e0  drmkaud - ok
11:15:09.0539 0x35e0  DsmSvc - ok
11:15:09.0541 0x35e0  DsSvc - ok
11:15:09.0543 0x35e0  DXGKrnl - ok
11:15:09.0545 0x35e0  EapHost - ok
11:15:09.0547 0x35e0  ebdrv - ok
11:15:09.0549 0x35e0  EFS - ok
11:15:09.0551 0x35e0  EhStorClass - ok
11:15:09.0553 0x35e0  EhStorTcgDrv - ok
11:15:09.0556 0x35e0  [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO        C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
11:15:09.0559 0x35e0  ElbyCDIO - ok
11:15:09.0562 0x35e0  embeddedmode - ok
11:15:09.0564 0x35e0  EntAppSvc - ok
11:15:09.0566 0x35e0  ErrDev - ok
11:15:09.0570 0x35e0  EventSystem - ok
11:15:09.0572 0x35e0  [ 5222D99C7E3245882E864D2EA7011387, 184E36074C765243783F69B7073FB2FAFC53BB18209ECD5030514CC513A47C8B ] ew_usbenumfilter C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys
11:15:09.0573 0x35e0  ew_usbenumfilter - ok
11:15:09.0576 0x35e0  exfat - ok
11:15:09.0578 0x35e0  fastfat - ok
11:15:09.0580 0x35e0  Fax - ok
11:15:09.0582 0x35e0  fdc - ok
11:15:09.0584 0x35e0  fdPHost - ok
11:15:09.0586 0x35e0  FDResPub - ok
11:15:09.0588 0x35e0  fhsvc - ok
11:15:09.0591 0x35e0  FileCrypt - ok
11:15:09.0593 0x35e0  FileInfo - ok
11:15:09.0595 0x35e0  Filetrace - ok
11:15:09.0602 0x35e0  [ 72CC30F0D6DF8D3FBD5CD728259A8F69, F7774D35B38F35E31A8EEE37FF2F203C1CED433FF84EC265CD92B38CBFE3AB8F ] file_tracker    C:\WINDOWS\system32\DRIVERS\file_tracker.sys
11:15:09.0607 0x35e0  file_tracker - ok
11:15:09.0609 0x35e0  flpydisk - ok
11:15:09.0611 0x35e0  FltMgr - ok
11:15:09.0616 0x35e0  [ 9BD0273A5B650CC16E8A54AD9B312BEB, 1AA219C4CC29E8301075537A330CC7FB677CD884AABD8FB3D99CFBEA1AB4CDF2 ] fltsrv          C:\WINDOWS\system32\DRIVERS\fltsrv.sys
11:15:09.0619 0x35e0  fltsrv - ok
11:15:09.0621 0x35e0  FontCache - ok
11:15:09.0626 0x35e0  FontCache3.0.0.0 - ok
11:15:09.0629 0x35e0  FrameServer - ok
11:15:09.0631 0x35e0  FsDepends - ok
11:15:09.0633 0x35e0  Fs_Rec - ok
11:15:09.0636 0x35e0  fvevol - ok
11:15:09.0639 0x35e0  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM    C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
11:15:09.0640 0x35e0  GEARAspiWDM - ok
11:15:09.0642 0x35e0  gencounter - ok
11:15:09.0645 0x35e0  genericusbfn - ok
11:15:09.0723 0x35e0  [ 25BBECC7C72D4A1A021FA34534C1C822, F03164CB1624B2E4F6CCDF78562620DD81A3A985D5A6CFF7298B781D924F2F19 ] GlassWire      C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
11:15:09.0779 0x35e0  GlassWire - ok
11:15:09.0784 0x35e0  GPIOClx0101 - ok
11:15:09.0786 0x35e0  gpsvc - ok
11:15:09.0789 0x35e0  GpuEnergyDrv - ok
11:15:09.0794 0x35e0  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:15:09.0796 0x35e0  gupdate - ok
11:15:09.0800 0x35e0  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:15:09.0802 0x35e0  gupdatem - ok
11:15:09.0804 0x35e0  [ 77621A3DF170D246DC744CD0767BFAB3, 08BA4984D8B19337A34E4A2BBCE4AD681FDE09D02A6C421A16F5A717AA12CD84 ] gwdrv          C:\WINDOWS\system32\DRIVERS\gwdrv.sys
11:15:09.0805 0x35e0  gwdrv - ok
11:15:09.0808 0x35e0  HDAudBus - ok
11:15:09.0810 0x35e0  HidBatt - ok
11:15:09.0812 0x35e0  HidBth - ok
11:15:09.0814 0x35e0  hidi2c - ok
11:15:09.0816 0x35e0  hidinterrupt - ok
11:15:09.0818 0x35e0  HidIr - ok
11:15:09.0820 0x35e0  hidserv - ok
11:15:09.0822 0x35e0  HidUsb - ok
11:15:09.0825 0x35e0  HomeGroupListener - ok
11:15:09.0827 0x35e0  HomeGroupProvider - ok
11:15:09.0829 0x35e0  HpSAMD - ok
11:15:09.0831 0x35e0  HTTP - ok
11:15:09.0835 0x35e0  [ 2174FEA95B4A31B3E6149DA29006A891, 1D246BB9625B8AB28249D08A332BD0B0BCC51AABCF8F1E9F99CB2BBD9B078038 ] huawei_cdcecm  C:\WINDOWS\System32\drivers\ew_jucdcecm.sys
11:15:09.0837 0x35e0  huawei_cdcecm - ok
11:15:09.0841 0x35e0  [ 00020E8394BCBD6DCC8645B2599608E8, ED16625C8CDA74A84FFC148549708D75ED7889D89A2C327716F5FAF12934D2BE ] huawei_ext_ctrl C:\WINDOWS\System32\drivers\ew_juextctrl.sys
11:15:09.0842 0x35e0  huawei_ext_ctrl - ok
11:15:09.0844 0x35e0  HvHost - ok
11:15:09.0846 0x35e0  hvservice - ok
11:15:09.0848 0x35e0  hwpolicy - ok
11:15:09.0851 0x35e0  hyperkbd - ok
11:15:09.0853 0x35e0  i8042prt - ok
11:15:09.0855 0x35e0  iagpio - ok
11:15:09.0857 0x35e0  iai2c - ok
11:15:09.0860 0x35e0  iaLPSS2i_GPIO2 - ok
11:15:09.0862 0x35e0  iaLPSS2i_I2C - ok
11:15:09.0864 0x35e0  iaLPSSi_GPIO - ok
11:15:09.0866 0x35e0  iaLPSSi_I2C - ok
11:15:09.0878 0x35e0  [ 0A34D806EF2767E62CAFEA1A150A8830, 2C5C9C0924C6AE379E3CD071E6687885006843A17742B083CE14719F666F7FE6 ] iaStorA        C:\WINDOWS\system32\drivers\iaStorA.sys
11:15:09.0887 0x35e0  iaStorA - ok
11:15:09.0890 0x35e0  iaStorAV - ok
11:15:09.0892 0x35e0  iaStorV - ok
11:15:09.0895 0x35e0  ibbus - ok
11:15:09.0897 0x35e0  icssvc - ok
11:15:09.0900 0x35e0  IKEEXT - ok
11:15:09.0902 0x35e0  IndirectKmd - ok
11:15:09.0970 0x35e0  [ 529DFBB7D3F3654DEE5A74E457732CAF, B5F01EA334A769ACE671C0468E708F6944A7F0228C4E86FC7EDC274C338E6344 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
11:15:10.0032 0x35e0  IntcAzAudAddService - ok
11:15:10.0039 0x35e0  intelide - ok
11:15:10.0041 0x35e0  intelpep - ok
11:15:10.0043 0x35e0  intelppm - ok
11:15:10.0045 0x35e0  iorate - ok
11:15:10.0047 0x35e0  IpFilterDriver - ok
11:15:10.0049 0x35e0  iphlpsvc - ok
11:15:10.0051 0x35e0  IPMIDRV - ok
11:15:10.0053 0x35e0  IPNAT - ok
11:15:10.0067 0x35e0  [ A9E19D4C0E9487544B0A87D511514DA9, 83767BA2A7EE1DE39DBF824B57D898355F8C5E3CE146CA280B0E336428837E70 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:15:10.0075 0x35e0  iPod Service - ok
11:15:10.0078 0x35e0  irda - ok
11:15:10.0080 0x35e0  IRENUM - ok
11:15:10.0082 0x35e0  irmon - ok
11:15:10.0084 0x35e0  isapnp - ok
11:15:10.0086 0x35e0  iScsiPrt - ok
11:15:10.0088 0x35e0  k57nd60a - ok
11:15:10.0090 0x35e0  kbdclass - ok
11:15:10.0093 0x35e0  kbdhid - ok
11:15:10.0095 0x35e0  kdnic - ok
11:15:10.0097 0x35e0  KeyIso - ok
11:15:10.0099 0x35e0  [ 322CD7A01A961D94C6EAB640D6427504, 17979EB65FEE44E329F3E8097194AE20422818EC6859DAA0206EB2CC3EEFA8D7 ] KOBCCEX        C:\WINDOWS\system32\drivers\KOBCCEX.sys
11:15:10.0101 0x35e0  KOBCCEX - ok
11:15:10.0104 0x35e0  KSecDD - ok
11:15:10.0106 0x35e0  KSecPkg - ok
11:15:10.0108 0x35e0  ksthunk - ok
11:15:10.0110 0x35e0  KtmRm - ok
11:15:10.0112 0x35e0  LanmanServer - ok
11:15:10.0114 0x35e0  LanmanWorkstation - ok
11:15:10.0117 0x35e0  lfsvc - ok
11:15:10.0120 0x35e0  [ 5E7641AECAC4CFC7B4B442B461A25C83, 1F6AF4ED863C17A1A326A4CB0D289EAABFAD748A6B0A7CE40CF842694572FDB7 ] LGBusEnum      C:\WINDOWS\system32\drivers\LGBusEnum.sys
11:15:10.0121 0x35e0  LGBusEnum - ok
11:15:10.0125 0x35e0  [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp      C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
11:15:10.0125 0x35e0  LGCoreTemp - ok
11:15:10.0129 0x35e0  [ 7D24DEBE7BC0C01A30A9A65806B61453, 342E758AD6F88E3FA83B69F26836A9F54D1A3BE344D1D2F9C6394E085E5FCA92 ] LGJoyXlCore    C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
11:15:10.0131 0x35e0  LGJoyXlCore - ok
11:15:10.0134 0x35e0  [ DBEAB45BA2B47C057F3BAE5AD0654173, 9660B803F4AD4BD3427F1A24D09B2712E4DC0E25A18942984AF01750D77C118C ] LGVirHid        C:\WINDOWS\system32\drivers\LGVirHid.sys
11:15:10.0135 0x35e0  LGVirHid - ok
11:15:10.0137 0x35e0  LicenseManager - ok
11:15:10.0140 0x35e0  lltdio - ok
11:15:10.0143 0x35e0  lltdsvc - ok
11:15:10.0145 0x35e0  lmhosts - ok
11:15:10.0150 0x35e0  [ B78534B305C93D18CAED123E1F9346E5, 19FE198E0D7C81AAF1A00700AB85F19E37E4198EDB8A59C55D1766E03D9E060F ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
11:15:10.0153 0x35e0  LogiRegistryService - ok
11:15:10.0157 0x35e0  LSI_SAS - ok
11:15:10.0159 0x35e0  LSI_SAS2i - ok
11:15:10.0162 0x35e0  LSI_SAS3i - ok
11:15:10.0164 0x35e0  LSI_SSS - ok
11:15:10.0166 0x35e0  LSM - ok
11:15:10.0168 0x35e0  luafv - ok
11:15:10.0170 0x35e0  MapsBroker - ok
11:15:10.0172 0x35e0  megasas - ok
11:15:10.0174 0x35e0  megasas2i - ok
11:15:10.0177 0x35e0  megasr - ok
11:15:10.0182 0x35e0  [ E7C9F74D8CAAB1FF7964C27C070FB16C, 76CCD9109E1031A336B7E275368520FFB60D500E24444B04066F205D1ED5BA2B ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
11:15:10.0188 0x35e0  MEIx64 - ok
11:15:10.0192 0x35e0  MessagingService - ok
11:15:10.0195 0x35e0  mlx4_bus - ok
11:15:10.0197 0x35e0  MMCSS - ok
11:15:10.0199 0x35e0  Modem - ok
11:15:10.0201 0x35e0  monitor - ok
11:15:10.0203 0x35e0  mouclass - ok
11:15:10.0205 0x35e0  mouhid - ok
11:15:10.0208 0x35e0  mountmgr - ok
11:15:10.0213 0x35e0  [ 7AAFF443581F9B6F86CDF761ED0A437D, 6E159C875F5666E6D17C58628EEAF79818697355AFE213CE778BD3FEA04248C0 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:15:10.0216 0x35e0  MozillaMaintenance - ok
11:15:10.0218 0x35e0  mpsdrv - ok
11:15:10.0220 0x35e0  MpsSvc - ok
11:15:10.0224 0x35e0  MQAC - ok
11:15:10.0226 0x35e0  MRxDAV - ok
11:15:10.0228 0x35e0  mrxsmb - ok
11:15:10.0230 0x35e0  mrxsmb10 - ok
11:15:10.0232 0x35e0  mrxsmb20 - ok
11:15:10.0234 0x35e0  MsBridge - ok
11:15:10.0236 0x35e0  MSDTC - ok
11:15:10.0239 0x35e0  Msfs - ok
11:15:10.0243 0x35e0  msgpiowin32 - ok
11:15:10.0245 0x35e0  mshidkmdf - ok
11:15:10.0247 0x35e0  mshidumdf - ok
11:15:10.0249 0x35e0  msisadrv - ok
11:15:10.0251 0x35e0  MSiSCSI - ok
11:15:10.0253 0x35e0  msiserver - ok
11:15:10.0255 0x35e0  MSKSSRV - ok
11:15:10.0258 0x35e0  MsLldp - ok
11:15:10.0260 0x35e0  MSMQ - ok
11:15:10.0262 0x35e0  MSPCLOCK - ok
11:15:10.0264 0x35e0  MSPQM - ok
11:15:10.0266 0x35e0  MsRPC - ok
11:15:10.0269 0x35e0  MsSecFlt - ok
11:15:10.0271 0x35e0  mssmbios - ok
11:15:10.0274 0x35e0  MSTEE - ok
11:15:10.0275 0x35e0  MTConfig - ok
11:15:10.0278 0x35e0  Mup - ok
11:15:10.0279 0x35e0  mvumis - ok
11:15:10.0282 0x35e0  NativeWifiP - ok
11:15:10.0285 0x35e0  NcaSvc - ok
11:15:10.0287 0x35e0  NcbService - ok
11:15:10.0289 0x35e0  NcdAutoSetup - ok
11:15:10.0291 0x35e0  ndfltr - ok
11:15:10.0293 0x35e0  NDIS - ok
11:15:10.0295 0x35e0  NdisCap - ok
11:15:10.0297 0x35e0  NdisImPlatform - ok
11:15:10.0299 0x35e0  NdisTapi - ok
11:15:10.0301 0x35e0  Ndisuio - ok
11:15:10.0303 0x35e0  NdisVirtualBus - ok
11:15:10.0305 0x35e0  NdisWan - ok
11:15:10.0307 0x35e0  ndiswanlegacy - ok
11:15:10.0309 0x35e0  ndproxy - ok
11:15:10.0310 0x35e0  Ndu - ok
11:15:10.0313 0x35e0  NetAdapterCx - ok
11:15:10.0314 0x35e0  NetBIOS - ok
11:15:10.0317 0x35e0  NetBT - ok
11:15:10.0319 0x35e0  Netlogon - ok
11:15:10.0321 0x35e0  Netman - ok
11:15:10.0328 0x35e0  NetMsmqActivator - ok
11:15:10.0329 0x35e0  NetPipeActivator - ok
11:15:10.0332 0x35e0  netprofm - ok
11:15:10.0334 0x35e0  NetSetupSvc - ok
11:15:10.0335 0x35e0  NetTcpPortSharing - ok
11:15:10.0339 0x35e0  NgcCtnrSvc - ok
11:15:10.0341 0x35e0  NgcSvc - ok
11:15:10.0343 0x35e0  NlaSvc - ok
11:15:10.0345 0x35e0  Npfs - ok
11:15:10.0347 0x35e0  npsvctrig - ok
11:15:10.0349 0x35e0  nsi - ok
11:15:10.0351 0x35e0  nsiproxy - ok
11:15:10.0354 0x35e0  NTFS - ok
11:15:10.0356 0x35e0  Null - ok
11:15:10.0366 0x35e0  [ B5A377E4D70A561CFE60A861D22CE883, 0E412DD03B1963B333C08B9DF1FD5E0A0E480A7F0DC5E4B61BCC418A81C690DE ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
11:15:10.0371 0x35e0  NvContainerLocalSystem - ok
11:15:10.0379 0x35e0  [ B5A377E4D70A561CFE60A861D22CE883, 0E412DD03B1963B333C08B9DF1FD5E0A0E480A7F0DC5E4B61BCC418A81C690DE ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
11:15:10.0384 0x35e0  NvContainerNetworkService - ok
11:15:10.0391 0x35e0  [ 548C6E9528C5FAEE5B4788F0E59BE1F6, 58B8D4DBDE158FBEBA01F9016AA0466D5B24FA40890B6980AE5B179F1B19253F ] NVHDA          C:\WINDOWS\system32\drivers\nvhda64v.sys
11:15:10.0394 0x35e0  NVHDA - ok
11:15:10.0414 0x35e0  [ 5284B1C8C69135753C26F2601350BF2E, 70246202B9C73F7BFD6F7E4DF9611B08498B94C8A66768E4BF90905162B8E77B ] NVIDIA Wireless Controller Service C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
11:15:10.0429 0x35e0  NVIDIA Wireless Controller Service - ok
11:15:10.0659 0x35e0  [ 557A0393BDFED327968A9E695FB4CEBA, 76D39F74439205B5B614B0D99E9E10629738E00250A5E7FFEE50815F69EE70D0 ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3f929cc119e3b994\nvlddmkm.sys
11:15:10.0835 0x35e0  nvlddmkm - ok
11:15:10.0847 0x35e0  nvraid - ok
11:15:10.0849 0x35e0  nvstor - ok
11:15:10.0852 0x35e0  [ 0E045E8DF54ADBEAFE30C374D1411231, D088C01CE242BF36F961D4EF9C593345271F91BF14274E04F2658D6772615989 ] NvStreamKms    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
11:15:10.0853 0x35e0  NvStreamKms - ok
11:15:10.0862 0x35e0  [ A66A3EEEB383B6084EE75E8982725A23, 7A589B9C370623263E43D0FA1C6F5830F157ACDC111E11DC49B2B6E8BF5F0F74 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
11:15:10.0867 0x35e0  NvTelemetryContainer - ok
11:15:10.0871 0x35e0  [ 4061D60DE18BDEEBC1F68EB693466EE0, 9F55273D47361C5C6D5FCFDAA533567FF3643E636C0630F8F611A993D4AFD065 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
11:15:10.0872 0x35e0  nvvad_WaveExtensible - ok
11:15:10.0874 0x35e0  OneSyncSvc - ok
11:15:10.0914 0x35e0  [ AD851D818F399DD946A9C17AB2156F22, 4A541E7A3A3164581BFB9080DE0976E18F6DD00E39458EBBCBD3B2445708BEB5 ] Origin Client Service D:\Program Files (x86)\Origin\OriginClientService.exe
11:15:10.0936 0x35e0  Origin Client Service - ok
11:15:10.0974 0x35e0  [ 788363C87EBD90AC1EAD2DC5A9A40759, B565663B459414C5C9F81451D9A127D62CDF605BC2A9E686F74A2E4FD44A9B43 ] Origin Web Helper Service D:\Program Files (x86)\Origin\OriginWebHelperService.exe
11:15:11.0003 0x35e0  Origin Web Helper Service - ok
11:15:11.0011 0x35e0  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:15:11.0013 0x35e0  ose - ok
11:15:11.0020 0x35e0  [ A5FB4253A5C42548C817864826E5F202, A5F0E2564D530B14B43BEA359602C4A753C45497971587D208EA56AC8C4AEDBD ] ose64          C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:15:11.0023 0x35e0  ose64 - ok
11:15:11.0025 0x35e0  p2pimsvc - ok
11:15:11.0027 0x35e0  p2psvc - ok
11:15:11.0029 0x35e0  Parport - ok
11:15:11.0032 0x35e0  partmgr - ok
11:15:11.0034 0x35e0  PcaSvc - ok
11:15:11.0036 0x35e0  pci - ok
11:15:11.0038 0x35e0  pciide - ok
11:15:11.0041 0x35e0  pcmcia - ok
11:15:11.0043 0x35e0  pcw - ok
11:15:11.0045 0x35e0  pdc - ok
11:15:11.0047 0x35e0  PEAUTH - ok
11:15:11.0049 0x35e0  PeerDistSvc - ok
11:15:11.0051 0x35e0  percsas2i - ok
11:15:11.0052 0x35e0  percsas3i - ok
11:15:11.0075 0x35e0  PerfHost - ok
11:15:11.0080 0x35e0  PhoneSvc - ok
11:15:11.0083 0x35e0  PimIndexMaintenanceSvc - ok
11:15:11.0086 0x35e0  pla - ok
11:15:11.0088 0x35e0  PlugPlay - ok
11:15:11.0092 0x35e0  PNRPAutoReg - ok
11:15:11.0093 0x35e0  PNRPsvc - ok
11:15:11.0096 0x35e0  PolicyAgent - ok
11:15:11.0099 0x35e0  Power - ok
11:15:11.0101 0x35e0  PptpMiniport - ok
11:15:11.0183 0x35e0  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify    C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
11:15:11.0226 0x35e0  PrintNotify - ok
11:15:11.0230 0x35e0  Processor - ok
11:15:11.0233 0x35e0  ProfSvc - ok
11:15:11.0235 0x35e0  Psched - ok
11:15:11.0237 0x35e0  [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio        C:\WINDOWS\system32\pwdrvio.sys
11:15:11.0371 0x35e0  pwdrvio - ok
11:15:11.0377 0x35e0  [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio        C:\WINDOWS\system32\pwdspio.sys
11:15:11.0390 0x35e0  pwdspio - ok
11:15:11.0418 0x35e0  [ 2DC444DA17A1F4632631ED68A3C1F97D, 4A7F78841B0ACB122C47B6C5D391AE52FF618D2A69567078B567EB798B574FAB ] QHActiveDefense C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
11:15:11.0432 0x35e0  QHActiveDefense - ok
11:15:11.0435 0x35e0  QWAVE - ok
11:15:11.0437 0x35e0  QWAVEdrv - ok
11:15:11.0439 0x35e0  RasAcd - ok
11:15:11.0442 0x35e0  RasAgileVpn - ok
11:15:11.0444 0x35e0  RasAuto - ok
11:15:11.0445 0x35e0  Rasl2tp - ok
11:15:11.0448 0x35e0  RasMan - ok
11:15:11.0449 0x35e0  RasPppoe - ok
11:15:11.0451 0x35e0  RasSstp - ok
11:15:11.0454 0x35e0  rdbss - ok
11:15:11.0457 0x35e0  rdpbus - ok
11:15:11.0460 0x35e0  RDPDR - ok
11:15:11.0464 0x35e0  RdpVideoMiniport - ok
11:15:11.0465 0x35e0  rdyboost - ok
11:15:11.0467 0x35e0  ReFSv1 - ok
11:15:11.0470 0x35e0  RemoteAccess - ok
11:15:11.0472 0x35e0  RemoteRegistry - ok
11:15:11.0475 0x35e0  RetailDemo - ok
11:15:11.0477 0x35e0  RmSvc - ok
11:15:11.0479 0x35e0  RpcEptMapper - ok
11:15:11.0481 0x35e0  RpcLocator - ok
11:15:11.0484 0x35e0  RpcSs - ok
11:15:11.0486 0x35e0  rspndr - ok
11:15:11.0488 0x35e0  s3cap - ok
11:15:11.0490 0x35e0  SamSs - ok
11:15:11.0499 0x35e0  [ 5C9ED5D9F3992C5547C6B95B55170981, 19B2991910C1CEE321A3BEC57621D6CC7C821651915602D3CCEBAE31DBD36676 ] SanDisk SSD Dashboard Service C:\Program Files (x86)\SanDisk\SSD Dashboard\SanDiskSSDDashboardService.exe
11:15:11.0504 0x35e0  SanDisk SSD Dashboard Service - ok
11:15:11.0506 0x35e0  sbp2port - ok
11:15:11.0509 0x35e0  SCardSvr - ok
11:15:11.0511 0x35e0  ScDeviceEnum - ok
11:15:11.0513 0x35e0  scfilter - ok
11:15:11.0515 0x35e0  Schedule - ok
11:15:11.0517 0x35e0  scmbus - ok
11:15:11.0519 0x35e0  scmdisk0101 - ok
11:15:11.0521 0x35e0  SCPolicySvc - ok
11:15:11.0523 0x35e0  sdbus - ok
11:15:11.0525 0x35e0  SDRSVC - ok
11:15:11.0528 0x35e0  sdstor - ok
11:15:11.0530 0x35e0  seclogon - ok
11:15:11.0532 0x35e0  SENS - ok
11:15:11.0533 0x35e0  Sense - ok
11:15:11.0536 0x35e0  SensorDataService - ok
11:15:11.0538 0x35e0  SensorService - ok
11:15:11.0540 0x35e0  SensrSvc - ok
11:15:11.0542 0x35e0  SerCx - ok
11:15:11.0544 0x35e0  SerCx2 - ok
11:15:11.0546 0x35e0  Serenum - ok
11:15:11.0549 0x35e0  Serial - ok
11:15:11.0552 0x35e0  sermouse - ok
11:15:11.0557 0x35e0  SessionEnv - ok
11:15:11.0561 0x35e0  sfloppy - ok
11:15:11.0564 0x35e0  SharedAccess - ok
11:15:11.0568 0x35e0  ShellHWDetection - ok
11:15:11.0570 0x35e0  shpamsvc - ok
11:15:11.0573 0x35e0  SiSRaid2 - ok
11:15:11.0575 0x35e0  SiSRaid4 - ok
11:15:11.0578 0x35e0  smphost - ok
11:15:11.0580 0x35e0  SmsRouter - ok
11:15:11.0589 0x35e0  [ 2F7A6F88A9516EB47B0BF13024434244, 5FC5635D077AAA42853F78306C941995B56E939015CC3F27D376CBD9395C7410 ] snapman        C:\WINDOWS\system32\DRIVERS\snapman.sys
11:15:11.0594 0x35e0  snapman - ok
11:15:11.0597 0x35e0  SNMPTRAP - ok
11:15:11.0599 0x35e0  spaceport - ok
11:15:11.0601 0x35e0  SpbCx - ok
11:15:11.0603 0x35e0  Spooler - ok
11:15:11.0606 0x35e0  sppsvc - ok
11:15:11.0608 0x35e0  srv - ok
11:15:11.0610 0x35e0  srv2 - ok
11:15:11.0612 0x35e0  srvnet - ok
11:15:11.0614 0x35e0  SSDPSRV - ok
11:15:11.0616 0x35e0  SstpSvc - ok
11:15:11.0630 0x35e0  [ A72B7C730B1EF1E7764044737E802FAD, D102122D2B938A48F8A6761F1F75D37476D628C1E5D644DFB30262CE50E2D250 ] StarMoney 10 OnlineUpdate d:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe
11:15:11.0637 0x35e0  StarMoney 10 OnlineUpdate - ok
11:15:11.0640 0x35e0  StateRepository - ok
11:15:11.0663 0x35e0  [ 90E22D7CDE08E07446D238A569BCAB7C, 3D4F413D0B0C9CF28D06E0476F24AC6441C8678DF786D9971B39C91C9F9B8020 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
11:15:11.0682 0x35e0  Steam Client Service - ok
11:15:11.0685 0x35e0  stexstor - ok
11:15:11.0688 0x35e0  stisvc - ok
11:15:11.0690 0x35e0  storahci - ok
11:15:11.0693 0x35e0  storflt - ok
11:15:11.0695 0x35e0  stornvme - ok
11:15:11.0697 0x35e0  storqosflt - ok
11:15:11.0699 0x35e0  StorSvc - ok
11:15:11.0701 0x35e0  storufs - ok
11:15:11.0703 0x35e0  storvsc - ok
11:15:11.0705 0x35e0  svsvc - ok
11:15:11.0708 0x35e0  swenum - ok
11:15:11.0710 0x35e0  swprv - ok
11:15:11.0805 0x35e0  [ 06A5A15C89E5F2C08D0C595C1DA776AF, EEFC5803E3C76115DF24B00A4BD6F3196D6CD87049802EF58BE6CF2CCB758FBF ] syncagentsrv    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
11:15:11.0876 0x35e0  syncagentsrv - ok
11:15:11.0884 0x35e0  Synth3dVsc - ok
11:15:11.0886 0x35e0  SysMain - ok
11:15:11.0889 0x35e0  SystemEventsBroker - ok
11:15:11.0891 0x35e0  TabletInputService - ok
11:15:11.0894 0x35e0  TapiSrv - ok
11:15:11.0896 0x35e0  Tcpip - ok
11:15:11.0898 0x35e0  Tcpip6 - ok
11:15:11.0901 0x35e0  tcpipreg - ok
11:15:11.0904 0x35e0  tdx - ok
11:15:11.0906 0x35e0  terminpt - ok
11:15:11.0908 0x35e0  TermService - ok
11:15:11.0912 0x35e0  Themes - ok
11:15:11.0930 0x35e0  [ AEEEB1EE424A8D6F17B3A6461E0FC7E6, 3A5FD27DF6132E84DC03366FB684B31A454C0805A5E4EA0C67B0CE85FF446B93 ] tib            C:\WINDOWS\system32\DRIVERS\tib.sys
11:15:11.0946 0x35e0  tib - ok
11:15:11.0953 0x35e0  [ 3813F93D8A69EDE68913CC3050640FE3, 4931BC6DA6FD0808C985CD6202FB759F6B8DE8957FB44E6AD8844EA58C891AC1 ] tib_mounter    C:\WINDOWS\system32\DRIVERS\tib_mounter.sys
11:15:11.0957 0x35e0  tib_mounter - ok
11:15:11.0960 0x35e0  TieringEngineService - ok
11:15:11.0962 0x35e0  tiledatamodelsvc - ok
11:15:11.0965 0x35e0  TimeBrokerSvc - ok
11:15:11.0970 0x35e0  [ 89CD7F95A1D8D672094085A958031DC2, 7D859A1B20F664874DB2BE4265F43AD1FA53E83D4BCCEE6FDA5D399D2EBA2A2B ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
11:15:11.0971 0x35e0  TomTomHOMEService - ok
11:15:11.0973 0x35e0  TPM - ok
11:15:11.0976 0x35e0  TrkWks - ok
11:15:11.0982 0x35e0  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt      C:\WINDOWS\system32\drivers\truecrypt.sys
11:15:11.0985 0x35e0  truecrypt - ok
11:15:11.0988 0x35e0  TrustedInstaller - ok
11:15:11.0991 0x35e0  tsusbflt - ok
11:15:11.0995 0x35e0  TsUsbGD - ok
11:15:11.0997 0x35e0  tsusbhub - ok
11:15:11.0999 0x35e0  tunnel - ok
11:15:12.0002 0x35e0  tzautoupdate - ok
11:15:12.0004 0x35e0  UASPStor - ok
11:15:12.0006 0x35e0  UcmCx0101 - ok
11:15:12.0008 0x35e0  UcmTcpciCx0101 - ok
11:15:12.0011 0x35e0  UcmUcsi - ok
11:15:12.0013 0x35e0  Ucx01000 - ok
11:15:12.0015 0x35e0  UdeCx - ok
11:15:12.0017 0x35e0  udfs - ok
11:15:12.0020 0x35e0  UEFI - ok
11:15:12.0022 0x35e0  UevAgentDriver - ok
11:15:12.0024 0x35e0  UevAgentService - ok
11:15:12.0028 0x35e0  Ufx01000 - ok
11:15:12.0030 0x35e0  UfxChipidea - ok
11:15:12.0032 0x35e0  ufxsynopsys - ok
11:15:12.0036 0x35e0  UI0Detect - ok
11:15:12.0040 0x35e0  [ 5B99D25F5CA1F20CCED62381ED41793E, 672B40021E0C623ED8C7E3203261837B43A5EE750E59DAFC4D6EAC4911B12F44 ] UimBus          C:\WINDOWS\System32\drivers\UimBus.sys
11:15:12.0044 0x35e0  UimBus - ok
11:15:12.0047 0x35e0  [ 67F428FA5F059A974529ECBA6A6C9D71, 912BCAEC818317AFD051351D5EAAF3B5EC8E5AD3CC9C1B8FC17F5DB78829615A ] Uim_DEVIM      C:\WINDOWS\System32\drivers\uim_devim.sys
11:15:12.0048 0x35e0  Uim_DEVIM - ok
11:15:12.0061 0x35e0  [ 76E93AD89DEC20EE2AF99E17183F85AB, 4ED49ADA41FA2BFDCC11861241428E23E8396E72BE10929FF01F0FE48D3DF2C2 ] Uim_IM          C:\WINDOWS\System32\drivers\uim_im.sys
11:15:12.0071 0x35e0  Uim_IM - ok
11:15:12.0074 0x35e0  umbus - ok
11:15:12.0076 0x35e0  UmPass - ok
11:15:12.0078 0x35e0  UmRdpService - ok
11:15:12.0080 0x35e0  UnistoreSvc - ok
11:15:12.0084 0x35e0  upnphost - ok
11:15:12.0086 0x35e0  UrsChipidea - ok
11:15:12.0088 0x35e0  UrsCx01000 - ok
11:15:12.0090 0x35e0  UrsSynopsys - ok
11:15:12.0093 0x35e0  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64      C:\WINDOWS\System32\Drivers\usbaapl64.sys
11:15:12.0095 0x35e0  USBAAPL64 - ok
11:15:12.0097 0x35e0  usbccgp - ok
11:15:12.0099 0x35e0  usbcir - ok
11:15:12.0106 0x35e0  [ 635686E528F2C9CB916EC1BB04EE6AD1, 080A0F209773232860F510F17005EF92650BA831F69BB0006AEF11A2BB0A4906 ] UsbClientService d:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
11:15:12.0110 0x35e0  UsbClientService - ok
11:15:12.0112 0x35e0  usbehci - ok
11:15:12.0114 0x35e0  usbhub - ok
11:15:12.0116 0x35e0  USBHUB3 - ok
11:15:12.0118 0x35e0  usbohci - ok
11:15:12.0120 0x35e0  usbprint - ok
11:15:12.0123 0x35e0  usbser - ok
11:15:12.0125 0x35e0  USBSTOR - ok
11:15:12.0128 0x35e0  usbuhci - ok
11:15:12.0130 0x35e0  USBXHCI - ok
11:15:12.0133 0x35e0  UserDataSvc - ok
11:15:12.0136 0x35e0  UserManager - ok
11:15:12.0138 0x35e0  UsoSvc - ok
11:15:12.0140 0x35e0  VaultSvc - ok
11:15:12.0156 0x35e0  [ 2A801DFB1C278104D6AFB23C456C0E89, 47ECDA10F2D8D7A8C21D655A58FC957B0AF280FAC729B4E9F7AD9124822566B2 ] VBoxDrv        C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
11:15:12.0171 0x35e0  VBoxDrv - ok
11:15:12.0176 0x35e0  [ 16F38B18F51DBD2D32A77B3649CFC55A, B91CC76CFC999B053658F746EA3F41F5D196E54821309F8C042BADC23D4D4D05 ] VBoxNetAdp      C:\WINDOWS\System32\drivers\VBoxNetAdp.sys
11:15:12.0179 0x35e0  VBoxNetAdp - ok
11:15:12.0183 0x35e0  [ 46970F66C3F19421C37CCCDC7C2F176A, B5351B1F177106AB931A080DA8414B4AEF88CDA57EBA5AEFA8A5DF595D62ADE9 ] VBoxUSBMon      C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
11:15:12.0186 0x35e0  VBoxUSBMon - ok
11:15:12.0188 0x35e0  vdrvroot - ok
11:15:12.0191 0x35e0  vds - ok
11:15:12.0194 0x35e0  VerifierExt - ok
11:15:12.0196 0x35e0  vhdmp - ok
11:15:12.0198 0x35e0  vhf - ok
11:15:12.0200 0x35e0  vmbus - ok
11:15:12.0202 0x35e0  VMBusHID - ok
11:15:12.0204 0x35e0  vmgid - ok
11:15:12.0206 0x35e0  vmicguestinterface - ok
11:15:12.0209 0x35e0  vmicheartbeat - ok
11:15:12.0211 0x35e0  vmickvpexchange - ok
11:15:12.0213 0x35e0  vmicrdv - ok
11:15:12.0215 0x35e0  vmicshutdown - ok
11:15:12.0217 0x35e0  vmictimesync - ok
11:15:12.0219 0x35e0  vmicvmsession - ok
11:15:12.0222 0x35e0  vmicvss - ok
11:15:12.0225 0x35e0  volmgr - ok
11:15:12.0227 0x35e0  volmgrx - ok
11:15:12.0230 0x35e0  volsnap - ok
11:15:12.0232 0x35e0  volume - ok
11:15:12.0234 0x35e0  vpci - ok
11:15:12.0236 0x35e0  vsmraid - ok
11:15:12.0239 0x35e0  VSS - ok
11:15:12.0241 0x35e0  VSTXRAID - ok
11:15:12.0244 0x35e0  vwifibus - ok
11:15:12.0246 0x35e0  vwififlt - ok
11:15:12.0248 0x35e0  W32Time - ok
11:15:12.0251 0x35e0  w3logsvc - ok
11:15:12.0254 0x35e0  W3SVC - ok
11:15:12.0256 0x35e0  WacomPen - ok
11:15:12.0258 0x35e0  WalletService - ok
11:15:12.0260 0x35e0  wanarp - ok
11:15:12.0262 0x35e0  wanarpv6 - ok
11:15:12.0264 0x35e0  WAS - ok
11:15:12.0267 0x35e0  wbengine - ok
11:15:12.0269 0x35e0  WbioSrvc - ok
11:15:12.0271 0x35e0  wcifs - ok
11:15:12.0274 0x35e0  Wcmsvc - ok
11:15:12.0276 0x35e0  wcncsvc - ok
11:15:12.0278 0x35e0  wcnfs - ok
11:15:12.0280 0x35e0  WdBoot - ok
11:15:12.0282 0x35e0  Wdf01000 - ok
11:15:12.0285 0x35e0  WdFilter - ok
11:15:12.0287 0x35e0  WdiServiceHost - ok
11:15:12.0289 0x35e0  WdiSystemHost - ok
11:15:12.0291 0x35e0  wdiwifi - ok
11:15:12.0296 0x35e0  [ 9955F303C20C4F58DB6645C6248DE1C8, 1A04B5C0EF2FE0CDBA054104727C54A02072B829BEAF4F3E4D16E581B50593F1 ] wdm_usb        C:\WINDOWS\system32\DRIVERS\usb2ser.sys
11:15:12.0299 0x35e0  wdm_usb - ok
11:15:12.0302 0x35e0  WdNisDrv - ok
11:15:12.0304 0x35e0  WdNisSvc - ok
11:15:12.0306 0x35e0  WebClient - ok
11:15:12.0308 0x35e0  Wecsvc - ok
11:15:12.0311 0x35e0  WEPHOSTSVC - ok
11:15:12.0313 0x35e0  wercplsupport - ok
11:15:12.0315 0x35e0  WerSvc - ok
11:15:12.0318 0x35e0  WFPLWFS - ok
11:15:12.0320 0x35e0  WiaRpc - ok
11:15:12.0322 0x35e0  WIMMount - ok
11:15:12.0324 0x35e0  WinDefend - ok
11:15:12.0329 0x35e0  WindowsTrustedRT - ok
11:15:12.0331 0x35e0  WindowsTrustedRTProxy - ok
11:15:12.0333 0x35e0  WinHttpAutoProxySvc - ok
11:15:12.0336 0x35e0  WinMad - ok
11:15:12.0343 0x35e0  Winmgmt - ok
11:15:12.0346 0x35e0  WinRM - ok
11:15:12.0350 0x35e0  WINUSB - ok
11:15:12.0352 0x35e0  WinVerbs - ok
11:15:12.0354 0x35e0  wisvc - ok
11:15:12.0356 0x35e0  WlanSvc - ok
11:15:12.0359 0x35e0  wlidsvc - ok
11:15:12.0361 0x35e0  WmiAcpi - ok
11:15:12.0364 0x35e0  wmiApSrv - ok
11:15:12.0366 0x35e0  WMPNetworkSvc - ok
11:15:12.0369 0x35e0  Wof - ok
11:15:12.0372 0x35e0  workfolderssvc - ok
11:15:12.0375 0x35e0  WPDBusEnum - ok
11:15:12.0378 0x35e0  WpdUpFltr - ok
11:15:12.0380 0x35e0  WpnService - ok
11:15:12.0383 0x35e0  WpnUserService - ok
11:15:12.0386 0x35e0  ws2ifsl - ok
11:15:12.0389 0x35e0  wscsvc - ok
11:15:12.0391 0x35e0  WSDPrintDevice - ok
11:15:12.0393 0x35e0  WSDScan - ok
11:15:12.0395 0x35e0  WSearch - ok
11:15:12.0399 0x35e0  wuauserv - ok
11:15:12.0401 0x35e0  WudfPf - ok
11:15:12.0403 0x35e0  WUDFRd - ok
11:15:12.0405 0x35e0  wudfsvc - ok
11:15:12.0407 0x35e0  WUDFWpdFs - ok
11:15:12.0409 0x35e0  WUDFWpdMtp - ok
11:15:12.0412 0x35e0  WwanSvc - ok
11:15:12.0414 0x35e0  XblAuthManager - ok
11:15:12.0417 0x35e0  XblGameSave - ok
11:15:12.0419 0x35e0  xboxgip - ok
11:15:12.0422 0x35e0  XboxNetApiSvc - ok
11:15:12.0424 0x35e0  xinputhid - ok
11:15:12.0428 0x35e0  xusb22 - ok
11:15:12.0428 0x35e0  ================ Scan global ===============================
11:15:12.0437 0x35e0  [ Global ] - ok
11:15:12.0438 0x35e0  ================ Scan MBR ==================================
11:15:12.0443 0x35e0  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk3\DR11
11:15:12.0476 0x35e0  \Device\Harddisk3\DR11 - ok
11:15:12.0477 0x35e0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:15:12.0569 0x35e0  \Device\Harddisk0\DR0 - ok
11:15:12.0571 0x35e0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
11:15:12.0590 0x35e0  \Device\Harddisk1\DR1 - ok
11:15:12.0592 0x35e0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
11:15:12.0595 0x35e0  \Device\Harddisk2\DR2 - ok
11:15:12.0595 0x35e0  ================ Scan VBR ==================================
11:15:12.0597 0x35e0  [ BCF9E30F28C91BD17D151E8F8B990E64 ] \Device\Harddisk3\DR11\Partition1
11:15:12.0598 0x35e0  \Device\Harddisk3\DR11\Partition1 - ok
11:15:12.0600 0x35e0  [ 46B3B3D8C4FFC98BA87366CDF1F117B2 ] \Device\Harddisk3\DR11\Partition2
11:15:12.0601 0x35e0  \Device\Harddisk3\DR11\Partition2 - ok
11:15:12.0603 0x35e0  [ 787802FF7AA5ADCAED59130BB8EF8089 ] \Device\Harddisk0\DR0\Partition1
11:15:12.0604 0x35e0  \Device\Harddisk0\DR0\Partition1 - ok
11:15:12.0605 0x35e0  [ 97C2B21BF85FBDB4F21208F721089B51 ] \Device\Harddisk0\DR0\Partition2
11:15:12.0606 0x35e0  \Device\Harddisk0\DR0\Partition2 - ok
11:15:12.0608 0x35e0  [ E8699EEB52A3AABC2BE74BBE5CA682D3 ] \Device\Harddisk1\DR1\Partition1
11:15:12.0609 0x35e0  \Device\Harddisk1\DR1\Partition1 - ok
11:15:12.0610 0x35e0  [ 7730687222DBB74FFEF51FE26E11CA73 ] \Device\Harddisk2\DR2\Partition1
11:15:12.0611 0x35e0  \Device\Harddisk2\DR2\Partition1 - ok
11:15:12.0611 0x35e0  ================ Scan generic autorun ======================
11:15:12.0855 0x35e0  [ C1FCE25201A11C6F673C4FE3DD87E6CD, 254BC489AD1A14B7D15D8F258577E9A45A6E1AA37ADF59B8D72D546FE6E2DDEB ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:15:13.0050 0x35e0  RTHDVCPL - ok
11:15:13.0104 0x35e0  [ 912993864DE980DE79E2317B109298AE, CD01E488E6331D0F00092A6F5B4B62F3404C9C5F0736887849AD215730C072D2 ] d:\Program Files\Canon\MyPrinter\BJMyPrt.exe
11:15:13.0131 0x35e0  CanonMyPrinter - ok
11:15:13.0148 0x35e0  [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
11:15:13.0158 0x35e0  XboxStat - ok
11:15:13.0170 0x35e0  [ F06F76C6D57022CF30D5B8853A8D873D, 4F373451A9D8CD16D2B4B339C730531936A993BDC819703C737E53384B79A289 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
11:15:13.0176 0x35e0  Acronis Scheduler2 Service - ok
11:15:13.0460 0x35e0  [ 1BDEB33CEAA541F6FCB19D9C342FBF86, F7DF33410511011317915F2EC3E571D249F1C92D5E35485313BF4DE9999D534C ] C:\Program Files\Logitech Gaming Software\LCore.exe
11:15:13.0649 0x35e0  Launch LCore - ok
11:15:13.0660 0x35e0  ShadowPlay - ok
11:15:13.0664 0x35e0  [ 1710A603D1EEBF86D738D1C6283C39B3, 5427A41AB64122FC119A42D7E4954A04A650FE88BD2B7FD2D4CDD1E823433268 ] C:\Program Files\iTunes\iTunesHelper.exe
11:15:13.0667 0x35e0  iTunesHelper - ok
11:15:13.0671 0x35e0  [ B9936A376753C1274B7119856E120632, 96CA84BF2CFE6FE481295A1420FD62796FA380162BD427B9B052DDCC36E7DCD7 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
11:15:13.0672 0x35e0  APSDaemon - ok
11:15:13.0681 0x35e0  [ 5F7EE76129F9A591F22F99F95D97AC95, D3446BD4CAB8017B44BAD94EBB88468D080AC65E14444C12B09B6BF3E70B2AED ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
11:15:13.0685 0x35e0  IJNetworkScannerSelectorEX - ok
11:15:13.0694 0x35e0  [ 0185222A649A92BB4675D33A9C1D5485, AD19173EF6969116828D56963BD0CEEB933C02E211F5D986E1B8CC2136A3C4F7 ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
11:15:13.0697 0x35e0  FreePDF Assistant - ok
11:15:13.0707 0x35e0  [ 69D50F8B1A5C1DCA66F5FA5A267B44E1, 4C74ED8A8E1FAAD8C5572B3D2260E0F3B2AE379BF1D697DA586D64E23A4B272C ] C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe
11:15:13.0710 0x35e0  QHSafeTray - ok
11:15:13.0784 0x35e0  [ 34F837070B4DB119CF03B2749DBD4D8A, 3F8F1605B4F18998BD46A67704C1EE2956A66CC11DF307ED1088B54F080F45AA ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
11:15:13.0838 0x35e0  TrueImageMonitor.exe - ok
11:15:13.0853 0x35e0  [ 9E864BC8914B0E2589B079210965C5B6, 1682736015F11994225778F6A3E1760B228FEC5BA8E33811470B6EC0410A8EDF ] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
11:15:13.0862 0x35e0  AcronisTibMounterMonitor - ok
11:15:13.0872 0x35e0  [ 5153C06FC9D4D094D1A785545928B134, 0037C935722663F9EF028F841DE222FC6418E9D60939AB60C965807E67A458DC ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
11:15:13.0879 0x35e0  SunJavaUpdateSched - ok
11:15:13.0899 0x35e0  OneDriveSetup - ok
11:15:13.0900 0x35e0  OneDriveSetup - ok
11:15:13.0926 0x35e0  [ 6590940164E31A06F7E7D61AA3A8223E, DBF71EE78D067E5B46FC69A423E1CE50DD689C840EC18B1F817A8AEE28140266 ] C:\Users\Itzak\AppData\Roaming\Spotify\SpotifyWebHelper.exe
11:15:13.0941 0x35e0  Spotify Web Helper - ok
11:15:13.0958 0x35e0  [ 92B29E6BE97F5B2C5894904D1447BBFE, C8BF1ABDC9EDE0264ED7A818F61BB84BA2D42F160FDEA45DE6ED6EF816A6425E ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
11:15:13.0968 0x35e0  GoogleChromeAutoLaunch_044D73549DD22D28C44F9AEB57C375E7 - ok
11:15:13.0974 0x35e0  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] C:\Users\Itzak\AppData\Local\Dropbox\Update\DropboxUpdate.exe
11:15:13.0976 0x35e0  Dropbox Update - ok
11:15:14.0001 0x35e0  [ 44348495F9D6ED21F4EFB3FF80677D99, 05B76248764B2BF7F9229626D7EFAFF96B724D38A82969EBE376CBE879E30450 ] C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\OneDrive.exe
11:15:14.0016 0x35e0  OneDrive - ok
11:15:14.0022 0x35e0  [ 6DB9A0FBDA5556B925D64651D57031D3, AE4C9196EFD61B973F93FDDAA001F7C239100EDD7E3F840927C0C07B08C69C04 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
11:15:14.0023 0x35e0  iCloudServices - ok
11:15:14.0026 0x35e0  [ DD854D7F89E3994DA48490E9C440036A, 25775650B62015D6F612C77ADCC7A31E019AEBDC2D40BB9EA1DA620F8B124007 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
11:15:14.0028 0x35e0  iCloudDrive - ok
11:15:14.0030 0x35e0  [ F1F940D766026D99DCCB999168CC1E73, FC947CC3E10D220D62004354EE731F874762C4298DB6DCC5E7DBA2FC46A4677D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
11:15:14.0031 0x35e0  ApplePhotoStreams - ok
11:15:14.0062 0x35e0  [ AD16E2475B09A319C70B62F620BCDD80, B4758FC3F19B83A186C20BC2F64A19AFC6DE73FB4E9E9DC54FF241E676962F4A ] C:\Program Files (x86)\Thunder Master\THPanel.exe
11:15:14.0082 0x35e0  THPanel - ok
11:15:14.0182 0x35e0  [ D03053F72A74801A32F41EFD088FA30E, 3F6E9AD19139F9A5881DB475EC3FD817C1F8CA1622B97E8864A7C59A7F7A2DA2 ] C:\Program Files (x86)\GlassWire\glasswire.exe
11:15:14.0239 0x35e0  GlassWire - ok
11:15:14.0275 0x35e0  Uninstall C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64 - ok
11:15:14.0276 0x35e0  OneDriveSetup - ok
11:15:14.0278 0x35e0  WAB Migrate - ok
11:15:14.0279 0x35e0  Waiting for KSN requests completion. In queue: 74
11:15:15.0301 0x35e0  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
11:15:15.0302 0x35e0  AV detected via SS2: 360 Total Security, C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe ( 8.8.0.1001 ), 0x51000 ( enabled : updated )
11:15:15.0307 0x35e0  Win FW state via NFP2: enabled ( trusted )
11:15:15.0418 0x35e0  ============================================================
11:15:15.0418 0x35e0  Scan finished
11:15:15.0418 0x35e0  ============================================================
11:15:15.0430 0x3d08  Detected object count: 0
11:15:15.0430 0x3d08  Actual detected object count: 0
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1a3303211ad63d4885364490e2d7d2db
# end=init
# utc_time=2017-01-05 08:44:24
# local_time=2017-01-05 09:44:24 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 31962
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1a3303211ad63d4885364490e2d7d2db
# end=updated
# utc_time=2017-01-05 08:46:33
# local_time=2017-01-05 09:46:33 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=1a3303211ad63d4885364490e2d7d2db
# engine=31962
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-01-05 10:08:59
# local_time=2017-01-05 11:08:59 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 9509776 57287206 0 0
# compatibility_mode_1='360 Total Security'
# compatibility_mode=16649 16777213 100 100 74937 12784479 0 0
# scanned=437852
# found=3
# cleaned=0
# scan_time=4945
sh=48CD087E573F488895E86109CBCA51ACDA9F6404 ft=1 fh=e66c803a1a00765e vn="Win32/FusionCore.I eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Itzak\AppData\Local\Temp\is-1PE6J.tmp\Fusion.dll"
sh=F679F9CF95C7ABEEA0FEA1B1C1AFA1076E2B2F79 ft=0 fh=0000000000000000 vn="Android/Exploit.Towel.A Trojaner" ac=I fn="D:\Downloads\adbfw200\adbFire\tr.apk"
sh=28263300A1ED3ADD0FEC88B85B2DB13BABF23B7E ft=0 fh=0000000000000000 vn="Win32/Packed.Autoit.H verdächtige Datei" ac=I fn="E:\FritzBox\ruKernelTool.zip"

