| Drea1990 | 30.08.2017 16:30 |
FRST Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
durchgeführt von ***** (Administrator) auf ***** (30-08-2017 17:27:13)
Gestartet von C:\Users\*****\Desktop
Geladene Profile: ***** (Verfügbare Profile: defaultuser0 & *****)
Platform: Windows 10 Education Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki119592.inf_amd64_a6a03ba1034853b4\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
() C:\Program Files\Dolby\Dolby DAX3\API\DAX3API.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11707.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2016-12-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2016-12-29] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1483264 2016-12-29] (Realtek Semiconductor)
HKLM\...\Run: [NerveCenterTray] => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterTray.exe [245088 2017-04-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-07-27] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2017-08-24]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{850a0d95-cfbe-43e6-bc82-5dc9395aaea5}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{a67cfa2e-a453-4906-bbcc-db4b67388de0}: [DhcpNameServer] 150.211.1.2
Internet Explorer:
==================
HKU\S-1-5-21-877886734-1156452847-1497718159-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-877886734-1156452847-1497718159-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-877886734-1156452847-1497718159-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-877886734-1156452847-1497718159-1001 -> DefaultScope {35FFAEA8-61B0-4C2D-9279-0543EAFC957B} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-08-24] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-08-24] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-24] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-24] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-24] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-24] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 7xh2wsjg.default
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\7xh2wsjg.default [2017-08-30]
FF Homepage: Mozilla\Firefox\Profiles\7xh2wsjg.default -> hxxps://www.ecosia.org/
FF NetworkProxy: Mozilla\Firefox\Profiles\7xh2wsjg.default -> type", 0
FF Extension: (Avira Browser Safety) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\7xh2wsjg.default\Extensions\abs@avira.com [2017-08-17]
FF Extension: (Ghostery) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\7xh2wsjg.default\Extensions\firefox@ghostery.com.xpi [2017-08-11]
FF Extension: (ProxTube) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\7xh2wsjg.default\Extensions\ich@maltegoetz.de.xpi [2017-07-04]
FF Extension: (Ecosia — The search engine that plants trees!) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\7xh2wsjg.default\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2017-05-11]
FF Extension: (Adblock Plus) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\7xh2wsjg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (Firefox Screenshots) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\7xh2wsjg.default\features\{ca17460c-79df-4803-9c1b-b554511b9c64}\screenshots@mozilla.org.xpi [2017-08-27]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-06-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-06-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-06-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-06-29] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-08-24] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-07-27] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [djhangopedggnlnicpbjklghlckmndge] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [680288 2016-12-06] (Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424392 2017-08-12] (Microsoft Corporation)
S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\ki119592.inf_amd64_a6a03ba1034853b4\IntelCpHeciSvc.exe [284144 2016-11-28] (Intel Corporation)
S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\ki119592.inf_amd64_a6a03ba1034853b4\IntelCpHDCPSvc.exe [462832 2016-11-28] (Intel Corporation)
R2 DAXAPI; C:\Program Files\Dolby\Dolby DAX3\API\DAX3API.exe [147760 2016-10-27] ()
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-06-29] (Foxit Software Inc.)
S3 GameRecorderSVC; C:\Program Files\Lenovo\Nerve Center\bin\x86\GameRecorderSVC.exe [392032 2017-04-28] (Lenovo(beijing) Limited)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\ki119592.inf_amd64_a6a03ba1034853b4\igfxCUIService.exe [324592 2016-11-28] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-06-05] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel(R) Corporation)
R3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25312 2016-11-01] (Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [34528 2016-11-01] (Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-10-14] (Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-17] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-17] (Intel(R) Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21312 2017-03-30] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-11-08] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-14] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-08-18] (NVIDIA Corporation)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2017-04-19] (Geek Software GmbH)
R2 PluginLoaderSvc; C:\Program Files\Lenovo\Nerve Center\bin\x64\PluginLoaderSvc.exe [966496 2017-04-28] (Lenovo(beijing) Limited)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [320512 2016-12-29] (Realtek Semiconductor)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1570520 2016-02-02] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [837848 2016-02-02] (Secunia)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [259536 2017-02-24] (Synaptics Incorporated)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [185344 2017-02-13] (Microsoft Corporation) [Datei ist nicht signiert]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10888944 2017-04-25] (TeamViewer GmbH)
S3 ThunderboltService; C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2015968 2016-08-15] (Intel Corporation)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [128232 2017-02-08] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 FBNetFilter; C:\Windows\system32\Drivers\FBNetFlt.sys [46576 2017-04-28] (Lenovo(beijing) Limited)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [733448 2016-10-06] (Intel Corporation)
R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\ki119592.inf_amd64_a6a03ba1034853b4\igdkmd64.sys [11039704 2016-11-28] (Intel Corporation)
R3 ITEHIDfilter; C:\WINDOWS\System32\drivers\ITEHIDfilter.sys [27624 2016-12-15] (ITE Tech. Inc. )
R1 MpKslacc87f68; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{47CB1BCF-3C41-4B2D-BAFD-DE4A5A3207B3}\MpKslacc87f68.sys [44928 2017-08-30] (Microsoft Corporation)
R3 mt7612US_bc; C:\WINDOWS\system32\DRIVERS\mt7612US_bc.sys [400880 2017-05-30] (MediaTek Inc.)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7910144 2016-12-13] (Intel Corporation)
S3 nhi; C:\WINDOWS\system32\DRIVERS\tbt70x.sys [129096 2016-08-22] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlt.inf_amd64_de6bb1c9c589c5de\nvlddmkm.sys [14220736 2016-12-15] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-08-18] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-08-18] (NVIDIA Corporation)
R3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2016-02-02] (Secunia)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3146760 2016-09-13] (Realtek Semiconductor Corp.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [64968 2017-02-24] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2016-08-01] (Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-08-30 16:51 - 2017-08-30 16:51 - 000000827 _____ C:\Users\*****\Desktop\JRT1.txt
2017-08-30 16:50 - 2017-08-30 16:50 - 000001373 _____ C:\Users\*****\Desktop\AdwCleaner[C1].txt
2017-08-30 16:12 - 2017-08-30 16:51 - 000000831 _____ C:\Users\*****\Desktop\JRT.txt
2017-08-30 16:11 - 2017-08-30 16:14 - 000002458 _____ C:\Users\*****\Desktop\AdwCleaner[C0].txt
2017-08-30 16:07 - 2017-08-30 16:49 - 000000000 ____D C:\AdwCleaner
2017-08-30 16:03 - 2017-08-30 16:03 - 001790024 _____ (Malwarebytes) C:\Users\*****\Desktop\JRT.exe
2017-08-30 16:01 - 2017-08-30 16:01 - 008182736 _____ (Malwarebytes) C:\Users\*****\Desktop\adwcleaner_7.0.2.1.exe
2017-08-29 16:59 - 2017-08-29 16:59 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-08-29 16:59 - 2017-08-29 16:57 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-08-29 16:58 - 2017-08-29 17:20 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-08-29 16:58 - 2017-08-29 17:13 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-08-29 16:57 - 2017-08-29 17:20 - 000000000 ____D C:\Users\*****\Desktop\mbar
2017-08-29 16:57 - 2017-08-29 17:13 - 000109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-08-29 16:54 - 2017-08-29 16:55 - 016563352 _____ (Malwarebytes Corp.) C:\Users\*****\Desktop\mbar-1.09.3.1001.exe
2017-08-29 16:27 - 2017-08-29 16:27 - 000001046 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-08-29 16:27 - 2017-08-29 16:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-08-29 16:27 - 2017-08-29 16:27 - 000000000 ____D C:\Program Files\VS Revo Group
