Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Funde von Emsisoft? (https://www.trojaner-board.de/189368-funde-emsisoft.html)

PC_User 17.03.2018 18:01
Funde von Emsisoft?
 
Liste der Anhänge anzeigen (Anzahl: 1)
Ich habe beim heutigen Scan mit Emsisoft folgende Funde angezeigt bekommen und diese in die Quarantäne verschoben. Ich bin mir nicht sicher, ob es sich dabei um FP's handelt oder nicht. Ein erneuter Scan zeigt jedenfalls keinen Funde mehr an. Ein Scan mit mbam ebenfalls nicht. Ich habe mal einen Screenshot angehängt. Könnte durchaus sein, dass ich Hilfe benötige.
OS_ Windows 10 Home x64 1709 Build 16299.309
Virenscanner Emsisoft.

Bootsektor 17.03.2018 21:23
Das ist ne Setupdatei vom CCleaner und Kram von Adware, beides keine FPs, beides allerdings nicht schwerwiegend.
Mach doch mal FRST:


Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


PC_User 18.03.2018 08:11
Guten Morgen Bootsektor,
vielen Dank für Deine Hilfe. Hier die gewünschten Ergebnisse.
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
durchgeführt von Detlev Harland (Administrator) auf DESKTOP-9RG45OD (18-03-2018 07:52:24)
Gestartet von C:\Users\Detlev Harland\Desktop
Geladene Profile: Detlev Harland (Verfügbare Profile: defaultuser0 & Detlev Harland)
Platform: Windows 10 Home Version 1709 16299.309 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Program Files\Vivaldi\Application\vivaldi.exe" -- "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Crystal Rich Ltd) C:\Program Files (x86)\Zentimo\ZentimoService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(COMODO Security Solutions) C:\Program Files\COMODO\COMMON\COSService.exe
(Creative Labs) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\APLicensing.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe
(© pdfforge GmbH.) C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(COMODO Security Solutions) C:\Program Files\COMODO\COMMON\SynchronizationService.exe
(TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Bitsum LLC) C:\Program Files\Process Lasso\ProcessLasso.exe
(Bitsum LLC) C:\Program Files\Process Lasso\ProcessGovernor.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Crystal Rich Ltd) C:\Program Files (x86)\Zentimo\Zentimo.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
konnte nicht auf den Prozess zugreifen -> backgroundTaskHost.exe
(Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(OLYMPUS IMAGING CORP.) C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe
(Mirko Böer) C:\Program Files\SSKPro\sskpro.exe
() C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
(Vivaldi Technologies AS) C:\Program Files\Vivaldi\Application\update_notifier.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopus.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\SAMSUNG\Samsung Magician\SamsungMagician.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\Scheduler.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2start.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.16299.251_none_16dd4c82321e5ccc\TiWorker.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [2345848 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [722256 2008-12-12] (CANON INC.)
HKLM\...\Run: [Zentimo xStorage Manager] => C:\Program Files (x86)\Zentimo\Zentimo.exe [7015192 2016-10-16] (Crystal Rich Ltd)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2141816 2018-02-22] (Logitech, Inc.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [237693 2009-02-03] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe [55216 2012-11-16] (OLYMPUS IMAGING CORP.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [109056 2008-08-01] (ArcSoft Inc.)
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE*
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [Desk-Timer Wallpaper aktualisieren] => C:\Program Files (x86)\Desk-Timer\Desk-Timer.exe [5457104 2016-09-16] (Jürgen Bäckmann)
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe [223152 2012-11-16] (OLYMPUS IMAGING CORP.)
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [SuperSpamKiller Pro] => C:\Program Files\SSKPro\sskpro.exe [19059688 2018-01-23] (Mirko Böer)
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [phonostarTimer] => C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [43008 2015-10-15] ()
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [phonostar-PlayerTimer] => C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [43008 2015-10-15] ()
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1422248 2018-02-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [Directory Opus Desktop Dblclk] => C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe [694512 2017-11-27] (GP Software)
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [Vivaldi Update Notifier] => C:\Program Files\Vivaldi\Application\update_notifier.exe [1742920 2018-02-27] (Vivaldi Technologies AS)
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [SoftAuto.exe] => C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe [405504 2008-08-13] (Creative Technology Ltd)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1422248 2018-02-08] (Garmin Ltd. or its subsidiaries)
ShellExecuteHooks: Directory Opus Shell Execute Hook - {3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [1902832 2017-11-27] (GP Software)
ShellExecuteHooks-x32: Directory Opus Shell Execute Hook - {EE761688-C137-4b04-8FAB-3C9CDF0886F0} - C:\Program Files\GPSoftware\Directory Opus\dopuslib32.dll [380144 2017-11-27] (GP Software)
Startup: C:\Users\Detlev Harland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Directory Opus (Autostart).lnk [2017-11-27]
ShortcutTarget: Directory Opus (Autostart).lnk -> C:\Program Files\GPSoftware\Directory Opus\dopus.exe (GP Software)
Startup: C:\Users\Detlev Harland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar716.lnk [2018-03-18]
ShortcutTarget: Sidebar716.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Als een item is opgenomen in de fixlist, zal een registeritem worden verwijderd of hersteld naar de standaard waarde.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{ccacdc0b-46df-4986-acd5-3a1bb2255352}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2965490846-3651860406-308467309-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-03-03] (Microsoft Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-03] (Microsoft Corporation)

FireFox:
========
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-03] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2965490846-3651860406-308467309-1001: @phonostar.de/phonostar -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll [2016-10-04] ( )

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR NewTab: Profile 2 -> "active": true,
            "entry": "chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
         
CHR Profile: C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-03-17]
CHR Extension: (Google Drive) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-12]
CHR Extension: (YouTube) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-12]
CHR Extension: (Scroll To Top Button) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\chinfkfmaefdlchhempbfgbdagheknoj [2018-03-12]
CHR Extension: (uBlock Origin) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-03-12]
CHR Extension: (HTTPS Everywhere) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2018-03-12]
CHR Extension: (Green Scroll Bar - Pure CSS3 (from ZIG)) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hnnpahlmflcceeadbeollhmmkfhfelnn [2018-03-12]
CHR Extension: (EverSync - Sync bookmarks, backup favorites) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\iohcojnlgnfbmjfjfkbhahhmppcggdog [2018-03-12]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2018-03-12]
CHR Extension: (Chrono Download Manager) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2018-03-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-03-12]
CHR Extension: (Open Bookmark Manager) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\oalceheiomajabalbakkoeiheiokhdbd [2018-03-12]
CHR Extension: (Last Tab Keepalive) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pekhngokoehglkdkciedpimjddpbkcod [2018-03-12]
CHR Extension: (Google Mail) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-12]
CHR Extension: (Chrome Media Router) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-12]
CHR Profile: C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\System Profile [2018-03-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [9317264 2018-03-08] (Emsisoft Ltd)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2008-08-01] (ArcSoft Inc.)
R2 AdobeActiveFileMonitor14.0; C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe [226016 2015-12-07] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7962288 2018-03-12] (Microsoft Corporation)
R2 COSService.exe; C:\Program Files\COMODO\COMMON\COSService.exe [3550400 2014-10-07] (COMODO Security Solutions)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2017-05-14] (Creative Labs) [Datei ist nicht signiert]
R2 Creative Audio Pack Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\APLicensing.exe [72704 2017-05-14] (Creative Labs) [Datei ist nicht signiert]
S3 Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [79360 2017-05-14] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 CTDevice_Srv; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd) [Datei ist nicht signiert]
S3 CTUPnPSv; C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [64000 2008-05-21] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1162768 2018-02-08] (Garmin Ltd. or its subsidiaries)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (© pdfforge GmbH.)
R2 SynchronizationService.exe; C:\Program Files\COMODO\COMMON\SynchronizationService.exe [2575552 2014-10-07] (COMODO Security Solutions)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3661096 2015-09-14] (TechSmith Corporation)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 ZentimoService; C:\Program Files (x86)\Zentimo\ZentimoService.exe [1756952 2016-10-16] (Crystal Rich Ltd)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 PDF Architect 5 Creator; "C:\Program Files\PDF Architect 5\creator-ws.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [90560 2018-01-22] (Alcorlink Corp.)
R0 bdisk; C:\WINDOWS\System32\DRIVERS\bdisk.sys [85488 2014-10-07] (COMODO Security Solutions Inc.)
R0 CBUFS; C:\WINDOWS\System32\DRIVERS\CBUFS.sys [230712 2014-10-07] (COMODO Security Solutions Inc.)
R0 cbvd; C:\WINDOWS\System32\DRIVERS\cbvd.sys [677744 2014-10-07] (COMODO Security Solutions Inc.)
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [124552 2016-11-23] (Emsisoft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-05-14] (REALiX(tm))
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_a33a405d786e1e76\nvlddmkm.sys [17493824 2018-03-07] (NVIDIA Corporation)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R0 Reparse; C:\WINDOWS\System32\DRIVERS\CBReparse.sys [674160 2014-10-07] (COMODO Security Solutions Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1026896 2018-03-07] (Realtek )
R1 UimBus; C:\WINDOWS\System32\drivers\uimbus.sys [108856 2017-04-11] (Paragon Software GmbH)
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uimdevim.sys [44848 2017-04-11] (Paragon Software GmbH)
R3 vdbus; C:\WINDOWS\System32\drivers\vdbus.sys [826040 2014-10-07] (COMODO Security Solutions Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
S3 WofAdk; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wofadk.sys [221376 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-03-18 07:52 - 2018-03-18 07:52 - 000022049 _____ C:\Users\Detlev Harland\Desktop\FRST.txt
2018-03-18 07:52 - 2018-03-18 07:52 - 000000000 ____D C:\FRST
2018-03-18 07:50 - 2018-03-18 07:50 - 002403328 _____ (Farbar) C:\Users\Detlev Harland\Desktop\FRST64.exe
2018-03-17 09:31 - 2018-03-17 09:31 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\Opera Software
2018-03-17 09:31 - 2018-03-17 09:31 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\Opera Software
2018-03-17 09:22 - 2018-03-17 14:18 - 000000000 ____D C:\Program Files\Opera
2018-03-14 17:03 - 2018-03-02 04:36 - 017085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-03-14 17:03 - 2018-03-02 04:02 - 000037888 _____ C:\WINDOWS\system32\SpectrumSyncClient.dll
2018-03-14 17:03 - 2018-03-02 04:01 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-03-14 17:03 - 2018-03-02 04:00 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2018-03-14 17:03 - 2018-03-02 04:00 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\svf.dll
2018-03-14 17:03 - 2018-03-02 04:00 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-03-14 17:03 - 2018-03-02 03:59 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-03-14 17:03 - 2018-03-01 21:28 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-03-14 17:03 - 2018-03-01 08:50 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-03-14 17:03 - 2018-03-01 08:49 - 000389536 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-03-14 17:03 - 2018-03-01 08:48 - 000664472 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-03-14 17:03 - 2018-03-01 08:47 - 000749464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-03-14 17:03 - 2018-03-01 08:47 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-03-14 17:03 - 2018-03-01 08:46 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-03-14 17:03 - 2018-03-01 08:46 - 001568664 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-03-14 17:03 - 2018-03-01 08:46 - 000609176 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-03-14 17:03 - 2018-03-01 08:46 - 000138144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-03-14 17:03 - 2018-03-01 08:45 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-03-14 17:03 - 2018-03-01 08:40 - 002514936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-03-14 17:03 - 2018-03-01 08:40 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-03-14 17:03 - 2018-03-01 08:40 - 000273304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-03-14 17:03 - 2018-03-01 08:37 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-03-14 17:03 - 2018-03-01 08:31 - 008602520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-03-14 17:03 - 2018-03-01 08:30 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-03-14 17:03 - 2018-03-01 08:30 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-03-14 17:03 - 2018-03-01 08:29 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-03-14 17:03 - 2018-03-01 08:27 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-03-14 17:03 - 2018-03-01 08:26 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-03-14 17:03 - 2018-03-01 08:25 - 000377752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-03-14 17:03 - 2018-03-01 08:23 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-03-14 17:03 - 2018-03-01 08:19 - 000710768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-03-14 17:03 - 2018-03-01 08:17 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-03-14 17:03 - 2018-03-01 08:17 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-03-14 17:03 - 2018-03-01 08:17 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-03-14 17:03 - 2018-03-01 08:15 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-03-14 17:03 - 2018-03-01 08:14 - 007675784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-03-14 17:03 - 2018-03-01 08:14 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-03-14 17:03 - 2018-03-01 08:14 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthFWSnapin.dll
2018-03-14 17:03 - 2018-03-01 08:14 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-03-14 17:03 - 2018-03-01 08:14 - 000356952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-03-14 17:03 - 2018-03-01 08:14 - 000147872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-03-14 17:03 - 2018-03-01 08:14 - 000128928 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2018-03-14 17:03 - 2018-03-01 08:12 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-03-14 17:03 - 2018-03-01 08:12 - 000250264 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2018-03-14 17:03 - 2018-03-01 08:12 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-03-14 17:03 - 2018-03-01 08:11 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-03-14 17:03 - 2018-03-01 08:10 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-03-14 17:03 - 2018-03-01 08:10 - 000075168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-03-14 17:03 - 2018-03-01 08:10 - 000022936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
2018-03-14 17:03 - 2018-03-01 08:09 - 001054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-03-14 17:03 - 2018-03-01 07:51 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-03-14 17:03 - 2018-03-01 07:48 - 001930736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-03-14 17:03 - 2018-03-01 07:39 - 000213400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-03-14 17:03 - 2018-03-01 07:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-03-14 17:03 - 2018-03-01 07:29 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-03-14 17:03 - 2018-03-01 07:29 - 000574960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-03-14 17:03 - 2018-03-01 07:28 - 006480616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-03-14 17:03 - 2018-03-01 07:28 - 002193168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-03-14 17:03 - 2018-03-01 07:28 - 000115096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2018-03-14 17:03 - 2018-03-01 07:27 - 000284112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-03-14 17:03 - 2018-03-01 07:27 - 000221592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2018-03-14 17:03 - 2018-03-01 07:26 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-03-14 17:03 - 2018-03-01 07:26 - 001057816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-03-14 17:03 - 2018-03-01 07:23 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthFWSnapin.dll
2018-03-14 17:03 - 2018-03-01 07:21 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2018-03-14 17:03 - 2018-03-01 07:09 - 025251840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-03-14 17:03 - 2018-03-01 07:03 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-03-14 17:03 - 2018-03-01 07:03 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-03-14 17:03 - 2018-03-01 07:03 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-03-14 17:03 - 2018-03-01 07:03 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-03-14 17:03 - 2018-03-01 07:03 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-03-14 17:03 - 2018-03-01 07:01 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-03-14 17:03 - 2018-03-01 07:01 - 006575616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-03-14 17:03 - 2018-03-01 07:01 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-03-14 17:03 - 2018-03-01 07:01 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-03-14 17:03 - 2018-03-01 07:00 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-03-14 17:03 - 2018-03-01 06:59 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-03-14 17:03 - 2018-03-01 06:58 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-03-14 17:03 - 2018-03-01 06:58 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-03-14 17:03 - 2018-03-01 06:58 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2018-03-14 17:03 - 2018-03-01 06:58 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-03-14 17:03 - 2018-03-01 06:57 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-03-14 17:03 - 2018-03-01 06:56 - 018922496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-03-14 17:03 - 2018-03-01 06:56 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-03-14 17:03 - 2018-03-01 06:55 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-03-14 17:03 - 2018-03-01 06:54 - 003664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-03-14 17:03 - 2018-03-01 06:54 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-03-14 17:03 - 2018-03-01 06:54 - 001296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-03-14 17:03 - 2018-03-01 06:54 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-03-14 17:03 - 2018-03-01 06:54 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-03-14 17:03 - 2018-03-01 06:54 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-03-14 17:03 - 2018-03-01 06:53 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-03-14 17:03 - 2018-03-01 06:53 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2018-03-14 17:03 - 2018-03-01 06:52 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-03-14 17:03 - 2018-03-01 06:52 - 006030336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-03-14 17:03 - 2018-03-01 06:51 - 002329088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2018-03-14 17:03 - 2018-03-01 06:51 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-03-14 17:03 - 2018-03-01 06:51 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2018-03-14 17:03 - 2018-03-01 06:51 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-03-14 17:03 - 2018-03-01 06:50 - 003677184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-03-14 17:03 - 2018-03-01 06:50 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-03-14 17:03 - 2018-03-01 06:50 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-03-14 17:03 - 2018-03-01 06:50 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-03-14 17:03 - 2018-03-01 06:50 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-03-14 17:03 - 2018-03-01 06:49 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-03-14 17:03 - 2018-03-01 06:49 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-03-14 17:03 - 2018-03-01 06:49 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-03-14 17:03 - 2018-03-01 06:49 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-03-14 17:03 - 2018-03-01 06:48 - 000543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-03-14 17:03 - 2018-03-01 06:48 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-03-14 17:03 - 2018-03-01 06:47 - 023674368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-03-14 17:03 - 2018-03-01 06:47 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2018-03-14 17:03 - 2018-03-01 06:47 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-03-14 17:03 - 2018-03-01 06:46 - 004051968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-03-14 17:03 - 2018-03-01 06:46 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-03-14 17:03 - 2018-03-01 06:46 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-03-14 17:03 - 2018-03-01 06:45 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-03-14 17:03 - 2018-03-01 06:45 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-03-14 17:03 - 2018-03-01 06:45 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-03-14 17:03 - 2018-03-01 06:44 - 008030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-03-14 17:03 - 2018-03-01 06:44 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-03-14 17:03 - 2018-03-01 06:43 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-03-14 17:03 - 2018-03-01 06:42 - 003505664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2018-03-14 17:03 - 2018-03-01 06:42 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-03-14 17:03 - 2018-03-01 06:41 - 008103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-03-14 17:03 - 2018-03-01 06:41 - 004745728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-03-14 17:03 - 2018-03-01 06:41 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-03-14 17:03 - 2018-03-01 06:41 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-03-14 17:03 - 2018-03-01 06:41 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-03-14 17:03 - 2018-03-01 06:40 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-03-14 17:03 - 2018-03-01 06:39 - 002222592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-03-14 17:03 - 2018-03-01 06:39 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-03-14 17:03 - 2018-03-01 06:39 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2018-03-14 17:03 - 2018-03-01 06:39 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-03-14 17:03 - 2018-03-01 06:38 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-03-14 17:03 - 2018-03-01 06:38 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-03-14 17:03 - 2018-03-01 06:36 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-03-14 17:03 - 2018-03-01 06:36 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-03-14 17:03 - 2018-03-01 06:35 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-03-14 17:03 - 2018-03-01 06:35 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2018-03-14 17:03 - 2018-03-01 06:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-03-14 17:03 - 2018-02-22 03:23 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-03-14 17:03 - 2018-02-22 03:23 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-03-14 17:03 - 2018-02-22 03:13 - 000279456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-03-14 17:03 - 2018-02-22 03:13 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-03-14 17:03 - 2018-02-22 03:11 - 000109984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-03-14 17:03 - 2018-02-22 03:10 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-03-14 17:03 - 2018-02-22 03:08 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-03-14 17:03 - 2018-02-22 03:08 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-03-14 17:03 - 2018-02-22 03:08 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-03-14 17:03 - 2018-02-22 03:07 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-03-14 17:03 - 2018-02-22 03:07 - 001209248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-03-14 17:03 - 2018-02-22 03:07 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2018-03-14 17:03 - 2018-02-22 03:03 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-03-14 17:03 - 2018-02-22 03:03 - 000082848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-03-14 17:03 - 2018-02-22 03:02 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-03-14 17:03 - 2018-02-22 03:00 - 000187296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-03-14 17:03 - 2018-02-22 02:59 - 021351624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-03-14 17:03 - 2018-02-22 02:54 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-03-14 17:03 - 2018-02-22 02:52 - 000103328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-03-14 17:03 - 2018-02-22 02:51 - 000555424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-03-14 17:03 - 2018-02-22 02:51 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2018-03-14 17:03 - 2018-02-22 02:51 - 000045472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-03-14 17:03 - 2018-02-22 02:50 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-03-14 17:03 - 2018-02-22 02:50 - 000229272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-03-14 17:03 - 2018-02-22 01:41 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-03-14 17:03 - 2018-02-22 01:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2018-03-14 17:03 - 2018-02-22 01:30 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-03-14 17:03 - 2018-02-22 01:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidparse.sys
2018-03-14 17:03 - 2018-02-22 01:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-03-14 17:03 - 2018-02-22 01:30 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-03-14 17:03 - 2018-02-22 01:27 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-03-14 17:03 - 2018-02-22 01:25 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-03-14 17:03 - 2018-02-22 01:16 - 001286144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-03-14 17:03 - 2018-02-22 01:12 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-03-12 08:07 - 2018-03-12 08:07 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\Google
2018-03-10 13:57 - 2018-03-11 08:04 - 000003786 _____ C:\WINDOWS\System32\Tasks\Shelbee_BackupReminder_global
2018-03-10 13:57 - 2018-03-10 13:57 - 000003460 _____ C:\WINDOWS\System32\Tasks\Shelbee_BackupReminder_MissedTasksChecker
2018-03-07 17:24 - 2018-03-07 17:24 - 019796336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-03-07 17:24 - 2018-03-07 17:24 - 016449872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-03-07 17:24 - 2018-03-07 17:24 - 013444552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-03-07 17:24 - 2018-03-07 17:24 - 011026080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 040269808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 035180016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 012843496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 010900248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 004308976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 003894304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 003709424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 001976120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439077.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 001673616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439077.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 001134768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 001126888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 001054704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 000988464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 000939832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-03-04 10:33 - 2018-03-04 10:33 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\Creative
2018-03-04 10:31 - 2018-03-04 10:31 - 000000000 ___HD C:\ProgramData\{26D901A1-2540-4430-81DC-0317F01BD7BE}
2018-03-04 10:30 - 2018-03-04 10:30 - 000000000 ___HD C:\ProgramData\{5086CFFE-02D3-48D7-8A7C-169CFF056F88}
2018-03-04 10:30 - 2018-03-04 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2018-03-01 07:31 - 2018-03-01 07:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2018-03-01 07:31 - 2018-03-01 07:31 - 000000000 ____D C:\Program Files\Logitech
2018-02-24 10:05 - 2018-03-17 18:22 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-02-24 10:05 - 2018-03-17 18:22 - 000000000 ____D C:\Program Files\CCleaner
2018-02-24 10:05 - 2018-02-24 10:05 - 000002888 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-02-24 10:05 - 2018-02-24 10:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-02-24 10:00 - 2018-02-24 10:00 - 000003412 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2018-02-24 07:45 - 2018-02-24 07:45 - 000001221 _____ C:\Users\Detlev Harland\Desktop\Meine Bankdaten.lnk
2018-02-18 09:18 - 2018-02-18 09:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-02-17 09:02 - 2018-02-17 09:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileMenu Tools