Deathkid535 05.01.2017 13:55
:hallo:

Mein Name ist Dennis und ich werde dir bei der Bereinigung helfen.

Bitte beachte, dass es ein paar Regeln gibt:
  • Bitte lies meine Posts komplett durch bevor du sie abarbeitest
  • Wenn ein Problem auftauchen sollte, unterbreche deine Arbeit, poste die entstandenen Logs und schildere dieses so genau wie möglich.
  • Bitte kein Crossposting
  • Installiere oder Deinstalliere keine Software ohne Aufforderung
  • Bitte verwende nur die Tools welche hier im Thread erwähnt werden
  • Antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
  • Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen

Sollte ich nicht innerhalb von 48h antworten, schreibe mir eine PM!

Posten in CODE-Tags

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307


Das FRST-Log ist nicht ganz vollständig, das bitte nachreichen :).

Seit wann tritt das Problem denn ca auf?

Itzak 05.01.2017 16:49
Hallo!

Da ist wohl bein kopieren was falsch gelaufen :wtf:

Diesmal per Strg+A und C :)

Das Problem tritt gefühlt seit etwa vier bis fünf Wochen auf. Hab auch schon überlegt, ob ich etwas installiert habe, aber mir fällt partout nicht ein, was es sein könnte.

Hier erstmal die vollständige Datei :)