2017-08-28 18:11 - 2017-08-28 18:11 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2017-08-28 17:17 - 2017-08-28 17:17 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2017-08-27 12:05 - 2017-08-30 16:52 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-08-27 12:04 - 2017-08-27 12:04 - 000000000 ____D C:\ProgramData\Adobe
2017-08-27 12:04 - 2017-08-27 12:04 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-08-26 15:33 - 2017-08-26 15:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-08-26 15:33 - 2017-08-26 15:33 - 000000000 ____D C:\Program Files\7-Zip
2017-08-26 14:47 - 2017-08-26 14:56 - 000052350 _____ C:\Users\*****\Desktop\Addition.txt
2017-08-26 14:46 - 2017-08-30 17:27 - 000019806 _____ C:\Users\*****\Desktop\FRST.txt
2017-08-26 14:45 - 2017-08-30 17:27 - 000000000 ____D C:\FRST
2017-08-26 14:42 - 2017-08-26 14:42 - 002395648 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2017-08-24 19:54 - 2017-08-24 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2017-08-24 19:54 - 2017-08-24 19:54 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2017-08-24 19:52 - 2017-08-24 19:52 - 000001149 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2017-08-24 19:52 - 2017-08-24 19:52 - 000000000 ____D C:\Program Files (x86)\Secunia
2017-08-16 21:06 - 2017-08-16 21:06 - 001010796 _____ C:\WINDOWS\Minidump\081617-6812-01.dmp
2017-08-16 21:06 - 2017-08-16 21:06 - 000000000 ____D C:\WINDOWS\Minidump
2017-08-11 17:54 - 2017-08-01 04:39 - 008319392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-11 17:54 - 2017-08-01 04:38 - 000406544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-08-11 17:54 - 2017-08-01 04:38 - 000382368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-11 17:54 - 2017-08-01 04:36 - 002165752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-11 17:54 - 2017-08-01 04:36 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-11 17:54 - 2017-08-01 04:36 - 000119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-11 17:54 - 2017-08-01 04:35 - 000280472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-11 17:54 - 2017-08-01 04:35 - 000133904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-11 17:54 - 2017-08-01 04:34 - 000610584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-11 17:54 - 2017-08-01 04:34 - 000359552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-11 17:54 - 2017-08-01 04:34 - 000349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-08-11 17:54 - 2017-08-01 04:34 - 000168864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-11 17:54 - 2017-08-01 04:33 - 000473240 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-08-11 17:54 - 2017-08-01 04:32 - 002444704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-11 17:54 - 2017-08-01 04:32 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-11 17:54 - 2017-08-01 04:32 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-08-11 17:54 - 2017-08-01 04:31 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-08-11 17:54 - 2017-08-01 04:31 - 002645680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-11 17:54 - 2017-08-01 04:31 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-11 17:54 - 2017-08-01 04:31 - 000176024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-08-11 17:54 - 2017-08-01 04:30 - 000723680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-11 17:54 - 2017-08-01 04:30 - 000411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-08-11 17:54 - 2017-08-01 04:30 - 000410160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-11 17:54 - 2017-08-01 04:30 - 000315288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-11 17:54 - 2017-08-01 04:30 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-11 17:54 - 2017-08-01 04:30 - 000143736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-11 17:54 - 2017-08-01 04:30 - 000082336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-11 17:54 - 2017-08-01 04:26 - 000204192 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-08-11 17:54 - 2017-08-01 04:20 - 002956288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-11 17:54 - 2017-08-01 04:20 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-11 17:54 - 2017-08-01 04:20 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-11 17:54 - 2017-08-01 04:18 - 013841408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-08-11 17:54 - 2017-08-01 04:18 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-08-11 17:54 - 2017-08-01 04:17 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-11 17:54 - 2017-08-01 04:16 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-08-11 17:54 - 2017-08-01 04:14 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-08-11 17:54 - 2017-08-01 04:13 - 020504064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-11 17:54 - 2017-08-01 04:13 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-08-11 17:54 - 2017-08-01 04:13 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-11 17:54 - 2017-08-01 04:12 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-11 17:54 - 2017-08-01 04:12 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-08-11 17:54 - 2017-08-01 04:10 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-11 17:54 - 2017-08-01 04:09 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-08-11 17:54 - 2017-08-01 04:08 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-11 17:54 - 2017-08-01 04:07 - 011870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-11 17:54 - 2017-08-01 04:07 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-11 17:54 - 2017-08-01 04:07 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-11 17:54 - 2017-08-01 04:06 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-11 17:54 - 2017-08-01 04:04 - 006269440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-11 17:54 - 2017-08-01 04:04 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-11 17:54 - 2017-08-01 04:03 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-08-11 17:54 - 2017-08-01 03:57 - 023677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-11 17:54 - 2017-08-01 03:45 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-11 17:54 - 2017-08-01 03:45 - 001275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-11 17:54 - 2017-08-01 03:45 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-11 17:54 - 2017-08-01 03:45 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-11 17:54 - 2017-08-01 03:44 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-11 17:54 - 2017-08-01 03:44 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-11 17:54 - 2017-08-01 03:44 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-11 17:54 - 2017-08-01 03:42 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-08-11 17:54 - 2017-08-01 03:41 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2017-08-11 17:54 - 2017-08-01 03:41 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2017-08-11 17:54 - 2017-08-01 03:41 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-11 17:54 - 2017-08-01 03:41 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-11 17:54 - 2017-08-01 03:40 - 017366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-08-11 17:54 - 2017-08-01 03:40 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2017-08-11 17:54 - 2017-08-01 03:39 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-08-11 17:54 - 2017-08-01 03:38 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-11 17:54 - 2017-08-01 03:38 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-11 17:54 - 2017-08-01 03:37 - 000582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2017-08-11 17:54 - 2017-08-01 03:37 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-08-11 17:54 - 2017-08-01 03:37 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-08-11 17:54 - 2017-08-01 03:36 - 023681536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-11 17:54 - 2017-08-01 03:35 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-11 17:54 - 2017-08-01 03:34 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-11 17:54 - 2017-08-01 03:33 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-11 17:54 - 2017-08-01 03:33 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-11 17:54 - 2017-08-01 03:32 - 007336960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-11 17:54 - 2017-08-01 03:32 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-11 17:54 - 2017-08-01 03:31 - 012786176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-11 17:54 - 2017-08-01 03:31 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-11 17:54 - 2017-08-01 03:31 - 001396736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-08-11 17:54 - 2017-08-01 03:30 - 008209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-11 17:54 - 2017-08-01 03:30 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-11 17:54 - 2017-08-01 03:30 - 002055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-11 17:54 - 2017-08-01 03:30 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-11 17:54 - 2017-08-01 03:30 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-11 17:54 - 2017-08-01 03:28 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-11 17:54 - 2017-08-01 03:28 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-11 17:54 - 2017-08-01 03:27 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-08-11 17:54 - 2017-08-01 03:27 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2017-08-11 17:54 - 2017-08-01 03:27 - 000482816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-08-11 17:54 - 2017-08-01 03:26 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-08-11 17:54 - 