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-03-18 07:51 - 2017-05-14 20:45 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\TeraCopy
2018-03-18 07:50 - 2017-09-07 13:10 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\Adobe
2018-03-18 07:48 - 2017-09-08 12:51 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware
2018-03-18 07:47 - 2017-09-07 15:08 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\CrashDumps
2018-03-18 07:47 - 2017-09-07 14:15 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\Desk-Timer
2018-03-18 07:47 - 2017-05-14 20:39 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\Zentimo
2018-03-17 18:25 - 2017-09-07 19:23 - 000063336 _____ C:\WINDOWS\system32\BMXStateBkp-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
2018-03-17 18:25 - 2017-09-07 19:23 - 000063336 _____ C:\WINDOWS\system32\BMXState-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
2018-03-17 18:25 - 2017-09-07 19:23 - 000000820 _____ C:\WINDOWS\system32\DVCState-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
2018-03-17 18:25 - 2017-09-07 19:22 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-17 18:24 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-03-17 18:12 - 2017-11-18 07:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2018-03-17 18:12 - 2017-09-08 13:09 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\TechSmith
2018-03-17 18:09 - 2017-09-08 13:09 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\TechSmith
2018-03-17 18:09 - 2017-09-08 13:09 - 000000000 ____D C:\ProgramData\TechSmith
2018-03-17 18:08 - 2017-10-20 16:56 - 002976312 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-17 18:08 - 2017-09-30 15:35 - 001407956 _____ C:\WINDOWS\system32\perfh007.dat
2018-03-17 18:08 - 2017-09-30 15:35 - 000336790 _____ C:\WINDOWS\system32\perfc007.dat
2018-03-17 18:06 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-03-17 18:04 - 2017-10-20 16:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-03-17 18:03 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-03-17 18:02 - 2017-05-14 19:52 - 000000000 ____D C:\ProgramData\Package Cache
2018-03-17 15:33 - 2017-09-07 13:24 - 000000000 ____D C:\ProgramData\Ashampoo
2018-03-17 14:18 - 2017-10-20 16:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-03-17 09:16 - 2017-09-09 08:04 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\WhatsApp
2018-03-17 07:43 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-17 07:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-03-17 07:43 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-03-17 07:42 - 2017-09-10 05:19 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-03-15 13:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-03-15 13:31 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-03-15 13:09 - 2017-10-20 16:54 - 000000000 ___RD C:\Users\Detlev Harland\3D Objects
2018-03-15 13:09 - 2017-10-20 16:46 - 000411944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-03-15 13:09 - 2017-05-14 19:43 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-03-14 17:37 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-03-14 17:37 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-03-14 17:37 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-03-14 17:36 - 2017-05-14 20:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-03-14 17:10 - 2017-10-11 16:17 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-14 17:10 - 2017-05-14 20:07 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-03-14 17:06 - 2017-09-29 14:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-03-14 17:06 - 2017-09-29 14:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-03-14 16:52 - 2017-09-07 14:26 - 000000000 ____D C:\Users\Detlev Harland\AppData\LocalLow\Mozilla
2018-03-12 08:46 - 2017-05-14 19:48 - 000000000 ____D C:\ProgramData\Logishrd
2018-03-10 13:57 - 2017-09-07 13:41 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\WindSolutions
2018-03-10 13:52 - 2017-09-07 13:41 - 000000000 ____D C:\ProgramData\WindSolutions
2018-03-10 08:24 - 2017-10-20 16:51 - 000003074 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Detlev Harland)
2018-03-09 15:27 - 2017-09-07 13:16 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\XnView
2018-03-09 10:45 - 2017-09-07 12:20 - 000000000 ___SD C:\Users\Detlev Harland\Documents\Sticky Passwords
2018-03-07 17:23 - 2017-10-06 15:23 - 017493824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2018-03-07 17:23 - 2017-10-06 15:23 - 004580832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-03-07 17:23 - 2017-10-06 15:23 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb
2018-03-07 17:22 - 2017-10-06 15:22 - 001026896 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2018-03-07 16:45 - 2017-05-14 19:43 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\VirtualStore
2018-03-04 10:31 - 2017-09-07 19:23 - 000000000 ____D C:\ProgramData\Creative
2018-03-04 10:31 - 2017-05-14 20:20 - 000000000 ____D C:\Program Files (x86)\Creative
2018-03-04 08:10 - 2017-12-02 07:45 - 000002152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2018-03-04 08:10 - 2017-11-26 07:48 - 000000000 ____D C:\Program Files\Vivaldi
2018-03-03 09:01 - 2017-12-10 07:50 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2018-03-03 09:01 - 2017-09-09 08:04 - 000002306 _____ C:\Users\Detlev Harland\Desktop\WhatsApp.lnk
2018-03-03 09:01 - 2017-09-09 08:04 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\WhatsApp
2018-03-03 09:00 - 2017-09-09 08:04 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\SquirrelTemp
2018-03-02 22:09 - 2017-09-29 14:49 - 000834552 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-03-02 22:09 - 2017-09-29 14:49 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-01 07:35 - 2017-09-07 13:40 - 000000876 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-03-01 07:35 - 2017-09-07 13:40 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\vlc
2018-03-01 07:31 - 2017-12-20 07:07 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\Deployment
2018-03-01 07:31 - 2017-09-07 13:13 - 000000000 ____D C:\Program Files\Adobe
2018-03-01 07:24 - 2017-09-07 15:04 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\SuperSpamKiller Pro
2018-02-24 10:17 - 2017-09-08 06:14 - 000000000 ____D C:\ProgramData\TEMP
2018-02-24 10:09 - 2017-10-19 16:10 - 000000000 ___DC C:\WINDOWS\Panther
2018-02-24 10:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-02-24 10:01 - 2017-05-14 20:47 - 000000000 ____D C:\ProgramData\ProductData
2018-02-24 10:00 - 2017-09-08 09:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SystemSoftware
2018-02-24 08:55 - 2018-02-10 06:39 - 000000000 ____D C:\WINDOWS\Minidump
2018-02-24 07:37 - 2017-11-10 06:27 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-18 09:28 - 2017-09-07 15:03 - 000000000 ____D C:\Program Files\SSKPro
2018-02-17 16:04 - 2017-10-20 16:47 - 000000000 ____D C:\Users\Detlev Harland

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2002-09-25 18:55 - 2002-09-25 18:55 - 000000000 ____H () C:\ProgramData\sdpsenv.dat