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-01-2017
durchgeführt von Itzak (Administrator) auf ITZAK-PC (05-01-2017 11:19:41)
Gestartet von D:\Downloads
Geladene Profile: Itzak (Verfügbare Profile: Itzak & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
() C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Electronic Arts) D:\Program Files (x86)\Origin\OriginWebHelperService.exe
(SanDisk Corporation) C:\Program Files (x86)\SanDisk\SSD Dashboard\SanDiskSSDDashboardService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
() D:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) D:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Itzak\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Itzak\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Samsung Electronics.) D:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synology Inc.) C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-ui.exe
(Synology Inc.) C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-connect.exe
(Synology Inc.) C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-daemon.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Dropbox, Inc.) C:\Users\Itzak\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1612.3341.0_x64__8wekyb3d8bbwe\Calculator.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2016-01-14] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => d:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2780776 2011-07-19] (CANON INC.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [571192 2014-08-14] (Acronis)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15818872 2016-04-28] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-11-17] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2014-02-05] (shbox.de)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [345000 2016-08-10] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5380368 2015-07-20] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [693336 2015-07-20] (Acronis International GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Run: [Spotify Web Helper] => C:\Users\Itzak\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-12] (Spotify Ltd)
HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Run: [GoogleChromeAutoLaunch_044D73549DD22D28C44F9AEB57C375E7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [935768 2016-12-08] (Google Inc.)
HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Run: [Dropbox Update] => C:\Users\Itzak\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-07] (Dropbox, Inc.)
HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-11-17] (Apple Inc.)
HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-11-17] (Apple Inc.)
HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2016-11-17] (Apple Inc.)
HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2030424 2016-10-26] (Palit Microsystems Ltd.)
HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [5728208 2016-11-19] (SecureMix LLC)
HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\RunOnce: [Uninstall C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll [2016-12-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll [2016-12-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll [2016-12-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll [2017-01-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll [2017-01-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll [2017-01-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll [2017-01-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileSyncShell.dll [2016-12-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileSyncShell.dll [2016-12-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileSyncShell.dll [2016-12-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt.8.0.dll [2017-01-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt.8.0.dll [2017-01-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt.8.0.dll [2017-01-04] (Dropbox, Inc.)
Startup: C:\Users\Itzak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-01-05]
ShortcutTarget: Dropbox.lnk -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Itzak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Backup.lnk [2017-01-05]
ShortcutTarget: Synology Cloud Station Backup.lnk -> C:\Program Files (x86)\Synology\CloudStationBackup\bin\launcher.exe (Synology Inc.)
GroupPolicy: Beschränkung <======= ACHTUNG
GroupPolicyScripts: Beschränkung <======= ACHTUNG
GroupPolicyScripts\User: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 127.0.0.1 activation.acronis.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6b1ae226-44bf-4039-b48b-794f582d86c3}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{afa02eb6-b1a5-48e9-afc3-6e2d0c035810}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-604251109-3447910946-4235510674-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-12-04] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-04] (Oracle Corporation)
BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2016-08-10] (Qihu 360 Software Co., Ltd.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-04] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-04] (Oracle Corporation)
BHO: YoutubeAdblocker -> {FF176DAB-19F2-1774-7595-95269C59C02C} -> C:\Program Files (x86)\YoutubeAdblocker\HH.x64.dll => Keine Datei
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-12-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-27] (Oracle Corporation)
BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2016-08-10] (Qihu 360 Software Co., Ltd.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-27] (Oracle Corporation)
BHO-x32: YoutubeAdblocker -> {FF176DAB-19F2-1774-7595-95269C59C02C} -> C:\Program Files (x86)\YoutubeAdblocker\HH.dll => Keine Datei
DPF: HKLM-x32 {4E94DD12-E0E0-5C87-9E61-4F4C4B0052BB} hxxps://itzak.dyn.cc:5001/webman/3rdparty/SurveillanceStation/object/SurveillanceHelper.cab?undefined
DPF: HKLM-x32 {98703E7E-E705-4043-8FCE-E828D9C1EEAD} hxxp://192.168.178.50:88/IPCWebComponents.exe
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: HKLM-x32 {D63FBD76-6EAA-43C0-BAFB-474D5FD9AD3F} hxxps://itzak.dyn.cc:5001/webman/3rdparty/SurveillanceStation/object/SurveillancePlugin.cab?undefined
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Itzak\AppData\Roaming\TomTom\HOME\Profiles\3w1ilsu9.default [2016-12-04]
FF Extension: (MazdaTheme) - C:\Users\Itzak\AppData\Roaming\TomTom\HOME\Profiles\3w1ilsu9.default\Extensions\MazdaTheme@mazda.com [2015-02-05] [ist nicht signiert]
FF Extension: (Emulator) - C:\Users\Itzak\AppData\Roaming\TomTom\HOME\Profiles\3w1ilsu9.default\Extensions\Navcore.9.500.1161701@tomtom.com [2016-10-26] [ist nicht signiert]
FF Extension: (Tyre) - C:\Users\Itzak\AppData\Roaming\TomTom\HOME\Profiles\3w1ilsu9.default\Extensions\tyre@tyre.tk [2016-10-13] [ist nicht signiert]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2016-12-04] [ist nicht signiert]
FF ProfilePath: C:\Users\Itzak\AppData\Roaming\Postbox\Profiles\uoycg126.default [2013-10-08]
FF Extension: (German Dictionary) - C:\Users\Itzak\AppData\Roaming\Postbox\Profiles\uoycg126.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2013-06-16] [ist nicht signiert]
FF Extension: (Send Later) - C:\Users\Itzak\AppData\Roaming\Postbox\Profiles\uoycg126.default\Extensions\sendlater3@kamens.us.xpi [2013-06-17] [ist nicht signiert]
FF Extension: (Provider for Google Calendar) - C:\Users\Itzak\AppData\Roaming\Postbox\Profiles\uoycg126.default\Extensions\{a62ef8ec-5fdc-40c2-873c-223b8a6925cc} [2013-06-16] [ist nicht signiert]
FF Extension: (Lightning) - C:\Users\Itzak\AppData\Roaming\Postbox\Profiles\uoycg126.default\Extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} [2013-06-16] [ist nicht signiert]
FF ProfilePath: C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default [2016-12-14]
FF Homepage: Mozilla\Firefox\Profiles\ixv85fkk.default -> hxxp://www.ighome.com/
FF Extension: (Add-on Compatibility Reporter) - C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default\Extensions\compatibility@addons.mozilla.org.xpi [2016-11-30]
FF Extension: (MEGA) - C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default\Extensions\firefox@mega.co.nz.xpi [2016-12-11]
FF Extension: (SaveFrom.net - helper) - C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default\Extensions\helper-sig@savefrom.net.xpi [2016-12-13]
FF Extension: (PAYBACK Internet Assistent) - C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default\Extensions\toolbar-ff@payback.de.xpi [2016-05-03]
FF Extension: (Flagfox) - C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-11-30]
FF Extension: (Print/Print Preview) - C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default\Extensions\{19EB90DC-A456-458b-8AAC-616D91AAFCE1}.xpi [2016-05-19]
FF Extension: (InFormEnter) - C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default\Extensions\{5546F97E-11A5-46b0-9082-32AD74AAA920} [2016-05-19]
FF Extension: (eBay für Firefox) - C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi [2016-12-11]
FF Extension: (Download Status Bar) - C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-10-07]
FF Extension: (Adblock Plus) - C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-30]
FF Extension: (360-Internetschutz) - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2016-05-26]
FF ProfilePath: C:\Users\Itzak\AppData\Roaming\kompozer.net\KompoZer\Profiles\82ut3hvh.default [2015-06-25]
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-22] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-04] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-04] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: synology.com/SurveillanceHelper -> C:\Program Files (x86)\Synology\SurveillanceHelper\1.0.0.5\npSurveillanceHelper_x86_64.dll [2016-10-20] (Synology)
FF Plugin: synology.com/SurveillancePlugin_x86_64 -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.1135\npSurveillancePlugin_x86_64.dll [2016-10-20] (Synology)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-22] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll [2012-05-11] (ESN Social Software AB)
FF Plugin-x32: @IPCWebComponents -> C:\Program Files (x86)\IPCWebComponents\npIPCReg.dll [2014-11-21] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-04] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-12-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: synology.com/SurveillanceHelper -> C:\Program Files (x86)\Synology\SurveillanceHelper\1.0.0.5\npSurveillanceHelper.dll [2016-10-20] (Synology)
FF Plugin-x32: synology.com/SurveillancePlugin -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.1135\npSurveillancePlugin.dll [2016-10-20] (Synology)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.ighome.com/
CHR StartupUrls: Default -> "hxxp://www.ighome.com/"
CHR Profile: C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default [2017-01-05]
CHR Extension: (Google Drive) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-26]
CHR Extension: (Auf den Amazon-Wunschzettel) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2016-06-03]
CHR Extension: (Google-Suche) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Cr!Box) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjodchcocbnbhfkjeapbdoflbiibnapp [2016-03-18]
CHR Extension: (360 Internet Protection) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2016-08-02]
CHR Extension: (VXG Media Player) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hncknjnnbahamgpjoafdebabmoamcnni [2017-01-04]
CHR Extension: (Chrome-Autofill-Enhancer) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfdjjbpfogkapjfdjgaeofoajhbihid [2014-09-19]
CHR Extension: (eBay für Chrome) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2016-11-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Google Mail) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-02]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-29] (Adobe Systems) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 cjpcsc; C:\WINDOWS\SysWoW64\cjpcsc.exe [602608 2016-07-25] (REINER SCT)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3698888 2016-12-04] (Microsoft Corporation)
R2 Cloud Station Backup VSS Service x64; C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe [287240 2016-02-25] () [Datei ist nicht signiert]
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [437224 2016-10-27] (Digital Wave Ltd.)
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [4397008 2016-11-19] (SecureMix LLC)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-04-28] (Logitech Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-13] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-13] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-12-21] (Electronic Arts)
R2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2016-12-21] (Electronic Arts)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [914344 2016-08-10] (QIHU 360 SOFTWARE CO. LIMITED)
R2 SanDisk SSD Dashboard Service; C:\Program Files (x86)\SanDisk\SSD Dashboard\SanDiskSSDDashboardService.exe [374784 2015-05-14] (SanDisk Corporation) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 StarMoney 10 OnlineUpdate; d:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe [701760 2016-11-25] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 UsbClientService; d:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2014-02-25] () [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [160768 2016-08-10] (360.cn)
R3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [95232 2016-08-10] (360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [77904 2016-05-09] (360.cn)
S3 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [339456 2016-08-10] (360.cn)
S3 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [57856 2016-08-10] (360.cn)
R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [400384 2016-08-10] (360.cn)
R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
R0 asstahci64; C:\WINDOWS\System32\drivers\asstahci64.sys [88936 2015-06-17] (Asmedia Technology)
S1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys [181328 2016-02-26] (360.cn)
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [58368 2011-11-04] (www.winchiphead.com)
R3 cjusb; C:\WINDOWS\system32\DRIVERS\cjusb.sys [36112 2015-03-23] (REINER SCT)
S3 ew_usbenumfilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [14976 2013-02-26] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert]
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [296736 2016-03-07] (Acronis International GmbH)
R1 gwdrv; C:\WINDOWS\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (SecureMix LLC)
S3 huawei_cdcecm; C:\WINDOWS\System32\drivers\ew_jucdcecm.sys [76800 2013-02-26] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert]
S3 huawei_ext_ctrl; C:\WINDOWS\System32\drivers\ew_juextctrl.sys [30720 2013-01-23] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert]
S3 KOBCCEX; C:\WINDOWS\System32\drivers\KOBCCEX.sys [25344 2012-03-06] (KOBIL Systems GmbH) [Datei ist nicht signiert]
U5 KOBCCID; C:\Windows\System32\Drivers\KOBCCID.sys [116864 2012-06-25] (KOBIL Systems GmbH) [Datei ist nicht signiert]
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3f929cc119e3b994\nvlddmkm.sys [14200880 2016-12-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-13] (NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R2 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [1058632 2016-03-07] (Acronis International GmbH)
S2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [248648 2016-03-07] (Acronis International GmbH)
S1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102664 2014-01-23] ()
S1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25992 2014-01-23] ()
S1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [700680 2014-01-23] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 cpuz140; \??\C:\Users\Itzak\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X]
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-05 11:12 - 2017-01-05 11:19 - 00000000 ____D C:\FRST
2017-01-05 09:26 - 2017-01-05 09:26 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-01-05 09:25 - 2017-01-05 09:25 - 00000000 ___HD C:\OneDriveTemp
2016-12-30 08:37 - 2016-12-30 08:37 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-12-28 09:10 - 2016-12-28 09:10 - 00000880 _____ C:\Users\Public\Desktop\Steuer 2016.lnk
2016-12-28 09:10 - 2016-12-28 09:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer 2016
2016-12-28 09:07 - 2016-12-30 08:37 - 00000000 __SHD C:\Config.Msi
2016-12-26 10:21 - 2016-12-26 10:21 - 00000000 ____D C:\Users\Itzak\Documents\AdobeStockPhotos
2016-12-21 13:23 - 2016-12-21 13:23 - 00007602 _____ C:\Users\Itzak\AppData\Local\Resmon.ResmonCfg
2016-12-20 14:20 - 2016-12-12 04:03 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 34710584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 28201408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 10353960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 09158616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 08761560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 02950200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437633.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437633.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 01038392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00974784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00942528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00894400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00801560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00643928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00617696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00394888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00347072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00327408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-12-20 14:15 - 2017-01-05 09:24 - 00014600 _____ C:\ProgramData\NvTelemetryContainer.log
2016-12-20 14:15 - 2016-12-25 21:56 - 00010941 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2016-12-20 14:15 - 2016-12-20 14:15 - 00004402 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-20 14:15 - 2016-12-20 14:15 - 00000000 ____D C:\Users\Itzak\AppData\Local\Chromium
2016-12-20 14:15 - 2016-12-12 15:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2016-12-20 14:14 - 2016-12-13 00:36 - 00156096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-12-20 14:14 - 2016-12-13 00:36 - 00123840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-12-16 10:11 - 2016-12-16 10:11 - 00000924 _____ C:\Users\Itzak\Desktop\Uplay.lnk
2016-12-16 10:11 - 2016-12-16 10:11 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-12-14 11:53 - 2016-12-14 11:53 - 00001343 _____ C:\Users\Public\Desktop\Free Video Editor.lnk
2016-12-14 11:53 - 2016-12-14 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-12-14 11:53 - 2016-12-14 11:53 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2016-12-14 11:53 - 2016-12-14 11:53 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-12-14 11:23 - 2016-12-14 11:23 - 00001828 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-12-14 11:23 - 2016-12-14 11:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-12-14 11:23 - 2016-12-14 11:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-12-14 11:23 - 2016-12-14 11:23 - 00000000 ____D C:\Program Files\iTunes
2016-12-14 11:23 - 2016-12-14 11:23 - 00000000 ____D C:\Program Files\iPod
2016-12-14 09:04 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-14 09:04 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-14 09:04 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-14 09:04 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-14 09:04 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-14 09:04 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-14 09:04 - 2016-12-09 11:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-14 09:04 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-14 09:04 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 09:04 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-14 09:04 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-14 09:04 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-14 09:04 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-14 09:04 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-14 09:04 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-14 09:04 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-14 09:04 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-14 09:04 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-14 09:04 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-14 09:04 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-14 09:04 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-14 09:04 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-14 09:04 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-14 09:04 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-14 09:04 - 2016-12-09 11:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-14 09:04 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-14 09:04 - 2016-12-09 11:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-14 09:04 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-14 09:04 - 2016-12-09 11:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-14 09:04 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-14 09:04 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-14 09:04 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-14 09:04 - 2016-12-09 11:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-14 09:04 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-14 09:04 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-14 09:04 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-14 09:04 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-14 09:04 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-14 09:04 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-14 09:04 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-14 09:04 - 2016-12-09 10:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-14 09:04 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-14 09:04 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-14 09:04 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-14 09:04 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-14 09:04 - 2016-12-09 10:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-14 09:04 - 2016-12-09 10:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-14 09:04 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-14 09:04 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-14 09:04 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-14 09:04 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-14 09:04 - 2016-12-09 10:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-14 09:04 - 2016-12-09 10:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-14 09:04 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-14 09:04 - 2016-12-09 10:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-14 09:04 - 2016-12-09 10:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-14 09:04 - 2016-12-09 10:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-14 09:04 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-14 09:04 - 2016-12-09 10:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-14 09:04 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-14 09:04 - 2016-12-09 10:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-14 09:04 - 2016-12-09 10:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-14 09:04 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-14 09:04 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-14 09:04 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-14 09:04 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-14 09:04 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-14 09:04 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-14 09:04 - 2016-12-09 10:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-14 09:04 - 2016-12-09 10:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-14 09:04 - 2016-12-09 10:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-14 09:04 - 2016-12-09 10:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-14 09:04 - 2016-12-09 10:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-14 09:04 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-14 09:04 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-14 09:04 - 2016-12-09 10:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-14 09:04 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-14 09:04 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-14 09:04 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-14 09:04 - 2016-12-09 10:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-14 09:04 - 2016-12-09 10:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-14 09:04 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-14 09:04 - 2016-12-09 10:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-14 09:04 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-14 09:04 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-14 09:04 - 2016-12-09 10:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-14 09:04 - 2016-12-09 10:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-14 09:04 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-14 09:04 - 2016-12-09 10:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-14 09:04 - 2016-12-09 10:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-14 09:04 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-14 09:04 - 2016-12-09 10:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-14 09:04 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-14 09:04 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-14 09:04 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-14 09:04 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-14 09:04 - 2016-12-09 10:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-14 09:04 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-14 09:04 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-14 09:04 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-14 09:04 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-14 09:04 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-14 09:04 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-14 09:04 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-14 09:04 - 2016-12-09 10:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-14 09:04 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-14 09:04 - 2016-12-09 10:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-14 09:04 - 2016-12-09 10:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-14 09:04 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-14 09:04 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-14 09:04 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-14 09:04 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-14 09:04 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-14 09:03 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-12-14 08:58 - 2016-09-15 17:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-12-14 08:57 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-12-10 11:35 - 2016-11-11 11:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-10 11:35 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-10 11:35 - 2016-11-11 11:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-10 11:35 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-10 11:35 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-10 11:35 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-10 11:35 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-10 11:35 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-10 11:35 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-10 11:35 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-10 11:35 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-10 11:35 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-10 11:35 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-10 11:35 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-10 11:35 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-10 11:35 - 2016-11-11 10:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-10 11:35 - 2016-11-11 10:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-10 11:35 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-10 11:35 - 2016-11-11 10:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-10 11:35 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-10 11:35 - 2016-11-11 10:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-10 11:35 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-10 11:35 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-10 11:35 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-10 11:35 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-10 11:35 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-10 11:35 - 2016-11-11 10:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-10 11:35 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-10 11:35 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-10 11:35 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-10 11:35 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-10 11:35 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-10 11:35 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-10 11:35 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-10 11:35 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-10 11:35 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-10 11:35 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 11:35 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-10 11:35 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-10 11:35 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-10 11:35 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-10 11:35 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-10 11:35 - 2016-11-11 10:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-10 11:35 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-10 11:35 - 2016-11-11 10:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-10 11:35 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-10 11:35 - 2016-11-11 10:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-10 11:35 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-10 11:35 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-10 11:35 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-10 11:35 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-10 11:35 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-10 11:35 - 2016-11-11 10:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-10 11:35 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-10 11:35 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-10 11:35 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-10 11:35 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-10 11:35 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 11:35 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-10 11:35 - 2016-11-11 10:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-10 11:35 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-10 11:35 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-10 11:35 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-10 11:35 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-10 11:35 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-10 11:35 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-10 11:35 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-10 11:35 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-10 11:35 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-10 11:35 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-10 11:35 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-10 11:35 - 2016-11-11 10:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-10 11:35 - 2016-11-11 10:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-10 11:35 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-10 11:35 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-10 11:35 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-10 11:35 - 2016-11-11 10:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-10 11:35 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-10 11:35 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-10 11:35 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-10 11:35 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-10 11:35 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-10 11:35 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-10 11:35 - 2016-11-11 10:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-10 11:35 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-10 11:35 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-10 11:35 - 2016-11-11 10:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-10 11:35 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-10 11:35 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-10 11:35 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-10 11:35 - 2016-11-11 10:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-10 11:35 - 2016-11-11 10:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-10 11:35 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-10 11:35 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-10 11:35 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-10 11:35 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-10 11:35 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-10 11:35 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-10 11:35 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-10 11:35 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-10 11:35 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-10 11:35 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-10 11:35 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-10 11:35 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-10 11:35 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-10 11:35 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-10 11:35 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-10 11:35 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-10 11:35 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-10 11:35 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-10 11:35 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-10 11:35 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-10 11:35 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-10 11:35 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-10 11:35 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-10 11:35 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-10 11:35 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-10 11:35 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-10 11:35 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-10 11:35 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-10 11:35 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-10 11:35 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-10 11:35 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-10 11:35 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-10 11:35 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-10 11:35 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-10 11:35 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-10 11:35 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-10 11:35 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-10 11:35 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-10 11:35 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-10 11:35 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-10 11:35 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-10 11:35 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-10 11:35 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-10 11:35 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-10 11:35 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-10 11:35 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-10 11:35 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-10 11:35 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-10 11:35 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-10 11:35 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-10 11:35 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-10 11:35 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-10 11:35 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-10 11:35 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-10 11:35 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-10 11:35 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-10 11:35 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-10 11:35 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-10 11:35 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-10 11:35 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-10 11:35 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-10 11:35 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-10 11:35 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-10 11:35 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-10 11:35 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-10 11:35 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-10 11:35 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-10 11:34 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-10 11:34 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-10 11:34 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-10 11:34 - 2016-11-11 11:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-10 11:34 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-10 11:34 - 2016-11-11 11:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-10 11:34 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-10 11:34 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-10 11:34 - 2016-11-11 10:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-10 11:34 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-10 11:34 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-10 11:34 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-10 11:34 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-10 11:34 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-10 11:34 - 2016-11-11 10:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-10 11:34 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-10 11:34 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-10 11:34 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-10 11:34 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-10 11:34 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-10 11:34 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-10 11:34 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-10 11:34 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-10 11:34 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-10 11:34 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-10 11:34 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-10 11:34 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-10 11:34 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-10 11:34 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-10 11:34 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-10 11:34 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-10 11:34 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-10 11:34 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-10 11:34 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-10 11:34 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-10 11:34 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-10 11:34 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-10 11:34 - 2016-11-11 10:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-10 11:34 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-10 11:34 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-10 11:34 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-10 11:34 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-10 11:34 - 2016-11-11 10:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-10 11:34 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-10 11:34 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-10 11:34 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-10 11:34 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-10 11:34 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-10 11:34 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-10 11:34 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-10 11:34 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-10 11:34 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-10 11:34 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-10 11:34 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-10 11:34 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-10 11:34 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-10 11:34 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-10 11:34 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-10 11:34 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-10 11:34 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-10 11:34 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-10 11:34 - 2016-11-11 10:07 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-12-10 11:34 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-10 11:34 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-10 11:34 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-10 11:34 - 2016-11-11 10:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-10 11:34 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-10 11:34 - 2016-11-11 10:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-10 11:34 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-10 11:34 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-10 11:34 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-10 11:34 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-10 11:34 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-10 11:34 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-10 11:34 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-10 11:34 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-10 11:34 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-10 11:34 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-10 11:34 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-10 11:34 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-10 11:34 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-10 11:34 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-10 11:34 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-10 11:34 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-10 11:34 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-10 11:34 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-10 11:34 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-10 11:34 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-10 11:34 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-10 11:34 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-10 11:34 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-10 11:34 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-10 11:34 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 11:34 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-10 11:34 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-10 11:34 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-10 11:34 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-10 11:34 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-10 11:34 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-10 11:34 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-10 11:34 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-10 11:34 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 11:34 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-10 11:34 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-10 11:34 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-10 11:34 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-10 11:34 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-10 11:34 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-10 11:34 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-10 11:34 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-10 11:11 - 2016-12-10 11:11 - 00003276 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-08 08:55 - 2016-12-08 08:55 - 00000000 ____D C:\Users\Default\AppData\Local\MicrosoftEdge
2016-12-08 08:55 - 2016-12-08 08:55 - 00000000 ____D C:\Users\Default User\AppData\Local\MicrosoftEdge
2016-12-06 11:19 - 2016-12-01 21:02 - 01951680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437619.dll
2016-12-06 11:19 - 2016-12-01 21:02 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437619.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-05 11:19 - 2012-11-18 12:17 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\eM Client
2017-01-05 11:19 - 2012-03-06 09:58 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\NetSpeedMonitor
2017-01-05 09:36 - 2015-04-17 09:27 - 00000000 ____D C:\Users\Itzak\AppData\LocalLow\360WD
2017-01-05 09:28 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-05 09:28 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-05 09:26 - 2016-08-03 15:43 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-05 09:26 - 2012-03-05 17:18 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\Dropbox
2017-01-05 09:25 - 2016-10-17 09:47 - 00000000 ___RD C:\Users\Itzak\iCloudDrive
2017-01-05 09:25 - 2016-08-03 15:44 - 00000000 ____D C:\Users\Itzak
2017-01-05 09:25 - 2014-01-15 16:29 - 00000000 __RDO C:\Users\Itzak\SkyDrive
2017-01-05 09:25 - 2013-03-25 10:07 - 00000000 ____D C:\Users\Itzak\AppData\Local\FreePDF_XP
2017-01-05 00:18 - 2016-08-03 15:43 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-04 15:17 - 2016-11-24 16:16 - 00000000 ____D C:\Users\Itzak\AppData\Local\Deployment
2017-01-04 15:17 - 2016-03-08 12:13 - 00000000 ____D C:\Users\Itzak\AppData\Local\CloudStationBackup
2017-01-04 11:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-04 10:02 - 2012-10-19 12:10 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\vlc
2017-01-04 09:04 - 2016-01-13 11:21 - 00000822 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass.lnk
2017-01-04 09:04 - 2015-02-01 16:40 - 00000822 _____ C:\Users\Itzak\Desktop\KeePass.lnk
2017-01-01 16:43 - 2016-05-02 17:12 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\com.silhouettesoftware
2017-01-01 16:27 - 2016-05-02 17:12 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\com.aspexsoftware.Silhouette_Studio
2017-01-01 15:50 - 2016-07-16 12:43 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\telnet.exe
2017-01-01 15:50 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-31 09:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-12-30 08:37 - 2016-07-16 12:47 - 00000000 _SHDC C:\WINDOWS\Installer
2016-12-30 08:37 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-30 08:37 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-30 08:37 - 2016-07-16 07:04 - 00000000 ____D C:\Program Files\Common Files
2016-12-30 08:36 - 2015-10-13 10:10 - 00000000 ____D C:\Program Files\Microsoft Office
2016-12-30 08:29 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\drivers
2016-12-29 12:14 - 2016-07-16 12:47 - 00000000 ___HD C:\ProgramData
2016-12-29 12:03 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Public\Desktop
2016-12-29 12:03 - 2012-03-05 12:35 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-29 11:32 - 2016-08-03 15:43 - 00033473 _____ C:\WINDOWS\setupact.log
2016-12-29 09:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\config\RegBack
2016-12-28 09:14 - 2012-03-07 12:46 - 00000000 ____D C:\Users\Itzak\Documents\Steuer
2016-12-28 09:11 - 2012-03-07 12:42 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH
2016-12-28 09:10 - 2012-03-07 12:46 - 00000000 ____D C:\Users\Itzak\AppData\Local\Buhl
2016-12-28 09:07 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64
2016-12-28 09:07 - 2014-09-13 09:09 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-26 10:21 - 2013-10-19 10:19 - 00000000 ___RD C:\Users\Itzak\Documents
2016-12-26 10:21 - 2012-03-05 12:08 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\Adobe
2016-12-26 09:28 - 2016-08-03 15:44 - 02871844 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-26 09:28 - 2016-07-16 23:51 - 01206932 _____ C:\WINDOWS\system32\perfh007.dat
2016-12-26 09:28 - 2016-07-16 23:51 - 00303762 _____ C:\WINDOWS\system32\perfc007.dat
2016-12-26 09:28 - 2016-07-16 12:49 - 01000674 _____ C:\WINDOWS\system32\perfh009.dat
2016-12-26 09:28 - 2016-07-16 12:49 - 00336722 _____ C:\WINDOWS\system32\perfc009.dat
2016-12-26 09:22 - 2016-08-03 15:51 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-26 09:22 - 2015-08-03 18:07 - 2550136832 ___SH C:\pagefile.sys
2016-12-26 09:22 - 2015-08-03 18:07 - 16777216 ___SH C:\swapfile.sys
2016-12-25 21:56 - 2016-07-16 07:04 - 18087936 _____ C:\WINDOWS\system32\config\SYSTEM
2016-12-25 21:56 - 2016-07-16 07:04 - 122945536 _____ C:\WINDOWS\system32\config\SOFTWARE
2016-12-25 21:56 - 2016-07-16 07:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2016-12-25 21:56 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\DEFAULT
2016-12-25 21:56 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\SECURITY
2016-12-22 16:28 - 2012-11-13 08:30 - 00000000 ____D C:\Users\Itzak\AppData\Local\Packages
2016-12-22 16:19 - 2016-08-04 09:52 - 00619032 _____ C:\WINDOWS\PFRO.log
2016-12-22 16:19 - 2016-08-03 15:43 - 00380704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-22 16:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\catroot2
2016-12-22 16:19 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\CatRoot
2016-12-21 15:43 - 2012-03-05 15:28 - 00000000 ____D C:\ProgramData\Origin
2016-12-21 15:42 - 2012-03-05 15:28 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\Origin
2016-12-21 14:09 - 2016-11-13 14:43 - 00000903 _____ C:\Users\Public\Desktop\Battlefield 1.lnk
2016-12-20 14:22 - 2016-03-11 09:57 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-20 14:21 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-20 14:21 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\DriverStore
2016-12-20 14:15 - 2016-10-07 08:17 - 00003978 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-20 14:15 - 2016-10-07 08:17 - 00001491 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-12-20 14:15 - 2016-10-07 08:16 - 00003988 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-20 14:15 - 2016-10-07 08:16 - 00003960 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-20 14:15 - 2016-10-07 08:16 - 00003952 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-20 14:15 - 2016-10-07 08:16 - 00003790 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-20 14:15 - 2016-10-07 08:16 - 00003748 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-20 14:15 - 2016-08-03 15:43 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-20 14:15 - 2016-08-03 15:43 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-20 14:15 - 2016-08-03 15:43 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-20 14:15 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Tasks
2016-12-20 14:15 - 2013-11-18 16:41 - 00000000 ____D C:\Users\Itzak\AppData\Local\NVIDIA Corporation
2016-12-20 14:15 - 2013-09-19 10:54 - 00000000 ____D C:\Users\Itzak\AppData\Local\NVIDIA
2016-12-19 13:07 - 2015-12-23 14:10 - 00000000 ____D C:\Users\Itzak\AppData\Local\CrashDumps
2016-12-18 12:56 - 2016-07-16 12:47 - 00000000 __RSD C:\WINDOWS\Fonts
2016-12-17 10:45 - 2016-08-03 15:51 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 10:45 - 2016-08-03 15:51 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-17 10:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-16 13:13 - 2014-05-27 18:08 - 00000000 ____D C:\Users\Itzak\AppData\Local\Ubisoft Game Launcher
2016-12-16 09:12 - 2016-08-03 15:44 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000002.regtrans-ms
2016-12-16 08:52 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\assembly
2016-12-14 11:53 - 2016-07-16 07:04 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-14 11:53 - 2015-09-01 15:17 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\DVDVideoSoft
2016-12-14 11:42 - 2016-11-16 07:44 - 00000000 ____D C:\Users\Itzak\AppData\LocalLow\Mozilla
2016-12-14 11:25 - 2016-10-17 09:49 - 00000000 ____D C:\Users\Itzak\AppData\Local\EE938676-7313-4C26-B01B-AB94517193D4.aplzod
2016-12-14 11:23 - 2016-07-16 07:04 - 00000000 ___RD C:\Program Files
2016-12-14 11:23 - 2012-03-05 17:27 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-12-14 09:35 - 2016-08-03 15:42 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{f5b135f1-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000001.regtrans-ms
2016-12-14 09:35 - 2016-08-03 15:42 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{f5b135f1-4b48-11e6-80cb-e41d2d012050}.TM.blf
2016-12-14 09:35 - 2016-07-16 12:47 - 00001068 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-14 09:35 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\de-DE
2016-12-14 09:35 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-14 09:35 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-14 09:35 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppPatch
2016-12-14 09:09 - 2013-07-16 15:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-14 09:07 - 2012-03-05 12:10 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-13 11:02 - 2016-11-16 07:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-13 11:02 - 2012-04-27 11:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-13 00:37 - 2016-10-07 08:17 - 01853376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-12-13 00:37 - 2016-10-07 08:17 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-12-13 00:37 - 2016-10-07 08:17 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-12-13 00:37 - 2016-10-07 08:17 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-12-13 00:37 - 2016-10-07 08:17 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-12-13 00:36 - 2016-05-13 08:01 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-12-12 10:04 - 2012-11-07 12:55 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\Spotify
2016-12-12 10:04 - 2012-11-07 12:55 - 00000000 ____D C:\Users\Itzak\AppData\Local\Spotify
2016-12-12 10:03 - 2015-06-13 09:31 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2016-12-12 04:03 - 2016-07-15 07:24 - 03934504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-12-12 04:03 - 2016-07-15 07:24 - 03474392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-12-12 04:03 - 2016-07-15 07:24 - 00042286 _____ C:\WINDOWS\system32\nvinfo.pb
2016-12-12 00:56 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-11 19:47 - 2016-10-07 08:16 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-12-11 19:47 - 2016-08-03 15:43 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-12-11 19:47 - 2016-08-03 15:43 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-12-11 19:47 - 2016-08-03 15:43 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-12-11 19:47 - 2016-08-03 15:43 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-12-11 19:47 - 2016-08-03 15:43 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-12-11 19:47 - 2016-08-03 15:43 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-12-11 19:47 - 2016-08-03 15:43 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-12-11 10:32 - 2016-08-03 15:44 - 00524288 ___SH C:\Users\Itzak\NTUSER.DAT{ecd63e72-5990-11e6-bcb3-f2f08197dc2b}.TMContainer00000000000000000002.regtrans-ms
2016-12-11 10:32 - 2016-08-03 15:44 - 00524288 ___SH C:\Users\Itzak\NTUSER.DAT{ecd63e72-5990-11e6-bcb3-f2f08197dc2b}.TMContainer00000000000000000001.regtrans-ms
2016-12-11 10:32 - 2016-08-03 15:44 - 00065536 ___SH C:\Users\Itzak\NTUSER.DAT{ecd63e72-5990-11e6-bcb3-f2f08197dc2b}.TM.blf
2016-12-11 10:20 - 2016-08-03 15:53 - 00000174 ___SH C:\Users\Itzak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-11 10:20 - 2016-07-16 07:04 - 00262144 _____ C:\Users\Default\NTUSER.DAT
2016-12-11 10:20 - 2013-10-19 10:19 - 00000000 ___RD C:\Users\Itzak\Favorites
2016-12-11 10:20 - 2012-11-16 08:06 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-11 10:20 - 2012-03-05 12:00 - 00000402 ___SH C:\Users\Itzak\Documents\desktop.ini
2016-12-11 10:20 - 2012-03-05 12:00 - 00000174 ___SH C:\Users\Itzak\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-11 10:20 - 2012-03-05 12:00 - 00000000 ___RD C:\Users\Itzak\Searches
2016-12-11 10:20 - 2012-03-05 12:00 - 00000000 ___RD C:\Users\Itzak\Saved Games
2016-12-11 10:20 - 2012-03-05 12:00 - 00000000 ___RD C:\Users\Itzak\Pictures
2016-12-11 10:20 - 2012-03-05 12:00 - 00000000 ___RD C:\Users\Itzak\Music
2016-12-11 10:20 - 2012-03-05 12:00 - 00000000 ___RD C:\Users\Itzak\Links
2016-12-11 10:20 - 2012-03-05 12:00 - 00000000 ___RD C:\Users\Itzak\Contacts
2016-12-11 10:20 - 2012-03-05 12:00 - 00000000 ___RD C:\Users\Itzak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-11 10:19 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-11 10:19 - 2016-07-16 12:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-11 10:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-11 10:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-11 10:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\wbem
2016-12-11 10:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2016-12-11 10:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-11 10:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-11 10:19 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-11 10:19 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-11 10:19 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-11 10:19 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-11 10:19 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-11 10:19 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-11 10:04 - 2014-09-19 07:21 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-11 10:04 - 2014-09-19 07:21 - 00002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-10 11:16 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-12-10 11:11 - 2015-08-03 18:28 - 00002429 _____ C:\Users\Itzak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-09 09:52 - 2016-08-03 15:43 - 07639617 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-12-08 08:55 - 2016-07-16 12:47 - 00000000 ___SD C:\Users\Default\AppData\Roaming\Microsoft
2016-12-08 08:55 - 2016-07-16 12:47 - 00000000 ___SD C:\Users\Default User\AppData\Roaming\Microsoft
2016-12-08 08:55 - 2016-07-16 12:47 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft
2016-12-08 08:55 - 2016-07-16 12:47 - 00000000 ____D C:\Users\Default\AppData\Local
2016-12-08 08:55 - 2016-07-16 12:47 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft
2016-12-08 08:55 - 2016-07-16 12:47 - 00000000 ____D C:\Users\Default User\AppData\Local