2017-08-01 03:25 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2017-08-11 17:54 - 2017-08-01 03:25 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-08-11 17:54 - 2017-08-01 03:25 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2017-08-11 17:54 - 2017-08-01 00:45 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-11 17:54 - 2017-08-01 00:45 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-11 17:54 - 2017-08-01 00:45 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-11 17:54 - 2017-08-01 00:45 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-11 17:54 - 2017-08-01 00:45 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-11 17:54 - 2017-08-01 00:45 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-11 17:54 - 2017-08-01 00:45 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-11 17:54 - 2017-08-01 00:45 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-11 17:54 - 2017-08-01 00:45 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-11 17:54 - 2017-08-01 00:45 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-11 17:54 - 2017-08-01 00:45 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-11 17:54 - 2017-08-01 00:45 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-11 17:54 - 2017-08-01 00:45 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-11 17:54 - 2017-08-01 00:45 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-11 17:54 - 2017-08-01 00:45 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-11 17:54 - 2017-07-28 07:30 - 001068720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-08-11 17:54 - 2017-07-28 07:25 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-11 17:54 - 2017-07-28 07:24 - 002327456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-11 17:54 - 2017-07-28 07:24 - 000455584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-08-11 17:54 - 2017-07-28 07:24 - 000119904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2017-08-11 17:54 - 2017-07-28 07:24 - 000116280 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2017-08-11 17:54 - 2017-07-28 07:23 - 002969888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-08-11 17:54 - 2017-07-28 07:23 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2017-08-11 17:54 - 2017-07-28 07:22 - 000923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-08-11 17:54 - 2017-07-28 07:20 - 000279968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-11 17:54 - 2017-07-28 07:17 - 000660680 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-08-11 17:54 - 2017-07-28 07:16 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-08-11 17:54 - 2017-07-28 07:16 - 000961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-08-11 17:54 - 2017-07-28 07:15 - 005302968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-08-11 17:54 - 2017-07-28 07:15 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-08-11 17:54 - 2017-07-28 07:15 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-08-11 17:54 - 2017-07-28 07:15 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-08-11 17:54 - 2017-07-28 07:14 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-08-11 17:54 - 2017-07-28 07:14 - 000318232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2017-08-11 17:54 - 2017-07-28 07:13 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-11 17:54 - 2017-07-28 07:13 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-11 17:54 - 2017-07-28 07:13 - 002604248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-11 17:54 - 2017-07-28 07:13 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-08-11 17:54 - 2017-07-28 07:13 - 001033544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2017-08-11 17:54 - 2017-07-28 07:13 - 000192264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2017-08-11 17:54 - 2017-07-28 07:13 - 000104432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msacm32.dll
2017-08-11 17:54 - 2017-07-28 07:12 - 021353208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-11 17:54 - 2017-07-28 07:12 - 001337856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-08-11 17:54 - 2017-07-28 07:12 - 001325968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-08-11 17:54 - 2017-07-28 07:12 - 000323936 _____ (Microsoft Corporation) C:\WINDOWS\system32\shlwapi.dll
2017-08-11 17:54 - 2017-07-28 07:10 - 002679200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-11 17:54 - 2017-07-28 07:10 - 001114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-08-11 17:54 - 2017-07-28 07:09 - 000529992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-08-11 17:54 - 2017-07-28 07:09 - 000527976 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-08-11 17:54 - 2017-07-28 07:09 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-11 17:54 - 2017-07-28 07:07 - 000805816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-08-11 17:54 - 2017-07-28 06:48 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-11 17:54 - 2017-07-28 06:48 - 000100232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2017-08-11 17:54 - 2017-07-28 06:48 - 000096648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2017-08-11 17:54 - 2017-07-28 06:47 - 002259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-08-11 17:54 - 2017-07-28 06:40 - 005820984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-08-11 17:54 - 2017-07-28 06:40 - 000551200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-08-11 17:54 - 2017-07-28 06:38 - 004213656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-08-11 17:54 - 2017-07-28 06:37 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-08-11 17:54 - 2017-07-28 06:36 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-11 17:54 - 2017-07-28 06:36 - 006761568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-11 17:54 - 2017-07-28 06:36 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-11 17:54 - 2017-07-28 06:36 - 002424024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-11 17:54 - 2017-07-28 06:36 - 001195760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-08-11 17:54 - 2017-07-28 06:36 - 000866808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2017-08-11 17:54 - 2017-07-28 06:36 - 000864248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-08-11 17:54 - 2017-07-28 06:36 - 000173104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2017-08-11 17:54 - 2017-07-28 06:36 - 000090464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msacm32.dll
2017-08-11 17:54 - 2017-07-28 06:35 - 000988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-08-11 17:54 - 2017-07-28 06:35 - 000277432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shlwapi.dll
2017-08-11 17:54 - 2017-07-28 06:33 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-08-11 17:54 - 2017-07-28 06:33 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-08-11 17:54 - 2017-07-28 06:33 - 000414296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-08-11 17:54 - 2017-07-28 06:31 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-08-11 17:54 - 2017-07-28 06:30 - 001722880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-08-11 17:54 - 2017-07-28 06:29 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-08-11 17:54 - 2017-07-28 06:29 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-08-11 17:54 - 2017-07-28 06:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-08-11 17:54 - 2017-07-28 06:26 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2017-08-11 17:54 - 2017-07-28 06:26 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-08-11 17:54 - 2017-07-28 06:26 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2017-08-11 17:54 - 2017-07-28 06:26 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2017-08-11 17:54 - 2017-07-28 06:26 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\IpNatHlpClient.dll
2017-08-11 17:54 - 2017-07-28 06:25 - 003464704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-08-11 17:54 - 2017-07-28 06:25 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2017-08-11 17:54 - 2017-07-28 06:25 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-08-11 17:54 - 2017-07-28 06:25 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-08-11 17:54 - 2017-07-28 06:25 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2017-08-11 17:54 - 2017-07-28 06:25 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2017-08-11 17:54 - 2017-07-28 06:24 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-08-11 17:54 - 2017-07-28 06:24 - 000184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-08-11 17:54 - 2017-07-28 06:24 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2017-08-11 17:54 - 2017-07-28 06:24 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-11 17:54 - 2017-07-28 06:24 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-08-11 17:54 - 2017-07-28 06:23 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-11 17:54 - 2017-07-28 06:23 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2017-08-11 17:54 - 2017-07-28 06:23 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-08-11 17:54 - 2017-07-28 06:22 - 000778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-08-11 17:54 - 2017-07-28 06:22 - 000555008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-08-11 17:54 - 2017-07-28 06:22 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