Einige Dateien in TEMP:
====================
2018-03-17 09:21 - 2018-03-17 09:21 - 001857024 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082150734.dll
2018-03-17 09:21 - 2018-03-17 09:21 - 001857024 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082150818.dll
2018-03-17 09:21 - 2018-03-17 09:21 - 001857024 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082151070.dll
2018-03-17 09:22 - 2018-03-17 09:22 - 001857024 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082200339.dll
2018-03-17 09:22 - 2018-03-17 09:22 - 001857024 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082200750.dll
2018-03-17 09:22 - 2018-03-17 09:22 - 001857024 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082200819.dll
2018-03-17 09:22 - 2018-03-17 09:22 - 002153984 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082213261.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14.03.2018
durchgeführt von Detlev Harland (18-03-2018 07:53:05)
Gestartet von C:\Users\Detlev Harland\Desktop
Windows 10 Home Version 1709 16299.309 (X64) (2017-10-20 15:53:58)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2965490846-3651860406-308467309-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2965490846-3651860406-308467309-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2965490846-3651860406-308467309-1000 - Limited - Disabled) => C:\Users\defaultuser0
Detlev Harland (S-1-5-21-2965490846-3651860406-308467309-1001 - Administrator - Enabled) => C:\Users\Detlev Harland
Gast (S-1-5-21-2965490846-3651860406-308467309-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2965490846-3651860406-308467309-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Anti-Malware (Enabled - Up to date) {67773CDD-EA83-AD98-A2ED-386463EB3B0D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {DC16DD39-CCB9-A216-985D-0316186C71B0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-PDF Maker Version 1.5.2 (Build 164) (HKLM-x32\...\7-PDF Maker_is1) (Version: 7-PDF Maker - Version 1.5.2 (Build 164) - 7-PDF, Germany - Thorsten Hodes)
8GadgetPack (HKLM-x32\...\{36E60904-D465-40F7-82A7-A9C7A84C29B7}) (Version: 24.0.0 - 8GadgetPack.net)
Adobe Photoshop Elements 14 (HKLM-x32\...\{49F8D229-3E0E-4F43-8429-EB8F2583DB19}) (Version: 14.1 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.46 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (HKLM\...\{00EC0123-5EC2-4D75-830C-EF11667E74E8}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
ArcSoft PhotoStudio 6 (HKLM-x32\...\{ED8EF3C2-FA5B-4A1E-950D-5A0227161F97}) (Version:  - ArcSoft)
Ashampoo Burning Studio 18 (HKLM-x32\...\{91B33C97-AF35-C3DC-976E-8A253D817482}_is1) (Version: 18.0.6 - Ashampoo GmbH & Co. KG)
Assessments on Client (HKLM-x32\...\{F8288793-51B6-47EF-2F93-D37767663FC5}) (Version: 10.1.14393.0 - Microsoft) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon MP Navigator EX 2.1 (HKLM-x32\...\MP Navigator EX 2.1) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CanoScan LiDE 700F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9601) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
Classic Menu for Office (HKLM-x32\...\{8023435C-3656-4C80-9731-ACAC26B922EB}) (Version: 9.25 - Addin Technology Inc.)
COMODO BackUp (HKLM\...\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}) (Version: 4.4.1.23 - COMODO)
concept/design onlineTV 13 (HKLM-x32\...\{32B1D875-8CFA-41DD-BDC6-A9CA59CECADE}_is1) (Version: 13.17.11.2 - concept/design GmbH)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\CopyTrans Suite) (Version: 4.017 - WindSolutions)
CPUID CPU-Z 1.80.1 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.80.1 - )
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Creative Audiopaket (HKLM-x32\...\Creative Audio Pack) (Version:  - )
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative Centrale (HKLM-x32\...\{4442AB48-DEC4-4B39-B067-1F75BF8017E7}) (Version: 1.18.05 - Creative Technology Ltd.) Hidden
Creative Centrale (HKLM-x32\...\Creative Centrale) (Version: 1.18.05 - Creative Technology Ltd.)
Creative Media Toolbox 6 (HKLM-x32\...\{F1A14CB2-A048-45A6-AFDA-3571296E1D76}) (Version: 6.02 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited)
Creative Software Update (HKLM-x32\...\{86604C06-DA30-425E-AECE-47304FE81C45}) (Version: 1.03.01 - Creative Technology Ltd.) Hidden
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.03 - Creative Technology Limited)
Creative ZEN X-Fi Style Dokumentation (HKLM-x32\...\ZENXFISTYLEUG) (Version:  - Creative Technology Ltd.)
Desk-Timer 2.11.2 (HKLM-x32\...\DeskTimer_is1) (Version: 2.11.2 - Jürgen Bäckmann)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.00 - Creative Technology Limited)
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.2.0 - IObit)
DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited)
Elevated Installer (HKLM-x32\...\{9AB7E852-655C-4BDE-9042-1D3E6807C85A}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 2017.8 - Emsisoft Ltd.)
FileMenu Tools (HKLM\...\FileMenu Tools_is1) (Version: 7.4 - LopeSoft)
FileMenu Tools 7.5 (HKLM\...\FileMenuTools_is1) (Version: 7.5 - LopeSoft)
foobar2000 v1.3.17 (HKLM-x32\...\foobar2000) (Version: 1.3.17 - Peter Pawlowski)
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E695D74A-9567-46DA-A4EE-0E191F21194B}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{fb1ff7db-c0d2-43c4-99bf-5b2fa4f9ca0b}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{7C8FDEF1-F311-459C-B3CC-EEF73C721BFD}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
GPSoftware Directory Opus (HKLM-x32\...\{0A6AA615-5321-43A0-AFAE-97BF95013EA0}) (Version: 12.7 - GPSoftware)
HP Officejet Pro 8100 - Grundlegende Software für das Gerät (HKLM\...\{4D139017-971D-45CF-B94E-26C4DC93A814}) (Version: 28.0.1321.0 - Hewlett-Packard Co.)
HP Officejet Pro 8100 Hilfe (HKLM-x32\...\{73DB9F06-C125-4A1C-A982-5801338EBE84}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Imaging And Configuration Designer (HKLM-x32\...\{05935793-A34C-4272-3361-7AF9AEEE5649}) (Version: 10.1.14393.0 - Microsoft) Hidden
Imaging Designer (HKLM-x32\...\{FB54F620-9555-3A11-26CB-B027C4DDF260}) (Version: 10.1.14393.0 - Microsoft) Hidden
Imaging Tools Support (HKLM-x32\...\{C30A729A-E9BA-37F8-3C58-64AD9F1D4694}) (Version: 10.1.14393.0 - Microsoft) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iTunes (HKLM\...\{69D24652-4A1D-49C6-AA0C-573A38083F6C}) (Version: 12.7.3.46 - Apple Inc.)
KB4023057 (HKLM\...\{ED06689A-33B7-4D35-8F76-36A82CD03406}) (Version: 2.3.0.0 - Microsoft Corporation)
Kits Configuration Installer (HKLM-x32\...\{C661B45B-1D2A-AF7C-27D0-B4FFD670A4FE}) (Version: 10.1.14393.0 - Microsoft) Hidden
LingoPad 2.6 (Build 360) (HKLM-x32\...\LingoPad_is1) (Version: 2.6 - Lingo4you)
LockHunter 3.2, 32/64 bit (HKLM\...\LockHunter_is1) (Version:  - Crystal Rich Ltd)
Logitech Options (HKLM\...\LogiOptions) (Version: 6.80.372 - Logitech)
Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden
Microsoft IntelliType Pro 7.1 (HKLM\...\{E6B7BD80-A921-4C72-A68B-44A9EB438BE4}) (Version: 7.10.344.0 - Microsoft)
Microsoft Office Home and Business 2016 - de-de (HKLM\...\HomeBusinessRetail - de-de) (Version: 16.0.9029.2253 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.6.0.6597 - Mozilla)
Mozilla Thunderbird 52.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 52.6.0 (x86 de)) (Version: 52.6.0 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MwSt. 2017 14.0.0.0 (HKLM-x32\...\{0B0D53DA-B945-448F-BB2C-317966FBA3CD}_is1) (Version: 14.0.0.0 - SVO-Webdesign GbR)
NAPS2 5.2.0 (HKLM-x32\...\NAPS2 (Not Another PDF Scanner 2)_is1) (Version:  - Ben Olden-Cooligan)
Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: 3.5.6.5 - Nitro)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office Tab (HKLM\...\{DE469D65-1DEB-4058-BF95-C642D733668D}_is1) (Version: 13.10 - Addin Technology Inc.)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}) (Version: 1.0.3 - OLYMPUS IMAGING CORP.)
OLYMPUS Viewer 3 (HKLM-x32\...\{1B28182C-253F-4CFE-AF4A-87CB416D5F73}) (Version: 1.0.0 - OLYMPUS IMAGING CORP.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Paragon Backup & Recovery™ 16 (HKLM\...\{2AD4B002-9BDE-4CF3-9DFC-6AF9468B4094}) (Version: 10.2.0.1235 - Paragon Software) Hidden
Paragon Backup & Recovery™ 16 (HKLM-x32\...\{f4b6972e-9d30-4245-a8b8-c3ac48980d8e}) (Version: 10.2.0.1235 - Paragon Software GmbH)
Paragon Partition Manager™ 15 Home (HKLM\...\{986A654F-F1E4-11DD-9FCA-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon UIM (HKLM\...\{56EECD69-F428-41C4-ADF6-6CDEE14DDF3F}) (Version: 20.0.0.4 - Paragon Software) Hidden
phonostar-Player Version 3.03.9 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version:  - )
PHOTOfunSTUDIO 6.5 BD Edition (HKLM-x32\...\{AD5B7E20-00E1-4B7B-84DC-53F5CEFFA367}) (Version: 6.05.818 - Panasonic Corporation)
Process Lasso (HKLM-x32\...\ProcessLasso) (Version: 9.0.0.426 - Bitsum)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller Pro 3.2.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.0 - VS Revo Group, Ltd.)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.2.0.1610 - Samsung Electronics)
Snagit 2018 (HKLM\...\{9C67C8C5-FD2C-4193-BC05-75648081DBD6}) (Version: 18.1.0 - TechSmith Corporation)
Sound Blaster X-Fi (HKLM-x32\...\{20288888-A7AF-4B24-8AEB-398D20CD563C}) (Version: 1.0 - Creative Technology Limited)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
StarMoney (HKLM-x32\...\{5C1209B1-FA1D-40D3-BA13-4ED9F0F31002}) (Version: 6.0.1.83 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{E771D898-9A06-4EEF-B84D-B2DB75080F3E}) (Version: 6.0.1.83 - StarFinanz) Hidden
StartIsBack++ (HKLM-x32\...\StartIsBack) (Version: 2.5.2 - startisback.com)
Sticky Password 8.1.0.103 (HKLM-x32\...\Sticky Password_is1) (Version: 8.1 - Lamantine Software)
Studie zur Verbesserung von HP Officejet Pro 8100 Produkten (HKLM\...\{B1153774-BFFE-4D42-AC2C-6503DBE96EBA}) (Version: 28.0.1321.0 - Hewlett-Packard Co.)
SuperSpamKiller Pro 6.40(x64) (HKLM\...\SuperSpamKillerProfessional) (Version:  - Mirko Böer)
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version:  - Mister Group)
TeraCopy version 3.1 (HKLM\...\TeraCopy_is1) (Version: 3.1 - Code Sector)
Toolkit Documentation (HKLM-x32\...\{6143A694-5FE1-BDF6-F78E-4F7BF3E9419B}) (Version: 10.1.14393.0 - Microsoft) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
UEV Tools on amd64 (HKLM\...\{1454FA4E-58BC-2EF1-9A19-147B0E499E03}) (Version: 10.1.14393.0 - Microsoft) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
User State Migration Tool (HKLM-x32\...\{F7AADEDA-233A-1079-CD15-03AEB050F0C6}) (Version: 10.1.14393.0 - Microsoft) Hidden
Vivaldi (HKLM-x32\...\Vivaldi) (Version: 1.14.1077.55 - Vivaldi)
Vivaldi (HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Vivaldi) (Version: 1.13.1008.32 - Vivaldi)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
WhatsApp (HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\WhatsApp) (Version: 0.2.8361 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{39ebb79f-797c-418f-b329-97cfdf92b7ab}) (Version: 10.1.14393.0 - Microsoft Corporation)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinX HD Video Converter Deluxe 5.12.0 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version:  - Digiarty Software, Inc.)
WPT Redistributables (HKLM-x32\...\{549DAD2D-2505-204C-EC58-59807FE6E037}) (Version: 10.1.14393.0 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{97B6FAD9-6F14-CC46-3165-F1785ECCE255}) (Version: 10.1.14393.0 - Microsoft) Hidden
XnView 2.43 (HKLM-x32\...\XnView_is1) (Version: 2.43 - Gougelet Pierre-e)
XnView Shell Extension 3.6.0 (64bits) (HKLM\...\XnView Shell Extension_is1) (Version: 3.6.0 - Gougelet Pierre-e)
Zentimo PRO 1.9 (HKLM-x32\...\Zentimo PRO_is1) (Version:  - Zentimo.com)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Detlev Harland\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Detlev Harland\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{10886F48-2635-4EFE-80C2-1E4F61B28851}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{252180E9-FE9C-454F-8C5F-7C0C1EA0D597}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{339FA1D5-707F-4CE4-8291-B2AF27C34A74}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{34549919-9774-4107-8DA7-D1785D3ECC0F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{3630E515-7975-4B99-B0B0-9C8046DCB084}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{38319161-C937-4AD5-B527-B94B4B9C3D28}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{4D2D3C0C-D63B-4B66-B929-069B852341DB}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{82665987-2D18-4C6B-81C6-DBABD9D2575F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{AC471E83-977C-4148-982B-2BAD5C5D8EA0}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{EE8C802E-0C76-448F-BB85-B9037AF0CFED}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{FC4CFF4F-F91C-4AFD-8A76-0102ADA1FE74}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [COSDriveIconOverlay] -> {5FDACB62-6B7B-4116-9403-C5E0D3852A57} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemInSyncIconOverlay] -> {68F287EF-DA6D-4595-AF52-90FF6CE52AFE} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemModifiedIconOverlay] -> {AE67D273-7253-4236-B55E-D40055B305D6} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemNewIconOverlay] -> {022F23E9-DA0F-4A86-A728-CAF6150C0B63} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemUnsynchronizedIconOverlay] -> {4D7EE7CF-E7A1-45FE-8F80-3A37574918D7} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
ContextMenuHandlers1: [7-PDFMaker] -> {31640049-63C6-4729-9D78-AAED64BD25C7} => C:\Program Files (x86)\7-PDF\7-PDFM~1\7p64.dll [2014-05-23] ()
ContextMenuHandlers1: [COMODOBackupUtility] -> {FA66022E-2FE4-4A29-916C-84A0D8173FBB} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ContextMenuHandlers1: [IXnView] -> {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} => C:\Program Files\XnView\ShellEx\XnViewShellExt64.dll [2016-11-18] ()
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2017-07-20] (Crystal Rich Ltd)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TERACO~2.DLL [2016-12-07] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [COMODOBackupUtility] -> {FA66022E-2FE4-4A29-916C-84A0D8173FBB} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ContextMenuHandlers2-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers2-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers2-x32: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2017-07-20] (Crystal Rich Ltd)
ContextMenuHandlers2-x32: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TERACO~2.DLL [2016-12-07] ()
ContextMenuHandlers3-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers3-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers3-x32: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [COMODOBackupUtility] -> {FA66022E-2FE4-4A29-916C-84A0D8173FBB} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ContextMenuHandlers4: [Fb2kShellExt] -> {511D48AF-9E45-4CB8-8F02-9C1BE4BC3CF8} => C:\Program Files (x86)\foobar2000\ShellExt64.dll [2016-04-04] (Peter Pawlowski)
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2017-07-20] (Crystal Rich Ltd)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TERACO~2.DLL [2016-12-07] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-23] (NVIDIA Corporation)
ContextMenuHandlers6-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers6-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers6-x32: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6-x32: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group)
ContextMenuHandlers6-x32: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TERACO~2.DLL [2016-12-07] ()
ContextMenuHandlers6-x32: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2965490846-3651860406-308467309-1001: [OpusZip] -> {E9FE4040-3C93-11D4-8006-00201860E88A} => C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [2017-11-27] (GP Software)
ContextMenuHandlers4_S-1-5-21-2965490846-3651860406-308467309-1001: [OpusZip] -> {E9FE4040-3C93-11D4-8006-00201860E88A} => C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [2017-11-27] (GP Software)
ContextMenuHandlers5_S-1-5-21-2965490846-3651860406-308467309-1001: [DOpus] -> {B9DD4945-1BED-4CB7-994C-F40B72B7725A} => C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [2017-11-27] (GP Software)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0B963431-366A-4DA1-9E75-36AB0D9E73E1} - System32\Tasks\Driver Booster SkipUAC (Detlev Harland) => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe [2018-01-11] (IObit)
Task: {2C920341-BD1D-4D78-A23F-36C4D8BDA650} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.)
Task: {3456F2CC-C7EC-4018-850C-64C55A2785F4} - System32\Tasks\Shelbee_BackupReminder_global => C:\Users\Detlev Harland\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransShelbee.exe [2018-02-11] (WindSolutions)
Task: {4B78A533-4B78-4C26-846F-9DCD8F34DFDA} - System32\Tasks\Process Lasso Management Console (GUI) => C:\Program Files\Process Lasso\processlasso.exe [2018-01-08] (Bitsum LLC)
Task: {4E079953-E891-4EE4-8A82-6BDF6AF5FFA7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-12] (Microsoft Corporation)
Task: {5F3AE24A-5883-407D-B0D0-76554236FC19} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-9RG45OD-Detlev Harland => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-29] (Adobe Systems Incorporated)
Task: {67370D37-8116-4523-BE5C-42A50590364F} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-11-05] (Microsoft Corporation)
Task: {68024120-444C-4E3A-AD1E-CD73EFA1D765} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2018-01-08] (Samsung Electronics Co. Ltd.)
Task: {68875CDC-EA15-4593-A3E8-00CB1388DC89} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-10] (Google Inc.)
Task: {689C2241-E4DD-485E-8877-8F5C1FC18920} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-17] (Microsoft Corporation)
Task: {692800E5-13B6-44B5-99AA-0BA8C4B9EBC6} - System32\Tasks\Restart Snagit => C:\Program Files (x86)\TechSmith\Snagit 13\snagit32.exe
Task: {6F2E24AB-4FFF-402D-B72B-C7416345E294} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {73ABB9F7-CBBE-4FD9-AC51-AB2E21D60DBD} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\Scheduler.exe [2017-12-11] (IObit)
Task: {73CDBCBF-E154-4B08-BE83-5567111F4621} - System32\Tasks\Shelbee_BackupReminder_MissedTasksChecker => C:\Users\Detlev Harland\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransShelbee.exe [2018-02-11] (WindSolutions)
Task: {7706E0BC-EBF4-452C-A1ED-AF8470535CA5} - System32\Tasks\Process Lasso Core Engine Only => C:\Program Files\Process Lasso\processgovernor.exe [2018-01-08] (Bitsum LLC)
Task: {953C28B3-F521-4CB6-81D2-28536671902A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-17] (Microsoft Corporation)
Task: {A3BFA751-F57D-4977-83D0-370BEFEC3FB3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-03-06] (Piriform Ltd)
Task: {AB40DF7C-95EC-41DB-90C7-69DDE80C9659} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-12] (Microsoft Corporation)
Task: {AB4A1586-613C-43E3-B520-1B7E10F44578} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-20] (AVAST Software)
Task: {D4C749AC-21B2-470C-AF25-578960DE7291} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {D881092F-F6E7-45F4-BD9E-936BE026C8D5} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-02-08] ()
Task: {E0EE7AAE-1F37-43E5-9B58-6CD86AF8E644} - System32\Tasks\StartIsBack health check => C:\Program Files (x86)\StartIsBack\startscreen.exe [2018-01-17] (www.startisback.com)
Task: {FBCD06A6-4932-484C-A8F7-365106102C54} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-10] (Google Inc.)
Task: {FE5D7011-A922-4F26-827F-4A6D8448A4AF} - System32\Tasks\HPCustParticipation HP Officejet Pro 8100 => C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPCustPartic.exe [2012-11-01] (Hewlett-Packard Co.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\Detlev Harland\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\deb74e6ef302b553\Speed Dial [FVD] - New Tab Page, 3D, Sync.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=llaficoajjainaijghjlofdfmbjpebpa

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-04-25 13:22 - 2017-04-25 13:22 - 002250896 _____ () C:\Windows\System32\vimsdk.dll
2017-04-25 13:22 - 2017-04-25 13:22 - 000143504 _____ () C:\Windows\System32\vimbase.dll
2017-11-30 18:54 - 2017-11-30 18:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-01-05 00:13 - 2018-01-05 00:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-10 06:33 - 2014-10-07 11:55 - 001508032 _____ () C:\Program Files\COMODO\COMMON\LIBEAY32.dll
2017-11-10 06:33 - 2014-10-07 11:55 - 000338112 _____ () C:\Program Files\COMODO\COMMON\SSLEAY32.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-05-14 20:45 - 2017-03-14 14:51 - 001714688 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2018-01-22 03:15 - 2018-01-22 03:15 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-01-22 03:15 - 2018-01-22 03:15 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2017-09-08 08:26 - 2015-10-15 15:21 - 000043008 _____ () C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
2017-05-08 09:35 - 2017-05-08 09:35 - 000325632 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2018-02-08 13:32 - 2018-02-08 13:32 - 000073216 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2017-09-07 15:20 - 2011-08-09 14:22 - 000450560 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OSLite.dll
2017-09-07 15:20 - 2011-04-25 15:12 - 000118784 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OlyPalm.dll
2017-09-07 15:20 - 2006-09-04 19:26 - 000014336 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\Tracer.dll
2018-01-22 17:00 - 2017-10-16 10:14 - 000442144 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.2.0\madExcept_.bpl
2018-01-22 17:00 - 2017-10-16 10:14 - 000210720 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.2.0\madBasic_.bpl
2018-01-22 17:00 - 2017-10-16 10:14 - 000059680 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.2.0\madDisAsm_.bpl

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\sdpsenv.dat:naughtypirates [322]
AlternateDataStreams: C:\ProgramData\TEMP:58A5270D [216]
AlternateDataStreams: C:\ProgramData\TEMP:728B799F [374]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2965490846-3651860406-308467309-1001\Control Panel\Desktop\\Wallpaper -> C:\Hintergrundbilder\Kalender.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)

Bootsektor 18.03.2018 09:30
Hallo,

FRST und Addition sind leider nicht vollständig gepostet worden.

PC_User 18.03.2018 09:34
Zweiter Versuch:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
durchgeführt von Detlev Harland (Administrator) auf DESKTOP-9RG45OD (18-03-2018 07:52:24)
Gestartet von C:\Users\Detlev Harland\Desktop
Geladene Profile: Detlev Harland (Verfügbare Profile: defaultuser0 & Detlev Harland)
Platform: Windows 10 Home Version 1709 16299.309 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Program Files\Vivaldi\Application\vivaldi.exe" -- "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Crystal Rich Ltd) C:\Program Files (x86)\Zentimo\ZentimoService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(COMODO Security Solutions) C:\Program Files\COMODO\COMMON\COSService.exe
(Creative Labs) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\APLicensing.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe
(© pdfforge GmbH.) C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(COMODO Security Solutions) C:\Program Files\COMODO\COMMON\SynchronizationService.exe
(TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Bitsum LLC) C:\Program Files\Process Lasso\ProcessLasso.exe
(Bitsum LLC) C:\Program Files\Process Lasso\ProcessGovernor.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Crystal Rich Ltd) C:\Program Files (x86)\Zentimo\Zentimo.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
konnte nicht auf den Prozess zugreifen -> backgroundTaskHost.exe
(Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(OLYMPUS IMAGING CORP.) C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe
(Mirko Böer) C:\Program Files\SSKPro\sskpro.exe
() C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
(Vivaldi Technologies AS) C:\Program Files\Vivaldi\Application\update_notifier.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopus.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\SAMSUNG\Samsung Magician\SamsungMagician.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\Scheduler.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2start.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.16299.251_none_16dd4c82321e5ccc\TiWorker.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [2345848 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [722256 2008-12-12] (CANON INC.)
HKLM\...\Run: [Zentimo xStorage Manager] => C:\Program Files (x86)\Zentimo\Zentimo.exe [7015192 2016-10-16] (Crystal Rich Ltd)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2141816 2018-02-22] (Logitech, Inc.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [237693 2009-02-03] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe [55216 2012-11-16] (OLYMPUS IMAGING CORP.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [109056 2008-08-01] (ArcSoft Inc.)
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE*
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [Desk-Timer Wallpaper aktualisieren] => C:\Program Files (x86)\Desk-Timer\Desk-Timer.exe [5457104 2016-09-16] (Jürgen Bäckmann)
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe [223152 2012-11-16] (OLYMPUS IMAGING CORP.)
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [SuperSpamKiller Pro] => C:\Program Files\SSKPro\sskpro.exe [19059688 2018-01-23] (Mirko Böer)
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [phonostarTimer] => C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [43008 2015-10-15] ()
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [phonostar-PlayerTimer] => C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [43008 2015-10-15] ()
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1422248 2018-02-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [Directory Opus Desktop Dblclk] => C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe [694512 2017-11-27] (GP Software)
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [Vivaldi Update Notifier] => C:\Program Files\Vivaldi\Application\update_notifier.exe [1742920 2018-02-27] (Vivaldi Technologies AS)
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [SoftAuto.exe] => C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe [405504 2008-08-13] (Creative Technology Ltd)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1422248 2018-02-08] (Garmin Ltd. or its subsidiaries)
ShellExecuteHooks: Directory Opus Shell Execute Hook - {3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [1902832 2017-11-27] (GP Software)
ShellExecuteHooks-x32: Directory Opus Shell Execute Hook - {EE761688-C137-4b04-8FAB-3C9CDF0886F0} - C:\Program Files\GPSoftware\Directory Opus\dopuslib32.dll [380144 2017-11-27] (GP Software)
Startup: C:\Users\Detlev Harland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Directory Opus (Autostart).lnk [2017-11-27]
ShortcutTarget: Directory Opus (Autostart).lnk -> C:\Program Files\GPSoftware\Directory Opus\dopus.exe (GP Software)
Startup: C:\Users\Detlev Harland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar716.lnk [2018-03-18]
ShortcutTarget: Sidebar716.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Als een item is opgenomen in de fixlist, zal een registeritem worden verwijderd of hersteld naar de standaard waarde.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{ccacdc0b-46df-4986-acd5-3a1bb2255352}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2965490846-3651860406-308467309-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-03-03] (Microsoft Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-03] (Microsoft Corporation)

FireFox:
========
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-03] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2965490846-3651860406-308467309-1001: @phonostar.de/phonostar -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll [2016-10-04] ( )

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR NewTab: Profile 2 -> "active": true,
            "entry": "chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
         