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-11-02 09:21 - 2016-11-02 09:21 - 0000000 _____ () C:\Users\Itzak\AppData\Roaming\9d2c211b-a7d3-4966-a500-06dbed64212a.storage
2016-11-02 09:21 - 2016-11-02 09:21 - 0000000 _____ () C:\Users\Itzak\AppData\Roaming\b946058e-9284-4d97-ab04-a1f1cc535354.storage
2016-11-02 09:21 - 2016-11-02 09:21 - 0000000 _____ () C:\Users\Itzak\AppData\Roaming\ba3ed2c3-5b55-4ce5-b5fd-d73d51ac9b82.storage
2015-06-06 22:41 - 2015-06-06 22:41 - 0000000 _____ () C:\Users\Itzak\AppData\Roaming\d8284ffa-bfdb-48d9-9921-c5f5fed70c90.storage
2012-03-05 17:48 - 2015-11-10 11:18 - 0000600 _____ () C:\Users\Itzak\AppData\Roaming\winscp.rnd
2013-03-12 18:37 - 2013-03-12 18:37 - 0000879 _____ () C:\Users\Itzak\AppData\Local\recently-used.xbel
2016-12-21 13:23 - 2016-12-21 13:23 - 0007602 _____ () C:\Users\Itzak\AppData\Local\Resmon.ResmonCfg
2014-11-19 11:48 - 2014-11-26 20:09 - 0000040 ___SH () C:\ProgramData\.zreglib
2016-08-03 15:43 - 2016-08-03 15:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-02-18 09:11 - 2013-02-18 10:53 - 0000285 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-12-09 15:43 - 2015-12-09 15:43 - 0000016 _____ () C:\ProgramData\mntemp
2016-12-20 14:15 - 2017-01-05 09:24 - 0014600 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-20 14:15 - 2016-12-25 21:56 - 0010941 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
2015-12-09 15:43 - 2015-12-09 15:43 - 0004133 _____ () C:\ProgramData\rxsmznjf.zcp

Einige Dateien in TEMP:
====================
C:\Users\Itzak\AppData\Local\Temp\jre-8u111-windows-au.exe
C:\Users\Itzak\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Itzak\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Itzak\AppData\Local\Temp\nvStInst.exe
C:\Users\Itzak\AppData\Local\Temp\NvTelemetry.dll
C:\Users\Itzak\AppData\Local\Temp\NvTelemetryAPI32.dll
C:\Users\Itzak\AppData\Local\Temp\NvTelemetryAPI64.dll
C:\Users\Itzak\AppData\Local\Temp\Synology-Cloud-Station-Backup-Upgrader.exe
C:\Users\Itzak\AppData\Local\Temp\_is50A0.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-12-29 09:18

==================== Ende von FRST.txt ============================

Deathkid535 07.01.2017 16:11
Hi,

Schritt # 1: AdwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt # 2: FRST

Bitte noch ein frisches FRST-Log.



Schritt # 3: Bitte Posten
  • Das Log von AdwCleaner
  • Das frische FRST-Log

Itzak 08.01.2017 14:30
Ok, weiter geht es...
13 Bedrohungen gefunden :(

Code:
# AdwCleaner v6.042 - Bericht erstellt am 08/01/2017 um 14:24:23
# Aktualisiert am 06/01/2017 von Malwarebytes
# Datenbank : 2017-01-06.1 [Server]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : Itzak - ITZAK-PC
# Gestartet von : D:\Downloads\adwcleaner_6.042.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\ProgramData\7b6944616ec4bbca


***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\SK.Enabler


***** [ Browser ] *****

[-] [C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: epub-to-kindle-converter-mac.en.softonic.com
[-] [C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: movavi-splitmovie.de.softonic.com