2017-08-11 17:54 - 2017-07-28 06:22 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-08-11 17:54 - 2017-07-28 06:22 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-08-11 17:54 - 2017-07-28 06:22 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-08-11 17:54 - 2017-07-28 06:22 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2017-08-11 17:54 - 2017-07-28 06:22 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-08-11 17:54 - 2017-07-28 06:21 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-08-11 17:54 - 2017-07-28 06:21 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-08-11 17:54 - 2017-07-28 06:21 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-11 17:54 - 2017-07-28 06:21 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2017-08-11 17:54 - 2017-07-28 06:21 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-08-11 17:54 - 2017-07-28 06:21 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\qasf.dll
2017-08-11 17:54 - 2017-07-28 06:21 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2017-08-11 17:54 - 2017-07-28 06:20 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-08-11 17:54 - 2017-07-28 06:20 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-08-11 17:54 - 2017-07-28 06:20 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-08-11 17:54 - 2017-07-28 06:20 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-08-11 17:54 - 2017-07-28 06:20 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IpNatHlpClient.dll
2017-08-11 17:54 - 2017-07-28 06:19 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-11 17:54 - 2017-07-28 06:19 - 000942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-08-11 17:54 - 2017-07-28 06:19 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-08-11 17:54 - 2017-07-28 06:19 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-11 17:54 - 2017-07-28 06:19 - 000687616 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-11 17:54 - 2017-07-28 06:19 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-08-11 17:54 - 2017-07-28 06:19 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-11 17:54 - 2017-07-28 06:19 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-08-11 17:54 - 2017-07-28 06:19 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-08-11 17:54 - 2017-07-28 06:19 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-08-11 17:54 - 2017-07-28 06:19 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-08-11 17:54 - 2017-07-28 06:19 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2017-08-11 17:54 - 2017-07-28 06:18 - 005776384 _____ (Microsoft Corporation) C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
2017-08-11 17:54 - 2017-07-28 06:18 - 004544000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VsGraphicsDesktopEngine.exe
2017-08-11 17:54 - 2017-07-28 06:18 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-11 17:54 - 2017-07-28 06:18 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2017-08-11 17:54 - 2017-07-28 06:18 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-11 17:54 - 2017-07-28 06:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-11 17:54 - 2017-07-28 06:18 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-11 17:54 - 2017-07-28 06:18 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-08-11 17:54 - 2017-07-28 06:18 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-08-11 17:54 - 2017-07-28 06:18 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-08-11 17:54 - 2017-07-28 06:17 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-11 17:54 - 2017-07-28 06:17 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-11 17:54 - 2017-07-28 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-11 17:54 - 2017-07-28 06:17 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-08-11 17:54 - 2017-07-28 06:17 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-08-11 17:54 - 2017-07-28 06:17 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-08-11 17:54 - 2017-07-28 06:16 - 001291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-08-11 17:54 - 2017-07-28 06:16 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-08-11 17:54 - 2017-07-28 06:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-08-11 17:54 - 2017-07-28 06:16 - 000383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-11 17:54 - 2017-07-28 06:16 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qasf.dll
2017-08-11 17:54 - 2017-07-28 06:15 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-08-11 17:54 - 2017-07-28 06:15 - 003204608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-08-11 17:54 - 2017-07-28 06:15 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-11 17:54 - 2017-07-28 06:15 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shsvcs.dll
2017-08-11 17:54 - 2017-07-28 06:15 - 000586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-08-11 17:54 - 2017-07-28 06:14 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-08-11 17:54 - 2017-07-28 06:14 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-11 17:54 - 2017-07-28 06:14 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-11 17:54 - 2017-07-28 06:14 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-08-11 17:54 - 2017-07-28 06:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-08-11 17:54 - 2017-07-28 06:13 - 004535296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-08-11 17:54 - 2017-07-28 06:13 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-11 17:54 - 2017-07-28 06:13 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-08-11 17:54 - 2017-07-28 06:13 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-08-11 17:54 - 2017-07-28 06:13 - 000809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-11 17:54 - 2017-07-28 06:13 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-11 17:54 - 2017-07-28 06:13 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-11 17:54 - 2017-07-28 06:12 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-08-11 17:54 - 2017-07-28 06:12 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-08-11 17:54 - 2017-07-28 06:12 - 002939392 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-08-11 17:54 - 2017-07-28 06:12 - 002444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-11 17:54 - 2017-07-28 06:12 - 000952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-08-11 17:54 - 2017-07-28 06:12 - 000587776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-08-11 17:54 - 2017-07-28 06:12 - 000446464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-08-11 17:54 - 2017-07-28 06:12 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-11 17:54 - 2017-07-28 06:12 - 000337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-11 17:54 - 2017-07-28 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-08-11 17:54 - 2017-07-28 06:11 - 001357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-08-11 17:54 - 2017-07-28 06:11 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-11 17:54 - 2017-07-28 06:10 - 001706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-11 17:54 - 2017-07-28 06:10 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-11 17:54 - 2017-07-28 06:10 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-11 17:54 - 2017-07-28 06:10 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-08-11 17:54 - 2017-07-28 06:10 - 000564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shsvcs.dll
2017-08-11 17:54 - 2017-07-28 06:09 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-08-11 17:54 - 2017-07-28 06:09 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-11 17:54 - 2017-07-28 06:09 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-11 17:54 - 2017-07-28 06:08 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-08-11 17:54 - 2017-07-28 06:08 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-08-11 17:54 - 2017-07-28 06:08 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-08-11 17:54 - 2017-07-28 06:08 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-11 17:54 - 2017-07-28 06:08 - 000600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-08-11 17:54 - 2017-07-28 06:08 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2017-08-11 17:54 - 2017-07-28 06:07 - 002211840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-08-11 17:54 - 2017-07-28 06:07 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2017-08-11 17:54 - 2017-07-28 06:07 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-08-11 17:54 - 2017-07-28 06:07 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2017-08-11 17:54 - 2017-07-28 06:07 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2017-08-11 17:54 - 2017-07-28 06:06 - 001833984 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-11 17:54 - 2017-07-28 06:06 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-08-11 17:54 - 2017-07-28 06:06 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2017-08-11 17:54 - 2017-07-28 06:05 - 001536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-11 17:54 - 2017-07-28 06:05 - 001525760 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-11 17:54 - 2017-07-28 06:05 - 001087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-08-11 17:54 - 2017-07-28 06:05 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-11 17:54 - 2017-07-28 06:05 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-11 17:54 - 2017-07-28 06:05 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-11 17:54 - 2017-07-28 06:05 - 000538112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-11 17:54 - 2017-07-28 06:05 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2017-08-11 17:54 - 2017-07-28 06:02 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-11 17:54 - 2017-07-28 06:02 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-11 17:54 - 2017-07-28 06:02 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2017-08-10 19:53 - 2017-08-10 19:53 - 014201288 _____ C:\Users\*****\Downloads\978-3-540-34009-6.pdf