CHR Profile: C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-03-17]
CHR Extension: (Google Drive) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-12]
CHR Extension: (YouTube) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-12]
CHR Extension: (Scroll To Top Button) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\chinfkfmaefdlchhempbfgbdagheknoj [2018-03-12]
CHR Extension: (uBlock Origin) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-03-12]
CHR Extension: (HTTPS Everywhere) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2018-03-12]
CHR Extension: (Green Scroll Bar - Pure CSS3 (from ZIG)) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hnnpahlmflcceeadbeollhmmkfhfelnn [2018-03-12]
CHR Extension: (EverSync - Sync bookmarks, backup favorites) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\iohcojnlgnfbmjfjfkbhahhmppcggdog [2018-03-12]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2018-03-12]
CHR Extension: (Chrono Download Manager) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2018-03-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-03-12]
CHR Extension: (Open Bookmark Manager) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\oalceheiomajabalbakkoeiheiokhdbd [2018-03-12]
CHR Extension: (Last Tab Keepalive) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pekhngokoehglkdkciedpimjddpbkcod [2018-03-12]
CHR Extension: (Google Mail) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-12]
CHR Extension: (Chrome Media Router) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-12]
CHR Profile: C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\System Profile [2018-03-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [9317264 2018-03-08] (Emsisoft Ltd)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2008-08-01] (ArcSoft Inc.)
R2 AdobeActiveFileMonitor14.0; C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe [226016 2015-12-07] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7962288 2018-03-12] (Microsoft Corporation)
R2 COSService.exe; C:\Program Files\COMODO\COMMON\COSService.exe [3550400 2014-10-07] (COMODO Security Solutions)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2017-05-14] (Creative Labs) [Datei ist nicht signiert]
R2 Creative Audio Pack Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\APLicensing.exe [72704 2017-05-14] (Creative Labs) [Datei ist nicht signiert]
S3 Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [79360 2017-05-14] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 CTDevice_Srv; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd) [Datei ist nicht signiert]
S3 CTUPnPSv; C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [64000 2008-05-21] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1162768 2018-02-08] (Garmin Ltd. or its subsidiaries)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (© pdfforge GmbH.)
R2 SynchronizationService.exe; C:\Program Files\COMODO\COMMON\SynchronizationService.exe [2575552 2014-10-07] (COMODO Security Solutions)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3661096 2015-09-14] (TechSmith Corporation)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 ZentimoService; C:\Program Files (x86)\Zentimo\ZentimoService.exe [1756952 2016-10-16] (Crystal Rich Ltd)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 PDF Architect 5 Creator; "C:\Program Files\PDF Architect 5\creator-ws.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [90560 2018-01-22] (Alcorlink Corp.)
R0 bdisk; C:\WINDOWS\System32\DRIVERS\bdisk.sys [85488 2014-10-07] (COMODO Security Solutions Inc.)
R0 CBUFS; C:\WINDOWS\System32\DRIVERS\CBUFS.sys [230712 2014-10-07] (COMODO Security Solutions Inc.)
R0 cbvd; C:\WINDOWS\System32\DRIVERS\cbvd.sys [677744 2014-10-07] (COMODO Security Solutions Inc.)
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [124552 2016-11-23] (Emsisoft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-05-14] (REALiX(tm))
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_a33a405d786e1e76\nvlddmkm.sys [17493824 2018-03-07] (NVIDIA Corporation)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R0 Reparse; C:\WINDOWS\System32\DRIVERS\CBReparse.sys [674160 2014-10-07] (COMODO Security Solutions Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1026896 2018-03-07] (Realtek )
R1 UimBus; C:\WINDOWS\System32\drivers\uimbus.sys [108856 2017-04-11] (Paragon Software GmbH)
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uimdevim.sys [44848 2017-04-11] (Paragon Software GmbH)
R3 vdbus; C:\WINDOWS\System32\drivers\vdbus.sys [826040 2014-10-07] (COMODO Security Solutions Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
S3 WofAdk; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wofadk.sys [221376 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-03-18 07:52 - 2018-03-18 07:52 - 000022049 _____ C:\Users\Detlev Harland\Desktop\FRST.txt
2018-03-18 07:52 - 2018-03-18 07:52 - 000000000 ____D C:\FRST
2018-03-18 07:50 - 2018-03-18 07:50 - 002403328 _____ (Farbar) C:\Users\Detlev Harland\Desktop\FRST64.exe
2018-03-17 09:31 - 2018-03-17 09:31 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\Opera Software
2018-03-17 09:31 - 2018-03-17 09:31 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\Opera Software
2018-03-17 09:22 - 2018-03-17 14:18 - 000000000 ____D C:\Program Files\Opera
2018-03-14 17:03 - 2018-03-02 04:36 - 017085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-03-14 17:03 - 2018-03-02 04:02 - 000037888 _____ C:\WINDOWS\system32\SpectrumSyncClient.dll
2018-03-14 17:03 - 2018-03-02 04:01 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-03-14 17:03 - 2018-03-02 04:00 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2018-03-14 17:03 - 2018-03-02 04:00 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\svf.dll
2018-03-14 17:03 - 2018-03-02 04:00 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-03-14 17:03 - 2018-03-02 03:59 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-03-14 17:03 - 2018-03-01 21:28 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-03-14 17:03 - 2018-03-01 08:50 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-03-14 17:03 - 2018-03-01 08:49 - 000389536 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-03-14 17:03 - 2018-03-01 08:48 - 000664472 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-03-14 17:03 - 2018-03-01 08:47 - 000749464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-03-14 17:03 - 2018-03-01 08:47 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-03-14 17:03 - 2018-03-01 08:46 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-03-14 17:03 - 2018-03-01 08:46 - 001568664 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-03-14 17:03 - 2018-03-01 08:46 - 000609176 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-03-14 17:03 - 2018-03-01 08:46 - 000138144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-03-14 17:03 - 2018-03-01 08:45 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-03-14 17:03 - 2018-03-01 08:40 - 002514936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-03-14 17:03 - 2018-03-01 08:40 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-03-14 17:03 - 2018-03-01 08:40 - 000273304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-03-14 17:03 - 2018-03-01 08:37 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-03-14 17:03 - 2018-03-01 08:31 - 008602520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-03-14 17:03 - 2018-03-01 08:30 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-03-14 17:03 - 2018-03-01 08:30 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-03-14 17:03 - 2018-03-01 08:29 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-03-14 17:03 - 2018-03-01 08:27 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-03-14 17:03 - 2018-03-01 08:26 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-03-14 17:03 - 2018-03-01 08:25 - 000377752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-03-14 17:03 - 2018-03-01 08:23 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-03-14 17:03 - 2018-03-01 08:19 - 000710768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-03-14 17:03 - 2018-03-01 08:17 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-03-14 17:03 - 2018-03-01 08:17 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-03-14 17:03 - 2018-03-01 08:17 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-03-14 17:03 - 2018-03-01 08:15 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-03-14 17:03 - 2018-03-01 08:14 - 007675784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-03-14 17:03 - 2018-03-01 08:14 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-03-14 17:03 - 2018-03-01 08:14 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthFWSnapin.dll
2018-03-14 17:03 - 2018-03-01 08:14 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-03-14 17:03 - 2018-03-01 08:14 - 000356952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-03-14 17:03 - 2018-03-01 08:14 - 000147872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-03-14 17:03 - 2018-03-01 08:14 - 000128928 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2018-03-14 17:03 - 2018-03-01 08:12 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-03-14 17:03 - 2018-03-01 08:12 - 000250264 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2018-03-14 17:03 - 2018-03-01 08:12 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-03-14 17:03 - 2018-03-01 08:11 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-03-14 17:03 - 2018-03-01 08:10 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-03-14 17:03 - 2018-03-01 08:10 - 000075168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-03-14 17:03 - 2018-03-01 08:10 - 000022936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
2018-03-14 17:03 - 2018-03-01 08:09 - 001054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-03-14 17:03 - 2018-03-01 07:51 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-03-14 17:03 - 2018-03-01 07:48 - 001930736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-03-14 17:03 - 2018-03-01 07:39 - 000213400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-03-14 17:03 - 2018-03-01 07:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-03-14 17:03 - 2018-03-01 07:29 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-03-14 17:03 - 2018-03-01 07:29 - 000574960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-03-14 17:03 - 2018-03-01 07:28 - 006480616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-03-14 17:03 - 2018-03-01 07:28 - 002193168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-03-14 17:03 - 2018-03-01 07:28 - 000115096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2018-03-14 17:03 - 2018-03-01 07:27 - 000284112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-03-14 17:03 - 2018-03-01 07:27 - 000221592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2018-03-14 17:03 - 2018-03-01 07:26 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-03-14 17:03 - 2018-03-01 07:26 - 001057816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-03-14 17:03 - 2018-03-01 07:23 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthFWSnapin.dll
2018-03-14 17:03 - 2018-03-01 07:21 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2018-03-14 17:03 - 2018-03-01 07:09 - 025251840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-03-14 17:03 - 2018-03-01 07:03 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-03-14 17:03 - 2018-03-01 07:03 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-03-14 17:03 - 2018-03-01 07:03 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-03-14 17:03 - 2018-03-01 07:03 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-03-14 17:03 - 2018-03-01 07:03 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-03-14 17:03 - 2018-03-01 07:01 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-03-14 17:03 - 2018-03-01 07:01 - 006575616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-03-14 17:03 - 2018-03-01 07:01 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-03-14 17:03 - 2018-03-01 07:01 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-03-14 17:03 - 2018-03-01 07:00 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-03-14 17:03 - 2018-03-01 06:59 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-03-14 17:03 - 2018-03-01 06:58 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-03-14 17:03 - 2018-03-01 06:58 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-03-14 17:03 - 2018-03-01 06:58 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2018-03-14 17:03 - 2018-03-01 06:58 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-03-14 17:03 - 2018-03-01 06:57 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-03-14 17:03 - 2018-03-01 06:56 - 018922496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-03-14 17:03 - 2018-03-01 06:56 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-03-14 17:03 - 2018-03-01 06:55 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-03-14 17:03 - 2018-03-01 06:54 - 003664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-03-14 17:03 - 2018-03-01 06:54 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-03-14 17:03 - 2018-03-01 06:54 - 001296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-03-14 17:03 - 2018-03-01 06:54 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-03-14 17:03 - 2018-03-01 06:54 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-03-14 17:03 - 2018-03-01 06:54 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-03-14 17:03 - 2018-03-01 06:53 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-03-14 17:03 - 2018-03-01 06:53 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2018-03-14 17:03 - 2018-03-01 06:52 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-03-14 17:03 - 2018-03-01 06:52 - 006030336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-03-14 17:03 - 2018-03-01 06:51 - 002329088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2018-03-14 17:03 - 2018-03-01 06:51 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-03-14 17:03 - 2018-03-01 06:51 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2018-03-14 17:03 - 2018-03-01 06:51 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-03-14 17:03 - 2018-03-01 06:50 - 003677184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-03-14 17:03 - 2018-03-01 06:50 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-03-14 17:03 - 2018-03-01 06:50 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-03-14 17:03 - 2018-03-01 06:50 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-03-14 17:03 - 2018-03-01 06:50 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-03-14 17:03 - 2018-03-01 06:49 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-03-14 17:03 - 2018-03-01 06:49 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-03-14 17:03 - 2018-03-01 06:49 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-03-14 17:03 - 2018-03-01 06:49 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-03-14 17:03 - 2018-03-01 06:48 - 000543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-03-14 17:03 - 2018-03-01 06:48 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-03-14 17:03 - 2018-03-01 06:47 - 023674368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-03-14 17:03 - 2018-03-01 06:47 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2018-03-14 17:03 - 2018-03-01 06:47 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-03-14 17:03 - 2018-03-01 06:46 - 004051968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-03-14 17:03 - 2018-03-01 06:46 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-03-14 17:03 - 2018-03-01 06:46 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-03-14 17:03 - 2018-03-01 06:45 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-03-14 17:03 - 2018-03-01 06:45 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-03-14 17:03 - 2018-03-01 06:45 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-03-14 17:03 - 2018-03-01 06:44 - 008030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-03-14 17:03 - 2018-03-01 06:44 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-03-14 17:03 - 2018-03-01 06:43 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-03-14 17:03 - 2018-03-01 06:42 - 003505664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2018-03-14 17:03 - 2018-03-01 06:42 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-03-14 17:03 - 2018-03-01 06:41 - 008103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-03-14 17:03 - 2018-03-01 06:41 - 004745728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-03-14 17:03 - 2018-03-01 06:41 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-03-14 17:03 - 2018-03-01 06:41 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-03-14 17:03 - 2018-03-01 06:41 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-03-14 17:03 - 2018-03-01 06:40 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-03-14 17:03 - 2018-03-01 06:39 - 002222592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-03-14 17:03 - 2018-03-01 06:39 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-03-14 17:03 - 2018-03-01 06:39 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2018-03-14 17:03 - 2018-03-01 06:39 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-03-14 17:03 - 2018-03-01 06:38 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-03-14 17:03 - 2018-03-01 06:38 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-03-14 17:03 - 2018-03-01 06:36 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-03-14 17:03 - 2018-03-01 06:36 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-03-14 17:03 - 2018-03-01 06:35 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-03-14 17:03 - 2018-03-01 06:35 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2018-03-14 17:03 - 2018-03-01 06:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-03-14 17:03 - 2018-02-22 03:23 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-03-14 17:03 - 2018-02-22 03:23 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-03-14 17:03 - 2018-02-22 03:13 - 000279456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-03-14 17:03 - 2018-02-22 03:13 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-03-14 17:03 - 2018-02-22 03:11 - 000109984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-03-14 17:03 - 2018-02-22 03:10 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-03-14 17:03 - 2018-02-22 03:08 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-03-14 17:03 - 2018-02-22 03:08 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-03-14 17:03 - 2018-02-22 03:08 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-03-14 17:03 - 2018-02-22 03:07 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-03-14 17:03 - 2018-02-22 03:07 - 001209248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-03-14 17:03 - 2018-02-22 03:07 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2018-03-14 17:03 - 2018-02-22 03:03 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-03-14 17:03 - 2018-02-22 03:03 - 000082848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-03-14 17:03 - 2018-02-22 03:02 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-03-14 17:03 - 2018-02-22 03:00 - 000187296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-03-14 17:03 - 2018-02-22 02:59 - 021351624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-03-14 17:03 - 2018-02-22 02:54 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-03-14 17:03 - 2018-02-22 02:52 - 000103328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-03-14 17:03 - 2018-02-22 02:51 - 000555424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-03-14 17:03 - 2018-02-22 02:51 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2018-03-14 17:03 - 2018-02-22 02:51 - 000045472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-03-14 17:03 - 2018-02-22 02:50 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-03-14 17:03 - 2018-02-22 02:50 - 000229272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-03-14 17:03 - 2018-02-22 01:41 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-03-14 17:03 - 2018-02-22 01:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2018-03-14 17:03 - 2018-02-22 01:30 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-03-14 17:03 - 2018-02-22 01:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidparse.sys
2018-03-14 17:03 - 2018-02-22 01:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-03-14 17:03 - 2018-02-22 01:30 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-03-14 17:03 - 2018-02-22 01:27 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-03-14 17:03 - 2018-02-22 01:25 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-03-14 17:03 - 2018-02-22 01:16 - 001286144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-03-14 17:03 - 2018-02-22 01:12 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-03-12 08:07 - 2018-03-12 08:07 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\Google
2018-03-10 13:57 - 2018-03-11 08:04 - 000003786 _____ C:\WINDOWS\System32\Tasks\Shelbee_BackupReminder_global
2018-03-10 13:57 - 2018-03-10 13:57 - 000003460 _____ C:\WINDOWS\System32\Tasks\Shelbee_BackupReminder_MissedTasksChecker
2018-03-07 17:24 - 2018-03-07 17:24 - 019796336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-03-07 17:24 - 2018-03-07 17:24 - 016449872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-03-07 17:24 - 2018-03-07 17:24 - 013444552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-03-07 17:24 - 2018-03-07 17:24 - 011026080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 040269808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 035180016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 012843496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 010900248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 004308976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 003894304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 003709424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 001976120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439077.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 001673616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439077.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 001134768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 001126888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 001054704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 000988464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 000939832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-03-04 10:33 - 2018-03-04 10:33 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\Creative
2018-03-04 10:31 - 2018-03-04 10:31 - 000000000 ___HD C:\ProgramData\{26D901A1-2540-4430-81DC-0317F01BD7BE}
2018-03-04 10:30 - 2018-03-04 10:30 - 000000000 ___HD C:\ProgramData\{5086CFFE-02D3-48D7-8A7C-169CFF056F88}
2018-03-04 10:30 - 2018-03-04 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2018-03-01 07:31 - 2018-03-01 07:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2018-03-01 07:31 - 2018-03-01 07:31 - 000000000 ____D C:\Program Files\Logitech
2018-02-24 10:05 - 2018-03-17 18:22 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-02-24 10:05 - 2018-03-17 18:22 - 000000000 ____D C:\Program Files\CCleaner
2018-02-24 10:05 - 2018-02-24 10:05 - 000002888 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-02-24 10:05 - 2018-02-24 10:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-02-24 10:00 - 2018-02-24 10:00 - 000003412 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2018-02-24 07:45 - 2018-02-24 07:45 - 000001221 _____ C:\Users\Detlev Harland\Desktop\Meine Bankdaten.lnk
2018-02-18 09:18 - 2018-02-18 09:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-02-17 09:02 - 2018-02-17 09:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileMenu Tools

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-03-18 07:51 - 2017-05-14 20:45 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\TeraCopy
2018-03-18 07:50 - 2017-09-07 13:10 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\Adobe
2018-03-18 07:48 - 2017-09-08 12:51 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware
2018-03-18 07:47 - 2017-09-07 15:08 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\CrashDumps
2018-03-18 07:47 - 2017-09-07 14:15 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\Desk-Timer
2018-03-18 07:47 - 2017-05-14 20:39 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\Zentimo
2018-03-17 18:25 - 2017-09-07 19:23 - 000063336 _____ C:\WINDOWS\system32\BMXStateBkp-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
2018-03-17 18:25 - 2017-09-07 19:23 - 000063336 _____ C:\WINDOWS\system32\BMXState-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
2018-03-17 18:25 - 2017-09-07 19:23 - 000000820 _____ C:\WINDOWS\system32\DVCState-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
2018-03-17 18:25 - 2017-09-07 19:22 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-17 18:24 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-03-17 18:12 - 2017-11-18 07:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2018-03-17 18:12 - 2017-09-08 13:09 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\TechSmith
2018-03-17 18:09 - 2017-09-08 13:09 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\TechSmith
2018-03-17 18:09 - 2017-09-08 13:09 - 000000000 ____D C:\ProgramData\TechSmith
2018-03-17 18:08 - 2017-10-20 16:56 - 002976312 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-17 18:08 - 2017-09-30 15:35 - 001407956 _____ C:\WINDOWS\system32\perfh007.dat
2018-03-17 18:08 - 2017-09-30 15:35 - 000336790 _____ C:\WINDOWS\system32\perfc007.dat
2018-03-17 18:06 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-03-17 18:04 - 2017-10-20 16:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-03-17 18:03 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-03-17 18:02 - 2017-05-14 19:52 - 000000000 ____D C:\ProgramData\Package Cache
2018-03-17 15:33 - 2017-09-07 13:24 - 000000000 ____D C:\ProgramData\Ashampoo
2018-03-17 14:18 - 2017-10-20 16:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-03-17 09:16 - 2017-09-09 08:04 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\WhatsApp
2018-03-17 07:43 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-17 07:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-03-17 07:43 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-03-17 07:42 - 2017-09-10 05:19 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-03-15 13:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-03-15 13:31 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-03-15 13:09 - 2017-10-20 16:54 - 000000000 ___RD C:\Users\Detlev Harland\3D Objects
2018-03-15 13:09 - 2017-10-20 16:46 - 000411944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-03-15 13:09 - 2017-05-14 19:43 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-03-14 17:37 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-03-14 17:37 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-03-14 17:37 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-03-14 17:36 - 2017-05-14 20:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-03-14 17:10 - 2017-10-11 16:17 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-14 17:10 - 2017-05-14 20:07 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-03-14 17:06 - 2017-09-29 14:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-03-14 17:06 - 2017-09-29 14:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-03-14 16:52 - 2017-09-07 14:26 - 000000000 ____D C:\Users\Detlev Harland\AppData\LocalLow\Mozilla
2018-03-12 08:46 - 2017-05-14 19:48 - 000000000 ____D C:\ProgramData\Logishrd
2018-03-10 13:57 - 2017-09-07 13:41 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\WindSolutions
2018-03-10 13:52 - 2017-09-07 13:41 - 000000000 ____D C:\ProgramData\WindSolutions
2018-03-10 08:24 - 2017-10-20 16:51 - 000003074 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Detlev Harland)
2018-03-09 15:27 - 2017-09-07 13:16 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\XnView
2018-03-09 10:45 - 2017-09-07 12:20 - 000000000 ___SD C:\Users\Detlev Harland\Documents\Sticky Passwords
2018-03-07 17:23 - 2017-10-06 15:23 - 017493824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2018-03-07 17:23 - 2017-10-06 15:23 - 004580832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-03-07 17:23 - 2017-10-06 15:23 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb
2018-03-07 17:22 - 2017-10-06 15:22 - 001026896 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2018-03-07 16:45 - 2017-05-14 19:43 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\VirtualStore
2018-03-04 10:31 - 2017-09-07 19:23 - 000000000 ____D C:\ProgramData\Creative
2018-03-04 10:31 - 2017-05-14 20:20 - 000000000 ____D C:\Program Files (x86)\Creative
2018-03-04 08:10 - 2017-12-02 07:45 - 000002152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2018-03-04 08:10 - 2017-11-26 07:48 - 000000000 ____D C:\Program Files\Vivaldi
2018-03-03 09:01 - 2017-12-10 07:50 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2018-03-03 09:01 - 2017-09-09 08:04 - 000002306 _____ C:\Users\Detlev Harland\Desktop\WhatsApp.lnk
2018-03-03 09:01 - 2017-09-09 08:04 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\WhatsApp
2018-03-03 09:00 - 2017-09-09 08:04 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\SquirrelTemp
2018-03-02 22:09 - 2017-09-29 14:49 - 000834552 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-03-02 22:09 - 2017-09-29 14:49 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-01 07:35 - 2017-09-07 13:40 - 000000876 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-03-01 07:35 - 2017-09-07 13:40 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\vlc
2018-03-01 07:31 - 2017-12-20 07:07 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\Deployment
2018-03-01 07:31 - 2017-09-07 13:13 - 000000000 ____D C:\Program Files\Adobe
2018-03-01 07:24 - 2017-09-07 15:04 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\SuperSpamKiller Pro
2018-02-24 10:17 - 2017-09-08 06:14 - 000000000 ____D C:\ProgramData\TEMP
2018-02-24 10:09 - 2017-10-19 16:10 - 000000000 ___DC C:\WINDOWS\Panther
2018-02-24 10:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-02-24 10:01 - 2017-05-14 20:47 - 000000000 ____D C:\ProgramData\ProductData
2018-02-24 10:00 - 2017-09-08 09:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SystemSoftware
2018-02-24 08:55 - 2018-02-10 06:39 - 000000000 ____D C:\WINDOWS\Minidump
2018-02-24 07:37 - 2017-11-10 06:27 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-18 09:28 - 2017-09-07 15:03 - 000000000 ____D C:\Program Files\SSKPro
2018-02-17 16:04 - 2017-10-20 16:47 - 000000000 ____D C:\Users\Detlev Harland

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2002-09-25 18:55 - 2002-09-25 18:55 - 000000000 ____H () C:\ProgramData\sdpsenv.dat

Einige Dateien in TEMP:
====================
2018-03-17 09:21 - 2018-03-17 09:21 - 001857024 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082150734.dll
2018-03-17 09:21 - 2018-03-17 09:21 - 001857024 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082150818.dll
2018-03-17 09:21 - 2018-03-17 09:21 - 001857024 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082151070.dll
2018-03-17 09:22 - 2018-03-17 09:22 - 001857024 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082200339.dll
2018-03-17 09:22 - 2018-03-17 09:22 - 001857024 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082200750.dll
2018-03-17 09:22 - 2018-03-17 09:22 - 001857024 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082200819.dll
2018-03-17 09:22 - 2018-03-17 09:22 - 002153984 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082213261.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14.03.2018
durchgeführt von Detlev Harland (18-03-2018 07:53:05)
Gestartet von C:\Users\Detlev Harland\Desktop
Windows 10 Home Version 1709 16299.309 (X64) (2017-10-20 15:53:58)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2965490846-3651860406-308467309-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2965490846-3651860406-308467309-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2965490846-3651860406-308467309-1000 - Limited - Disabled) => C:\Users\defaultuser0
Detlev Harland (S-1-5-21-2965490846-3651860406-308467309-1001 - Administrator - Enabled) => C:\Users\Detlev Harland
Gast (S-1-5-21-2965490846-3651860406-308467309-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2965490846-3651860406-308467309-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Anti-Malware (Enabled - Up to date) {67773CDD-EA83-AD98-A2ED-386463EB3B0D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {DC16DD39-CCB9-A216-985D-0316186C71B0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-PDF Maker Version 1.5.2 (Build 164) (HKLM-x32\...\7-PDF Maker_is1) (Version: 7-PDF Maker - Version 1.5.2 (Build 164) - 7-PDF, Germany - Thorsten Hodes)
8GadgetPack (HKLM-x32\...\{36E60904-D465-40F7-82A7-A9C7A84C29B7}) (Version: 24.0.0 - 8GadgetPack.net)
Adobe Photoshop Elements 14 (HKLM-x32\...\{49F8D229-3E0E-4F43-8429-EB8F2583DB19}) (Version: 14.1 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.46 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (HKLM\...\{00EC0123-5EC2-4D75-830C-EF11667E74E8}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
ArcSoft PhotoStudio 6 (HKLM-x32\...\{ED8EF3C2-FA5B-4A1E-950D-5A0227161F97}) (Version:  - ArcSoft)
Ashampoo Burning Studio 18 (HKLM-x32\...\{91B33C97-AF35-C3DC-976E-8A253D817482}_is1) (Version: 18.0.6 - Ashampoo GmbH & Co. KG)
Assessments on Client (HKLM-x32\...\{F8288793-51B6-47EF-2F93-D37767663FC5}) (Version: 10.1.14393.0 - Microsoft) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon MP Navigator EX 2.1 (HKLM-x32\...\MP Navigator EX 2.1) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CanoScan LiDE 700F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9601) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
Classic Menu for Office (HKLM-x32\...\{8023435C-3656-4C80-9731-ACAC26B922EB}) (Version: 9.25 - Addin Technology Inc.)
COMODO BackUp (HKLM\...\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}) (Version: 4.4.1.23 - COMODO)
concept/design onlineTV 13 (HKLM-x32\...\{32B1D875-8CFA-41DD-BDC6-A9CA59CECADE}_is1) (Version: 13.17.11.2 - concept/design GmbH)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\CopyTrans Suite) (Version: 4.017 - WindSolutions)
CPUID CPU-Z 1.80.1 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.80.1 - )
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Creative Audiopaket (HKLM-x32\...\Creative Audio Pack) (Version:  - )
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative Centrale (HKLM-x32\...\{4442AB48-DEC4-4B39-B067-1F75BF8017E7}) (Version: 1.18.05 - Creative Technology Ltd.) Hidden
Creative Centrale (HKLM-x32\...\Creative Centrale) (Version: 1.18.05 - Creative Technology Ltd.)
Creative Media Toolbox 6 (HKLM-x32\...\{F1A14CB2-A048-45A6-AFDA-3571296E1D76}) (Version: 6.02 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited)
Creative Software Update (HKLM-x32\...\{86604C06-DA30-425E-AECE-47304FE81C45}) (Version: 1.03.01 - Creative Technology Ltd.) Hidden
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.03 - Creative Technology Limited)
Creative ZEN X-Fi Style Dokumentation (HKLM-x32\...\ZENXFISTYLEUG) (Version:  - Creative Technology Ltd.)
Desk-Timer 2.11.2 (HKLM-x32\...\DeskTimer_is1) (Version: 2.11.2 - Jürgen Bäckmann)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.00 - Creative Technology Limited)
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.2.0 - IObit)
DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited)
Elevated Installer (HKLM-x32\...\{9AB7E852-655C-4BDE-9042-1D3E6807C85A}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 2017.8 - Emsisoft Ltd.)
FileMenu Tools (HKLM\...\FileMenu Tools_is1) (Version: 7.4 - LopeSoft)
FileMenu Tools 7.5 (HKLM\...\FileMenuTools_is1) (Version: 7.5 - LopeSoft)
foobar2000 v1.3.17 (HKLM-x32\...\foobar2000) (Version: 1.3.17 - Peter Pawlowski)
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E695D74A-9567-46DA-A4EE-0E191F21194B}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{fb1ff7db-c0d2-43c4-99bf-5b2fa4f9ca0b}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{7C8FDEF1-F311-459C-B3CC-EEF73C721BFD}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
GPSoftware Directory Opus (HKLM-x32\...\{0A6AA615-5321-43A0-AFAE-97BF95013EA0}) (Version: 12.7 - GPSoftware)
HP Officejet Pro 8100 - Grundlegende Software für das Gerät (HKLM\...\{4D139017-971D-45CF-B94E-26C4DC93A814}) (Version: 28.0.1321.0 - Hewlett-Packard Co.)
HP Officejet Pro 8100 Hilfe (HKLM-x32\...\{73DB9F06-C125-4A1C-A982-5801338EBE84}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Imaging And Configuration Designer (HKLM-x32\...\{05935793-A34C-4272-3361-7AF9AEEE5649}) (Version: 10.1.14393.0 - Microsoft) Hidden
Imaging Designer (HKLM-x32\...\{FB54F620-9555-3A11-26CB-B027C4DDF260}) (Version: 10.1.14393.0 - Microsoft) Hidden
Imaging Tools Support (HKLM-x32\...\{C30A729A-E9BA-37F8-3C58-64AD9F1D4694}) (Version: 10.1.14393.0 - Microsoft) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iTunes (HKLM\...\{69D24652-4A1D-49C6-AA0C-573A38083F6C}) (Version: 12.7.3.46 - Apple Inc.)
KB4023057 (HKLM\...\{ED06689A-33B7-4D35-8F76-36A82CD03406}) (Version: 2.3.0.0 - Microsoft Corporation)
Kits Configuration Installer (HKLM-x32\...\{C661B45B-1D2A-AF7C-27D0-B4FFD670A4FE}) (Version: 10.1.14393.0 - Microsoft) Hidden
LingoPad 2.6 (Build 360) (HKLM-x32\...\LingoPad_is1) (Version: 2.6 - Lingo4you)
LockHunter 3.2, 32/64 bit (HKLM\...\LockHunter_is1) (Version:  - Crystal Rich Ltd)
Logitech Options (HKLM\...\LogiOptions) (Version: 6.80.372 - Logitech)
Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden
Microsoft IntelliType Pro 7.1 (HKLM\...\{E6B7BD80-A921-4C72-A68B-44A9EB438BE4}) (Version: 7.10.344.0 - Microsoft)
Microsoft Office Home and Business 2016 - de-de (HKLM\...\HomeBusinessRetail - de-de) (Version: 16.0.9029.2253 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.6.0.6597 - Mozilla)
Mozilla Thunderbird 52.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 52.6.0 (x86 de)) (Version: 52.6.0 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MwSt. 2017 14.0.0.0 (HKLM-x32\...\{0B0D53DA-B945-448F-BB2C-317966FBA3CD}_is1) (Version: 14.0.0.0 - SVO-Webdesign GbR)
NAPS2 5.2.0 (HKLM-x32\...\NAPS2 (Not Another PDF Scanner 2)_is1) (Version:  - Ben Olden-Cooligan)
Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: 3.5.6.5 - Nitro)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office Tab (HKLM\...\{DE469D65-1DEB-4058-BF95-C642D733668D}_is1) (Version: 13.10 - Addin Technology Inc.)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}) (Version: 1.0.3 - OLYMPUS IMAGING CORP.)
OLYMPUS Viewer 3 (HKLM-x32\...\{1B28182C-253F-4CFE-AF4A-87CB416D5F73}) (Version: 1.0.0 - OLYMPUS IMAGING CORP.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Paragon Backup & Recovery™ 16 (HKLM\...\{2AD4B002-9BDE-4CF3-9DFC-6AF9468B4094}) (Version: 10.2.0.1235 - Paragon Software) Hidden
Paragon Backup & Recovery™ 16 (HKLM-x32\...\{f4b6972e-9d30-4245-a8b8-c3ac48980d8e}) (Version: 10.2.0.1235 - Paragon Software GmbH)
Paragon Partition Manager™ 15 Home (HKLM\...\{986A654F-F1E4-11DD-9FCA-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon UIM (HKLM\...\{56EECD69-F428-41C4-ADF6-6CDEE14DDF3F}) (Version: 20.0.0.4 - Paragon Software) Hidden
phonostar-Player Version 3.03.9 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version:  - )
PHOTOfunSTUDIO 6.5 BD Edition (HKLM-x32\...\{AD5B7E20-00E1-4B7B-84DC-53F5CEFFA367}) (Version: 6.05.818 - Panasonic Corporation)
Process Lasso (HKLM-x32\...\ProcessLasso) (Version: 9.0.0.426 - Bitsum)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller Pro 3.2.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.0 - VS Revo Group, Ltd.)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.2.0.1610 - Samsung Electronics)
Snagit 2018 (HKLM\...\{9C67C8C5-FD2C-4193-BC05-75648081DBD6}) (Version: 18.1.0 - TechSmith Corporation)
Sound Blaster X-Fi (HKLM-x32\...\{20288888-A7AF-4B24-8AEB-398D20CD563C}) (Version: 1.0 - Creative Technology Limited)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
StarMoney (HKLM-x32\...\{5C1209B1-FA1D-40D3-BA13-4ED9F0F31002}) (Version: 6.0.1.83 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{E771D898-9A06-4EEF-B84D-B2DB75080F3E}) (Version: 6.0.1.83 - StarFinanz) Hidden
StartIsBack++ (HKLM-x32\...\StartIsBack) (Version: 2.5.2 - startisback.com)
Sticky Password 8.1.0.103 (HKLM-x32\...\Sticky Password_is1) (Version: 8.1 - Lamantine Software)
Studie zur Verbesserung von HP Officejet Pro 8100 Produkten (HKLM\...\{B1153774-BFFE-4D42-AC2C-6503DBE96EBA}) (Version: 28.0.1321.0 - Hewlett-Packard Co.)
SuperSpamKiller Pro 6.40(x64) (HKLM\...\SuperSpamKillerProfessional) (Version:  - Mirko Böer)
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version:  - Mister Group)
TeraCopy version 3.1 (HKLM\...\TeraCopy_is1) (Version: 3.1 - Code Sector)
Toolkit Documentation (HKLM-x32\...\{6143A694-5FE1-BDF6-F78E-4F7BF3E9419B}) (Version: 10.1.14393.0 - Microsoft) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
UEV Tools on amd64 (HKLM\...\{1454FA4E-58BC-2EF1-9A19-147B0E499E03}) (Version: 10.1.14393.0 - Microsoft) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
User State Migration Tool (HKLM-x32\...\{F7AADEDA-233A-1079-CD15-03AEB050F0C6}) (Version: 10.1.14393.0 - Microsoft) Hidden
Vivaldi (HKLM-x32\...\Vivaldi) (Version: 1.14.1077.55 - Vivaldi)
Vivaldi (HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Vivaldi) (Version: 1.13.1008.32 - Vivaldi)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
WhatsApp (HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\WhatsApp) (Version: 0.2.8361 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{39ebb79f-797c-418f-b329-97cfdf92b7ab}) (Version: 10.1.14393.0 - Microsoft Corporation)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinX HD Video Converter Deluxe 5.12.0 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version:  - Digiarty Software, Inc.)
WPT Redistributables (HKLM-x32\...\{549DAD2D-2505-204C-EC58-59807FE6E037}) (Version: 10.1.14393.0 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{97B6FAD9-6F14-CC46-3165-F1785ECCE255}) (Version: 10.1.14393.0 - Microsoft) Hidden
XnView 2.43 (HKLM-x32\...\XnView_is1) (Version: 2.43 - Gougelet Pierre-e)
XnView Shell Extension 3.6.0 (64bits) (HKLM\...\XnView Shell Extension_is1) (Version: 3.6.0 - Gougelet Pierre-e)
Zentimo PRO 1.9 (HKLM-x32\...\Zentimo PRO_is1) (Version:  - Zentimo.com)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Detlev Harland\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Detlev Harland\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{10886F48-2635-4EFE-80C2-1E4F61B28851}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{252180E9-FE9C-454F-8C5F-7C0C1EA0D597}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{339FA1D5-707F-4CE4-8291-B2AF27C34A74}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{34549919-9774-4107-8DA7-D1785D3ECC0F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{3630E515-7975-4B99-B0B0-9C8046DCB084}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{38319161-C937-4AD5-B527-B94B4B9C3D28}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{4D2D3C0C-D63B-4B66-B929-069B852341DB}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{82665987-2D18-4C6B-81C6-DBABD9D2575F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{AC471E83-977C-4148-982B-2BAD5C5D8EA0}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{EE8C802E-0C76-448F-BB85-B9037AF0CFED}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{FC4CFF4F-F91C-4AFD-8A76-0102ADA1FE74}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [COSDriveIconOverlay] -> {5FDACB62-6B7B-4116-9403-C5E0D3852A57} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemInSyncIconOverlay] -> {68F287EF-DA6D-4595-AF52-90FF6CE52AFE} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemModifiedIconOverlay] -> {AE67D273-7253-4236-B55E-D40055B305D6} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemNewIconOverlay] -> {022F23E9-DA0F-4A86-A728-CAF6150C0B63} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemUnsynchronizedIconOverlay] -> {4D7EE7CF-E7A1-45FE-8F80-3A37574918D7} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
ContextMenuHandlers1: [7-PDFMaker] -> {31640049-63C6-4729-9D78-AAED64BD25C7} => C:\Program Files (x86)\7-PDF\7-PDFM~1\7p64.dll [2014-05-23] ()
ContextMenuHandlers1: [COMODOBackupUtility] -> {FA66022E-2FE4-4A29-916C-84A0D8173FBB} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ContextMenuHandlers1: [IXnView] -> {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} => C:\Program Files\XnView\ShellEx\XnViewShellExt64.dll [2016-11-18] ()
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2017-07-20] (Crystal Rich Ltd)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TERACO~2.DLL [2016-12-07] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [COMODOBackupUtility] -> {FA66022E-2FE4-4A29-916C-84A0D8173FBB} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ContextMenuHandlers2-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers2-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers2-x32: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2017-07-20] (Crystal Rich Ltd)
ContextMenuHandlers2-x32: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TERACO~2.DLL [2016-12-07] ()
ContextMenuHandlers3-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers3-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers3-x32: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [COMODOBackupUtility] -> {FA66022E-2FE4-4A29-916C-84A0D8173FBB} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ContextMenuHandlers4: [Fb2kShellExt] -> {511D48AF-9E45-4CB8-8F02-9C1BE4BC3CF8} => C:\Program Files (x86)\foobar2000\ShellExt64.dll [2016-04-04] (Peter Pawlowski)
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2017-07-20] (Crystal Rich Ltd)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TERACO~2.DLL [2016-12-07] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-23] (NVIDIA Corporation)
ContextMenuHandlers6-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers6-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers6-x32: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6-x32: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group)
ContextMenuHandlers6-x32: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TERACO~2.DLL [2016-12-07] ()
ContextMenuHandlers6-x32: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2965490846-3651860406-308467309-1001: [OpusZip] -> {E9FE4040-3C93-11D4-8006-00201860E88A} => C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [2017-11-27] (GP Software)
ContextMenuHandlers4_S-1-5-21-2965490846-3651860406-308467309-1001: [OpusZip] -> {E9FE4040-3C93-11D4-8006-00201860E88A} => C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [2017-11-27] (GP Software)
ContextMenuHandlers5_S-1-5-21-2965490846-3651860406-308467309-1001: [DOpus] -> {B9DD4945-1BED-4CB7-994C-F40B72B7725A} => C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [2017-11-27] (GP Software)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0B963431-366A-4DA1-9E75-36AB0D9E73E1} - System32\Tasks\Driver Booster SkipUAC (Detlev Harland) => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe [2018-01-11] (IObit)
Task: {2C920341-BD1D-4D78-A23F-36C4D8BDA650} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.)
Task: {3456F2CC-C7EC-4018-850C-64C55A2785F4} - System32\Tasks\Shelbee_BackupReminder_global => C:\Users\Detlev Harland\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransShelbee.exe [2018-02-11] (WindSolutions)
Task: {4B78A533-4B78-4C26-846F-9DCD8F34DFDA} - System32\Tasks\Process Lasso Management Console (GUI) => C:\Program Files\Process Lasso\processlasso.exe [2018-01-08] (Bitsum LLC)
Task: {4E079953-E891-4EE4-8A82-6BDF6AF5FFA7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-12] (Microsoft Corporation)
Task: {5F3AE24A-5883-407D-B0D0-76554236FC19} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-9RG45OD-Detlev Harland => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-29] (Adobe Systems Incorporated)
Task: {67370D37-8116-4523-BE5C-42A50590364F} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-11-05] (Microsoft Corporation)
Task: {68024120-444C-4E3A-AD1E-CD73EFA1D765} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2018-01-08] (Samsung Electronics Co. Ltd.)
Task: {68875CDC-EA15-4593-A3E8-00CB1388DC89} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-10] (Google Inc.)
Task: {689C2241-E4DD-485E-8877-8F5C1FC18920} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-17] (Microsoft Corporation)
Task: {692800E5-13B6-44B5-99AA-0BA8C4B9EBC6} - System32\Tasks\Restart Snagit => C:\Program Files (x86)\TechSmith\Snagit 13\snagit32.exe
Task: {6F2E24AB-4FFF-402D-B72B-C7416345E294} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {73ABB9F7-CBBE-4FD9-AC51-AB2E21D60DBD} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\Scheduler.exe [2017-12-11] (IObit)
Task: {73CDBCBF-E154-4B08-BE83-5567111F4621} - System32\Tasks\Shelbee_BackupReminder_MissedTasksChecker => C:\Users\Detlev Harland\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransShelbee.exe [2018-02-11] (WindSolutions)
Task: {7706E0BC-EBF4-452C-A1ED-AF8470535CA5} - System32\Tasks\Process Lasso Core Engine Only => C:\Program Files\Process Lasso\processgovernor.exe [2018-01-08] (Bitsum LLC)
Task: {953C28B3-F521-4CB6-81D2-28536671902A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-17] (Microsoft Corporation)
Task: {A3BFA751-F57D-4977-83D0-370BEFEC3FB3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-03-06] (Piriform Ltd)
Task: {AB40DF7C-95EC-41DB-90C7-69DDE80C9659} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-12] (Microsoft Corporation)
Task: {AB4A1586-613C-43E3-B520-1B7E10F44578} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-20] (AVAST Software)
Task: {D4C749AC-21B2-470C-AF25-578960DE7291} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {D881092F-F6E7-45F4-BD9E-936BE026C8D5} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-02-08] ()
Task: {E0EE7AAE-1F37-43E5-9B58-6CD86AF8E644} - System32\Tasks\StartIsBack health check => C:\Program Files (x86)\StartIsBack\startscreen.exe [2018-01-17] (www.startisback.com)
Task: {FBCD06A6-4932-484C-A8F7-365106102C54} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-10] (Google Inc.)
Task: {FE5D7011-A922-4F26-827F-4A6D8448A4AF} - System32\Tasks\HPCustParticipation HP Officejet Pro 8100 => C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPCustPartic.exe [2012-11-01] (Hewlett-Packard Co.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\Detlev Harland\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\deb74e6ef302b553\Speed Dial [FVD] - New Tab Page, 3D, Sync.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=llaficoajjainaijghjlofdfmbjpebpa

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-04-25 13:22 - 2017-04-25 13:22 - 002250896 _____ () C:\Windows\System32\vimsdk.dll
2017-04-25 13:22 - 2017-04-25 13:22 - 000143504 _____ () C:\Windows\System32\vimbase.dll
2017-11-30 18:54 - 2017-11-30 18:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-01-05 00:13 - 2018-01-05 00:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-10 06:33 - 2014-10-07 11:55 - 001508032 _____ () C:\Program Files\COMODO\COMMON\LIBEAY32.dll
2017-11-10 06:33 - 2014-10-07 11:55 - 000338112 _____ () C:\Program Files\COMODO\COMMON\SSLEAY32.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-05-14 20:45 - 2017-03-14 14:51 - 001714688 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2018-01-22 03:15 - 2018-01-22 03:15 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-01-22 03:15 - 2018-01-22 03:15 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2017-09-08 08:26 - 2015-10-15 15:21 - 000043008 _____ () C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
2017-05-08 09:35 - 2017-05-08 09:35 - 000325632 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2018-02-08 13:32 - 2018-02-08 13:32 - 000073216 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2017-09-07 15:20 - 2011-08-09 14:22 - 000450560 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OSLite.dll
2017-09-07 15:20 - 2011-04-25 15:12 - 000118784 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OlyPalm.dll
2017-09-07 15:20 - 2006-09-04 19:26 - 000014336 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\Tracer.dll
2018-01-22 17:00 - 2017-10-16 10:14 - 000442144 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.2.0\madExcept_.bpl
2018-01-22 17:00 - 2017-10-16 10:14 - 000210720 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.2.0\madBasic_.bpl
2018-01-22 17:00 - 2017-10-16 10:14 - 000059680 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.2.0\madDisAsm_.bpl

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\sdpsenv.dat:naughtypirates [322]
AlternateDataStreams: C:\ProgramData\TEMP:58A5270D [216]
AlternateDataStreams: C:\ProgramData\TEMP:728B799F [374]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2965490846-3651860406-308467309-1001\Control Panel\Desktop\\Wallpaper -> C:\Hintergrundbilder\Kalender.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)

PC_User 18.03.2018 09:36
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14.03.2018
durchgeführt von Detlev Harland (18-03-2018 07:53:05)
Gestartet von C:\Users\Detlev Harland\Desktop
Windows 10 Home Version 1709 16299.309 (X64) (2017-10-20 15:53:58)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2965490846-3651860406-308467309-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2965490846-3651860406-308467309-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2965490846-3651860406-308467309-1000 - Limited - Disabled) => C:\Users\defaultuser0
Detlev Harland (S-1-5-21-2965490846-3651860406-308467309-1001 - Administrator - Enabled) => C:\Users\Detlev Harland
Gast (S-1-5-21-2965490846-3651860406-308467309-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2965490846-3651860406-308467309-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Anti-Malware (Enabled - Up to date) {67773CDD-EA83-AD98-A2ED-386463EB3B0D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {DC16DD39-CCB9-A216-985D-0316186C71B0}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-PDF Maker Version 1.5.2 (Build 164) (HKLM-x32\...\7-PDF Maker_is1) (Version: 7-PDF Maker - Version 1.5.2 (Build 164) - 7-PDF, Germany - Thorsten Hodes)
8GadgetPack (HKLM-x32\...\{36E60904-D465-40F7-82A7-A9C7A84C29B7}) (Version: 24.0.0 - 8GadgetPack.net)
Adobe Photoshop Elements 14 (HKLM-x32\...\{49F8D229-3E0E-4F43-8429-EB8F2583DB19}) (Version: 14.1 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.46 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (HKLM\...\{00EC0123-5EC2-4D75-830C-EF11667E74E8}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
ArcSoft PhotoStudio 6 (HKLM-x32\...\{ED8EF3C2-FA5B-4A1E-950D-5A0227161F97}) (Version:  - ArcSoft)
Ashampoo Burning Studio 18 (HKLM-x32\...\{91B33C97-AF35-C3DC-976E-8A253D817482}_is1) (Version: 18.0.6 - Ashampoo GmbH & Co. KG)
Assessments on Client (HKLM-x32\...\{F8288793-51B6-47EF-2F93-D37767663FC5}) (Version: 10.1.14393.0 - Microsoft) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon MP Navigator EX 2.1 (HKLM-x32\...\MP Navigator EX 2.1) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CanoScan LiDE 700F Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9601) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
Classic Menu for Office (HKLM-x32\...\{8023435C-3656-4C80-9731-ACAC26B922EB}) (Version: 9.25 - Addin Technology Inc.)
COMODO BackUp (HKLM\...\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}) (Version: 4.4.1.23 - COMODO)
concept/design onlineTV 13 (HKLM-x32\...\{32B1D875-8CFA-41DD-BDC6-A9CA59CECADE}_is1) (Version: 13.17.11.2 - concept/design GmbH)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\CopyTrans Suite) (Version: 4.017 - WindSolutions)
CPUID CPU-Z 1.80.1 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.80.1 - )
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.45 - Creative Technology Limited)
Creative Audiopaket (HKLM-x32\...\Creative Audio Pack) (Version:  - )
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative Centrale (HKLM-x32\...\{4442AB48-DEC4-4B39-B067-1F75BF8017E7}) (Version: 1.18.05 - Creative Technology Ltd.) Hidden
Creative Centrale (HKLM-x32\...\Creative Centrale) (Version: 1.18.05 - Creative Technology Ltd.)
Creative Media Toolbox 6 (HKLM-x32\...\{F1A14CB2-A048-45A6-AFDA-3571296E1D76}) (Version: 6.02 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited)
Creative Software Update (HKLM-x32\...\{86604C06-DA30-425E-AECE-47304FE81C45}) (Version: 1.03.01 - Creative Technology Ltd.) Hidden
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.03 - Creative Technology Limited)
Creative ZEN X-Fi Style Dokumentation (HKLM-x32\...\ZENXFISTYLEUG) (Version:  - Creative Technology Ltd.)
Desk-Timer 2.11.2 (HKLM-x32\...\DeskTimer_is1) (Version: 2.11.2 - Jürgen Bäckmann)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.00 - Creative Technology Limited)
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.2.0 - IObit)
DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited)
Elevated Installer (HKLM-x32\...\{9AB7E852-655C-4BDE-9042-1D3E6807C85A}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 2017.8 - Emsisoft Ltd.)
FileMenu Tools (HKLM\...\FileMenu Tools_is1) (Version: 7.4 - LopeSoft)
FileMenu Tools 7.5 (HKLM\...\FileMenuTools_is1) (Version: 7.5 - LopeSoft)
foobar2000 v1.3.17 (HKLM-x32\...\foobar2000) (Version: 1.3.17 - Peter Pawlowski)
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{E695D74A-9567-46DA-A4EE-0E191F21194B}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{fb1ff7db-c0d2-43c4-99bf-5b2fa4f9ca0b}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{7C8FDEF1-F311-459C-B3CC-EEF73C721BFD}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
GPSoftware Directory Opus (HKLM-x32\...\{0A6AA615-5321-43A0-AFAE-97BF95013EA0}) (Version: 12.7 - GPSoftware)
HP Officejet Pro 8100 - Grundlegende Software für das Gerät (HKLM\...\{4D139017-971D-45CF-B94E-26C4DC93A814}) (Version: 28.0.1321.0 - Hewlett-Packard Co.)
HP Officejet Pro 8100 Hilfe (HKLM-x32\...\{73DB9F06-C125-4A1C-A982-5801338EBE84}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Imaging And Configuration Designer (HKLM-x32\...\{05935793-A34C-4272-3361-7AF9AEEE5649}) (Version: 10.1.14393.0 - Microsoft) Hidden
Imaging Designer (HKLM-x32\...\{FB54F620-9555-3A11-26CB-B027C4DDF260}) (Version: 10.1.14393.0 - Microsoft) Hidden
Imaging Tools Support (HKLM-x32\...\{C30A729A-E9BA-37F8-3C58-64AD9F1D4694}) (Version: 10.1.14393.0 - Microsoft) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iTunes (HKLM\...\{69D24652-4A1D-49C6-AA0C-573A38083F6C}) (Version: 12.7.3.46 - Apple Inc.)
KB4023057 (HKLM\...\{ED06689A-33B7-4D35-8F76-36A82CD03406}) (Version: 2.3.0.0 - Microsoft Corporation)
Kits Configuration Installer (HKLM-x32\...\{C661B45B-1D2A-AF7C-27D0-B4FFD670A4FE}) (Version: 10.1.14393.0 - Microsoft) Hidden
LingoPad 2.6 (Build 360) (HKLM-x32\...\LingoPad_is1) (Version: 2.6 - Lingo4you)
LockHunter 3.2, 32/64 bit (HKLM\...\LockHunter_is1) (Version:  - Crystal Rich Ltd)
Logitech Options (HKLM\...\LogiOptions) (Version: 6.80.372 - Logitech)
Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden
Microsoft IntelliType Pro 7.1 (HKLM\...\{E6B7BD80-A921-4C72-A68B-44A9EB438BE4}) (Version: 7.10.344.0 - Microsoft)
Microsoft Office Home and Business 2016 - de-de (HKLM\...\HomeBusinessRetail - de-de) (Version: 16.0.9029.2253 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.6.0.6597 - Mozilla)
Mozilla Thunderbird 52.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 52.6.0 (x86 de)) (Version: 52.6.0 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MwSt. 2017 14.0.0.0 (HKLM-x32\...\{0B0D53DA-B945-448F-BB2C-317966FBA3CD}_is1) (Version: 14.0.0.0 - SVO-Webdesign GbR)
NAPS2 5.2.0 (HKLM-x32\...\NAPS2 (Not Another PDF Scanner 2)_is1) (Version:  - Ben Olden-Cooligan)
Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: 3.5.6.5 - Nitro)
NVIDIA PhysX-Systemsoftware 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.9029.2253 - Microsoft Corporation) Hidden
Office Tab (HKLM\...\{DE469D65-1DEB-4058-BF95-C642D733668D}_is1) (Version: 13.10 - Addin Technology Inc.)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}) (Version: 1.0.3 - OLYMPUS IMAGING CORP.)
OLYMPUS Viewer 3 (HKLM-x32\...\{1B28182C-253F-4CFE-AF4A-87CB416D5F73}) (Version: 1.0.0 - OLYMPUS IMAGING CORP.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Paragon Backup & Recovery™ 16 (HKLM\...\{2AD4B002-9BDE-4CF3-9DFC-6AF9468B4094}) (Version: 10.2.0.1235 - Paragon Software) Hidden
Paragon Backup & Recovery™ 16 (HKLM-x32\...\{f4b6972e-9d30-4245-a8b8-c3ac48980d8e}) (Version: 10.2.0.1235 - Paragon Software GmbH)
Paragon Partition Manager™ 15 Home (HKLM\...\{986A654F-F1E4-11DD-9FCA-005056C00008}) (Version: 90.00.0003 - Paragon Software)
Paragon UIM (HKLM\...\{56EECD69-F428-41C4-ADF6-6CDEE14DDF3F}) (Version: 20.0.0.4 - Paragon Software) Hidden
phonostar-Player Version 3.03.9 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version:  - )
PHOTOfunSTUDIO 6.5 BD Edition (HKLM-x32\...\{AD5B7E20-00E1-4B7B-84DC-53F5CEFFA367}) (Version: 6.05.818 - Panasonic Corporation)
Process Lasso (HKLM-x32\...\ProcessLasso) (Version: 9.0.0.426 - Bitsum)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller Pro 3.2.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.0 - VS Revo Group, Ltd.)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.2.0.1610 - Samsung Electronics)
Snagit 2018 (HKLM\...\{9C67C8C5-FD2C-4193-BC05-75648081DBD6}) (Version: 18.1.0 - TechSmith Corporation)
Sound Blaster X-Fi (HKLM-x32\...\{20288888-A7AF-4B24-8AEB-398D20CD563C}) (Version: 1.0 - Creative Technology Limited)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
StarMoney (HKLM-x32\...\{5C1209B1-FA1D-40D3-BA13-4ED9F0F31002}) (Version: 6.0.1.83 - StarFinanz) Hidden
StarMoney (HKLM-x32\...\{E771D898-9A06-4EEF-B84D-B2DB75080F3E}) (Version: 6.0.1.83 - StarFinanz) Hidden
StartIsBack++ (HKLM-x32\...\StartIsBack) (Version: 2.5.2 - startisback.com)
Sticky Password 8.1.0.103 (HKLM-x32\...\Sticky Password_is1) (Version: 8.1 - Lamantine Software)
Studie zur Verbesserung von HP Officejet Pro 8100 Produkten (HKLM\...\{B1153774-BFFE-4D42-AC2C-6503DBE96EBA}) (Version: 28.0.1321.0 - Hewlett-Packard Co.)
SuperSpamKiller Pro 6.40(x64) (HKLM\...\SuperSpamKillerProfessional) (Version:  - Mirko Böer)
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version:  - Mister Group)
TeraCopy version 3.1 (HKLM\...\TeraCopy_is1) (Version: 3.1 - Code Sector)
Toolkit Documentation (HKLM-x32\...\{6143A694-5FE1-BDF6-F78E-4F7BF3E9419B}) (Version: 10.1.14393.0 - Microsoft) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
UEV Tools on amd64 (HKLM\...\{1454FA4E-58BC-2EF1-9A19-147B0E499E03}) (Version: 10.1.14393.0 - Microsoft) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
User State Migration Tool (HKLM-x32\...\{F7AADEDA-233A-1079-CD15-03AEB050F0C6}) (Version: 10.1.14393.0 - Microsoft) Hidden
Vivaldi (HKLM-x32\...\Vivaldi) (Version: 1.14.1077.55 - Vivaldi)
Vivaldi (HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Vivaldi) (Version: 1.13.1008.32 - Vivaldi)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
WhatsApp (HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\WhatsApp) (Version: 0.2.8361 - WhatsApp)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{39ebb79f-797c-418f-b329-97cfdf92b7ab}) (Version: 10.1.14393.0 - Microsoft Corporation)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.50 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinX HD Video Converter Deluxe 5.12.0 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version:  - Digiarty Software, Inc.)
WPT Redistributables (HKLM-x32\...\{549DAD2D-2505-204C-EC58-59807FE6E037}) (Version: 10.1.14393.0 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{97B6FAD9-6F14-CC46-3165-F1785ECCE255}) (Version: 10.1.14393.0 - Microsoft) Hidden
XnView 2.43 (HKLM-x32\...\XnView_is1) (Version: 2.43 - Gougelet Pierre-e)
XnView Shell Extension 3.6.0 (64bits) (HKLM\...\XnView Shell Extension_is1) (Version: 3.6.0 - Gougelet Pierre-e)
Zentimo PRO 1.9 (HKLM-x32\...\Zentimo PRO_is1) (Version:  - Zentimo.com)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Detlev Harland\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Detlev Harland\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{10886F48-2635-4EFE-80C2-1E4F61B28851}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{252180E9-FE9C-454F-8C5F-7C0C1EA0D597}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{339FA1D5-707F-4CE4-8291-B2AF27C34A74}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{34549919-9774-4107-8DA7-D1785D3ECC0F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{3630E515-7975-4B99-B0B0-9C8046DCB084}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{38319161-C937-4AD5-B527-B94B4B9C3D28}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{4D2D3C0C-D63B-4B66-B929-069B852341DB}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{82665987-2D18-4C6B-81C6-DBABD9D2575F}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{AC471E83-977C-4148-982B-2BAD5C5D8EA0}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{EE8C802E-0C76-448F-BB85-B9037AF0CFED}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
CustomCLSID: HKU\S-1-5-21-2965490846-3651860406-308467309-1001_Classes\CLSID\{FC4CFF4F-F91C-4AFD-8A76-0102ADA1FE74}\InprocServer32 -> C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll (GP Software)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
ShellIconOverlayIdentifiers: [COSDriveIconOverlay] -> {5FDACB62-6B7B-4116-9403-C5E0D3852A57} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemInSyncIconOverlay] -> {68F287EF-DA6D-4595-AF52-90FF6CE52AFE} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemModifiedIconOverlay] -> {AE67D273-7253-4236-B55E-D40055B305D6} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemNewIconOverlay] -> {022F23E9-DA0F-4A86-A728-CAF6150C0B63} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers: [COSSyncItemUnsynchronizedIconOverlay] -> {4D7EE7CF-E7A1-45FE-8F80-3A37574918D7} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Keine Datei
ContextMenuHandlers1: [7-PDFMaker] -> {31640049-63C6-4729-9D78-AAED64BD25C7} => C:\Program Files (x86)\7-PDF\7-PDFM~1\7p64.dll [2014-05-23] ()
ContextMenuHandlers1: [COMODOBackupUtility] -> {FA66022E-2FE4-4A29-916C-84A0D8173FBB} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ContextMenuHandlers1: [IXnView] -> {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} => C:\Program Files\XnView\ShellEx\XnViewShellExt64.dll [2016-11-18] ()
ContextMenuHandlers1: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2017-07-20] (Crystal Rich Ltd)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TERACO~2.DLL [2016-12-07] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [COMODOBackupUtility] -> {FA66022E-2FE4-4A29-916C-84A0D8173FBB} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ContextMenuHandlers2-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers2-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers2-x32: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2017-07-20] (Crystal Rich Ltd)
ContextMenuHandlers2-x32: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TERACO~2.DLL [2016-12-07] ()
ContextMenuHandlers3-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers3-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers3-x32: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [COMODOBackupUtility] -> {FA66022E-2FE4-4A29-916C-84A0D8173FBB} => C:\Program Files\COMODO\COMMON\ShellExtension.dll [2014-10-07] (C-O-M-O-D-O)
ContextMenuHandlers4: [Fb2kShellExt] -> {511D48AF-9E45-4CB8-8F02-9C1BE4BC3CF8} => C:\Program Files (x86)\foobar2000\ShellExt64.dll [2016-04-04] (Peter Pawlowski)
ContextMenuHandlers4: [LockHunterShellExt] -> {0BB27CDA-7029-4C0E-9C56-D922B229F0EB} => C:\Program Files\LockHunter\LHShellExt64.dll [2017-07-20] (Crystal Rich Ltd)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TERACO~2.DLL [2016-12-07] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-01-23] (NVIDIA Corporation)
ContextMenuHandlers6-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers6-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\A2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)
ContextMenuHandlers6-x32: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6-x32: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group)
ContextMenuHandlers6-x32: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TERACO~2.DLL [2016-12-07] ()
ContextMenuHandlers6-x32: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2965490846-3651860406-308467309-1001: [OpusZip] -> {E9FE4040-3C93-11D4-8006-00201860E88A} => C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [2017-11-27] (GP Software)
ContextMenuHandlers4_S-1-5-21-2965490846-3651860406-308467309-1001: [OpusZip] -> {E9FE4040-3C93-11D4-8006-00201860E88A} => C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [2017-11-27] (GP Software)
ContextMenuHandlers5_S-1-5-21-2965490846-3651860406-308467309-1001: [DOpus] -> {B9DD4945-1BED-4CB7-994C-F40B72B7725A} => C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [2017-11-27] (GP Software)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0B963431-366A-4DA1-9E75-36AB0D9E73E1} - System32\Tasks\Driver Booster SkipUAC (Detlev Harland) => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe [2018-01-11] (IObit)
Task: {2C920341-BD1D-4D78-A23F-36C4D8BDA650} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.)
Task: {3456F2CC-C7EC-4018-850C-64C55A2785F4} - System32\Tasks\Shelbee_BackupReminder_global => C:\Users\Detlev Harland\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransShelbee.exe [2018-02-11] (WindSolutions)
Task: {4B78A533-4B78-4C26-846F-9DCD8F34DFDA} - System32\Tasks\Process Lasso Management Console (GUI) => C:\Program Files\Process Lasso\processlasso.exe [2018-01-08] (Bitsum LLC)
Task: {4E079953-E891-4EE4-8A82-6BDF6AF5FFA7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-12] (Microsoft Corporation)
Task: {5F3AE24A-5883-407D-B0D0-76554236FC19} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-9RG45OD-Detlev Harland => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-29] (Adobe Systems Incorporated)
Task: {67370D37-8116-4523-BE5C-42A50590364F} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-11-05] (Microsoft Corporation)
Task: {68024120-444C-4E3A-AD1E-CD73EFA1D765} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2018-01-08] (Samsung Electronics Co. Ltd.)
Task: {68875CDC-EA15-4593-A3E8-00CB1388DC89} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-10] (Google Inc.)
Task: {689C2241-E4DD-485E-8877-8F5C1FC18920} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-17] (Microsoft Corporation)
Task: {692800E5-13B6-44B5-99AA-0BA8C4B9EBC6} - System32\Tasks\Restart Snagit => C:\Program Files (x86)\TechSmith\Snagit 13\snagit32.exe
Task: {6F2E24AB-4FFF-402D-B72B-C7416345E294} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {73ABB9F7-CBBE-4FD9-AC51-AB2E21D60DBD} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\Scheduler.exe [2017-12-11] (IObit)
Task: {73CDBCBF-E154-4B08-BE83-5567111F4621} - System32\Tasks\Shelbee_BackupReminder_MissedTasksChecker => C:\Users\Detlev Harland\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransShelbee.exe [2018-02-11] (WindSolutions)
Task: {7706E0BC-EBF4-452C-A1ED-AF8470535CA5} - System32\Tasks\Process Lasso Core Engine Only => C:\Program Files\Process Lasso\processgovernor.exe [2018-01-08] (Bitsum LLC)
Task: {953C28B3-F521-4CB6-81D2-28536671902A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-17] (Microsoft Corporation)
Task: {A3BFA751-F57D-4977-83D0-370BEFEC3FB3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-03-06] (Piriform Ltd)
Task: {AB40DF7C-95EC-41DB-90C7-69DDE80C9659} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-12] (Microsoft Corporation)
Task: {AB4A1586-613C-43E3-B520-1B7E10F44578} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-20] (AVAST Software)
Task: {D4C749AC-21B2-470C-AF25-578960DE7291} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {D881092F-F6E7-45F4-BD9E-936BE026C8D5} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-02-08] ()
Task: {E0EE7AAE-1F37-43E5-9B58-6CD86AF8E644} - System32\Tasks\StartIsBack health check => C:\Program Files (x86)\StartIsBack\startscreen.exe [2018-01-17] (www.startisback.com)
Task: {FBCD06A6-4932-484C-A8F7-365106102C54} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-10] (Google Inc.)
Task: {FE5D7011-A922-4F26-827F-4A6D8448A4AF} - System32\Tasks\HPCustParticipation HP Officejet Pro 8100 => C:\Program Files\HP\HP Officejet Pro 8100\Bin\HPCustPartic.exe [2012-11-01] (Hewlett-Packard Co.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


ShortcutWithArgument: C:\Users\Detlev Harland\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\deb74e6ef302b553\Speed Dial [FVD] - New Tab Page, 3D, Sync.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=llaficoajjainaijghjlofdfmbjpebpa

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-04-25 13:22 - 2017-04-25 13:22 - 002250896 _____ () C:\Windows\System32\vimsdk.dll
2017-04-25 13:22 - 2017-04-25 13:22 - 000143504 _____ () C:\Windows\System32\vimbase.dll
2017-11-30 18:54 - 2017-11-30 18:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-01-05 00:13 - 2018-01-05 00:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-10 06:33 - 2014-10-07 11:55 - 001508032 _____ () C:\Program Files\COMODO\COMMON\LIBEAY32.dll
2017-11-10 06:33 - 2014-10-07 11:55 - 000338112 _____ () C:\Program Files\COMODO\COMMON\SSLEAY32.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-05-14 20:45 - 2017-03-14 14:51 - 001714688 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2018-01-22 03:15 - 2018-01-22 03:15 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-01-22 03:15 - 2018-01-22 03:15 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2017-09-08 08:26 - 2015-10-15 15:21 - 000043008 _____ () C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
2017-05-08 09:35 - 2017-05-08 09:35 - 000325632 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2018-02-08 13:32 - 2018-02-08 13:32 - 000073216 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2017-09-07 15:20 - 2011-08-09 14:22 - 000450560 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OSLite.dll
2017-09-07 15:20 - 2011-04-25 15:12 - 000118784 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OlyPalm.dll
2017-09-07 15:20 - 2006-09-04 19:26 - 000014336 _____ () C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\Tracer.dll
2018-01-22 17:00 - 2017-10-16 10:14 - 000442144 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.2.0\madExcept_.bpl
2018-01-22 17:00 - 2017-10-16 10:14 - 000210720 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.2.0\madBasic_.bpl
2018-01-22 17:00 - 2017-10-16 10:14 - 000059680 _____ () C:\Program Files (x86)\IObit\Driver Booster\5.2.0\madDisAsm_.bpl

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\sdpsenv.dat:naughtypirates [322]
AlternateDataStreams: C:\ProgramData\TEMP:58A5270D [216]
AlternateDataStreams: C:\ProgramData\TEMP:728B799F [374]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2965490846-3651860406-308467309-1001\Control Panel\Desktop\\Wallpaper -> C:\Hintergrundbilder\Kalender.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
durchgeführt von Detlev Harland (Administrator) auf DESKTOP-9RG45OD (18-03-2018 07:52:24)
Gestartet von C:\Users\Detlev Harland\Desktop
Geladene Profile: Detlev Harland (Verfügbare Profile: defaultuser0 & Detlev Harland)
Platform: Windows 10 Home Version 1709 16299.309 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Program Files\Vivaldi\Application\vivaldi.exe" -- "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Code Sector) C:\Program Files\TeraCopy\TeraCopyService.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Crystal Rich Ltd) C:\Program Files (x86)\Zentimo\ZentimoService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(COMODO Security Solutions) C:\Program Files\COMODO\COMMON\COSService.exe
(Creative Labs) C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\APLicensing.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe
(© pdfforge GmbH.) C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(COMODO Security Solutions) C:\Program Files\COMODO\COMMON\SynchronizationService.exe
(TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Bitsum LLC) C:\Program Files\Process Lasso\ProcessLasso.exe
(Bitsum LLC) C:\Program Files\Process Lasso\ProcessGovernor.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Crystal Rich Ltd) C:\Program Files (x86)\Zentimo\Zentimo.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
konnte nicht auf den Prozess zugreifen -> backgroundTaskHost.exe
(Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(OLYMPUS IMAGING CORP.) C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe
(Mirko Böer) C:\Program Files\SSKPro\sskpro.exe
() C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe
(Vivaldi Technologies AS) C:\Program Files\Vivaldi\Application\update_notifier.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe
(GP Software) C:\Program Files\GPSoftware\Directory Opus\dopus.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\SAMSUNG\Samsung Magician\SamsungMagician.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\Scheduler.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2start.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.16299.251_none_16dd4c82321e5ccc\TiWorker.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [2345848 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [722256 2008-12-12] (CANON INC.)
HKLM\...\Run: [Zentimo xStorage Manager] => C:\Program Files (x86)\Zentimo\Zentimo.exe [7015192 2016-10-16] (Crystal Rich Ltd)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2141816 2018-02-22] (Logitech, Inc.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [237693 2009-02-03] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe [55216 2012-11-16] (OLYMPUS IMAGING CORP.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [109056 2008-08-01] (ArcSoft Inc.)
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE*
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [Desk-Timer Wallpaper aktualisieren] => C:\Program Files (x86)\Desk-Timer\Desk-Timer.exe [5457104 2016-09-16] (Jürgen Bäckmann)
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe [223152 2012-11-16] (OLYMPUS IMAGING CORP.)
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [SuperSpamKiller Pro] => C:\Program Files\SSKPro\sskpro.exe [19059688 2018-01-23] (Mirko Böer)
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [phonostarTimer] => C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [43008 2015-10-15] ()
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [phonostar-PlayerTimer] => C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [43008 2015-10-15] ()
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1422248 2018-02-08] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [Directory Opus Desktop Dblclk] => C:\Program Files\GPSoftware\Directory Opus\dopusrt.exe [694512 2017-11-27] (GP Software)
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [Vivaldi Update Notifier] => C:\Program Files\Vivaldi\Application\update_notifier.exe [1742920 2018-02-27] (Vivaldi Technologies AS)
HKU\S-1-5-21-2965490846-3651860406-308467309-1001\...\Run: [SoftAuto.exe] => C:\Program Files (x86)\Creative\Software Update 3\SoftAuto.exe [405504 2008-08-13] (Creative Technology Ltd)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1422248 2018-02-08] (Garmin Ltd. or its subsidiaries)
ShellExecuteHooks: Directory Opus Shell Execute Hook - {3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE} - C:\Program Files\GPSoftware\Directory Opus\dopuslib.dll [1902832 2017-11-27] (GP Software)
ShellExecuteHooks-x32: Directory Opus Shell Execute Hook - {EE761688-C137-4b04-8FAB-3C9CDF0886F0} - C:\Program Files\GPSoftware\Directory Opus\dopuslib32.dll [380144 2017-11-27] (GP Software)
Startup: C:\Users\Detlev Harland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Directory Opus (Autostart).lnk [2017-11-27]
ShortcutTarget: Directory Opus (Autostart).lnk -> C:\Program Files\GPSoftware\Directory Opus\dopus.exe (GP Software)
Startup: C:\Users\Detlev Harland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar716.lnk [2018-03-18]
ShortcutTarget: Sidebar716.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Als een item is opgenomen in de fixlist, zal een registeritem worden verwijderd of hersteld naar de standaard waarde.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{ccacdc0b-46df-4986-acd5-3a1bb2255352}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2965490846-3651860406-308467309-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-03-03] (Microsoft Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-03] (Microsoft Corporation)

FireFox:
========
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-03] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2965490846-3651860406-308467309-1001: @phonostar.de/phonostar -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll [2016-10-04] ( )

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR NewTab: Profile 2 -> "active": true,
            "entry": "chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
         
CHR Profile: C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-03-17]
CHR Extension: (Google Drive) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-12]
CHR Extension: (YouTube) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-12]
CHR Extension: (Scroll To Top Button) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\chinfkfmaefdlchhempbfgbdagheknoj [2018-03-12]
CHR Extension: (uBlock Origin) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-03-12]
CHR Extension: (HTTPS Everywhere) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2018-03-12]
CHR Extension: (Green Scroll Bar - Pure CSS3 (from ZIG)) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hnnpahlmflcceeadbeollhmmkfhfelnn [2018-03-12]
CHR Extension: (EverSync - Sync bookmarks, backup favorites) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\iohcojnlgnfbmjfjfkbhahhmppcggdog [2018-03-12]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2018-03-12]
CHR Extension: (Chrono Download Manager) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2018-03-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-03-12]
CHR Extension: (Open Bookmark Manager) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\oalceheiomajabalbakkoeiheiokhdbd [2018-03-12]
CHR Extension: (Last Tab Keepalive) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pekhngokoehglkdkciedpimjddpbkcod [2018-03-12]
CHR Extension: (Google Mail) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-12]
CHR Extension: (Chrome Media Router) - C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-12]
CHR Profile: C:\Users\Detlev Harland\AppData\Local\Google\Chrome\User Data\System Profile [2018-03-12]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [9317264 2018-03-08] (Emsisoft Ltd)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2008-08-01] (ArcSoft Inc.)
R2 AdobeActiveFileMonitor14.0; C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe [226016 2015-12-07] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7962288 2018-03-12] (Microsoft Corporation)
R2 COSService.exe; C:\Program Files\COMODO\COMMON\COSService.exe [3550400 2014-10-07] (COMODO Security Solutions)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2017-05-14] (Creative Labs) [Datei ist nicht signiert]
R2 Creative Audio Pack Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\APLicensing.exe [72704 2017-05-14] (Creative Labs) [Datei ist nicht signiert]
S3 Creative Media Toolbox 6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [79360 2017-05-14] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 CTDevice_Srv; C:\Program Files (x86)\Creative\Shared Files\CTDevSrv.exe [61440 2007-04-02] (Creative Technology Ltd) [Datei ist nicht signiert]
S3 CTUPnPSv; C:\Program Files (x86)\Creative\Creative Centrale\CTUPnPSv.exe [64000 2008-05-21] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1162768 2018-02-08] (Garmin Ltd. or its subsidiaries)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (© pdfforge GmbH.)
R2 SynchronizationService.exe; C:\Program Files\COMODO\COMMON\SynchronizationService.exe [2575552 2014-10-07] (COMODO Security Solutions)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3661096 2015-09-14] (TechSmith Corporation)
R2 TeraCopyService; C:\Program Files\TeraCopy\TeraCopyService.exe [110416 2017-05-05] (Code Sector)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 ZentimoService; C:\Program Files (x86)\Zentimo\ZentimoService.exe [1756952 2016-10-16] (Crystal Rich Ltd)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 PDF Architect 5 Creator; "C:\Program Files\PDF Architect 5\creator-ws.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [90560 2018-01-22] (Alcorlink Corp.)
R0 bdisk; C:\WINDOWS\System32\DRIVERS\bdisk.sys [85488 2014-10-07] (COMODO Security Solutions Inc.)
R0 CBUFS; C:\WINDOWS\System32\DRIVERS\CBUFS.sys [230712 2014-10-07] (COMODO Security Solutions Inc.)
R0 cbvd; C:\WINDOWS\System32\DRIVERS\cbvd.sys [677744 2014-10-07] (COMODO Security Solutions Inc.)
R1 epp; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [124552 2016-11-23] (Emsisoft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-05-14] (REALiX(tm))
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_a33a405d786e1e76\nvlddmkm.sys [17493824 2018-03-07] (NVIDIA Corporation)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R0 Reparse; C:\WINDOWS\System32\DRIVERS\CBReparse.sys [674160 2014-10-07] (COMODO Security Solutions Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1026896 2018-03-07] (Realtek )
R1 UimBus; C:\WINDOWS\System32\drivers\uimbus.sys [108856 2017-04-11] (Paragon Software GmbH)
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uimdevim.sys [44848 2017-04-11] (Paragon Software GmbH)
R3 vdbus; C:\WINDOWS\System32\drivers\vdbus.sys [826040 2014-10-07] (COMODO Security Solutions Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
S3 WofAdk; C:\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wofadk.sys [221376 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-03-18 07:52 - 2018-03-18 07:52 - 000022049 _____ C:\Users\Detlev Harland\Desktop\FRST.txt
2018-03-18 07:52 - 2018-03-18 07:52 - 000000000 ____D C:\FRST
2018-03-18 07:50 - 2018-03-18 07:50 - 002403328 _____ (Farbar) C:\Users\Detlev Harland\Desktop\FRST64.exe
2018-03-17 09:31 - 2018-03-17 09:31 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\Opera Software
2018-03-17 09:31 - 2018-03-17 09:31 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\Opera Software
2018-03-17 09:22 - 2018-03-17 14:18 - 000000000 ____D C:\Program Files\Opera
2018-03-14 17:03 - 2018-03-02 04:36 - 017085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-03-14 17:03 - 2018-03-02 04:02 - 000037888 _____ C:\WINDOWS\system32\SpectrumSyncClient.dll
2018-03-14 17:03 - 2018-03-02 04:01 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-03-14 17:03 - 2018-03-02 04:00 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2018-03-14 17:03 - 2018-03-02 04:00 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\svf.dll
2018-03-14 17:03 - 2018-03-02 04:00 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-03-14 17:03 - 2018-03-02 03:59 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-03-14 17:03 - 2018-03-01 21:28 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-03-14 17:03 - 2018-03-01 08:50 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-03-14 17:03 - 2018-03-01 08:49 - 000389536 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-03-14 17:03 - 2018-03-01 08:48 - 000664472 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-03-14 17:03 - 2018-03-01 08:47 - 000749464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-03-14 17:03 - 2018-03-01 08:47 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-03-14 17:03 - 2018-03-01 08:46 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-03-14 17:03 - 2018-03-01 08:46 - 001568664 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-03-14 17:03 - 2018-03-01 08:46 - 000609176 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-03-14 17:03 - 2018-03-01 08:46 - 000138144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-03-14 17:03 - 2018-03-01 08:45 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-03-14 17:03 - 2018-03-01 08:40 - 002514936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-03-14 17:03 - 2018-03-01 08:40 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-03-14 17:03 - 2018-03-01 08:40 - 000273304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-03-14 17:03 - 2018-03-01 08:37 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-03-14 17:03 - 2018-03-01 08:31 - 008602520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-03-14 17:03 - 2018-03-01 08:30 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-03-14 17:03 - 2018-03-01 08:30 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-03-14 17:03 - 2018-03-01 08:29 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-03-14 17:03 - 2018-03-01 08:27 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-03-14 17:03 - 2018-03-01 08:26 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-03-14 17:03 - 2018-03-01 08:25 - 000377752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-03-14 17:03 - 2018-03-01 08:23 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-03-14 17:03 - 2018-03-01 08:19 - 000710768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-03-14 17:03 - 2018-03-01 08:17 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-03-14 17:03 - 2018-03-01 08:17 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-03-14 17:03 - 2018-03-01 08:17 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-03-14 17:03 - 2018-03-01 08:15 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-03-14 17:03 - 2018-03-01 08:14 - 007675784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-03-14 17:03 - 2018-03-01 08:14 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-03-14 17:03 - 2018-03-01 08:14 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthFWSnapin.dll
2018-03-14 17:03 - 2018-03-01 08:14 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-03-14 17:03 - 2018-03-01 08:14 - 000356952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-03-14 17:03 - 2018-03-01 08:14 - 000147872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-03-14 17:03 - 2018-03-01 08:14 - 000128928 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2018-03-14 17:03 - 2018-03-01 08:12 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-03-14 17:03 - 2018-03-01 08:12 - 000250264 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2018-03-14 17:03 - 2018-03-01 08:12 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-03-14 17:03 - 2018-03-01 08:11 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-03-14 17:03 - 2018-03-01 08:10 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-03-14 17:03 - 2018-03-01 08:10 - 000075168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-03-14 17:03 - 2018-03-01 08:10 - 000022936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
2018-03-14 17:03 - 2018-03-01 08:09 - 001054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-03-14 17:03 - 2018-03-01 07:51 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-03-14 17:03 - 2018-03-01 07:48 - 001930736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-03-14 17:03 - 2018-03-01 07:39 - 000213400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-03-14 17:03 - 2018-03-01 07:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-03-14 17:03 - 2018-03-01 07:29 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-03-14 17:03 - 2018-03-01 07:29 - 000574960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-03-14 17:03 - 2018-03-01 07:28 - 006480616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-03-14 17:03 - 2018-03-01 07:28 - 002193168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-03-14 17:03 - 2018-03-01 07:28 - 000115096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2018-03-14 17:03 - 2018-03-01 07:27 - 000284112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-03-14 17:03 - 2018-03-01 07:27 - 000221592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2018-03-14 17:03 - 2018-03-01 07:26 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-03-14 17:03 - 2018-03-01 07:26 - 001057816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-03-14 17:03 - 2018-03-01 07:23 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthFWSnapin.dll
2018-03-14 17:03 - 2018-03-01 07:21 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2018-03-14 17:03 - 2018-03-01 07:09 - 025251840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-03-14 17:03 - 2018-03-01 07:03 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-03-14 17:03 - 2018-03-01 07:03 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-03-14 17:03 - 2018-03-01 07:03 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-03-14 17:03 - 2018-03-01 07:03 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-03-14 17:03 - 2018-03-01 07:03 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-03-14 17:03 - 2018-03-01 07:01 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-03-14 17:03 - 2018-03-01 07:01 - 006575616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-03-14 17:03 - 2018-03-01 07:01 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-03-14 17:03 - 2018-03-01 07:01 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-03-14 17:03 - 2018-03-01 07:00 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-03-14 17:03 - 2018-03-01 06:59 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-03-14 17:03 - 2018-03-01 06:58 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-03-14 17:03 - 2018-03-01 06:58 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-03-14 17:03 - 2018-03-01 06:58 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2018-03-14 17:03 - 2018-03-01 06:58 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-03-14 17:03 - 2018-03-01 06:57 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-03-14 17:03 - 2018-03-01 06:56 - 018922496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-03-14 17:03 - 2018-03-01 06:56 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-03-14 17:03 - 2018-03-01 06:55 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-03-14 17:03 - 2018-03-01 06:54 - 003664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-03-14 17:03 - 2018-03-01 06:54 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-03-14 17:03 - 2018-03-01 06:54 - 001296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-03-14 17:03 - 2018-03-01 06:54 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-03-14 17:03 - 2018-03-01 06:54 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-03-14 17:03 - 2018-03-01 06:54 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-03-14 17:03 - 2018-03-01 06:53 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-03-14 17:03 - 2018-03-01 06:53 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-03-14 17:03 - 2018-03-01 06:53 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2018-03-14 17:03 - 2018-03-01 06:52 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-03-14 17:03 - 2018-03-01 06:52 - 006030336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-03-14 17:03 - 2018-03-01 06:51 - 002329088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2018-03-14 17:03 - 2018-03-01 06:51 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-03-14 17:03 - 2018-03-01 06:51 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2018-03-14 17:03 - 2018-03-01 06:51 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-03-14 17:03 - 2018-03-01 06:50 - 003677184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-03-14 17:03 - 2018-03-01 06:50 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-03-14 17:03 - 2018-03-01 06:50 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-03-14 17:03 - 2018-03-01 06:50 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-03-14 17:03 - 2018-03-01 06:50 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-03-14 17:03 - 2018-03-01 06:49 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-03-14 17:03 - 2018-03-01 06:49 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-03-14 17:03 - 2018-03-01 06:49 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-03-14 17:03 - 2018-03-01 06:49 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-03-14 17:03 - 2018-03-01 06:48 - 000543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-03-14 17:03 - 2018-03-01 06:48 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-03-14 17:03 - 2018-03-01 06:47 - 023674368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-03-14 17:03 - 2018-03-01 06:47 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2018-03-14 17:03 - 2018-03-01 06:47 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-03-14 17:03 - 2018-03-01 06:46 - 004051968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-03-14 17:03 - 2018-03-01 06:46 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-03-14 17:03 - 2018-03-01 06:46 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-03-14 17:03 - 2018-03-01 06:45 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-03-14 17:03 - 2018-03-01 06:45 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-03-14 17:03 - 2018-03-01 06:45 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-03-14 17:03 - 2018-03-01 06:44 - 008030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-03-14 17:03 - 2018-03-01 06:44 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-03-14 17:03 - 2018-03-01 06:43 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-03-14 17:03 - 2018-03-01 06:42 - 003505664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2018-03-14 17:03 - 2018-03-01 06:42 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-03-14 17:03 - 2018-03-01 06:41 - 008103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-03-14 17:03 - 2018-03-01 06:41 - 004745728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-03-14 17:03 - 2018-03-01 06:41 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-03-14 17:03 - 2018-03-01 06:41 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-03-14 17:03 - 2018-03-01 06:41 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-03-14 17:03 - 2018-03-01 06:40 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-03-14 17:03 - 2018-03-01 06:39 - 002222592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-03-14 17:03 - 2018-03-01 06:39 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-03-14 17:03 - 2018-03-01 06:39 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2018-03-14 17:03 - 2018-03-01 06:39 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-03-14 17:03 - 2018-03-01 06:38 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-03-14 17:03 - 2018-03-01 06:38 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-03-14 17:03 - 2018-03-01 06:36 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-03-14 17:03 - 2018-03-01 06:36 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-03-14 17:03 - 2018-03-01 06:35 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-03-14 17:03 - 2018-03-01 06:35 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2018-03-14 17:03 - 2018-03-01 06:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-03-14 17:03 - 2018-02-22 03:23 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-03-14 17:03 - 2018-02-22 03:23 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-03-14 17:03 - 2018-02-22 03:13 - 000279456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-03-14 17:03 - 2018-02-22 03:13 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-03-14 17:03 - 2018-02-22 03:11 - 000109984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-03-14 17:03 - 2018-02-22 03:10 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-03-14 17:03 - 2018-02-22 03:08 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-03-14 17:03 - 2018-02-22 03:08 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-03-14 17:03 - 2018-02-22 03:08 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-03-14 17:03 - 2018-02-22 03:07 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-03-14 17:03 - 2018-02-22 03:07 - 001209248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-03-14 17:03 - 2018-02-22 03:07 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2018-03-14 17:03 - 2018-02-22 03:03 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-03-14 17:03 - 2018-02-22 03:03 - 000082848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-03-14 17:03 - 2018-02-22 03:02 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-03-14 17:03 - 2018-02-22 03:00 - 000187296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-03-14 17:03 - 2018-02-22 02:59 - 021351624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-03-14 17:03 - 2018-02-22 02:54 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-03-14 17:03 - 2018-02-22 02:52 - 000103328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-03-14 17:03 - 2018-02-22 02:51 - 000555424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-03-14 17:03 - 2018-02-22 02:51 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2018-03-14 17:03 - 2018-02-22 02:51 - 000045472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-03-14 17:03 - 2018-02-22 02:50 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-03-14 17:03 - 2018-02-22 02:50 - 000229272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-03-14 17:03 - 2018-02-22 01:41 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-03-14 17:03 - 2018-02-22 01:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2018-03-14 17:03 - 2018-02-22 01:30 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-03-14 17:03 - 2018-02-22 01:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\hidparse.sys
2018-03-14 17:03 - 2018-02-22 01:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-03-14 17:03 - 2018-02-22 01:30 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-03-14 17:03 - 2018-02-22 01:27 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-03-14 17:03 - 2018-02-22 01:25 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-03-14 17:03 - 2018-02-22 01:16 - 001286144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-03-14 17:03 - 2018-02-22 01:12 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-03-12 08:07 - 2018-03-12 08:07 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\Google
2018-03-10 13:57 - 2018-03-11 08:04 - 000003786 _____ C:\WINDOWS\System32\Tasks\Shelbee_BackupReminder_global
2018-03-10 13:57 - 2018-03-10 13:57 - 000003460 _____ C:\WINDOWS\System32\Tasks\Shelbee_BackupReminder_MissedTasksChecker
2018-03-07 17:24 - 2018-03-07 17:24 - 019796336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-03-07 17:24 - 2018-03-07 17:24 - 016449872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-03-07 17:24 - 2018-03-07 17:24 - 013444552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-03-07 17:24 - 2018-03-07 17:24 - 011026080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 040269808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 035180016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 012843496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 010900248 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 004308976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 003894304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 003709424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 001976120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439077.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 001673616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439077.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 001134768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 001126888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 001054704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 000988464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 000939832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-03-07 17:23 - 2018-03-07 17:23 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-03-04 10:33 - 2018-03-04 10:33 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\Creative
2018-03-04 10:31 - 2018-03-04 10:31 - 000000000 ___HD C:\ProgramData\{26D901A1-2540-4430-81DC-0317F01BD7BE}
2018-03-04 10:30 - 2018-03-04 10:30 - 000000000 ___HD C:\ProgramData\{5086CFFE-02D3-48D7-8A7C-169CFF056F88}
2018-03-04 10:30 - 2018-03-04 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2018-03-01 07:31 - 2018-03-01 07:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2018-03-01 07:31 - 2018-03-01 07:31 - 000000000 ____D C:\Program Files\Logitech
2018-02-24 10:05 - 2018-03-17 18:22 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-02-24 10:05 - 2018-03-17 18:22 - 000000000 ____D C:\Program Files\CCleaner
2018-02-24 10:05 - 2018-02-24 10:05 - 000002888 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-02-24 10:05 - 2018-02-24 10:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-02-24 10:00 - 2018-02-24 10:00 - 000003412 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2018-02-24 07:45 - 2018-02-24 07:45 - 000001221 _____ C:\Users\Detlev Harland\Desktop\Meine Bankdaten.lnk
2018-02-18 09:18 - 2018-02-18 09:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-02-17 09:02 - 2018-02-17 09:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileMenu Tools

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-03-18 07:51 - 2017-05-14 20:45 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\TeraCopy
2018-03-18 07:50 - 2017-09-07 13:10 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\Adobe
2018-03-18 07:48 - 2017-09-08 12:51 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware
2018-03-18 07:47 - 2017-09-07 15:08 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\CrashDumps
2018-03-18 07:47 - 2017-09-07 14:15 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\Desk-Timer
2018-03-18 07:47 - 2017-05-14 20:39 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\Zentimo
2018-03-17 18:25 - 2017-09-07 19:23 - 000063336 _____ C:\WINDOWS\system32\BMXStateBkp-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
2018-03-17 18:25 - 2017-09-07 19:23 - 000063336 _____ C:\WINDOWS\system32\BMXState-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
2018-03-17 18:25 - 2017-09-07 19:23 - 000000820 _____ C:\WINDOWS\system32\DVCState-{00000003-00000000-00000000-00001102-0000000B-00431102}.rfx
2018-03-17 18:25 - 2017-09-07 19:22 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-17 18:24 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-03-17 18:12 - 2017-11-18 07:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2018-03-17 18:12 - 2017-09-08 13:09 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\TechSmith
2018-03-17 18:09 - 2017-09-08 13:09 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\TechSmith
2018-03-17 18:09 - 2017-09-08 13:09 - 000000000 ____D C:\ProgramData\TechSmith
2018-03-17 18:08 - 2017-10-20 16:56 - 002976312 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-17 18:08 - 2017-09-30 15:35 - 001407956 _____ C:\WINDOWS\system32\perfh007.dat
2018-03-17 18:08 - 2017-09-30 15:35 - 000336790 _____ C:\WINDOWS\system32\perfc007.dat
2018-03-17 18:06 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-03-17 18:04 - 2017-10-20 16:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-03-17 18:03 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-03-17 18:02 - 2017-05-14 19:52 - 000000000 ____D C:\ProgramData\Package Cache
2018-03-17 15:33 - 2017-09-07 13:24 - 000000000 ____D C:\ProgramData\Ashampoo
2018-03-17 14:18 - 2017-10-20 16:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-03-17 09:16 - 2017-09-09 08:04 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\WhatsApp
2018-03-17 07:43 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-17 07:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-03-17 07:43 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-03-17 07:42 - 2017-09-10 05:19 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-03-15 13:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-03-15 13:31 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-03-15 13:09 - 2017-10-20 16:54 - 000000000 ___RD C:\Users\Detlev Harland\3D Objects
2018-03-15 13:09 - 2017-10-20 16:46 - 000411944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-03-15 13:09 - 2017-05-14 19:43 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-03-14 17:37 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-03-14 17:37 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-03-14 17:37 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-03-14 17:36 - 2017-05-14 20:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-03-14 17:10 - 2017-10-11 16:17 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-14 17:10 - 2017-05-14 20:07 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-03-14 17:06 - 2017-09-29 14:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-03-14 17:06 - 2017-09-29 14:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-03-14 16:52 - 2017-09-07 14:26 - 000000000 ____D C:\Users\Detlev Harland\AppData\LocalLow\Mozilla
2018-03-12 08:46 - 2017-05-14 19:48 - 000000000 ____D C:\ProgramData\Logishrd
2018-03-10 13:57 - 2017-09-07 13:41 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\WindSolutions
2018-03-10 13:52 - 2017-09-07 13:41 - 000000000 ____D C:\ProgramData\WindSolutions
2018-03-10 08:24 - 2017-10-20 16:51 - 000003074 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Detlev Harland)
2018-03-09 15:27 - 2017-09-07 13:16 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\XnView
2018-03-09 10:45 - 2017-09-07 12:20 - 000000000 ___SD C:\Users\Detlev Harland\Documents\Sticky Passwords
2018-03-07 17:23 - 2017-10-06 15:23 - 017493824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2018-03-07 17:23 - 2017-10-06 15:23 - 004580832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-03-07 17:23 - 2017-10-06 15:23 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb
2018-03-07 17:22 - 2017-10-06 15:22 - 001026896 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2018-03-07 16:45 - 2017-05-14 19:43 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\VirtualStore
2018-03-04 10:31 - 2017-09-07 19:23 - 000000000 ____D C:\ProgramData\Creative
2018-03-04 10:31 - 2017-05-14 20:20 - 000000000 ____D C:\Program Files (x86)\Creative
2018-03-04 08:10 - 2017-12-02 07:45 - 000002152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2018-03-04 08:10 - 2017-11-26 07:48 - 000000000 ____D C:\Program Files\Vivaldi
2018-03-03 09:01 - 2017-12-10 07:50 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2018-03-03 09:01 - 2017-09-09 08:04 - 000002306 _____ C:\Users\Detlev Harland\Desktop\WhatsApp.lnk
2018-03-03 09:01 - 2017-09-09 08:04 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\WhatsApp
2018-03-03 09:00 - 2017-09-09 08:04 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\SquirrelTemp
2018-03-02 22:09 - 2017-09-29 14:49 - 000834552 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-03-02 22:09 - 2017-09-29 14:49 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-01 07:35 - 2017-09-07 13:40 - 000000876 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-03-01 07:35 - 2017-09-07 13:40 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\vlc
2018-03-01 07:31 - 2017-12-20 07:07 - 000000000 ____D C:\Users\Detlev Harland\AppData\Local\Deployment
2018-03-01 07:31 - 2017-09-07 13:13 - 000000000 ____D C:\Program Files\Adobe
2018-03-01 07:24 - 2017-09-07 15:04 - 000000000 ____D C:\Users\Detlev Harland\AppData\Roaming\SuperSpamKiller Pro
2018-02-24 10:17 - 2017-09-08 06:14 - 000000000 ____D C:\ProgramData\TEMP
2018-02-24 10:09 - 2017-10-19 16:10 - 000000000 ___DC C:\WINDOWS\Panther
2018-02-24 10:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-02-24 10:01 - 2017-05-14 20:47 - 000000000 ____D C:\ProgramData\ProductData
2018-02-24 10:00 - 2017-09-08 09:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SystemSoftware
2018-02-24 08:55 - 2018-02-10 06:39 - 000000000 ____D C:\WINDOWS\Minidump
2018-02-24 07:37 - 2017-11-10 06:27 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-18 09:28 - 2017-09-07 15:03 - 000000000 ____D C:\Program Files\SSKPro
2018-02-17 16:04 - 2017-10-20 16:47 - 000000000 ____D C:\Users\Detlev Harland

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2002-09-25 18:55 - 2002-09-25 18:55 - 000000000 ____H () C:\ProgramData\sdpsenv.dat

Einige Dateien in TEMP:
====================
2018-03-17 09:21 - 2018-03-17 09:21 - 001857024 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082150734.dll
2018-03-17 09:21 - 2018-03-17 09:21 - 001857024 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082150818.dll
2018-03-17 09:21 - 2018-03-17 09:21 - 001857024 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082151070.dll
2018-03-17 09:22 - 2018-03-17 09:22 - 001857024 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082200339.dll
2018-03-17 09:22 - 2018-03-17 09:22 - 001857024 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082200750.dll
2018-03-17 09:22 - 2018-03-17 09:22 - 001857024 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082200819.dll
2018-03-17 09:22 - 2018-03-17 09:22 - 002153984 _____ (Opera Software) C:\Users\Detlev Harland\AppData\Local\Temp\Opera_installer_180317082213261.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


Alle Zeitangaben in WEZ +1. Es ist jetzt 05:19 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131