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2087 Bytes] - [08/01/2017 14:24:23]
C:\AdwCleaner\AdwCleaner[S0].txt - [2234 Bytes] - [08/01/2017 14:22:27]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2233 Bytes] ##########
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 07-01-2017
durchgeführt von Itzak (Administrator) auf ITZAK-PC (08-01-2017 14:27:41)
Gestartet von D:\Downloads
Geladene Profile: Itzak (Verfügbare Profile: Itzak & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe
() C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Electronic Arts) D:\Program Files (x86)\Origin\OriginWebHelperService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(SanDisk Corporation) C:\Program Files (x86)\SanDisk\SSD Dashboard\SanDiskSSDDashboardService.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) D:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
() D:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Itzak\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dropbox, Inc.) C:\Users\Itzak\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Samsung Electronics.) D:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(SecureMix LLC) C:\Program Files (x86)\GlassWire\GlassWire.exe
(Dropbox, Inc.) C:\Users\Itzak\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
() C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Synology Inc.) C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-ui.exe
(Synology Inc.) C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-connect.exe
(Synology Inc.) C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-daemon.exe
(Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2016-01-14] (Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => d:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2780776 2011-07-19] (CANON INC.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [571192 2014-08-14] (Acronis)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15818872 2016-04-28] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-12-06] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-11-17] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2014-02-05] (shbox.de)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [345000 2016-08-10] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5380368 2015-07-20] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [693336 2015-07-20] (Acronis International GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Run: [Spotify Web Helper] => C:\Users\Itzak\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1444976 2016-12-12] (Spotify Ltd)
HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Run: [GoogleChromeAutoLaunch_044D73549DD22D28C44F9AEB57C375E7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [935768 2016-12-08] (Google Inc.)
HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Run: [Dropbox Update] => C:\Users\Itzak\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-07] (Dropbox, Inc.)
HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-11-17] (Apple Inc.)
HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-11-17] (Apple Inc.)
HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2016-11-17] (Apple Inc.)
HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2030424 2016-10-26] (Palit Microsystems Ltd.)
HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [5728208 2016-11-19] (SecureMix LLC)
HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\RunOnce: [Uninstall C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [177952 2016-07-11] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll [2016-12-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll [2016-12-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll [2016-12-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.10.0.dll [2017-01-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.10.0.dll [2017-01-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.10.0.dll [2017-01-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.10.0.dll [2017-01-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileSyncShell.dll [2016-12-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileSyncShell.dll [2016-12-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileSyncShell.dll [2016-12-10] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt.10.0.dll [2017-01-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt.10.0.dll [2017-01-04] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt.10.0.dll [2017-01-04] (Dropbox, Inc.)
Startup: C:\Users\Itzak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-01-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Itzak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Backup.lnk [2017-01-08]
ShortcutTarget: Synology Cloud Station Backup.lnk -> C:\Program Files (x86)\Synology\CloudStationBackup\bin\launcher.exe (Synology Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 127.0.0.1 activation.acronis.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6b1ae226-44bf-4039-b48b-794f582d86c3}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{afa02eb6-b1a5-48e9-afc3-6e2d0c035810}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-604251109-3447910946-4235510674-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-12-04] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-04] (Oracle Corporation)
BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2016-08-10] (Qihu 360 Software Co., Ltd.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-12-04] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-04] (Oracle Corporation)
BHO: YoutubeAdblocker -> {FF176DAB-19F2-1774-7595-95269C59C02C} -> C:\Program Files (x86)\YoutubeAdblocker\HH.x64.dll => Keine Datei
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-12-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-27] (Oracle Corporation)
BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2016-08-10] (Qihu 360 Software Co., Ltd.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-27] (Oracle Corporation)
BHO-x32: YoutubeAdblocker -> {FF176DAB-19F2-1774-7595-95269C59C02C} -> C:\Program Files (x86)\YoutubeAdblocker\HH.dll => Keine Datei
DPF: HKLM-x32 {4E94DD12-E0E0-5C87-9E61-4F4C4B0052BB} hxxps://itzak.dyn.cc:5001/webman/3rdparty/SurveillanceStation/object/SurveillanceHelper.cab?undefined
DPF: HKLM-x32 {98703E7E-E705-4043-8FCE-E828D9C1EEAD} hxxp://192.168.178.50:88/IPCWebComponents.exe
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: HKLM-x32 {D63FBD76-6EAA-43C0-BAFB-474D5FD9AD3F} hxxps://itzak.dyn.cc:5001/webman/3rdparty/SurveillanceStation/object/SurveillancePlugin.cab?undefined
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-12-04] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Itzak\AppData\Roaming\TomTom\HOME\Profiles\3w1ilsu9.default [2016-12-04]
FF Extension: (MazdaTheme) - C:\Users\Itzak\AppData\Roaming\TomTom\HOME\Profiles\3w1ilsu9.default\Extensions\MazdaTheme@mazda.com [2015-02-05] [ist nicht signiert]
FF Extension: (Emulator) - C:\Users\Itzak\AppData\Roaming\TomTom\HOME\Profiles\3w1ilsu9.default\Extensions\Navcore.9.500.1161701@tomtom.com [2016-10-26] [ist nicht signiert]
FF Extension: (Tyre) - C:\Users\Itzak\AppData\Roaming\TomTom\HOME\Profiles\3w1ilsu9.default\Extensions\tyre@tyre.tk [2016-10-13] [ist nicht signiert]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2016-12-04] [ist nicht signiert]
FF ProfilePath: C:\Users\Itzak\AppData\Roaming\Postbox\Profiles\uoycg126.default [2013-10-08]
FF Extension: (German Dictionary) - C:\Users\Itzak\AppData\Roaming\Postbox\Profiles\uoycg126.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2013-06-16] [ist nicht signiert]
FF Extension: (Send Later) - C:\Users\Itzak\AppData\Roaming\Postbox\Profiles\uoycg126.default\Extensions\sendlater3@kamens.us.xpi [2013-06-17] [ist nicht signiert]
FF Extension: (Provider for Google Calendar) - C:\Users\Itzak\AppData\Roaming\Postbox\Profiles\uoycg126.default\Extensions\{a62ef8ec-5fdc-40c2-873c-223b8a6925cc} [2013-06-16] [ist nicht signiert]
FF Extension: (Lightning) - C:\Users\Itzak\AppData\Roaming\Postbox\Profiles\uoycg126.default\Extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} [2013-06-16] [ist nicht signiert]
FF ProfilePath: C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default [2016-12-14]
FF Homepage: Mozilla\Firefox\Profiles\ixv85fkk.default -> hxxp://www.ighome.com/
FF Extension: (Add-on Compatibility Reporter) - C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default\Extensions\compatibility@addons.mozilla.org.xpi [2016-11-30]
FF Extension: (MEGA) - C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default\Extensions\firefox@mega.co.nz.xpi [2016-12-11]
FF Extension: (SaveFrom.net - helper) - C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default\Extensions\helper-sig@savefrom.net.xpi [2016-12-13]
FF Extension: (PAYBACK Internet Assistent) - C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default\Extensions\toolbar-ff@payback.de.xpi [2016-05-03]
FF Extension: (Flagfox) - C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-11-30]
FF Extension: (Print/Print Preview) - C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default\Extensions\{19EB90DC-A456-458b-8AAC-616D91AAFCE1}.xpi [2016-05-19]
FF Extension: (InFormEnter) - C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default\Extensions\{5546F97E-11A5-46b0-9082-32AD74AAA920} [2016-05-19]
FF Extension: (eBay für Firefox) - C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default\Extensions\{62760FD6-B943-48C9-AB09-F99C6FE96088}.xpi [2016-12-11]
FF Extension: (Download Status Bar) - C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-10-07]
FF Extension: (Adblock Plus) - C:\Users\Itzak\AppData\Roaming\Mozilla\Firefox\Profiles\ixv85fkk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-30]
FF Extension: (360-Internetschutz) - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2016-05-26]
FF ProfilePath: C:\Users\Itzak\AppData\Roaming\kompozer.net\KompoZer\Profiles\82ut3hvh.default [2015-06-25]
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-22] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-04] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-04] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin: synology.com/SurveillanceHelper -> C:\Program Files (x86)\Synology\SurveillanceHelper\1.0.0.5\npSurveillanceHelper_x86_64.dll [2016-10-20] (Synology)
FF Plugin: synology.com/SurveillancePlugin_x86_64 -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.1135\npSurveillancePlugin_x86_64.dll [2016-10-20] (Synology)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-22] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll [2012-05-11] (ESN Social Software AB)
FF Plugin-x32: @IPCWebComponents -> C:\Program Files (x86)\IPCWebComponents\npIPCReg.dll [2014-11-21] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-12-04] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-12-04] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: synology.com/SurveillanceHelper -> C:\Program Files (x86)\Synology\SurveillanceHelper\1.0.0.5\npSurveillanceHelper.dll [2016-10-20] (Synology)
FF Plugin-x32: synology.com/SurveillancePlugin -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.1135\npSurveillancePlugin.dll [2016-10-20] (Synology)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.ighome.com/
CHR StartupUrls: Default -> "hxxp://www.ighome.com/"
CHR Profile: C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default [2017-01-08]
CHR Extension: (Google Drive) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-26]
CHR Extension: (Auf den Amazon-Wunschzettel) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2016-06-03]
CHR Extension: (Google-Suche) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Cr!Box) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjodchcocbnbhfkjeapbdoflbiibnapp [2016-03-18]
CHR Extension: (360 Internet Protection) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2016-08-02]
CHR Extension: (VXG Media Player) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\hncknjnnbahamgpjoafdebabmoamcnni [2017-01-04]
CHR Extension: (Chrome-Autofill-Enhancer) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbfdjjbpfogkapjfdjgaeofoajhbihid [2014-09-19]
CHR Extension: (eBay für Chrome) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2016-11-23]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Google Mail) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Itzak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-02]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-29] (Adobe Systems) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 cjpcsc; C:\WINDOWS\SysWoW64\cjpcsc.exe [602608 2016-07-25] (REINER SCT)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3698888 2016-12-04] (Microsoft Corporation)
R2 Cloud Station Backup VSS Service x64; C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe [287240 2016-02-25] () [Datei ist nicht signiert]
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [437224 2016-10-27] (Digital Wave Ltd.)
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [4397008 2016-11-19] (SecureMix LLC)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-04-28] (Logitech Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-13] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-13] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-13] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-12-21] (Electronic Arts)
R2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [2180624 2016-12-21] (Electronic Arts)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [914344 2016-08-10] (QIHU 360 SOFTWARE CO. LIMITED)
R2 SanDisk SSD Dashboard Service; C:\Program Files (x86)\SanDisk\SSD Dashboard\SanDiskSSDDashboardService.exe [374784 2015-05-14] (SanDisk Corporation) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 StarMoney 10 OnlineUpdate; d:\Program Files (x86)\StarMoney 10\ouservice\StarMoneyOnlineUpdate.exe [701760 2016-11-25] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 UsbClientService; d:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2014-02-25] () [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [160768 2016-08-10] (360.cn)
R3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [95232 2016-08-10] (360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [77904 2016-05-09] (360.cn)
S3 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [339456 2016-08-10] (360.cn)
S3 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [57856 2016-08-10] (360.cn)
R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [400384 2016-08-10] (360.cn)
R3 AnyDVD; C:\WINDOWS\System32\Drivers\AnyDVD.sys [138664 2014-04-24] (SlySoft, Inc.)
R0 asstahci64; C:\WINDOWS\System32\drivers\asstahci64.sys [88936 2015-06-17] (Asmedia Technology)
S1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys [181328 2016-02-26] (360.cn)
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [58368 2011-11-04] (www.winchiphead.com)
R3 cjusb; C:\WINDOWS\system32\DRIVERS\cjusb.sys [36112 2015-03-23] (REINER SCT)
S3 ew_usbenumfilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [14976 2013-02-26] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert]
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [296736 2016-03-07] (Acronis International GmbH)
R1 gwdrv; C:\WINDOWS\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (SecureMix LLC)
S3 huawei_cdcecm; C:\WINDOWS\System32\drivers\ew_jucdcecm.sys [76800 2013-02-26] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert]
S3 huawei_ext_ctrl; C:\WINDOWS\System32\drivers\ew_juextctrl.sys [30720 2013-01-23] (Huawei Technologies Co., Ltd.) [Datei ist nicht signiert]
S3 KOBCCEX; C:\WINDOWS\System32\drivers\KOBCCEX.sys [25344 2012-03-06] (KOBIL Systems GmbH) [Datei ist nicht signiert]
U5 KOBCCID; C:\Windows\System32\Drivers\KOBCCID.sys [116864 2012-06-25] (KOBIL Systems GmbH) [Datei ist nicht signiert]
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3f929cc119e3b994\nvlddmkm.sys [14200880 2016-12-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-13] (NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R2 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [1058632 2016-03-07] (Acronis International GmbH)
S2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [248648 2016-03-07] (Acronis International GmbH)
S1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102664 2014-01-23] ()
S1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25992 2014-01-23] ()
S1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [700680 2014-01-23] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 cpuz140; \??\C:\Users\Itzak\AppData\Local\Temp\cpuz140\cpuz140_x64.sys [X]
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-08 14:18 - 2017-01-08 14:24 - 00000000 ____D C:\AdwCleaner
2017-01-08 14:17 - 2017-01-08 14:17 - 00000000 ___HD C:\OneDriveTemp
2017-01-07 12:13 - 2017-01-07 12:13 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileBot
2017-01-07 12:13 - 2017-01-07 12:13 - 00000000 ____D C:\Program Files\FileBot
2017-01-07 11:45 - 2017-01-07 11:45 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-01-05 11:12 - 2017-01-08 14:27 - 00000000 ____D C:\FRST
2016-12-30 08:37 - 2016-12-30 08:37 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-12-28 09:10 - 2016-12-28 09:10 - 00000880 _____ C:\Users\Public\Desktop\Steuer 2016.lnk
2016-12-28 09:10 - 2016-12-28 09:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer 2016
2016-12-28 09:07 - 2017-01-08 14:24 - 00000000 __SHD C:\Config.Msi
2016-12-26 10:21 - 2016-12-26 10:21 - 00000000 ____D C:\Users\Itzak\Documents\AdobeStockPhotos
2016-12-21 13:23 - 2016-12-21 13:23 - 00007602 _____ C:\Users\Itzak\AppData\Local\Resmon.ResmonCfg
2016-12-20 14:20 - 2016-12-12 04:03 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 34710584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 28201408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 10353960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 09158616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 08761560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 02950200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437633.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437633.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 01038392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00974784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00942528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00894400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00802768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00801560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00643928 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00642392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00617696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00438208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00394888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00388544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00386104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00347072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2016-12-20 14:20 - 2016-12-12 04:03 - 00327408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-12-20 14:15 - 2017-01-08 14:25 - 00002938 _____ C:\ProgramData\NvTelemetryContainer.log
2016-12-20 14:15 - 2017-01-08 14:24 - 00005110 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2016-12-20 14:15 - 2016-12-20 14:15 - 00004402 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-20 14:15 - 2016-12-20 14:15 - 00000000 ____D C:\Users\Itzak\AppData\Local\Chromium
2016-12-20 14:15 - 2016-12-12 15:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2016-12-20 14:14 - 2016-12-13 00:36 - 00156096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-12-20 14:14 - 2016-12-13 00:36 - 00123840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-12-16 10:11 - 2016-12-16 10:11 - 00000924 _____ C:\Users\Itzak\Desktop\Uplay.lnk
2016-12-16 10:11 - 2016-12-16 10:11 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-12-14 11:53 - 2016-12-14 11:53 - 00001343 _____ C:\Users\Public\Desktop\Free Video Editor.lnk
2016-12-14 11:53 - 2016-12-14 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-12-14 11:53 - 2016-12-14 11:53 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2016-12-14 11:53 - 2016-12-14 11:53 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-12-14 11:23 - 2016-12-14 11:23 - 00001828 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-12-14 11:23 - 2016-12-14 11:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-12-14 11:23 - 2016-12-14 11:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-12-14 11:23 - 2016-12-14 11:23 - 00000000 ____D C:\Program Files\iTunes
2016-12-14 11:23 - 2016-12-14 11:23 - 00000000 ____D C:\Program Files\iPod
2016-12-14 09:04 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-14 09:04 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-14 09:04 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-14 09:04 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-14 09:04 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-14 09:04 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-14 09:04 - 2016-12-09 11:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-14 09:04 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-14 09:04 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 09:04 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-14 09:04 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-14 09:04 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-14 09:04 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-14 09:04 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-14 09:04 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-14 09:04 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-14 09:04 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-14 09:04 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-14 09:04 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-14 09:04 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-14 09:04 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-14 09:04 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-14 09:04 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-14 09:04 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-14 09:04 - 2016-12-09 11:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-14 09:04 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-14 09:04 - 2016-12-09 11:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-14 09:04 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-14 09:04 - 2016-12-09 11:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-14 09:04 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-14 09:04 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-14 09:04 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-14 09:04 - 2016-12-09 11:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-14 09:04 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-14 09:04 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-14 09:04 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-14 09:04 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-14 09:04 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-14 09:04 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-14 09:04 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-14 09:04 - 2016-12-09 10:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-14 09:04 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-14 09:04 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-14 09:04 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-14 09:04 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-14 09:04 - 2016-12-09 10:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-14 09:04 - 2016-12-09 10:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-14 09:04 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-14 09:04 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-14 09:04 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-14 09:04 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-14 09:04 - 2016-12-09 10:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-14 09:04 - 2016-12-09 10:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-14 09:04 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-14 09:04 - 2016-12-09 10:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-14 09:04 - 2016-12-09 10:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-14 09:04 - 2016-12-09 10:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-14 09:04 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-14 09:04 - 2016-12-09 10:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-14 09:04 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-14 09:04 - 2016-12-09 10:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-14 09:04 - 2016-12-09 10:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-14 09:04 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-14 09:04 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-14 09:04 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-14 09:04 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-14 09:04 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-14 09:04 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-14 09:04 - 2016-12-09 10:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-14 09:04 - 2016-12-09 10:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-14 09:04 - 2016-12-09 10:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-14 09:04 - 2016-12-09 10:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-14 09:04 - 2016-12-09 10:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-14 09:04 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-14 09:04 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-14 09:04 - 2016-12-09 10:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-14 09:04 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-14 09:04 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-14 09:04 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-14 09:04 - 2016-12-09 10:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-14 09:04 - 2016-12-09 10:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-14 09:04 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-14 09:04 - 2016-12-09 10:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-14 09:04 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-14 09:04 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-14 09:04 - 2016-12-09 10:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-14 09:04 - 2016-12-09 10:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-14 09:04 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-14 09:04 - 2016-12-09 10:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-14 09:04 - 2016-12-09 10:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-14 09:04 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-14 09:04 - 2016-12-09 10:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-14 09:04 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-14 09:04 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-14 09:04 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-14 09:04 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-14 09:04 - 2016-12-09 10:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-14 09:04 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-14 09:04 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-14 09:04 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-14 09:04 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-14 09:04 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-14 09:04 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-14 09:04 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-14 09:04 - 2016-12-09 10:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-14 09:04 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-14 09:04 - 2016-12-09 10:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-14 09:04 - 2016-12-09 10:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-14 09:04 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-14 09:04 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-14 09:04 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-14 09:04 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-14 09:04 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-14 09:03 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-12-14 08:58 - 2016-09-15 17:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-12-14 08:57 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-12-10 11:35 - 2016-11-11 11:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-10 11:35 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-10 11:35 - 2016-11-11 11:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-10 11:35 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-10 11:35 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-10 11:35 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-10 11:35 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-10 11:35 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-10 11:35 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-10 11:35 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-10 11:35 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-10 11:35 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-10 11:35 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-10 11:35 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-10 11:35 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-10 11:35 - 2016-11-11 10:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-10 11:35 - 2016-11-11 10:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-10 11:35 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-10 11:35 - 2016-11-11 10:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-10 11:35 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-10 11:35 - 2016-11-11 10:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-10 11:35 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-10 11:35 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-10 11:35 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-10 11:35 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-10 11:35 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-10 11:35 - 2016-11-11 10:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-10 11:35 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-10 11:35 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-10 11:35 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-10 11:35 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-10 11:35 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-10 11:35 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-10 11:35 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-10 11:35 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-10 11:35 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-10 11:35 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 11:35 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-10 11:35 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-10 11:35 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-10 11:35 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-10 11:35 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-10 11:35 - 2016-11-11 10:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-10 11:35 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-10 11:35 - 2016-11-11 10:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-10 11:35 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-10 11:35 - 2016-11-11 10:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-10 11:35 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-10 11:35 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-10 11:35 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-10 11:35 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-10 11:35 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-10 11:35 - 2016-11-11 10:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-10 11:35 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-10 11:35 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-10 11:35 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-10 11:35 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-10 11:35 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 11:35 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-10 11:35 - 2016-11-11 10:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-10 11:35 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-10 11:35 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-10 11:35 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-10 11:35 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-10 11:35 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-10 11:35 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-10 11:35 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-10 11:35 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-10 11:35 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-10 11:35 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-10 11:35 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-10 11:35 - 2016-11-11 10:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-10 11:35 - 2016-11-11 10:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-10 11:35 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-10 11:35 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-10 11:35 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-10 11:35 - 2016-11-11 10:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-10 11:35 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-10 11:35 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-10 11:35 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-10 11:35 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-10 11:35 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-10 11:35 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-10 11:35 - 2016-11-11 10:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-10 11:35 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-10 11:35 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-10 11:35 - 2016-11-11 10:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-10 11:35 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-10 11:35 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-10 11:35 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-10 11:35 - 2016-11-11 10:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-10 11:35 - 2016-11-11 10:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-10 11:35 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-10 11:35 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-10 11:35 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-10 11:35 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-10 11:35 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-10 11:35 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-10 11:35 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-10 11:35 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-10 11:35 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-10 11:35 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-10 11:35 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-10 11:35 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-10 11:35 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-10 11:35 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-10 11:35 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-10 11:35 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-10 11:35 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-10 11:35 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-10 11:35 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-10 11:35 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-10 11:35 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-10 11:35 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-10 11:35 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-10 11:35 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-10 11:35 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-10 11:35 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-10 11:35 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-10 11:35 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-10 11:35 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-10 11:35 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-10 11:35 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-10 11:35 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-10 11:35 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-10 11:35 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-10 11:35 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-10 11:35 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-10 11:35 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-10 11:35 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-10 11:35 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-10 11:35 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-10 11:35 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-10 11:35 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-10 11:35 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-10 11:35 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-10 11:35 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-10 11:35 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-10 11:35 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-10 11:35 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-10 11:35 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-10 11:35 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-10 11:35 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-10 11:35 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-10 11:35 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-10 11:35 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-10 11:35 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-10 11:35 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-10 11:35 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-10 11:35 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-10 11:35 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-10 11:35 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-10 11:35 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-10 11:35 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-10 11:35 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-10 11:35 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-10 11:35 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-10 11:35 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-10 11:35 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-10 11:34 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-10 11:34 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-10 11:34 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-10 11:34 - 2016-11-11 11:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-10 11:34 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-10 11:34 - 2016-11-11 11:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-10 11:34 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-10 11:34 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-10 11:34 - 2016-11-11 10:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-10 11:34 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-10 11:34 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-10 11:34 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-10 11:34 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-10 11:34 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-10 11:34 - 2016-11-11 10:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-10 11:34 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-10 11:34 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-10 11:34 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-10 11:34 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-10 11:34 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-10 11:34 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-10 11:34 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-10 11:34 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-10 11:34 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-10 11:34 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-10 11:34 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-10 11:34 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-10 11:34 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-10 11:34 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-10 11:34 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-10 11:34 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-10 11:34 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-10 11:34 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-10 11:34 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-10 11:34 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-10 11:34 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-10 11:34 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-10 11:34 - 2016-11-11 10:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-10 11:34 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-10 11:34 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-10 11:34 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-10 11:34 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-10 11:34 - 2016-11-11 10:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-10 11:34 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-10 11:34 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-10 11:34 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-10 11:34 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-10 11:34 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-10 11:34 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-10 11:34 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-10 11:34 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-10 11:34 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-10 11:34 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-10 11:34 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-10 11:34 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-10 11:34 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-10 11:34 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-10 11:34 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-10 11:34 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-10 11:34 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-10 11:34 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-10 11:34 - 2016-11-11 10:07 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2016-12-10 11:34 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-10 11:34 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-10 11:34 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-10 11:34 - 2016-11-11 10:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-10 11:34 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-10 11:34 - 2016-11-11 10:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-10 11:34 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-10 11:34 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-10 11:34 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-10 11:34 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-10 11:34 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-10 11:34 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-10 11:34 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-10 11:34 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-10 11:34 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-10 11:34 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-10 11:34 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-10 11:34 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-10 11:34 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-10 11:34 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-10 11:34 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-10 11:34 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-10 11:34 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-10 11:34 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-10 11:34 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-10 11:34 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-10 11:34 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-10 11:34 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-10 11:34 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-10 11:34 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-10 11:34 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 11:34 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-10 11:34 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-10 11:34 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-10 11:34 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-10 11:34 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-10 11:34 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-10 11:34 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-10 11:34 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-10 11:34 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 11:34 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-10 11:34 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-10 11:34 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-10 11:34 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-10 11:34 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-10 11:34 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-10 11:34 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-10 11:34 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-10 11:11 - 2016-12-10 11:11 - 00003276 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-08 14:27 - 2016-08-03 15:43 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-08 14:27 - 2012-03-06 09:58 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\NetSpeedMonitor
2017-01-08 14:26 - 2012-11-18 12:17 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\eM Client
2017-01-08 14:25 - 2016-10-17 09:47 - 00000000 ___RD C:\Users\Itzak\iCloudDrive
2017-01-08 14:25 - 2016-08-03 15:51 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-08 14:25 - 2016-08-03 15:44 - 00000000 ____D C:\Users\Itzak
2017-01-08 14:25 - 2015-04-17 09:27 - 00000000 ____D C:\Users\Itzak\AppData\LocalLow\360WD
2017-01-08 14:25 - 2014-01-15 16:29 - 00000000 __RDO C:\Users\Itzak\SkyDrive
2017-01-08 14:25 - 2013-03-25 10:07 - 00000000 ____D C:\Users\Itzak\AppData\Local\FreePDF_XP
2017-01-08 14:24 - 2016-07-16 07:04 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-01-08 14:24 - 2015-08-03 18:25 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-01-08 14:18 - 2016-03-08 12:13 - 00000000 ____D C:\Users\Itzak\AppData\Local\CloudStationBackup
2017-01-07 17:56 - 2012-10-19 12:10 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\vlc
2017-01-07 17:43 - 2016-08-03 15:43 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-07 15:25 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-07 12:13 - 2015-11-21 20:54 - 00002116 _____ C:\Users\Itzak\Desktop\FileBot.lnk
2017-01-07 11:45 - 2012-03-05 17:18 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\Dropbox
2017-01-06 13:56 - 2015-12-23 14:10 - 00000000 ____D C:\Users\Itzak\AppData\Local\CrashDumps
2017-01-06 10:12 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-05 15:15 - 2012-03-05 15:28 - 00000000 ____D C:\ProgramData\Origin
2017-01-05 15:13 - 2012-03-05 15:28 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\Origin
2017-01-05 15:02 - 2016-05-02 17:12 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\com.silhouettesoftware
2017-01-05 09:28 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-04 15:17 - 2016-11-24 16:16 - 00000000 ____D C:\Users\Itzak\AppData\Local\Deployment
2017-01-04 11:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-04 09:04 - 2016-01-13 11:21 - 00000822 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass.lnk
2017-01-04 09:04 - 2015-02-01 16:40 - 00000822 _____ C:\Users\Itzak\Desktop\KeePass.lnk
2017-01-01 16:27 - 2016-05-02 17:12 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\com.aspexsoftware.Silhouette_Studio
2017-01-01 15:50 - 2016-07-16 12:43 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\telnet.exe
2017-01-01 15:50 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-30 08:37 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-30 08:37 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-12-30 08:37 - 2016-07-16 07:04 - 00000000 ____D C:\Program Files\Common Files
2016-12-30 08:36 - 2015-10-13 10:10 - 00000000 ____D C:\Program Files\Microsoft Office
2016-12-30 08:29 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\drivers
2016-12-29 12:03 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Public\Desktop
2016-12-29 12:03 - 2012-03-05 12:35 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-29 11:32 - 2016-08-03 15:43 - 00033473 _____ C:\WINDOWS\setupact.log
2016-12-29 09:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\config\RegBack
2016-12-28 09:14 - 2012-03-07 12:46 - 00000000 ____D C:\Users\Itzak\Documents\Steuer
2016-12-28 09:11 - 2012-03-07 12:42 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH
2016-12-28 09:10 - 2012-03-07 12:46 - 00000000 ____D C:\Users\Itzak\AppData\Local\Buhl
2016-12-28 09:07 - 2014-09-13 09:09 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-26 10:21 - 2013-10-19 10:19 - 00000000 ___RD C:\Users\Itzak\Documents
2016-12-26 10:21 - 2012-03-05 12:08 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\Adobe
2016-12-26 09:28 - 2016-08-03 15:44 - 02871844 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-26 09:28 - 2016-07-16 23:51 - 01206932 _____ C:\WINDOWS\system32\perfh007.dat
2016-12-26 09:28 - 2016-07-16 23:51 - 00303762 _____ C:\WINDOWS\system32\perfc007.dat
2016-12-26 09:28 - 2016-07-16 12:49 - 01000674 _____ C:\WINDOWS\system32\perfh009.dat
2016-12-26 09:28 - 2016-07-16 12:49 - 00336722 _____ C:\WINDOWS\system32\perfc009.dat
2016-12-22 16:28 - 2012-11-13 08:30 - 00000000 ____D C:\Users\Itzak\AppData\Local\Packages
2016-12-22 16:19 - 2016-08-03 15:43 - 00380704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-22 16:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\catroot2
2016-12-22 16:19 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\CatRoot
2016-12-21 14:09 - 2016-11-13 14:43 - 00000903 _____ C:\Users\Public\Desktop\Battlefield 1.lnk
2016-12-20 14:22 - 2016-03-11 09:57 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-20 14:21 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-20 14:21 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\DriverStore
2016-12-20 14:15 - 2016-10-07 08:17 - 00003978 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-20 14:15 - 2016-10-07 08:17 - 00001491 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-12-20 14:15 - 2016-10-07 08:16 - 00003988 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-20 14:15 - 2016-10-07 08:16 - 00003960 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-20 14:15 - 2016-10-07 08:16 - 00003952 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-20 14:15 - 2016-10-07 08:16 - 00003790 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-20 14:15 - 2016-10-07 08:16 - 00003748 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-20 14:15 - 2016-08-03 15:43 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-12-20 14:15 - 2016-08-03 15:43 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-12-20 14:15 - 2016-08-03 15:43 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-20 14:15 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Tasks
2016-12-20 14:15 - 2013-11-18 16:41 - 00000000 ____D C:\Users\Itzak\AppData\Local\NVIDIA Corporation
2016-12-20 14:15 - 2013-09-19 10:54 - 00000000 ____D C:\Users\Itzak\AppData\Local\NVIDIA
2016-12-18 12:56 - 2016-07-16 12:47 - 00000000 __RSD C:\WINDOWS\Fonts
2016-12-17 10:45 - 2016-08-03 15:51 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 10:45 - 2016-08-03 15:51 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-17 10:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-16 13:13 - 2014-05-27 18:08 - 00000000 ____D C:\Users\Itzak\AppData\Local\Ubisoft Game Launcher
2016-12-16 09:12 - 2016-08-03 15:44 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f5b135e6-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000002.regtrans-ms
2016-12-16 08:52 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\assembly
2016-12-14 11:53 - 2016-07-16 07:04 - 00000000 ____D C:\Program Files (x86)\Common Files
2016-12-14 11:53 - 2015-09-01 15:17 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\DVDVideoSoft
2016-12-14 11:42 - 2016-11-16 07:44 - 00000000 ____D C:\Users\Itzak\AppData\LocalLow\Mozilla
2016-12-14 11:25 - 2016-10-17 09:49 - 00000000 ____D C:\Users\Itzak\AppData\Local\EE938676-7313-4C26-B01B-AB94517193D4.aplzod
2016-12-14 11:23 - 2012-03-05 17:27 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-12-14 09:35 - 2016-08-03 15:42 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{f5b135f1-4b48-11e6-80cb-e41d2d012050}.TMContainer00000000000000000001.regtrans-ms
2016-12-14 09:35 - 2016-08-03 15:42 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{f5b135f1-4b48-11e6-80cb-e41d2d012050}.TM.blf
2016-12-14 09:35 - 2016-07-16 12:47 - 00001068 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-14 09:35 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\de-DE
2016-12-14 09:35 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-14 09:35 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-14 09:35 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppPatch
2016-12-14 09:09 - 2013-07-16 15:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-14 09:07 - 2012-03-05 12:10 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-13 11:02 - 2016-11-16 07:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-13 11:02 - 2012-04-27 11:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-13 00:37 - 2016-10-07 08:17 - 01853376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-12-13 00:37 - 2016-10-07 08:17 - 01755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-12-13 00:37 - 2016-10-07 08:17 - 01452480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-12-13 00:37 - 2016-10-07 08:17 - 01317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-12-13 00:37 - 2016-10-07 08:17 - 00120256 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-12-13 00:36 - 2016-05-13 08:01 - 00046016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-12-12 10:04 - 2012-11-07 12:55 - 00000000 ____D C:\Users\Itzak\AppData\Roaming\Spotify
2016-12-12 10:04 - 2012-11-07 12:55 - 00000000 ____D C:\Users\Itzak\AppData\Local\Spotify
2016-12-12 10:03 - 2015-06-13 09:31 - 00000000 ____D C:\ProgramData\Sonos,_Inc
2016-12-12 04:03 - 2016-07-15 07:24 - 03934504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-12-12 04:03 - 2016-07-15 07:24 - 03474392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-12-12 04:03 - 2016-07-15 07:24 - 00042286 _____ C:\WINDOWS\system32\nvinfo.pb
2016-12-12 00:56 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-11 19:47 - 2016-10-07 08:16 - 00001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2016-12-11 19:47 - 2016-08-03 15:43 - 06384576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-12-11 19:47 - 2016-08-03 15:43 - 02475968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-12-11 19:47 - 2016-08-03 15:43 - 01764408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-12-11 19:47 - 2016-08-03 15:43 - 00548408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-12-11 19:47 - 2016-08-03 15:43 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-12-11 19:47 - 2016-08-03 15:43 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-12-11 19:47 - 2016-08-03 15:43 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-12-11 10:32 - 2016-08-03 15:44 - 00524288 ___SH C:\Users\Itzak\NTUSER.DAT{ecd63e72-5990-11e6-bcb3-f2f08197dc2b}.TMContainer00000000000000000002.regtrans-ms
2016-12-11 10:32 - 2016-08-03 15:44 - 00524288 ___SH C:\Users\Itzak\NTUSER.DAT{ecd63e72-5990-11e6-bcb3-f2f08197dc2b}.TMContainer00000000000000000001.regtrans-ms
2016-12-11 10:32 - 2016-08-03 15:44 - 00065536 ___SH C:\Users\Itzak\NTUSER.DAT{ecd63e72-5990-11e6-bcb3-f2f08197dc2b}.TM.blf
2016-12-11 10:20 - 2016-08-03 15:53 - 00000174 ___SH C:\Users\Itzak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-11 10:20 - 2016-07-16 07:04 - 00262144 _____ C:\Users\Default\NTUSER.DAT
2016-12-11 10:20 - 2013-10-19 10:19 - 00000000 ___RD C:\Users\Itzak\Favorites
2016-12-11 10:20 - 2012-11-16 08:06 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-11 10:20 - 2012-03-05 12:00 - 00000402 ___SH C:\Users\Itzak\Documents\desktop.ini
2016-12-11 10:20 - 2012-03-05 12:00 - 00000174 ___SH C:\Users\Itzak\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-11 10:20 - 2012-03-05 12:00 - 00000000 ___RD C:\Users\Itzak\Searches
2016-12-11 10:20 - 2012-03-05 12:00 - 00000000 ___RD C:\Users\Itzak\Saved Games
2016-12-11 10:20 - 2012-03-05 12:00 - 00000000 ___RD C:\Users\Itzak\Pictures
2016-12-11 10:20 - 2012-03-05 12:00 - 00000000 ___RD C:\Users\Itzak\Music
2016-12-11 10:20 - 2012-03-05 12:00 - 00000000 ___RD C:\Users\Itzak\Links
2016-12-11 10:20 - 2012-03-05 12:00 - 00000000 ___RD C:\Users\Itzak\Contacts
2016-12-11 10:20 - 2012-03-05 12:00 - 00000000 ___RD C:\Users\Itzak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-11 10:19 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-11 10:19 - 2016-07-16 12:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-11 10:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-11 10:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-11 10:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\wbem
2016-12-11 10:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2016-12-11 10:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-11 10:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-11 10:19 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-11 10:19 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-11 10:19 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-11 10:19 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-11 10:19 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-11 10:19 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-11 10:04 - 2014-09-19 07:21 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-12-11 10:04 - 2014-09-19 07:21 - 00002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-12-10 11:16 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-12-10 11:11 - 2015-08-03 18:28 - 00002429 _____ C:\Users\Itzak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-09 09:52 - 2016-08-03 15:43 - 07639617 _____ C:\WINDOWS\system32\nvcoproc.bin

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-11-02 09:21 - 2016-11-02 09:21 - 0000000 _____ () C:\Users\Itzak\AppData\Roaming\9d2c211b-a7d3-4966-a500-06dbed64212a.storage
2016-11-02 09:21 - 2016-11-02 09:21 - 0000000 _____ () C:\Users\Itzak\AppData\Roaming\b946058e-9284-4d97-ab04-a1f1cc535354.storage
2016-11-02 09:21 - 2016-11-02 09:21 - 0000000 _____ () C:\Users\Itzak\AppData\Roaming\ba3ed2c3-5b55-4ce5-b5fd-d73d51ac9b82.storage
2015-06-06 22:41 - 2015-06-06 22:41 - 0000000 _____ () C:\Users\Itzak\AppData\Roaming\d8284ffa-bfdb-48d9-9921-c5f5fed70c90.storage
2012-03-05 17:48 - 2015-11-10 11:18 - 0000600 _____ () C:\Users\Itzak\AppData\Roaming\winscp.rnd
2013-03-12 18:37 - 2013-03-12 18:37 - 0000879 _____ () C:\Users\Itzak\AppData\Local\recently-used.xbel
2016-12-21 13:23 - 2016-12-21 13:23 - 0007602 _____ () C:\Users\Itzak\AppData\Local\Resmon.ResmonCfg
2014-11-19 11:48 - 2014-11-26 20:09 - 0000040 ___SH () C:\ProgramData\.zreglib
2016-08-03 15:43 - 2016-08-03 15:43 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-02-18 09:11 - 2013-02-18 10:53 - 0000285 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-12-09 15:43 - 2015-12-09 15:43 - 0000016 _____ () C:\ProgramData\mntemp
2016-12-20 14:15 - 2017-01-08 14:25 - 0002938 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-20 14:15 - 2017-01-08 14:24 - 0005110 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
2015-12-09 15:43 - 2015-12-09 15:43 - 0004133 _____ () C:\ProgramData\rxsmznjf.zcp

Einige Dateien in TEMP:
====================
C:\Users\Itzak\AppData\Local\Temp\jre-8u111-windows-au.exe
C:\Users\Itzak\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Itzak\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Itzak\AppData\Local\Temp\nvStInst.exe
C:\Users\Itzak\AppData\Local\Temp\NvTelemetry.dll
C:\Users\Itzak\AppData\Local\Temp\NvTelemetryAPI32.dll
C:\Users\Itzak\AppData\Local\Temp\NvTelemetryAPI64.dll
C:\Users\Itzak\AppData\Local\Temp\Synology-Cloud-Station-Backup-Upgrader.exe
C:\Users\Itzak\AppData\Local\Temp\_is50A0.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-12-29 09:18

==================== Ende von FRST.txt ============================

Itzak 08.01.2017 14:31
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 07-01-2017
durchgeführt von Itzak (08-01-2017 14:28:08)
Gestartet von D:\Downloads
Windows 10 Pro Version 1607 (X64) (2016-08-03 14:53:02)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-604251109-3447910946-4235510674-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-604251109-3447910946-4235510674-503 - Limited - Disabled)
Gast (S-1-5-21-604251109-3447910946-4235510674-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-604251109-3447910946-4235510674-1005 - Limited - Enabled)
Itzak (S-1-5-21-604251109-3447910946-4235510674-1000 - Administrator - Enabled) => C:\Users\Itzak

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 8.8.0.1020 - 360 Security Center)
Acronis True Image 2015 (HKLM-x32\...\{2F70A6E6-2F71-4907-8441-BDC5D300310B}Visible) (Version: 18.0.6613 - Acronis)
Acronis True Image 2015 (x32 Version: 18.0.6613 - Acronis) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Amazon Cloud Drive (HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Amazon Cloud Drive) (Version: 2.4.2.25 - Amazon Digital Services, LLC.)
AmoK Exif Sorter 2.5.6 (nur deinstallieren) (HKLM-x32\...\AmoKExifSorter2) (Version:  - )
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.1.6.0000 - Asmedia Technology)
Audiograbber 1.83 SE  (HKLM-x32\...\Audiograbber) (Version: 1.83 SE  - Audiograbber)
Audiograbber MP3-Plugin (64 bit) (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG)
AusweisApp2 (HKLM-x32\...\{385F3958-A62E-49B8-9C2B-9A451664325C}) (Version: 1.8.0 - Governikus GmbH & Co. KG)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.47.30570 - Electronic Arts)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother P-touch Editor 5.1 (HKLM-x32\...\{39270390-A851-4E4B-94A9-D5C468216ED3}) (Version: 5.1.0610 - Brother Industries, Ltd.)
Brother P-touch Update Software (HKLM-x32\...\{FC5EDFE4-E073-4863-BC3F-2560AFA63B73}) (Version: 1.0.0110 - Brother Industries, Ltd.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon Inkjet Printer Driver Add-On Module V2.00 (HKLM\...\CANONIJINBOXADDON200) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Construction-Simulator 2015 (HKLM-x32\...\Steam App 289950) (Version:  - weltenbauer. Software Entwicklung GmbH)
Cover Me (HKLM-x32\...\{3EFEF383-059A-4426-8419-A2469F4B1BC8}_is1) (Version: 2.3 - Programm- & Webdesign)
cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 7.3.2 - REINER SCT)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deutsche Post E-Porto (HKLM-x32\...\{5CCF8330-F742-411A-8A04-719806D168B5}) (Version: 2.3.0 - Deutsche Post AG)
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version:  - )
Dropbox (HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Dropbox) (Version: 18.3.26 - Dropbox, Inc.)
eM Client (HKLM-x32\...\{B922E1AE-C0E5-4318-8BC2-410E045905B6}) (Version: 7.0.26482.0 - eM Client Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
FileBot (HKLM\...\{36A3AA3A-1849-418B-A07D-1ABB5C909179}) (Version: 4.7.7 - Reinhard Pointner)
FolderSort (HKLM-x32\...\FolderSort) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FrameManager (x32 Version: 3.00.0000 - Samsung) Hidden
Free Video Editor (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.53.831 - Digital Wave Ltd)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin)
GlassWire 1.2 (remove only) (HKLM-x32\...\GlassWire 1.2) (Version: 1.2.79 - SecureMix LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Hager prerequisites (HKLM-x32\...\{EB733D93-1923-4F2E-97D1-125AAA8DD59D}) (Version: 1.00.0000 - hager)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
iCloud (HKLM\...\{4BB313CE-D3D1-424C-8823-15CF85B00B05}) (Version: 6.1.0.30 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.13 - Intel(R) Corporation) Hidden
IPCWebComponents 3.1.0.9 (HKLM-x32\...\{4740E1B2-51CF-4083-8976-D6B3B5A5064F}_is1) (Version: 3.1.0.9 - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java SE Development Kit 8 Update 20 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180200}) (Version: 8.0.200.26 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JDownloader 2 (HKLM\...\0630-0716-3135-7887) (Version: 2 - AppWork GmbH)
KeePass Password Safe 1.32 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.32 - Dominik Reichl)
Lame ACM MP3 Codec (HKLM-x32\...\LameACM) (Version:  - )
Logitech Gaming Software 8.83 (HKLM\...\Logitech Gaming Software) (Version: 8.83.85 - Logitech Inc.)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
Mp3tag v2.73 (HKLM-x32\...\Mp3tag) (Version: v2.73 - Florian Heidenreich)
MyHarmony (HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Notepad++ (HKLM\...\Notepad++) (Version: 7 - Notepad++ Team)
NVIDIA GeForce Experience 3.2.0.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.0.96 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 4.3.20 (HKLM\...\{DD8F7A7A-852F-4648-8A73-B8FC1DF5F082}) (Version: 4.3.20 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.3.3.1921 - Electronic Arts, Inc.)
Photo Station Uploader (remove only) (HKLM-x32\...\Photo Station Uploader) (Version:  - Synology)
POIbase 2.0.11 (HKLM-x32\...\POIbase_is1) (Version:  - POIbase)
Potplayer-64 bit (HKLM\...\PotPlayer64) (Version:  - Kakao Corp.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7719 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SanDisk SSD Dashboard (HKLM-x32\...\SanDisk SSD Dashboard) (Version: 1.4.2 - SanDisk Corporation)
SanDisk SSD Dashboard Service (HKLM-x32\...\{EE9255E4-283A-4318-ABB6-A75BEE59ACA3}) (Version: 1.0.0 - SanDisk Corporation)
SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.2.0.96 - NVIDIA Corporation) Hidden
Silhouette Studio (HKLM-x32\...\{EAF328EC-5F1A-4F2F-875C-331BFC389F73}) (Version: 3.8.118 - Silhouette America)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 34.7.35161 - Sonos, Inc.)
Spotify (HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\Spotify) (Version: 1.0.44.100.ga60c0ce1 - Spotify AB)
SRC System™ Upgrades (HKLM-x32\...\{EB38E598-181D-4CD7-800F-A4F525ECEC56}) (Version: 3.0.6 - SRC Systems)
StarMoney (x32 Version: 3.0.3.21 - StarFinanz) Hidden
StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney (x32 Version: 5.0.0.226 - StarFinanz) Hidden
StarMoney 10  (HKLM-x32\...\{20104F01-DE87-4B04-B6E0-7B796DB07A90}) (Version: 10 - Star Finanz GmbH)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steuer 2014 (HKLM-x32\...\{2EE860C7-4551-479F-AF01-328B8AA46051}) (Version: 22.00.8811 - Buhl Data Service GmbH)
Steuer 2015 (HKLM-x32\...\{E262CD3B-8825-4D56-AEF1-5E127F2FBB05}) (Version: 23.00.1146 - Buhl Data Service GmbH)
Steuer 2016 (HKLM-x32\...\{284354A5-0D3A-4065-A997-C21762D0160E}) (Version: 24.00.1375 - Buhl Data Service GmbH)
SurveillanceHelper (HKLM-x32\...\{29004F05-17B9-4A06-9628-2C5159BE8717}) (Version: 1.0.0.5 - Synology)
SurveillancePlugin (HKLM-x32\...\{F42010FB-1772-4BA3-B4F3-43532CC6F9BD}) (Version: 1.0.0.1135 - Synology)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version:  - )
Synology Cloud Station Backup (HKLM-x32\...\{8EF0D9E8-B32E-43B8-B29D-55B8B374EF83}) (Version: 4.0.4164 - Synology)
Tablegallery Creator 0.9.3 (HKLM-x32\...\{41E8B73B-7E5B-4C0A-B79D-46571B34675C}_is1) (Version:  - PA-S.de)
Thunder Master v2.24 (HKLM-x32\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 2.24.0.4 - Palit Microsystems Ltd.)
TomTom HOME (HKLM-x32\...\{F76EFA2A-BF0B-47BC-9AD5-857FFBD3CC79}) (Version: 2.9.93 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.57a - Ghisler Software GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
Train Simulator 2015 (HKLM-x32\...\Steam App 24010) (Version:  - Dovetail Games)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Tyre (HKLM\...\Tyre_is1) (Version: 6.4.7.1 - 't Schrijverke)
Uplay (HKLM-x32\...\Uplay) (Version: 27.0 - Ubisoft)
Virtual Com port driver V1.4.0 (HKLM-x32\...\{AF0ACDD1-3842-47C7-B153-B8DB92CDA42D}) (Version: 1.4.0 - STMicroelectronics)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
WhoCrashed 4.02 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 4.0 - Sysprogs)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - STMicroelectronics (usbser) Ports  (08/02/2013 1.4.0) (HKLM\...\04B4996F06620A7ECFBFE8F9BCC458F9761E39F7) (Version: 08/02/2013 1.4.0 - STMicroelectronics)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
WinSCP 5.7.6 (HKLM-x32\...\winscp3_is1) (Version: 5.7.6 - Martin Prikryl)
XMedia Recode Version 3.3.5.4 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.3.5.4 - XMedia Recode)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Itzak\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\ContextMenu.dll => Ke (Der Dateneintrag hat 9 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Itzak\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Itzak\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll => Ke (Der Dateneintrag hat 9 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Itzak\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll => Ke (Der Dateneintrag hat 9 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Itzak\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll => Ke (Der Dateneintrag hat 9 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Itzak\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll => Ke (Der Dateneintrag hat 9 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Itzak\AppData\Local\CloudStation\CloudStation.app\icon-overlay\16\x64\iconOverlay.dll => Ke (Der Dateneintrag hat 9 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.10.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.10.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.10.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.10.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.10.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.10.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.10.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.10.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.10.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.10.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.10.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Itzak\AppData\Roaming\Dropbox\bin\DropboxExt64.10.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-604251109-3447910946-4235510674-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Itzak\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03DA1727-1E7E-4647-9107-125841E554CC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-604251109-3447910946-4235510674-1000UA1d2206a1ad5b733 => C:\Users\Itzak\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-10-07] (Dropbox, Inc.)
Task: {04A6CB63-02AC-498A-AEF7-F34213F80FFC} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-13] (NVIDIA Corporation)
Task: {0E644A6A-465E-446F-BCA2-C6B1DA3C7B44} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {10C7E449-B1AE-4F0C-B42D-3B14C03EA353} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {13F7280A-FC30-4C60-AE9F-103A22A04761} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {148C5B6D-0BA4-45AA-930C-58603A370419} - System32\Tasks\ThunderMaster => C:\Program Files (x86)\Thunder Master\THPanel.exe [2016-10-26] (Palit Microsystems Ltd.)
Task: {16818169-C5FF-4FFF-8463-EAE76DE325B4} - System32\Tasks\Auto Re-Aktivierung => C:\WINDOWS\Re-Aktivierung\TriggerKMS.exe
Task: {1A438826-8381-44D6-A6B9-8F489490F86D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1BE75B25-9E44-4F82-95D6-D79F60FF3247} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1C6DD77D-AB5E-418E-B080-7465A113AA72} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {1DB68B97-5E42-4243-BEAC-352D4631D448} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {1DE85612-34FA-429A-9D31-5CDBC2650323} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {28AF8722-4067-428D-8BE0-E65205185B0B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2C5221B0-8B83-4B8E-906D-780929431FF7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-22] (Adobe Systems Incorporated)
Task: {2E10089B-1905-4ED7-A1B8-17F8A282C937} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {30BF04BD-51F6-4C3C-B750-B353D96C790B} - System32\Tasks\{F85FDCD8-FFDA-4C6F-9039-10578B75D43C} => pcalua.exe -a "D:\Downloads\CDM v2.12.00 WHQL Certified.exe" -d D:\Downloads
Task: {321BC64F-22B4-4376-A69F-320A591125C3} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {363C68F3-5108-4C94-9983-22B6B52E53E8} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {3C5D9AEF-95DD-4319-ADD1-36358CC31355} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {3EEB8463-7733-4D40-8E4F-CBABDC0ACE94} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {44E5FC0B-7C72-45E2-9C56-43CC558E11E3} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {527B5428-05E5-403D-B2D7-755ED2A1DEFB} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {5499FFD0-826B-4096-8C27-30A24297365B} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {58B2726F-506A-407F-B9E7-FAD0DD8619E6} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5CE0D393-4B2E-4944-9805-0BD380767BC1} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {62288C56-DDDF-4142-BD1B-F2CA98561609} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\devicecenter.exe
Task: {632484DB-1288-42DB-B76E-83BEC2218227} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6560F753-677B-4BE0-A2BC-A91590BFA8F9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-12-04] (Microsoft Corporation)
Task: {6A634882-1CC1-47AE-9E53-AB984D364811} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {6FF09415-7C69-4BD7-8EF6-6A9DC235EA5F} - System32\Tasks\Synology Data Replicator 3-MicrosoftAccount-Itzak => D:\Program Files (x86)\Synology Data Replicator  3\Backup.exe
Task: {70F31CE2-B841-4129-99F4-B4823E566B60} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {729E051B-73D4-4664-B011-0946DD0503EC} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-13] (NVIDIA Corporation)
Task: {79BE931D-60F4-41CF-968F-6C2B2E59C472} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {7C94D902-6042-4C63-9E48-BB6585BFA4E8} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7D06D97B-AD42-4992-967C-8C418A313842} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {7F2B149E-C668-4E50-A541-94CB10212B52} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {7FFB4346-F6CE-46BD-B04C-70751983D698} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {81AA9449-0338-4196-AB82-C8EB4802916D} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {820EA85A-972F-4EBE-A45E-D5CF5CC41D10} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-12-14] (Microsoft Corporation)
Task: {86B3D654-3432-4D56-987D-80CE54A524BE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-12-04] (Microsoft Corporation)
Task: {8E6552C0-1141-45A4-8D28-92FC52F385F1} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {940F77E4-F09F-4AA0-BE28-652B174DA722} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-604251109-3447910946-4235510674-1000Core1d2206a1abd9e22 => C:\Users\Itzak\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-10-07] (Dropbox, Inc.)
Task: {9AE661AD-32D1-4A04-99D0-D58B7CDB48F3} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A25740DF-EDB7-4A45-AD60-2AA78AC01EF5} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {A2D6F1EF-5B92-4C7F-B8F7-1BE485C64CB9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-04] (Microsoft Corporation)
Task: {A655583C-D998-407F-860A-D7C5A2699017} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {ACD4ADF0-2F7F-4B57-804A-8CC5EA627F17} - System32\Tasks\eM Client Database Backup => C:\Program Files (x86)\eM Client\DbBackup.exe [2016-07-04] ()
Task: {AD623EF0-0C13-40CB-860C-2F12DAE21D1A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {B14BE625-F4EE-4F3A-AD35-B91AC588CDD2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {B63AE05A-08FC-47F0-AEC9-853F0EDD2525} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {BEE9CE76-88FB-41FB-B94E-36A4B7A35958} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C14B2F09-47D5-4543-A6A0-2A0AF1E879AC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {C5ED53C6-CC1A-402F-B665-7E2EBC15CD43} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-12-13] (NVIDIA Corporation)
Task: {D5EAEB49-5195-4869-99F4-B092EA0AA9C9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DADF524D-EEC1-4628-832F-20418DBAD74F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {DDBC1508-AF66-413F-80A3-49CCB18896AD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {DF7DD8B8-432C-4233-B1B2-4F721381514B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {E12A349D-7047-4102-A1A7-9CAB00DE3533} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {E518C07C-FA41-4267-BD27-7BCE1EE2293D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E57344A7-1763-48EC-BC91-CE875741ABAA} - System32\Tasks\SamsungMagician => d:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {E78D8472-DFBD-4C2D-A673-62E6802DBEAE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {EBD96801-4989-42DA-A8EB-0D580E64A981} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {EFBE991D-2AB8-42F8-BA1D-C936AD834C64} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F67C96C7-EEBA-4552-BC60-6BEE7AA937C1} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {FABBEB4E-6065-4957-8BFD-1BA469C1CCA8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-604251109-3447910946-4235510674-1000Core1d2206a1abd9e22.job => C:\Users\Itzak\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-604251109-3447910946-4235510674-1000UA1d2206a1ad5b733.job => C:\Users\Itzak\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\Synology Data Replicator 3-MicrosoftAccount-Itzak.job => D:\Program Files (x86)\Synology Data Replicator  3\Backup.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Itzak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\VXG Media Player.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hncknjnnbahamgpjoafdebabmoamcnni

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 09:04 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2013-03-25 10:07 - 2010-06-17 20:56 - 00087040 _____ () C:\WINDOWS\System32\redmonnt.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-02-25 19:01 - 2016-02-25 19:01 - 00287240 _____ () C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
2016-10-07 08:16 - 2016-12-13 00:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-07 08:16 - 2016-12-13 00:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2014-02-25 02:28 - 2014-02-25 02:28 - 00248736 _____ () d:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2016-08-03 15:43 - 2016-12-11 19:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-14 09:04 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-10 11:11 - 2016-12-10 11:11 - 01678560 _____ () C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\ClientTelemetry.dll
2016-09-15 09:51 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-14 09:04 - 2016-12-09 10:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-09 12:38 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 12:38 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 12:38 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-09 12:38 - 2016-11-02 11:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-09 12:38 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 12:38 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-09 12:38 - 2016-11-02 11:13 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-04-28 23:49 - 2016-04-28 23:49 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-04-28 23:49 - 2016-04-28 23:49 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-04-17 09:27 - 2016-08-10 11:54 - 01153448 _____ () C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
2016-11-09 12:38 - 2016-11-02 11:13 - 00115712 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\DeviceSideServicesActionUriHandler.dll
2016-11-09 12:38 - 2016-11-02 11:13 - 00522752 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2016-07-16 12:43 - 2016-07-16 23:56 - 00040448 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2016-07-16 12:43 - 2016-07-16 23:56 - 00813056 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2016-07-16 12:43 - 2016-07-16 23:56 - 00963584 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2016-07-16 12:43 - 2016-07-16 23:56 - 00249344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2016-07-16 12:43 - 2016-07-16 23:56 - 00572416 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2016-07-16 12:43 - 2016-07-16 23:56 - 00403968 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2016-07-16 12:43 - 2016-07-16 23:56 - 00183296 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2016-07-16 12:43 - 2016-07-16 23:56 - 00288256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2016-12-14 09:04 - 2016-12-14 09:05 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2015-04-17 09:27 - 2016-08-10 11:54 - 00099240 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll
2016-12-14 11:53 - 2016-10-27 12:31 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-12-14 11:53 - 2016-10-27 12:31 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-12-14 11:53 - 2016-10-27 12:31 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-12-14 11:53 - 2016-10-27 12:31 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-10-12 09:19 - 2016-12-21 13:57 - 02493440 _____ () D:\Program Files (x86)\Origin\libGLESv2.dll
2016-12-01 10:55 - 2016-01-28 15:33 - 01058624 _____ () d:\Program Files (x86)\StarMoney 10\ouservice\libxml2.dll
2016-12-01 10:55 - 2011-01-13 10:44 - 00232800 _____ () d:\Program Files (x86)\StarMoney 10\ouservice\PATCHW32.dll
2015-04-06 14:12 - 2016-12-13 00:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-10-07 08:16 - 2016-12-13 00:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-10-07 08:16 - 2016-12-13 00:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-12-10 11:11 - 2016-12-10 11:11 - 01244376 _____ () C:\Users\Itzak\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll
2016-11-17 01:29 - 2016-11-17 01:29 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 17:13 - 2016-09-01 17:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2013-12-02 20:32 - 2014-09-28 17:59 - 00019872 _____ () d:\Program Files (x86)\Samsung SSD Magician\SAMSUNG_SSD.dll
2017-01-07 11:45 - 2017-01-04 20:53 - 00801600 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2016-10-02 08:02 - 2016-12-21 09:44 - 00035792 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-10-02 08:02 - 2016-12-21 09:44 - 00100296 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-10-02 08:02 - 2016-12-21 09:44 - 00018888 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\select.pyd
2016-10-02 08:02 - 2017-01-04 20:55 - 00019776 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-10-02 08:02 - 2016-12-21 09:44 - 00694224 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-01-07 11:45 - 2017-01-04 20:55 - 00020824 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-10-02 08:02 - 2016-12-21 09:45 - 00123856 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2017-01-07 11:45 - 2017-01-04 20:55 - 01682768 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-01-07 11:45 - 2017-01-04 20:55 - 00020816 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-01-07 11:45 - 2016-12-21 09:44 - 00145864 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-01-07 11:45 - 2016-12-21 09:45 - 00019408 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2017-01-07 11:45 - 2016-12-21 09:44 - 00116688 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-10-02 08:02 - 2016-12-21 09:46 - 00105928 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-10-02 08:02 - 2017-01-04 20:56 - 00022864 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-01-07 11:45 - 2017-01-04 20:55 - 00052032 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-01-07 11:45 - 2017-01-04 20:55 - 00038712 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\fastpath.pyd
2017-01-07 11:45 - 2016-12-21 09:44 - 00392144 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-01-07 11:45 - 2016-12-21 09:46 - 00020936 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-10-02 08:02 - 2016-12-21 09:46 - 00024528 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-10-02 08:02 - 2016-12-21 09:47 - 00116176 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-10-02 08:02 - 2017-01-04 20:55 - 00381760 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-10-02 08:02 - 2016-12-21 09:46 - 00124880 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-10-02 08:02 - 2017-01-04 20:56 - 00026456 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-10-02 08:02 - 2016-12-21 09:46 - 00024016 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-10-02 08:02 - 2016-12-21 09:46 - 00175560 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-10-02 08:02 - 2016-12-21 09:46 - 00030160 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-10-02 08:02 - 2016-12-21 09:46 - 00043472 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-10-02 08:02 - 2016-12-21 09:47 - 00048592 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-10-02 08:02 - 2016-12-21 09:46 - 00057808 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-10-02 08:02 - 2016-12-21 09:46 - 00024016 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-01-07 11:45 - 2017-01-04 20:55 - 00246608 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2017-01-07 11:45 - 2017-01-04 20:55 - 00027488 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-10-02 08:02 - 2016-12-21 09:45 - 00241104 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2017-01-07 11:45 - 2017-01-04 20:55 - 00022336 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-10-02 08:02 - 2016-12-21 09:47 - 00028616 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-10-02 08:02 - 2017-01-04 20:56 - 00025432 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2017-01-07 11:45 - 2017-01-04 20:56 - 00022872 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-07 11:45 - 2017-01-04 20:56 - 00021848 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-07 11:45 - 2017-01-04 20:56 - 00022872 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2017-01-07 11:45 - 2017-01-04 20:55 - 01826104 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-10-02 08:02 - 2016-12-21 09:45 - 00083912 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\sip.pyd
2017-01-07 11:45 - 2017-01-04 20:55 - 00531264 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-01-07 11:45 - 2017-01-04 20:55 - 03928896 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-01-07 11:45 - 2017-01-04 20:55 - 01972536 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-01-07 11:45 - 2017-01-04 20:55 - 00133432 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-01-07 11:45 - 2017-01-04 20:55 - 00224064 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-01-07 11:45 - 2017-01-04 20:55 - 00207680 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-01-07 11:45 - 2017-01-04 20:56 - 00021840 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2016-10-02 08:02 - 2016-12-21 09:47 - 00350152 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2017-01-07 11:45 - 2017-01-04 20:55 - 00103232 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.pyd
2016-10-02 08:02 - 2017-01-04 20:56 - 00023896 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-01-07 11:45 - 2017-01-04 20:55 - 00025936 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-01-07 11:45 - 2016-12-21 09:42 - 00036296 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\librsync.dll
2017-01-07 11:45 - 2017-01-04 20:55 - 00033112 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2017-01-07 11:45 - 2016-12-02 20:21 - 00293392 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2017-01-07 11:45 - 2017-01-04 20:55 - 00084288 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-01-07 11:45 - 2016-12-21 09:50 - 00017864 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\libEGL.dll
2017-01-07 11:45 - 2016-12-21 09:50 - 01631184 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-01-07 11:45 - 2017-01-04 20:55 - 00042816 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-01-07 11:45 - 2017-01-04 20:55 - 00171336 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-01-07 11:45 - 2017-01-04 20:55 - 00357688 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-10-02 08:02 - 2016-12-21 09:46 - 00060880 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-10-02 08:02 - 2017-01-04 20:55 - 00069968 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd
2016-10-02 08:02 - 2017-01-04 20:56 - 00026456 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-01-07 11:45 - 2017-01-04 20:55 - 00546104 _____ () C:\Users\Itzak\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-07-20 09:08 - 2015-07-20 09:08 - 00037696 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2015-07-20 09:08 - 2015-07-20 09:08 - 00034624 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2015-07-20 09:15 - 2015-07-20 09:15 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2015-07-20 09:10 - 2015-07-20 09:10 - 00129344 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll
2015-04-17 09:27 - 2016-08-10 11:54 - 00582056 _____ () C:\Program Files (x86)\360\Total Security\safemon\wdui2.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 00123918 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\libgcc_s_dw2-1.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 01026062 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\libstdc++-6.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 00524460 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\libcurl-4.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 03036942 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\libsqlite3-0.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 01798570 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\icuuc53.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 00115214 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\zlib1.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 03095505 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\icuin53.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 21565192 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\icudt53.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 00712704 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\platforms\qwindows.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 00031744 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qgif.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 00046080 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qicns.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 00032768 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qico.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 00516608 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qjp2.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 00243200 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qjpeg.dll
2017-01-04 09:01 - 2017-01-04 09:01 - 00431616 _____ () C:\Users\Itzak\AppData\Local\CloudStationBackup\CloudStation.app\bin\imageformats\qtiff.dll
2016-10-07 08:16 - 2016-12-12 15:36 - 00525760 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-10-07 08:16 - 2016-12-12 15:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-10-07 08:16 - 2016-12-12 15:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-10-07 08:16 - 2016-12-12 15:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-10-07 08:16 - 2016-12-12 15:36 - 00447424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-10-07 08:16 - 2016-12-12 15:36 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-10-07 08:16 - 2016-12-12 15:36 - 01003456 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-12-20 14:15 - 2016-12-12 15:36 - 00956472 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-604251109-3447910946-4235510674-1000\...\127.0.0.1 -> hxxp://127.0.0.1