2017-08-10 19:53 - 2017-08-10 19:53 - 010433279 _____ C:\Users\*****\Downloads\978-3-642-21813-2.pdf
2017-08-10 19:53 - 2017-08-10 19:53 - 010433279 _____ C:\Users\*****\Downloads\978-3-642-21813-2(1).pdf
2017-08-10 19:52 - 2017-08-10 19:52 - 013053139 _____ C:\Users\*****\Downloads\b93672.pdf
2017-08-10 19:45 - 2017-08-10 19:45 - 004790131 _____ C:\Users\*****\Downloads\978-3-642-29432-7.pdf
2017-08-10 19:43 - 2017-08-10 19:43 - 040734476 _____ C:\Users\*****\Downloads\article(1).pdf
2017-08-10 19:43 - 2017-08-10 19:43 - 001617484 _____ C:\Users\*****\Downloads\978-3-8348-2308-3.pdf
2017-07-31 20:16 - 2017-07-31 20:16 - 000393598 _____ C:\Users\*****\Downloads\9c3af475831d74891cd49e6aec468f5b.pdf
2017-07-31 19:25 - 2017-08-23 21:10 - 000000000 ____D C:\Users\*****\AppData\Local\CrashDumps
2017-07-31 19:24 - 2017-07-31 19:24 - 000000000 ____D C:\Users\*****\AppData\Local\DBG
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-08-30 16:53 - 2017-06-19 21:18 - 002677424 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-30 16:53 - 2017-03-20 06:43 - 001218280 _____ C:\WINDOWS\system32\perfh007.dat
2017-08-30 16:53 - 2017-03-20 06:43 - 000289870 _____ C:\WINDOWS\system32\perfc007.dat
2017-08-30 16:52 - 2017-05-10 21:47 - 000000000 ____D C:\Users\*****\AppData\LocalLow\Mozilla
2017-08-30 16:51 - 2017-03-23 22:10 - 000000000 ____D C:\ProgramData\NVIDIA
2017-08-30 16:49 - 2017-06-19 21:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-30 16:49 - 2017-06-19 21:16 - 000308096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-30 16:49 - 2017-05-10 17:07 - 000000000 __SHD C:\Users\*****\IntelGraphicsProfiles
2017-08-30 16:49 - 2017-05-10 17:05 - 000103951 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-08-30 16:49 - 2017-03-18 13:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-08-30 16:15 - 2017-06-19 21:18 - 000000000 ____D C:\Users\*****
2017-08-30 16:09 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-08-30 16:01 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-30 16:01 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-29 22:10 - 2017-06-19 21:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-29 16:56 - 2017-05-10 17:12 - 000000000 ____D C:\Users\*****\Downloads\Install
2017-08-29 16:47 - 2017-03-23 22:10 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-08-29 16:33 - 2017-05-10 17:12 - 000000000 ____D C:\ProgramData\Avira
2017-08-29 16:33 - 2017-03-23 22:07 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-29 16:31 - 2017-03-18 13:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-08-29 16:22 - 2017-05-12 09:56 - 000000058 _____ C:\Users\*****\Desktop\to do.txt
2017-08-28 18:11 - 2017-06-19 21:24 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-28 18:11 - 2017-06-19 21:24 - 000004000 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-28 18:11 - 2017-06-19 21:24 - 000003994 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-28 18:11 - 2017-06-19 21:24 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-28 18:11 - 2017-06-19 21:24 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-28 18:11 - 2017-06-19 21:24 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-28 18:11 - 2017-06-19 21:24 - 000003696 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-28 18:11 - 2017-06-19 21:24 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-08-28 18:11 - 2017-06-19 21:17 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-08-28 18:11 - 2017-06-19 21:17 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-08-28 18:11 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-08-28 17:22 - 2017-05-12 19:06 - 000000000 ____D C:\Program Files (x86)\Steam
2017-08-28 17:17 - 2017-05-11 20:25 - 000000000 ____D C:\ProgramData\WinZip
2017-08-28 16:37 - 2017-05-10 21:47 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-08-28 16:37 - 2017-05-10 21:47 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-26 13:55 - 2017-03-23 21:56 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-08-24 19:54 - 2017-05-11 20:37 - 000000000 ____D C:\ProgramData\Foxit Software
2017-08-24 18:11 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-08-18 06:37 - 2017-03-23 22:10 - 001923008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2017-08-18 06:37 - 2017-03-23 22:10 - 001755072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2017-08-18 06:37 - 2017-03-23 22:10 - 001505728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2017-08-18 06:37 - 2017-03-23 22:10 - 001317312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2017-08-18 06:37 - 2017-03-23 22:10 - 000121280 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2017-08-18 06:37 - 2017-03-23 22:09 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-08-18 06:37 - 2017-03-23 22:09 - 000048064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2017-08-18 06:36 - 2017-07-04 19:23 - 000179136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2017-08-18 06:36 - 2017-07-04 19:23 - 000146368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2017-08-17 20:11 - 2017-03-23 22:10 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-08-17 18:26 - 2017-03-23 22:10 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2017-08-17 18:13 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-16 21:06 - 2017-06-18 13:47 - 1391909888 _____ C:\WINDOWS\MEMORY.DMP
2017-08-16 21:06 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-08-12 21:31 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-08-11 20:27 - 2016-07-29 19:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-11 19:13 - 2017-03-18 23:03 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-11 19:13 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-08-11 19:13 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-08-11 19:13 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-08-11 19:13 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-11 19:13 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-11 19:13 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-11 19:13 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-10 19:35 - 2017-05-10 20:03 - 000000000 ___SD C:\Users\*****\Documents\Meine Shapes
2017-08-10 19:32 - 2017-05-11 20:21 - 000000000 ____D C:\Users\*****\AppData\Roaming\vlc
2017-08-09 17:46 - 2017-05-10 17:07 - 000000000 ____D C:\Users\*****\AppData\Local\Packages
2017-08-09 17:29 - 2017-05-10 21:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-09 17:28 - 2017-05-10 21:57 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-31 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-31 17:15 - 2017-03-18 23:06 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-05-12 20:39 - 2017-06-20 18:48 - 000007653 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2017-06-19 21:17 - 2017-06-19 21:17 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-06-19 21:17 - 2017-06-19 21:17 - 000000092 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
Einige Dateien in TEMP:
====================
2017-08-24 17:53 - 2017-08-24 17:54 - 020531352 _____ (SweetLabs,Inc.) C:\Users\*****\AppData\Local\Temp\oct3DF7.tmp.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-08-23 22:28
==================== Ende von FRST.txt ============================
ADDITION Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017
durchgeführt von ***** (30-08-2017 17:27:36)
Gestartet von C:\Users\*****\Desktop
Windows 10 Education Version 1703 (X64) (2017-06-19 19:26:50)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-877886734-1156452847-1497718159-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-877886734-1156452847-1497718159-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-877886734-1156452847-1497718159-1000 - Limited - Disabled) => C:\Users\defaultuser0
Gast (S-1-5-21-877886734-1156452847-1497718159-501 - Limited - Disabled)
***** (S-1-5-21-877886734-1156452847-1497718159-1001 - Administrator - Enabled) => C:\Users\*****
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Reader XI (11.0.21) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.21 - Adobe Systems Incorporated)
Application Verifier x64 External Package (HKLM\...\{01C2C51F-B0CF-BB5E-A010-E927D44F7720}) (Version: 10.1.15063.137 - Microsoft) Hidden
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.2.05015 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{3DA1691B-D9F9-480B-8592-9DACD7E10B15}) (Version: 4.2.05015 - Cisco Systems, Inc.) Hidden
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{E598B692-764A-413C-8530-59163D6B4AE3}) (Version: 4.6.01590 - Microsoft Corporation) Hidden
DiagnosticsHub_CollectionService (HKLM\...\{90A561D7-0C29-464D-94E1-2A7E1C553230}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
Dolby Atmos Windows API SDK (HKLM\...\{8251506A-1856-4A1E-9CB0-7B2DC705558E}) (Version: 1.0.0.11 - Dolby Laboratories, Inc.)
Dolby Atmos Windows APP (HKLM\...\{3FC92273-FEF4-4C0B-9AF4-F38D747EB765}) (Version: 1.0.0.10 - Dolby Laboratories, Inc.)
Entity Framework 6.1.3 Tools for Visual Studio 15 (HKLM-x32\...\{F8C0447E-D45C-4E52-94E8-C6340AAC9DB8}) (Version: 6.1.60104.0 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.3.1.21155 - Foxit Software Inc.)
HIDKB 1.0.7.7 (HKLM\...\HIDKB_is1) (Version: 1.0.7.7 - ITE, Inc.)
icecap_collection_neutral (HKLM-x32\...\{64F3E6FC-68E3-4062-9C2C-ABD93FDFF309}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{0AD162D1-4973-4315-97E9-5DE9A92B4049}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{FE002482-71A5-4B32-9D08-60ADFAF19E07}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{9FBD9D6F-A511-45F5-B672-63A5087F6F89}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{0148E8AA-4A50-4673-B532-DB9F30F804BE}) (Version: 10.0.1737 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1039 - Intel Corporation)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{4FA94F64-1A00-4426-BF58-D08EB592CE1B}) (Version: 3.4.2095 - Intel Corporation) Hidden
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intellisense Lang Pack Mobile Extension SDK 10.0.15063.0 (HKLM-x32\...\{A0007ADE-F6F6-410F-822F-7522B4F0BFDE}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{51783942-DFB0-4452-97CC-BDF2D4AB3A48}) (Version: 15.0.24.0 - Microsoft Corporation) Hidden
Kits Configuration Installer (HKLM-x32\...\{0C05DE52-2C77-D6FA-A561-D508CF5FC96E}) (Version: 10.1.15063.137 - Microsoft) Hidden
Kumulatives Microsoft .NET Framework Intellisense Pack für Visual Studio (Deutsch) (HKLM-x32\...\{91BF6CA6-F6AA-4639-944A-627B7D02567E}) (Version: 4.6.01604 - Microsoft Corporation) Hidden
Lenovo Nerve Sense (HKLM\...\{DCB4DFB5-93CA-4BDD-9D08-CE880626B46E}_is1) (Version: 2.6.11.8 - Lenovo)
Lenovo System Interface Foundation Driver (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.078.00 - Lenovo)
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.8326.2076 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-877886734-1156452847-1497718159-1001\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{E9AD0F97-5DF2-4F5B-BC5B-F524D21BF165}) (Version: 11.3.6518.0 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visio Professional 2016 - de-de (HKLM\...\VisioProRetail - de-de) (Version: 16.0.8326.2076 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2017 (HKLM-x32\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.10.30635.0 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{5CB4DD27-6252-4C08-BFCF-22F6A110CBFA}) (Version: 10.0.1972 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation)
Mozilla Firefox 55.0.3 (x64 de) (HKLM\...\Mozilla Firefox 55.0.3 (x64 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla)
NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.39 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
PDF24 Creator 8.1.4 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Python 3.6.0 (64-bit) (HKU\S-1-5-21-877886734-1156452847-1497718159-1001\...\{37a4e38b-baf7-4500-97f1-0f7c51d9a395}) (Version: 3.6.150.0 - Python Software Foundation)
Python 3.6.0 Core Interpreter (64-bit symbols) (HKLM\...\{DFAA81ED-540F-47B5-9113-814CC427CFD8}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Core Interpreter (64-bit) (HKLM\...\{1944B5D6-0FFB-47C0-BFEC-5C7A2F013FA7}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Development Libraries (64-bit) (HKLM\...\{A6A3184B-748E-46F4-9E28-6B5889506170}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Documentation (64-bit) (HKLM\...\{5D83032F-36B5-42E4-A114-D310119C6F51}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Executables (64-bit symbols) (HKLM\...\{4A928E09-6798-46AB-A4F7-1B52CD164B3B}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Executables (64-bit) (HKLM\...\{C0016766-8F63-4992-9E6F-ECFB2CB12BA6}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 pip Bootstrap (64-bit) (HKLM\...\{F9C1C892-4908-41F4-900C-7B0DAAF2387B}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Standard Library (64-bit symbols) (HKLM\...\{90676013-5216-48EE-AC8D-07AC0C16DA50}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Standard Library (64-bit) (HKLM\...\{F3CB2257-C4C7-4C84-AF63-BADCED1E3273}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Tcl/Tk Support (64-bit symbols) (HKLM\...\{96C2F083-44B8-4388-B2A5-F48B75A25188}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Tcl/Tk Support (64-bit) (HKLM\...\{E24AA157-AD52-42ED-B484-CA5979D4A728}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Test Suite (64-bit symbols) (HKLM\...\{CFF9C3A7-86C3-410B-9DD1-F1617767D2D6}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Test Suite (64-bit) (HKLM\...\{631C7E77-5832-40D1-9D6D-7B3766D79BDF}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Utility Scripts (64-bit) (HKLM\...\{FE905DA4-0F23-4F99-9284-50BB4913CEB4}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{A674B2CB-13CA-437B-A215-9DD257959A49}) (Version: 3.6.5835.0 - Python Software Foundation)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Secunia PSI (3.0.0.11005) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11005 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.77242 - TeamViewer)
The Witcher 3: Wild Hunt (HKLM\...\Steam App 292030) (Version: - CD PROJEKT RED)
Thunderbolt(TM) Software (HKLM-x32\...\{F55C97BF-D9B2-4BB6-B16A-25A621BC50E9}) (Version: 16.2.52.250 - Intel Corporation)
TypeScript Power Tool (HKLM-x32\...\{F0B4CA92-9642-4BE6-8449-A786AD4FA628}) (Version: 2.2.3.0 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{ADD45F52-630A-4F45-8879-A8DB80DF921B}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{919D63C5-565C-F1C3-67D9-353FE902EF11}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0AAB833E-034D-430B-D3E4-39C5753B14AC}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{D29934EC-24B6-0F5D-C6BB-E9ECCF220C12}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{2410D879-0C8F-B254-C207-455E119075B6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{485209AE-37CE-2208-59CB-7BB59AA85BE7}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{F48A9651-9D00-4D94-810E-8738A41F16C2}) (Version: 14.10.25008 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{D8A4EA2B-1A97-45A5-BF96-7493183F8524}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{2901E697-0E9C-404B-B7D0-6E2D43F64CE5}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{3B64C68E-14E0-4214-A53D-502E9FBD32E7}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
VS WCF Debugging (HKLM\...\{9E1EF6F7-ED70-4BD8-A1AE-83C5DEF0DA91}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{1070C8E8-4DFB-419F-984A-5C835828897E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{B9F4AA09-F4AC-4108-ADA0-27CDD45FCEC3}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{AEF5E0F2-31D1-454A-A992-C523C0007B4D}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{DE8B48BF-82B9-434A-B254-1EA2306E5FBA}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_codecoveragemsi (HKLM-x32\...\{5E8B6B34-D844-495C-8B27-30792E229B0A}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_codeduitestframeworkmsi (HKLM-x32\...\{16B4F36F-A159-47FC-A775-01EA3277B1C8}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{A041943F-C97B-48F6-8F23-C5078F99BB3A}) (Version: 15.0.26323 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{B3988EC1-015B-4A61-A323-BCCCDD218E4F}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_cuitcommoncoremsi (HKLM-x32\...\{D299FB42-B9AC-418F-8661-DF380FE7FA7F}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_cuitextensionmsi (HKLM-x32\...\{E65A4D75-0E23-482C-BE68-007C40AE54FB}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_cuitextensionmsi_x64 (HKLM-x32\...\{0E9BAB78-709F-43A2-A6B3-447D318FDEF5}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{581E5656-26E2-4A02-9711-48C8E4998310}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_enterprisemsi (HKLM-x32\...\{8A4C52AC-02E4-430F-AC1C-AC208F6BCFD6}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{15D591B0-7B40-4957-B6C0-EB7452B5AAB6}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{DC296244-0701-4EDE-9696-05B9C1D017B3}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{11230C85-1813-4BC3-9C24-E0B74B59653E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx64 (HKLM\...\{F3217611-B414-4A3A-81BF-6A3A4DB7E743}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx86 (HKLM-x32\...\{D4DCEC6A-BC59-43D5-866A-AB057E64F73F}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{9477F337-FD16-4ACA-8217-E2D7A0F92603}) (Version: 15.0.26301 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{497A5ACE-DA03-4412-A110-910B2C450720}) (Version: 15.0.26424 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{37968509-8B79-4E9A-85D1-6AA39DA2211A}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_networkemulationmsi_x64 (HKLM-x32\...