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2014-04-27 07:18 - 00000890 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 activation.acronis.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-604251109-3447910946-4235510674-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Itzak\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\hintergrundbild der windows-fotoanzeige.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "XboxStat"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [{4F0CCC1A-C0A0-49BA-AE30-022AF68421A9}] => C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{B0269778-0B87-4560-9089-2BCACA95FAD1}] => C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{D68F41DC-5DCE-4A8E-BDB4-F743C5A56854}] => C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{32E742D4-F2E3-4FD0-9F7B-6AF19BA33F5A}] => D:\Program Files (x86)\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{B05E5115-5788-4F5C-8C40-E5671F3FDBD8}] => D:\Program Files (x86)\Steam\SteamApps\common\RailWorks\RailWorks.exe
FirewallRules: [{D999AEA7-03CF-451E-A447-F1D6F120B972}] => D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BECDFF58-BAB7-479A-B314-3C99B27C99DA}] => D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{267A501C-9FA4-406B-93BE-DC8B744E3E99}] => D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D3B67742-245B-4A65-B738-CC09C2167E5C}] => D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4A3FAE8D-37EA-4B56-9815-9F98B9CCFE16}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B443CB71-17EE-43EF-9813-07E8CF4435D9}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{63F79AB6-14A8-44C0-AAD4-46F6DC5E0806}C:\program files (x86)\google\chrome\application\chrome.exe] => C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{DD196FD9-E837-410E-BDC4-BC5320DB4121}C:\program files (x86)\google\chrome\application\chrome.exe] => C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{FB237B61-6385-4A3F-AA5B-84AA742A769E}C:\users\itzak\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\itzak\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{AF060E2E-B5BA-4B3D-8E25-3FB1C3AA0985}C:\users\itzak\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\itzak\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{E41E8FCA-3595-47FA-9B50-33BA8D779A60}] => C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{CB3D1F40-9CC5-4FCC-AFD5-0B356B3EB7C1}] => C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [AusweisApp2-Firewall-Rule] => C:\Program Files (x86)\AusweisApp2 1.8.0\AusweisApp2.exe
FirewallRules: [{76D1B933-A554-4CEB-B25A-527E072E3AD5}] => D:\Program Files (x86)\Steam\SteamApps\common\ConSim2015\ConSim2015.exe
FirewallRules: [{F9AA33A9-A7B9-4713-BCB3-7270A6867D75}] => D:\Program Files (x86)\Steam\SteamApps\common\ConSim2015\ConSim2015.exe
FirewallRules: [TCP Query User{81040AB3-D91A-4B5E-94F8-FFBBC9D7F95B}C:\users\itzak\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-connect.exe] => C:\users\itzak\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-connect.exe
FirewallRules: [UDP Query User{8C2C5644-FEB8-44DF-BFC9-747D51BBB1B6}C:\users\itzak\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-connect.exe] => C:\users\itzak\appdata\local\cloudstationbackup\cloudstation.app\bin\cloud-backup-connect.exe
FirewallRules: [{094A48FC-CE6E-4F2E-AB59-BC6D5BD02DF4}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7DAF97BA-76A1-4C14-ABE5-4444F34FB747}] => LPort=2869
FirewallRules: [{7D26F0BD-DF5A-4E91-9260-8014D8AD60F9}] => LPort=1900
FirewallRules: [TCP Query User{CA0EFE25-889E-4E45-AAA7-4761D3838EFA}C:\users\itzak\appdata\roaming\spotify\spotify.exe] => C:\users\itzak\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5A3C289A-EC34-4D35-9F99-715B1E3CD38B}C:\users\itzak\appdata\roaming\spotify\spotify.exe] => C:\users\itzak\appdata\roaming\spotify\spotify.exe
FirewallRules: [{6BFAB516-885E-4360-88DD-7EFB105EE4C1}] => C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{4F96BABA-43B9-4D0C-A21C-54137B03E248}] => C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [TCP Query User{B6199E25-7265-44A2-89D3-0787BDD9FC1D}C:\users\itzak\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\itzak\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{B5306368-08A4-4F46-AA8A-3AF02EA5B480}C:\users\itzak\appdata\roaming\dropbox\bin\dropbox.exe] => C:\users\itzak\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{EA5B0FB2-4CC7-4C27-8BCF-F71D378CCED6}] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{6AE15612-93FB-49B6-B705-0F9C6EBF0EB1}] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [TCP Query User{DCAE1867-B3AD-453D-88C0-1969775D330B}D:\downloads\ipcamera.exe] => D:\downloads\ipcamera.exe
FirewallRules: [UDP Query User{39AE2B95-4AFB-44DF-8B53-798E1E9A0ADA}D:\downloads\ipcamera.exe] => D:\downloads\ipcamera.exe
FirewallRules: [{A664F6A7-F8DF-46C3-ADF7-7EADEF39BFFD}] => D:\downloads\ipcamera.exe
FirewallRules: [{A3107512-52C3-4453-BF45-50B897B15B2D}] => D:\downloads\ipcamera.exe
FirewallRules: [{A6BA4365-0114-476F-AE8A-685CABE4A04E}] => C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{EC965FC9-3458-411B-9BA0-F3C05781FF71}] => C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{1207813A-1864-4BD6-BF56-7E9DFF16E0DF}] => D:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{AA9BC20D-3AEF-4F0F-8146-B8E0978C1BD0}] => D:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{169BEF8E-B443-4177-B9A6-1AF00E7CC576}] => D:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{A94DCA6B-2A4F-43C5-B07B-E921475A3CBA}] => D:\Program Files (x86)\Steam\SteamApps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{E9824D28-25B0-46C8-8961-FB4AE80CA706}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7CAF28B9-62A7-4D9D-98B0-EE1BEE5F0A24}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{E26B86CD-E592-4318-B6C1-C16C3FD3A9C0}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{0E0B23B6-891A-47A3-9B4B-5DEBCF0018C0}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{33B71DCB-D5B8-4729-A45F-3308C7EAB4EA}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{60B31692-66A4-41A7-BD80-53045B171B67}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C6737FEF-D9E8-453E-9E17-8300B94C3B63}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E9D95019-C9B3-4C11-827B-017ABAA7F645}] => D:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{0FFC6FC5-BA8E-4F8F-B1C9-51411C81D8EC}] => D:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{F80E74D6-7EB8-445A-B0BB-8B0DA3FFA635}] => D:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{5ED17D8C-5C4A-44D0-B2D5-8238A3C8A816}] => D:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{2F9098A2-10BD-4570-B497-917A7F5F3C89}] => C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{81163227-44AC-4DF8-8B8A-187232D10F4D}] => C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{DBCA294F-2289-432B-88DC-7D5F02963128}] => C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{76BB2E00-270F-4D75-BA69-679419EBFB77}] => C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{8592047B-22CC-4908-898F-845093143949}] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{B8A70BF0-8758-41CB-BB50-321207863369}] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/06/2017 02:33:50 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (01/06/2017 01:56:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x254c
Startzeit der fehlerhaften Anwendung: 0x01d2681c580e2f6c
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: c265cc5f-0bb2-4fab-a72c-f1027957e1e5
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (01/06/2017 01:56:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x254c
Startzeit der fehlerhaften Anwendung: 0x01d2681c580e2f6c
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 47ab66ea-b08e-4024-aa75-90f7527aef09
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (01/06/2017 11:32:14 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {7e47b561-971a-46e6-96b9-696eeaa53b2a}
  Generatorname: MSMQ Writer (MSMQ)
  Generatorinstanzname: MSMQ Writer (MSMQ)
  Generatorinstanz-ID: {3cb98c96-a818-42af-aa2e-4a5ec40e9e2b}

Error: (01/06/2017 11:32:14 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {3eeb5246-ee59-4e98-9c9f-febc2f8d203e}

Error: (01/06/2017 10:50:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x45f0
Startzeit der fehlerhaften Anwendung: 0x01d268025bc9407e
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 880be25f-481a-486d-882b-6417ec77f9a9
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (01/06/2017 10:50:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x45f0
Startzeit der fehlerhaften Anwendung: 0x01d268025bc9407e
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: a1929221-75d4-40cc-aab9-82a959c22e21
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (01/06/2017 09:30:53 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {7e47b561-971a-46e6-96b9-696eeaa53b2a}
  Generatorname: MSMQ Writer (MSMQ)
  Generatorinstanzname: MSMQ Writer (MSMQ)
  Generatorinstanz-ID: {3cb98c96-a818-42af-aa2e-4a5ec40e9e2b}

Error: (01/06/2017 09:30:53 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {3eeb5246-ee59-4e98-9c9f-febc2f8d203e}

Error: (01/05/2017 12:47:36 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {7e47b561-971a-46e6-96b9-696eeaa53b2a}
  Generatorname: MSMQ Writer (MSMQ)
  Generatorinstanzname: MSMQ Writer (MSMQ)
  Generatorinstanz-ID: {3cb98c96-a818-42af-aa2e-4a5ec40e9e2b}


Systemfehler:
=============
Error: (01/08/2017 02:28:08 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/08/2017 02:27:08 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler

Error: (01/08/2017 02:26:13 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.82
registriert werden. Der Computer mit IP-Adresse 192.168.178.32 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/08/2017 02:25:23 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.82
registriert werden. Der Computer mit IP-Adresse 192.168.178.32 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/08/2017 02:25:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/08/2017 02:25:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/08/2017 02:25:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/08/2017 02:25:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "tib_mounter" wurde aufgrund folgenden Fehlers nicht gestartet:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (01/08/2017 02:24:34 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (01/08/2017 02:24:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2017-01-07 12:06:48.541
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-07 12:06:43.850
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-06 13:56:57.557
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-06 13:56:49.484
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-06 10:50:48.776
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-06 10:50:44.782
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2017-01-01 15:48:50.507
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-12-13 11:22:50.319
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-12-13 11:22:49.827
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.

  Date: 2016-12-13 11:22:40.968
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 16%
Installierter physikalischer RAM: 16333.91 MB
Verfügbarer physikalischer RAM: 13701.66 MB
Summe virtueller Speicher: 18765.91 MB
Verfügbarer virtueller Speicher: 16031.35 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:118.7 GB) (Free:21.74 GB) NTFS
Drive d: (Programme) (Fixed) (Total:238.47 GB) (Free:93.05 GB) NTFS
Drive e: (Dateien) (Fixed) (Total:133.02 GB) (Free:77.23 GB) NTFS
Drive f: (Media) (Fixed) (Total:105.46 GB) (Free:90.52 GB) NTFS
Drive g: (Serien) (Fixed) (Total:1863.01 GB) (Free:119.32 GB) NTFS
Drive u: (music) (Network) (Total:2746.22 GB) (Free:531.47 GB) NTFS
Drive v: (video) (Network) (Total:2746.22 GB) (Free:531.47 GB) NTFS
Drive w: (photo) (Network) (Total:2746.22 GB) (Free:531.47 GB) NTFS
Drive x: (BackupWin) (Network) (Total:2746.22 GB) (Free:531.47 GB) NTFS
Drive y: (XXX) (Network) (Total:2746.22 GB) (Free:531.47 GB) NTFS
Drive z: (Downloads) (Network) (Total:2746.22 GB) (Free:531.47 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 93C8D357)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 1C84C816)
Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 729954F6)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Deathkid535 09.01.2017 13:10
Hi,

Schritt # 1: ESET


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt # 2: Bitte Posten
  • Das Log von ESET

Itzak 09.01.2017 20:31
Dann hier das Log von ESET.

Zwei der drei gefundenen Dateien sind schon ewig drauf, dürften mit meinem Prob. nichts zu tun haben.
Dieses FusionCore sagt mir nichts.

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1a3303211ad63d4885364490e2d7d2db
# end=init
# utc_time=2017-01-09 12:33:14
# local_time=2017-01-09 01:33:14 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 32002
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1a3303211ad63d4885364490e2d7d2db
# end=updated
# utc_time=2017-01-09 12:36:15
# local_time=2017-01-09 01:36:15 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=1a3303211ad63d4885364490e2d7d2db
# engine=32002
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-01-09 01:57:31
# local_time=2017-01-09 02:57:31 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 9869088 57646518 0 0
# compatibility_mode_1='360 Total Security'
# compatibility_mode=16649 16777213 100 100 7917 13143791 0 0
# scanned=439366
# found=3
# cleaned=0
# scan_time=4875
sh=48CD087E573F488895E86109CBCA51ACDA9F6404 ft=1 fh=e66c803a1a00765e vn="Win32/FusionCore.I eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Itzak\AppData\Local\Temp\is-1PE6J.tmp\Fusion.dll"
sh=F679F9CF95C7ABEEA0FEA1B1C1AFA1076E2B2F79 ft=0 fh=0000000000000000 vn="Android/Exploit.Towel.A Trojaner" ac=I fn="D:\Downloads\adbfw200\adbFire\tr.apk"
sh=28263300A1ED3ADD0FEC88B85B2DB13BABF23B7E ft=0 fh=0000000000000000 vn="Win32/Packed.Autoit.H verdächtige Datei" ac=I fn="E:\FritzBox\ruKernelTool.zip"
Möchte noch erwähnen, dass es der "Einfriereffekt" scheinbar nun weg ist. Zumindest ist er eben, als ich eine Datei in einem Forum hochladen wollte, nicht aufgetreten :)

Deathkid535 10.01.2017 14:04
Aber die Dateien lassen sich trotzdem nicht hochladen?

Itzak 10.01.2017 14:11
Moin!

Hab das heute mal mit diversen Neustarts (sind nötig, weil nach einem Versuch klappt es dann immer normal) und diversen Foren probiert.
Geht wieder einwandfrei!!

Ob es jetzt an einem der oben gelöschten Dateien gelegen hat, würde mich aber schon interessieren. Und was es mit dieser FusionCore auf sich hat.

Wie gesagt, die beiden anderen "Bedrohungen" sind mir bekannt, die können nicht verantwortlich sein.

Danke!!

Deathkid535 10.01.2017 14:40
Hi,

Sicher ist sicher, die Datei kommt weg :)

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\Users\Itzak\AppData\Local\Temp\is-1PE6J.tmp\Fusion.dll

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Treten sonst noch Probleme auf?

Itzak 10.01.2017 14:48
Bitte!

Nein, sonst keine Probleme :)


Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-01-2017
durchgeführt von Itzak (10-01-2017 14:47:41) Run:1
Gestartet von D:\Downloads
Geladene Profile: Itzak & DefaultAppPool (Verfügbare Profile: Itzak & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\Users\Itzak\AppData\Local\Temp\is-1PE6J.tmp\Fusion.dll
*****************

C:\Users\Itzak\AppData\Local\Temp\is-1PE6J.tmp\Fusion.dll => erfolgreich verschoben

==== Ende von Fixlog 14:47:41 ====

Deathkid535 11.01.2017 08:07
Hi,

dann bist du entlassen :)

Dann wären wir hier durch. Deine Logs sind sauber :)

Falls du deine Passwörter nicht regelmäßig änderst - jetzt ist der Zeitpunkt dafür!

Schritt # 1: Entfernen unserer Tools

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Abschließend noch ein paar Tipps von mir:

Schritt # 2: Empfohlene Software

Habe immer ein aktuelles Antivirenprogramm deiner Wahl installiert und aktiviere die automatischen Updates (standardmäßig eingeschaltet).

Ich empfehle:

Verwende nach Möglichkeit nicht den Internet Explorer, da dieser viele Sicherheitslücken enthält. Achte aber darauf, dass er immer up to date bleibt, weil viele Programme diesen zum Anzeigen von Websites benutzen.

Alternativ kannst du verwenden:Dazu sind folgende Add-ons empfehlenswert:

http://i1366.photobucket.com/albums/...psgqd3flcy.pnguBlock Origin (Chrome) --> Blockiert Werbung. Werbung kann sehr nervig sein, aber auch auf schädliche Links verweisen. uBlock ist effizienter als der Konkurrent AdblockPlus.
http://filepony.de/icon/tiny/ghostery_chrome.pngGhostery --> Blockiert Tracker und Cookies, welche dich im Internet nachverfolgen können. Stelle jedoch bei der Installation sicher, dass du Ghostrank nicht zustimmst.

Du kannst auch http://filepony.de/icon/tiny/malware...ti_exploit.pngMalwarebytes Anti-Exploit verwenden, um aktuelle Sicherheitslücken zu stopfen.

Halte immer deine Plug-ins und Software aktuell, vor allem:Du kannst diese komfortabel regelmäßig hiermit überprüfen:

PluginCheck
Filehippo App Manager



Schritt # 3: Tipps um eine Neuinfektion zu vermeiden

Downloade nach Möglichkeit immer direkt von der Herstellerseite oder alternativ von einem sauberen Download-Portal wie FilePony.de. Von Downloadern wie die von Chip, Softonic und Sourceforge raten wir ab: CHIP-Installer - was ist das? - Anleitungen

Auch versuchen sich immer mehr Programme durch Installationsroutinen auf den PC "durchzumogeln". Das klappt ganz gut, weil viele Anwender sich diese nicht genau durchlesen und schnell durchklicken. Manchmal steht auch in den Lizenzvereinbarungen, dass ein Programm, was eigentlich als Freeware angepriesen wird, nur genutzt werden kann, wenn man sich bestimmte Toolbars oder andere Programme mitinstallieren lässt.
Da hilft es nur aufmerksam zu sein.

Ein Tool, welches dich dabei gut unterstützen kann, ist: http://filepony.de/icon/tiny/unchecky.pngUnchecky. Dieses überwacht im Hintergrund Installationsprozesse und hakt automatisch nervige Adwarekomponenten wie Toolbars ab. Falls man etwas übersieht, warnt noch ein Pop-up, bevor man fortfahren kann.

Wir raten von jeglichen Optimizern, Cleanern, SpeedUps und Ähnlichem ab, da diese Softwareprodukte meist keinen Performancegewinn bringen. Du kannst jedoch regelmäßig deinen PC mit der windowsinternen Datenträgerbereinigung behandeln.

Überprüfe regelmäßig (mind. 1x pro Monat) deinen PC mit http://filepony.de/icon/tiny/malware...ti_malware.png Malwarebytes Anti-Malware und http://filepony.de/icon/tiny/eset_online_scanner.pngESET.

Falls du dir unsicher bist, ob ein Download wirklich sauber ist, kannst du immer https://www.virustotal.com/ zurate ziehen.



Schritt # 4: Unterstütze uns!

Wenn du uns mit einer kleinen Spende unterstützen möchtest, so kannst du dies hier tun: http://www.trojaner-board.de/79994-s...ndenkonto.html :party:

Es reicht aber auch schon ein simples :dankeschoen: hier, wenn du mit uns zufrieden warst. :)

http://3.bp.blogspot.com/--h4eLCX9kl...ike-symbol.png unsere Facebook-Seite!

Bitte gib mir bescheid, wenn du das alles gelesen hast und alles klar ist, damit ich dieses Thema aus meinen Abos löschen kann.


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:22 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19