\{01186500-C2AD-44D1-BDEE-BE7F6DCE9E25}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_professionalmsi (HKLM-x32\...\{03888DC4-ED57-4E6D-9397-1912885CE14B}) (Version: 15.0.26228 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{D396CF10-5F2B-417D-9571-0B669B99440E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{A32A9CF6-E7AA-48B8-A3D3-50C157E69F53}) (Version: 15.0.26208 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WinAppDeploy (HKLM-x32\...\{80859F5A-D13C-AB8E-4659-B630CFE2599D}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{30DCCFB4-068F-4C5C-BC10-5ECDCAEE55D4}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.15063.137 (HKLM-x32\...\{a07b4a01-ca27-4e28-9353-f325a308f128}) (Version: 10.1.15063.137 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{45B6202F-A716-C68A-199E-43B106B56A7E}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{357D0CD4-8B72-8D65-7015-81DFB2BF9150}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{3E5375A1-0E4C-34E3-6294-C1C8BDA823E4}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E2F78B92-04DE-5350-14C0-7C281BF87D9E}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{6CE744AE-7E0F-00AF-F1BD-077D9AFCBEC6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{81A0EC8C-9462-BC98-0E5C-301DD7A46792}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{FAD08838-3937-0F6C-8787-FDFDFBF63502}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{D089A695-49F0-D3B2-0EBF-2BBC33A05CD6}) (Version: 10.1.15063.137 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-06-29] (Foxit Software Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki119592.inf_amd64_a6a03ba1034853b4\igfxDTCM.dll [2016-11-28] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-14] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-06-29] (Foxit Software Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {070B26C1-2AF5-4612-A91A-6FD86B0A2B2F} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => ConditionalAppStarter.exe
Task: {0A7E2795-0400-491C-8775-C252958F254F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {17FC8256-DCFE-4973-A12C-5B390E16BEC2} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-18] (NVIDIA Corporation)
Task: {1A63931D-D015-4C02-8B37-8018536284AD} - System32\Tasks\ITE HID monitor => C:\Program Files\HIDKB\IHC.EXE [2016-12-30] (ITE Tech. Inc)
Task: {227BABC3-A4E9-4447-9816-C34095049BA5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-08-18] (NVIDIA Corporation)
Task: {26197E54-A96B-4037-AE0E-58B67B9DE4C8} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\87b8194c-c4f2-4347-9657-c9d914b74744 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {2FC070F0-9343-4306-95AC-DA67BF8A2539} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\069f540c-e815-4213-9f78-a0f04e18a00d => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {32227E4B-6881-45CE-B6DA-980184AF6BD5} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => sc.exe start ThunderboltService
Task: {3E7B889A-FDD8-4284-926C-CC242570DF46} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe
Task: {4D1F6597-56BC-4BAE-8AAE-6A24B7A10963} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-08-24] ()
Task: {5AC56605-82F2-465F-9042-A8CE01306878} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-18] (NVIDIA Corporation)
Task: {6404CF8A-BE58-440B-A69A-FE0CA95D6F5E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-08-24] ()
Task: {64D7222F-4AF9-497B-9E7A-DBDB41D897C4} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-08-18] (NVIDIA Corporation)
Task: {68883060-4963-47C9-AA4A-8B9FE8EB3866} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-10-14] (Intel Corporation)
Task: {71202691-0D3F-4308-ACF7-3B5D7161B972} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => ConditionalAppStarter.exe
Task: {716C3C16-CEE0-479B-B307-46A26C672C0A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-08-24] (Microsoft Corporation)
Task: {7804D982-8666-45A3-8918-3827D86F009E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-08-24] (Microsoft Corporation)
Task: {7872178F-50EC-48B9-8CF0-3C2CB5A35FF1} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-08-18] (NVIDIA Corporation)
Task: {83708F18-A3FA-4037-BFBA-1CA10E7AEF29} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {8EB218D7-EA50-404D-8576-7320DB84BDEA} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-10-13] (Intel(R) Corporation)
Task: {A7C1C7C1-8B9E-4794-8295-DFCB164C7584} - System32\Tasks\NerveCenterUpdate => C:\Program Files\Lenovo\Nerve Center\bin\x64\LenovoNerveCenterUpdateAgent.exe [2017-04-28] (Lenovo(beijing) Limited)
Task: {AEB316AD-AECB-46D7-AFDA-87D210F8FE2D} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-18] (NVIDIA Corporation)
Task: {B486597E-6C4E-456A-8EB8-01641E4C01EF} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-10-14] (Intel Corporation)
Task: {C3ECFB3E-B19C-416D-AA4D-96EB377ECF54} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8919e1da-05e7-4dda-bbd3-2a3df71bc820 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {C681873B-C46A-4C77-82E7-80E58F7A99A7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-08-12] (Microsoft Corporation)
Task: {D18F383C-5CA1-4624-92EF-5C56C5CED698} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-08-12] (Microsoft Corporation)
Task: {D42D6103-8C41-4F60-9C55-57925804900F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-08-18] (NVIDIA Corporation)
Task: {D6901B6C-9DE0-4B69-B2FC-92C0F4DB7842} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\dff62fd7-c930-47ad-968c-d20d58897db3 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {E96A442F-9AE8-4E9F-9A56-810DEF3CDD52} - System32\Tasks\Microsoft\Windows\Display\Brightness\BrightnessReset
Task: {F54316A4-39C0-4838-B154-E3C82DF0D199} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {FDA46CD1-5A88-4DC8-82CA-C4D2702508B1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-18] (NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-10-17 21:00 - 2016-10-17 21:00 - 000107752 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\libglog.dll
2016-10-17 21:00 - 2016-10-17 21:00 - 000412904 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\JsonCpp.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-23 22:02 - 2017-04-28 19:08 - 000141664 _____ () C:\Program Files\Lenovo\Nerve Center\bin\x64\Xmlparser.dll
2017-03-18 22:59 - 2017-03-20 06:46 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-01 18:18 - 2016-11-01 18:18 - 000253664 _____ () C:\Program Files\Intel\Intel(R) Online Connect\CSLibWrapper.dll
2017-08-23 16:42 - 2017-08-23 16:44 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-23 16:42 - 2017-08-23 16:44 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-23 16:42 - 2017-08-23 16:44 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-23 16:42 - 2017-08-23 16:44 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-03-23 22:10 - 2017-08-18 06:36 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-10-27 05:40 - 2016-10-27 05:40 - 000147760 _____ () C:\Program Files\Dolby\Dolby DAX3\API\DAX3API.exe
2016-10-27 05:40 - 2016-10-27 05:40 - 000292656 _____ () C:\Program Files\Dolby\Dolby DAX3\API\RuntimeController.dll
2016-10-27 05:40 - 2016-10-27 05:40 - 000296752 _____ () C:\Program Files\Dolby\Dolby DAX3\API\TuningFileParser.dll
2017-06-05 20:14 - 2017-06-05 20:15 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11707.1001.23.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-08-26 13:54 - 2017-08-26 13:54 - 010600960 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11707.1001.23.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2017-08-26 13:54 - 2017-08-26 13:54 - 002640896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11707.1001.23.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
2017-08-17 18:29 - 2017-08-17 18:29 - 000020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-08-17 18:29 - 2017-08-17 18:29 - 029627904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-08-17 18:29 - 2017-08-17 18:29 - 000358912 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-08-17 18:29 - 2017-08-17 18:29 - 002536448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-08-17 18:29 - 2017-08-17 18:29 - 020719104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-08-17 18:29 - 2017-08-17 18:29 - 002415104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-08-17 18:29 - 2017-08-17 18:29 - 003065856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-06-05 20:14 - 2017-06-05 20:15 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-05 20:14 - 2017-06-05 20:15 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-08-17 18:29 - 2017-08-17 18:29 - 001370112 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.13510.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2016-08-01 09:03 - 2016-08-01 09:03 - 000070144 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-11-08 20:40 - 2016-11-08 20:40 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-03-23 22:10 - 2017-08-18 06:36 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-877886734-1156452847-1497718159-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\lenovo\lenovowallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Cisco AnyConnect Secure Mobility Agent for Windows"
HKU\S-1-5-21-877886734-1156452847-1497718159-1001\...\StartupApproved\Run: => "Steam"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{B8DFA8CD-34CE-49B6-A4D1-65B3047EE730}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{7F85E0AC-8FD3-4A9C-B850-D19C7367619D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{CB81BABD-611A-4BF2-BC30-0A5AFD88D862}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{DB140157-FD19-4FBE-8355-CAC1E7324FE4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{089D8F31-BFA2-4EF9-861A-B06BEA92459E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{05E7C421-3E33-41BC-B18C-6D5F510F33E6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AF7E6C41-C855-4EF7-ABA6-C81BA7517D87}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D440B260-03D1-4720-8819-3258964F8D07}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4B62829C-1A3F-4DCE-A6B8-34ED384480B6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C6442E79-9F1A-48EB-8A63-DDD717EA9489}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2CCB18F0-1B2F-4547-84CE-2AB274F82C63}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F26B3077-E325-4A9E-854A-F4D4558FC856}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C7D1A1A2-6852-4755-ABE7-37BD203C468B}] => (Allow) C:\Users\*****\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{73F3592C-AA0F-4514-9D14-198B6825E9CC}] => (Allow) C:\Program Files (x86)\Avira\Scout\Application\scout.exe
FirewallRules: [{852552B4-17F0-4B41-A95D-A359661E96D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F6929A88-CF5C-4544-A430-0908D31B36F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F5778907-9A4F-4E2A-B114-34AA704C2FCC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{2586DFCE-56AE-4FCA-8163-DE7AD9D76BFD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{ED4149DC-4F4C-4D77-BDD7-BA4030C5A7CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{7C1ADF2B-4839-4B59-9128-D3914E68F2AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{8CCEEC08-A3F9-42AC-9E3B-F9FBDAD3C147}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{22491F7F-C288-4113-8F63-6C56705C3714}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{AA5B6DE4-B31A-421B-A02B-323E44B7C209}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{77977E33-BCC9-457C-A2AE-AEC040BA17EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
==================== Wiederherstellungspunkte =========================
26-08-2017 21:56:00 Geplanter Prüfpunkt
28-08-2017 17:17:03 WinZip 21.5 wird entfernt
29-08-2017 16:29:59 Revo Uninstaller's restore point - VLC Updater
29-08-2017 16:31:14 Revo Uninstaller's restore point - Avira Antivirus
29-08-2017 16:32:45 Revo Uninstaller's restore point - Avira Connect
30-08-2017 16:12:05 JRT Pre-Junkware Removal
30-08-2017 16:50:42 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64 #2
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/30/2017 04:48:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IntelTechnologyAccessService.exe, Version: 1.9.6.80, Zeitstempel: 0x58058ff0
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.502, Zeitstempel: 0x005405b5
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000069e08
ID des fehlerhaften Prozesses: 0x306c
Startzeit der fehlerhaften Anwendung: 0x01d3219f18b0bba0
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: bd1081e2-2927-48b8-875e-b998a55cdd0d
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/30/2017 04:03:22 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\10.0.15063.0\arm\signtool.exe.Manifest".
Die abhängige Assemblierung "Microsoft.Windows.Build.Signing.wintrust.dll,version="0.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/30/2017 04:03:22 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\10.0.15063.0\arm64\signtool.exe.Manifest".
Die abhängige Assemblierung "Microsoft.Windows.Build.Appx.AppxSip.dll,version="0.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/29/2017 10:29:15 PM) (Source: IntelDalJhi) (EventID: 4) (User: )
Description: Intel(R) Dynamic Application Loader Host Interface Service initialization failure - the spooler applet is invalid.
Error: (08/29/2017 10:29:15 PM) (Source: IntelDalJhi) (EventID: 4) (User: )
Description: Intel(R) Dynamic Application Loader Host Interface Service initialization failure - the spooler applet is invalid.
Error: (08/29/2017 04:27:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\10.0.15063.0\arm\signtool.exe.Manifest".
Die abhängige Assemblierung "Microsoft.Windows.Build.Signing.wintrust.dll,version="0.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/29/2017 04:27:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\10.0.15063.0\arm64\signtool.exe.Manifest".
Die abhängige Assemblierung "Microsoft.Windows.Build.Appx.AppxSip.dll,version="0.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/29/2017 04:25:22 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\10.0.15063.0\arm\signtool.exe.Manifest".
Die abhängige Assemblierung "Microsoft.Windows.Build.Signing.wintrust.dll,version="0.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/29/2017 04:25:22 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\10.0.15063.0\arm64\signtool.exe.Manifest".
Die abhängige Assemblierung "Microsoft.Windows.Build.Appx.AppxSip.dll,version="0.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (08/28/2017 06:12:13 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Kits\10\bin\10.0.15063.0\arm\signtool.exe.Manifest".
Die abhängige Assemblierung "Microsoft.Windows.Build.Signing.wintrust.dll,version="0.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Systemfehler:
=============
Error: (08/30/2017 04:50:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NVIDIA LocalSystem Container" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 6000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/30/2017 04:49:44 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/30/2017 04:49:44 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (08/30/2017 04:49:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (08/30/2017 04:48:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Online Connect Access" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/30/2017 04:48:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dolby DAX API Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/30/2017 04:48:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia Update Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/30/2017 04:48:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Office Software Protection Platform" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/30/2017 04:48:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/30/2017 04:48:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Online Connect" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2017-08-30 17:05:25.264
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_de6bb1c9c589c5de\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-08-30 17:05:25.218
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-08-29 17:24:15.922
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvlt.inf_amd64_de6bb1c9c589c5de\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-08-29 17:24:15.866
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 16227.16 MB
Verfügbarer physikalischer RAM: 12447.53 MB
Summe virtueller Speicher: 18659.16 MB
Verfügbarer virtueller Speicher: 14992.93 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:212.23 GB) (Free:102.51 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.77 GB) NTFS
Drive e: (DATA) (Fixed) (Total:931.39 GB) (Free:926.36 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 7C3959E7)
Partition: GPT.
========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 2BDF5976)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
SecurityCheck und:
Lesestoff: