Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Dummerweise auf einen Link geklickt in Mail

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 26.06.2017, 08:58   #1
JoeS2013
 
Dummerweise auf einen Link geklickt in Mail - Standard

Dummerweise auf einen Link geklickt in Mail



Liebe alle,
habe heute morgen nicht aufgepasst und auf einen Link in einem Mail geklickt. Habe dann zwar sofort abgebrochen, aber wer weiß?
Was soll ich am besten tun?

Liebe Grüße
JS

Alt 01.07.2017, 15:46   #2
M-K-D-B
/// TB-Ausbilder
 
Dummerweise auf einen Link geklickt in Mail - Standard

Dummerweise auf einen Link geklickt in Mail









Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.



Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
  1. Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.

  2. Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.

  3. Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!

  4. Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
    Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
    Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.


  5. Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!

  6. Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!

  7. Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

  8. Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
    Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.


  9. Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.

  10. In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
    Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.





Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!







Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)







Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 01.07.2017, 17:19   #3
JoeS2013
 
Dummerweise auf einen Link geklickt in Mail - Standard

Dummerweise auf einen Link geklickt in Mail



Hier kommt zunächst der FRST.txt Vielen dank für Deine Hilfe!

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2017
durchgeführt von **** ******* (Administrator) auf JSCHMIDT-MOBIL (01-07-2017 16:49:50)
Gestartet von C:\Users\**** *******\Desktop
Geladene Profile: **** ******* & Arbeit & DefaultAppPool (Verfügbare Profile: **** ******* & Arbeit & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(AVM GmbH) C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Pulse Secure, LLC) C:\Program Files (x86)\Pulse Secure\Common Files\dsNcService.exe
(Lenovo Group Limited) C:\Program Files\lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\lenovo\Communications Utility\vcamsvc.exe
() C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo Group Limited) C:\Program Files\lenovo\Communications Utility\TpKnrres.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
() C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.410_none_9e914f9d2d85dacb\TiWorker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401848 2017-06-12] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [297008 2014-01-28] (Lenovo Group Limited)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-08-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10843120 2014-08-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [588424 2015-08-03] (ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-06-26] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1623287776-416804053-2603140408-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ThinkPad OneLink Dock Management.lnk [2014-08-04]
ShortcutTarget: ThinkPad OneLink Dock Management.lnk -> C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe ()
Startup: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2016-12-13]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
Startup: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - .lnk [2016-12-13]
ShortcutTarget: Tintenwarnungen überwachen - .lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.176.1
Tcpip\..\Interfaces\{48848a52-8936-4984-aba3-4511c7c714c9}: [DhcpNameServer] 192.168.176.1
Tcpip\..\Interfaces\{49db7834-e303-4579-bd61-2e097c8da28e}: [DhcpNameServer] 192.168.176.1
Tcpip\..\Interfaces\{5fd2148b-391c-4bad-97c3-ac67867c9c14}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{61978f6b-de49-4064-a6c2-accb5c2cd825}: [DhcpNameServer] 10.8.108.1 10.8.108.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-1623287776-416804053-2603140408-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1623287776-416804053-2603140408-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1623287776-416804053-2603140408-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1623287776-416804053-2603140408-1000 -> {C0B3AF33-4238-4F73-BA03-8D4401835099} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-09] (AO Kaspersky Lab)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-27] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2017-03-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-27] (Oracle Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2016-12-09] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-27] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-09] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2016-12-09] (AO Kaspersky Lab)
DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: d27fells.default-1458306383649
FF ProfilePath: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1623287776-416804053-2603140408-1000\FireFox [nicht gefunden] <==== ACHTUNG
FF DefaultProfile: 8prope9g.default
FF ProfilePath: C:\Users\**** *******\AppData\Roaming\Mozilla\Firefox\Profiles\d27fells.default-1458306383649 [2017-07-01]
FF user.js: detected! => C:\Users\**** *******\AppData\Roaming\Mozilla\Firefox\Profiles\d27fells.default-1458306383649\user.js [2016-03-18]
FF Extension: (anonymoX) - C:\Users\**** *******\AppData\Roaming\Mozilla\Firefox\Profiles\d27fells.default-1458306383649\Extensions\client@anonymox.net.xpi [2017-06-21]
FF Extension: (Adblock Plus) - C:\Users\**** *******\AppData\Roaming\Mozilla\Firefox\Profiles\d27fells.default-1458306383649\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (BetterPrivacy) - C:\Users\**** *******\AppData\Roaming\Mozilla\Firefox\Profiles\d27fells.default-1458306383649\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2016-11-01]
FF ProfilePath: C:\Users\**** *******\AppData\Roaming\CLIQZ\Profiles\8prope9g.default [2016-03-19]
FF Extension: (Cliqz) - C:\Users\**** *******\AppData\Roaming\CLIQZ\Profiles\8prope9g.default\Extensions\cliqz@cliqz.com.xpi [2016-03-10] [ist nicht signiert]
FF SearchPlugin: C:\Users\**** *******\AppData\Roaming\CLIQZ\Profiles\8prope9g.default\searchplugins\google-images.xml [2016-03-08]
FF SearchPlugin: C:\Users\**** *******\AppData\Roaming\CLIQZ\Profiles\8prope9g.default\searchplugins\google-maps.xml [2016-03-08]
FF SearchPlugin: C:\Users\**** *******\AppData\Roaming\CLIQZ\Profiles\8prope9g.default\searchplugins\youtube.xml [2016-03-08]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-09]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_126.dll [2017-06-15] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_126.dll [2017-06-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-27] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\**** *******\AppData\Roaming\mozilla\plugins\npatgpc.dll [2016-04-22] (Cisco WebEx LLC)

Chrome: 
=======
CHR Profile: C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default [2017-07-01]
CHR Extension: (Google Präsentationen) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-28]
CHR Extension: (Google Docs) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-28]
CHR Extension: (Google Drive) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-28]
CHR Extension: (YouTube) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-28]
CHR Extension: (Google-Suche) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-28]
CHR Extension: (Google Tabellen) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-28]
CHR Extension: (Kaspersky Protection) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-01-28]
CHR Extension: (Google Docs Offline) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-29]
CHR Extension: (Save to Pocket) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2017-06-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Google Mail) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-28]
CHR Extension: (Chrome Media Router) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-30]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1623287776-416804053-2603140408-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
OPR StartupUrls:  "hxxp://www.google.de/" 

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AVMPowerlineService; C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert]
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-24] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-06-26] (Dropbox, Inc.)
R2 dsNcService; C:\Program Files (x86)\Pulse Secure\Common Files\dsNcService.exe [690128 2016-08-26] (Pulse Secure, LLC)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373688 2017-06-12] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [198704 2014-01-28] (Lenovo Group Limited)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-08-04] (Lenovo(beijing) Limited)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [116632 2012-07-17] ()
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-12-24] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R0 CSCrySec; C:\WINDOWS\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\WINDOWS\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
R3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm62_x64.sys [92400 2017-05-29] (DisplayLink Corp.)
R3 dlusbaudio; C:\WINDOWS\system32\DRIVERS\dlusbaudio_x64.sys [238320 2017-05-29] (DisplayLink Corp.)
R0 gfibto; C:\WINDOWS\System32\drivers\gfibto.sys [14456 2016-05-19] (GFI Software)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197336 2017-04-12] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [520176 2017-04-12] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [168736 2017-06-30] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1018592 2017-04-12] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2017-04-13] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-04-29] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-03-14] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251656 2017-04-29] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-04-29] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-04-29] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-15] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-03-15] (AO Kaspersky Lab)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [290520 2013-09-24] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek                                            )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-24] (Sonix Co. Ltd.)
R3 tvtvcamd; C:\WINDOWS\system32\DRIVERS\tvtvcamd.sys [27432 2013-09-26] (ThinkVantage Communications Utility)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\System32\DRIVERS\wsvd.sys [101840 2012-07-05] ("CyberLink)
S3 dbx; system32\DRIVERS\dbx.sys [X]
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-01 16:51 - 2017-07-01 16:51 - 04922400 _____ (AO Kaspersky Lab) C:\Users\**** *******\Downloads\tdsskiller.exe
2017-07-01 16:49 - 2017-07-01 16:52 - 00035457 _____ C:\Users\**** *******\Desktop\FRST.txt
2017-07-01 16:49 - 2017-07-01 16:49 - 00000000 ____D C:\Users\**** *******\Desktop\FRST-OlderVersion
2017-07-01 16:48 - 2017-07-01 16:48 - 02440704 _____ (Farbar) C:\Users\**** *******\Downloads\FRST64.exe
2017-07-01 16:42 - 2017-07-01 16:42 - 00000000 ___HD C:\OneDriveTemp
2017-06-30 11:09 - 2017-07-01 16:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-30 08:03 - 2017-06-30 08:03 - 01387014 _____ C:\Users\**** *******\Desktop\rfdr_Woerterverzeichnis_2017.pdf
2017-06-29 17:04 - 2017-06-29 17:04 - 02024960 _____ C:\Users\**** *******\Desktop\CNC Turning_H2b-js.ppt
2017-06-29 17:03 - 2017-06-29 17:03 - 02706432 _____ C:\Users\**** *******\Desktop\CNC Turning_H2a-js.ppt
2017-06-29 12:06 - 2017-06-29 12:06 - 01576226 _____ C:\Users\**** *******\Desktop\592fcecac2144_wdp-185-barrierefrei_urn.pdf
2017-06-29 09:04 - 2017-06-29 09:04 - 02710016 _____ C:\Users\**** *******\Desktop\CNC Turning_H2a.ppt
2017-06-29 09:04 - 2017-06-29 09:04 - 02027008 _____ C:\Users\**** *******\Desktop\CNC Turning_H2b.ppt
2017-06-29 08:55 - 2017-06-29 08:55 - 00138324 _____ C:\Users\**** *******\Desktop\Muster_PP.pdf
2017-06-28 15:07 - 2017-06-28 15:07 - 01574460 _____ C:\WINDOWS\Minidump\062817-30593-01.dmp
2017-06-28 12:30 - 2017-06-28 12:30 - 00000000 ____D C:\Users\**** *******\Desktop\Imprimatur
2017-06-28 12:12 - 2017-06-28 12:12 - 02951541 _____ C:\Users\**** *******\Desktop\Preparatory Programming - Turning_RJ 2017-02-07_070317_MZS.PDF
2017-06-28 12:11 - 2017-06-28 12:11 - 00729720 _____ C:\Users\**** *******\Desktop\Beispielfragen ELEK PV_Umsetzung in App.pdf
2017-06-28 07:29 - 2017-06-28 07:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-06-26 12:27 - 2017-06-26 12:27 - 00049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-06-26 08:50 - 2017-07-01 16:49 - 00000000 ____D C:\FRST
2017-06-26 08:48 - 2017-07-01 16:49 - 02440704 _____ (Farbar) C:\Users\**** *******\Desktop\FRST64.exe
2017-06-24 14:18 - 2017-06-24 14:21 - 26435280 _____ (Microsoft Corporation) C:\Users\**** *******\Downloads\OneDriveSetup.exe
2017-06-23 12:12 - 2017-06-23 12:12 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2017-06-21 16:42 - 2017-06-21 16:42 - 00000000 ____D C:\Users\**** *******\Desktop\Haushaltsplanung
2017-06-20 22:02 - 2017-06-20 22:02 - 00000000 ____D C:\Users\**** *******\Desktop\Herole
2017-06-18 16:44 - 2017-06-18 16:44 - 00230567 _____ C:\Users\**** *******\Desktop\Wirtschaftspsychologie 12.06..pdf
2017-06-14 08:19 - 2017-06-03 12:09 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-06-14 08:19 - 2017-06-03 12:07 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 08:19 - 2017-06-03 12:00 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-06-14 08:19 - 2017-06-03 11:59 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-14 08:19 - 2017-06-03 11:59 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-14 08:19 - 2017-06-03 11:59 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-14 08:19 - 2017-06-03 11:59 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-06-14 08:19 - 2017-06-03 11:58 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-06-14 08:19 - 2017-06-03 11:55 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 08:19 - 2017-06-03 11:36 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-06-14 08:19 - 2017-06-03 11:35 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-14 08:19 - 2017-06-03 11:28 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 08:19 - 2017-06-03 11:26 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-06-14 08:19 - 2017-06-03 11:23 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-14 08:19 - 2017-06-03 11:23 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-14 08:19 - 2017-06-03 11:23 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-06-14 08:19 - 2017-06-03 11:21 - 01516448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-06-14 08:19 - 2017-06-03 11:20 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-14 08:19 - 2017-06-03 11:14 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-06-14 08:19 - 2017-06-03 11:12 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 08:19 - 2017-06-03 11:11 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-14 08:19 - 2017-06-03 11:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-14 08:19 - 2017-06-03 11:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 08:19 - 2017-06-03 11:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-14 08:19 - 2017-06-03 11:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 08:19 - 2017-06-03 11:10 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 08:19 - 2017-06-03 11:10 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 08:19 - 2017-06-03 11:09 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 08:19 - 2017-06-03 11:09 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-06-14 08:19 - 2017-06-03 11:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-14 08:19 - 2017-06-03 11:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 08:19 - 2017-06-03 11:07 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 08:19 - 2017-06-03 11:07 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-14 08:19 - 2017-06-03 11:05 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-14 08:19 - 2017-06-03 11:05 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 08:19 - 2017-06-03 11:05 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-06-14 08:19 - 2017-06-03 11:04 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 08:19 - 2017-06-03 11:03 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-14 08:19 - 2017-06-03 11:03 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-06-14 08:19 - 2017-06-03 11:02 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 08:19 - 2017-06-03 11:00 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 08:19 - 2017-06-03 11:00 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 08:19 - 2017-06-03 11:00 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-14 08:19 - 2017-06-03 10:59 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 08:19 - 2017-06-03 10:59 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-14 08:19 - 2017-06-03 10:59 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 08:19 - 2017-06-03 10:59 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 08:19 - 2017-06-03 10:59 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-06-14 08:19 - 2017-06-03 10:58 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 08:19 - 2017-06-03 10:58 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-06-14 08:19 - 2017-06-03 10:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-06-14 08:19 - 2017-06-03 10:58 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 08:19 - 2017-06-03 10:57 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-06-14 08:19 - 2017-06-03 10:57 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-06-14 08:19 - 2017-06-03 10:57 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-06-14 08:19 - 2017-06-03 10:57 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-14 08:19 - 2017-06-03 10:56 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-14 08:19 - 2017-06-03 10:55 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-14 08:19 - 2017-06-03 10:55 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-14 08:19 - 2017-06-03 10:55 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-14 08:19 - 2017-06-03 10:54 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-14 08:19 - 2017-06-03 10:54 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-06-14 08:19 - 2017-06-03 10:54 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-06-14 08:19 - 2017-06-03 10:53 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-06-14 08:19 - 2017-05-20 11:13 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-06-14 08:19 - 2017-05-20 10:55 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-06-14 08:19 - 2017-05-20 10:48 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-06-14 08:19 - 2017-05-20 10:47 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-06-14 08:19 - 2017-05-20 10:46 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-06-14 08:19 - 2017-05-20 10:46 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-06-14 08:19 - 2017-05-20 10:46 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-06-14 08:19 - 2017-05-20 10:45 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-14 08:19 - 2017-05-20 10:44 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-06-14 08:19 - 2017-05-20 10:44 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-06-14 08:19 - 2017-05-20 10:29 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-06-14 08:19 - 2017-05-20 10:27 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-06-14 08:19 - 2017-05-20 10:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-06-14 08:19 - 2017-05-20 10:26 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-06-14 08:19 - 2017-05-20 10:26 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-06-14 08:19 - 2017-05-20 10:25 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-06-14 08:19 - 2017-05-20 10:25 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-06-14 08:19 - 2017-05-20 10:24 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-06-14 08:19 - 2017-05-20 10:23 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-06-14 08:19 - 2017-05-20 10:22 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-06-14 08:19 - 2017-05-20 10:22 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-06-14 08:19 - 2017-05-20 10:22 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-06-14 08:19 - 2017-05-20 10:21 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-06-14 08:19 - 2017-05-20 10:21 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-06-14 08:19 - 2017-05-20 10:21 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-06-14 08:19 - 2017-05-20 10:20 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-06-14 08:19 - 2017-05-20 10:20 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-06-14 08:19 - 2017-05-20 10:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-06-14 08:19 - 2017-05-20 10:20 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-06-14 08:19 - 2017-05-20 10:19 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-06-14 08:19 - 2017-05-20 10:18 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-06-14 08:19 - 2017-05-20 10:17 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-06-14 08:19 - 2017-05-20 10:17 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-06-14 08:19 - 2017-05-20 10:17 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-06-14 08:19 - 2017-05-20 10:17 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-06-14 08:19 - 2017-05-20 10:16 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-06-14 08:19 - 2017-05-20 10:16 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-06-14 08:19 - 2017-05-20 10:16 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-06-14 08:19 - 2017-05-20 10:16 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-06-14 08:19 - 2017-05-20 10:15 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-06-14 08:19 - 2017-05-20 10:14 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-06-14 08:19 - 2017-05-20 10:14 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-06-14 08:19 - 2017-05-20 10:14 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-06-14 08:19 - 2017-05-20 10:14 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-06-14 08:19 - 2017-05-20 10:14 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-06-14 08:19 - 2017-05-20 10:11 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-06-14 08:19 - 2017-05-20 10:10 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-06-14 08:19 - 2017-05-20 10:10 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-06-14 08:19 - 2017-05-20 10:10 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-06-14 08:19 - 2017-05-20 10:08 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-06-14 08:19 - 2017-05-20 09:07 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-14 08:19 - 2017-05-20 09:03 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-06-14 08:19 - 2017-05-20 08:58 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-14 08:19 - 2017-05-20 08:55 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-06-14 08:19 - 2017-05-20 08:55 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-06-14 08:19 - 2017-05-20 08:54 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-06-14 08:19 - 2017-05-20 08:54 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-14 08:19 - 2017-05-20 08:54 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-06-14 08:19 - 2017-05-20 08:53 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-06-14 08:19 - 2017-05-20 08:52 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-06-14 08:19 - 2017-05-20 08:52 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-06-14 08:19 - 2017-05-20 08:51 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-06-14 08:19 - 2017-05-20 08:51 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-06-14 08:19 - 2017-05-20 08:51 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-06-14 08:19 - 2017-05-20 08:51 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-06-14 08:19 - 2017-05-20 08:48 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-06-14 08:19 - 2017-05-20 08:10 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-06-14 08:19 - 2017-05-20 08:08 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-06-14 08:19 - 2017-05-20 08:07 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-06-14 08:19 - 2017-05-20 08:07 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-06-14 08:19 - 2017-05-20 08:07 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-06-14 08:19 - 2017-05-20 08:06 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-06-14 08:19 - 2017-05-20 08:03 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-06-14 08:19 - 2017-05-20 08:01 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-06-14 08:19 - 2017-05-20 08:00 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-06-14 08:19 - 2017-05-20 08:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-06-14 08:19 - 2017-05-20 07:59 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-06-14 08:19 - 2017-05-20 07:58 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-06-14 08:19 - 2017-05-20 07:58 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-06-14 08:19 - 2017-05-20 07:58 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-06-14 08:19 - 2017-05-20 07:58 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-06-14 08:19 - 2017-05-20 07:54 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-06-14 08:19 - 2017-05-20 07:54 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-06-14 08:19 - 2017-05-20 07:52 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-06-14 08:19 - 2017-05-20 07:52 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-06-14 08:19 - 2017-05-20 07:50 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-06-14 08:18 - 2017-06-03 12:15 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 08:18 - 2017-06-03 12:15 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 08:18 - 2017-06-03 12:15 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 08:18 - 2017-06-03 12:14 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-14 08:18 - 2017-06-03 12:14 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-14 08:18 - 2017-06-03 12:10 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 08:18 - 2017-06-03 12:09 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 08:18 - 2017-06-03 12:08 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-14 08:18 - 2017-06-03 12:07 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-14 08:18 - 2017-06-03 12:02 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 08:18 - 2017-06-03 12:01 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-06-14 08:18 - 2017-06-03 12:00 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-06-14 08:18 - 2017-06-03 12:00 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-06-14 08:18 - 2017-06-03 11:58 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 08:18 - 2017-06-03 11:58 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-06-14 08:18 - 2017-06-03 11:58 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-06-14 08:18 - 2017-06-03 11:57 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 02228120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 01693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 01458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 00848288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 00846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-06-14 08:18 - 2017-06-03 11:56 - 00844696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 00697760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 00672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 00399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-06-14 08:18 - 2017-06-03 11:14 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 08:18 - 2017-06-03 11:14 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-06-14 08:18 - 2017-06-03 11:14 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-06-14 08:18 - 2017-06-03 11:14 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 08:18 - 2017-06-03 11:11 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-14 08:18 - 2017-06-03 11:10 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-06-14 08:18 - 2017-06-03 11:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-14 08:18 - 2017-06-03 11:07 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-06-14 08:18 - 2017-06-03 11:07 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-06-14 08:18 - 2017-06-03 11:06 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-06-14 08:18 - 2017-06-03 11:05 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 08:18 - 2017-06-03 11:05 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-06-14 08:18 - 2017-06-03 11:04 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 08:18 - 2017-06-03 11:04 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-06-14 08:18 - 2017-06-03 11:03 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-06-14 08:18 - 2017-06-03 11:01 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-06-14 08:18 - 2017-06-03 11:01 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-06-14 08:18 - 2017-06-03 10:59 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-14 08:18 - 2017-06-03 10:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 08:18 - 2017-06-03 10:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-14 08:18 - 2017-06-03 10:59 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 08:18 - 2017-06-03 10:58 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-06-14 08:18 - 2017-06-03 10:58 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 08:18 - 2017-06-03 10:57 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-14 08:18 - 2017-06-03 10:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-06-14 08:18 - 2017-06-03 10:57 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 08:18 - 2017-06-03 10:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-06-14 08:18 - 2017-05-20 10:29 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-06-14 08:18 - 2017-05-20 09:08 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-06-14 08:18 - 2017-05-20 09:08 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-14 08:18 - 2017-05-20 08:59 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-06-14 08:18 - 2017-05-20 08:56 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-06-14 08:18 - 2017-05-20 08:56 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-06-14 08:18 - 2017-05-20 08:56 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-06-14 08:18 - 2017-05-20 08:55 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-06-14 08:18 - 2017-05-20 08:55 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-06-14 08:18 - 2017-05-20 08:55 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-14 08:18 - 2017-05-20 08:55 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-06-14 08:18 - 2017-05-20 08:53 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-06-14 08:18 - 2017-05-20 08:53 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-14 08:18 - 2017-05-20 08:53 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-06-14 08:18 - 2017-05-20 08:53 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-06-14 08:18 - 2017-05-20 08:51 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-06-14 08:18 - 2017-05-20 08:10 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-06-14 08:18 - 2017-05-20 08:10 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-06-14 08:18 - 2017-05-20 08:10 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-06-14 08:18 - 2017-05-20 08:10 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-06-14 08:18 - 2017-05-20 08:09 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-06-14 08:18 - 2017-05-20 08:09 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-06-14 08:18 - 2017-05-20 08:09 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-06-14 08:18 - 2017-05-20 08:08 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-06-14 08:18 - 2017-05-20 08:08 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-06-14 08:18 - 2017-05-20 08:06 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-06-14 08:18 - 2017-05-20 08:06 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-06-14 08:18 - 2017-05-20 08:05 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-06-14 08:18 - 2017-05-20 08:05 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-06-14 08:18 - 2017-05-20 08:03 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-06-14 08:18 - 2017-05-20 08:03 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-06-14 08:18 - 2017-05-20 08:03 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-06-14 08:18 - 2017-05-20 08:03 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-06-14 08:18 - 2017-05-20 08:03 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-06-14 08:18 - 2017-05-20 08:02 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-06-14 08:18 - 2017-05-20 08:02 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-06-14 08:18 - 2017-05-20 08:00 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-06-14 08:18 - 2017-05-20 08:00 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-06-14 08:18 - 2017-05-20 08:00 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-06-14 08:18 - 2017-05-20 07:58 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-06-14 08:18 - 2017-05-20 07:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-06-14 08:18 - 2017-05-20 07:57 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-06-14 08:18 - 2017-05-20 07:56 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-06-14 08:18 - 2017-05-20 07:56 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-06-14 08:18 - 2017-05-20 07:55 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-06-14 08:18 - 2017-05-20 07:55 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-06-14 08:18 - 2017-05-20 07:55 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-06-14 08:18 - 2017-05-20 07:55 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-06-14 08:18 - 2017-05-20 07:54 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-06-14 08:18 - 2017-05-20 07:54 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-06-14 08:18 - 2017-05-20 07:54 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-06-14 08:18 - 2017-05-20 07:52 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-06-14 08:18 - 2017-05-20 07:52 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-06-14 08:18 - 2017-05-20 07:51 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-06-14 08:18 - 2017-05-20 07:51 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-06-14 08:18 - 2017-05-20 07:50 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-06-14 08:18 - 2017-05-20 07:48 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-06-14 08:18 - 2017-05-20 07:48 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-06-14 08:18 - 2017-05-20 07:47 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-06-14 08:18 - 2017-05-20 07:47 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 39860744 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 38903336 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 34823400 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 33470408 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 29101512 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 19861456 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 15477928 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 13483144 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 11748304 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 08734672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 05683664 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 05262800 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 04931024 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 04368848 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 04268480 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 04240160 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 03972048 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 02393112 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01858584 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01816664 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01814008 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01590736 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01178576 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01023928 _____ C:\WINDOWS\system32\igfxSDK.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00968112 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00964528 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00704976 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00466872 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00448952 _____ (Intel Corporation) C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00438736 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00416208 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00401848 _____ C:\WINDOWS\system32\igfxTray.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00389584 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00388560 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00354232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00318416 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00312248 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00301496 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00297112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00273360 _____ C:\WINDOWS\system32\igfxCPL.cpl
2017-06-12 01:56 - 2017-06-12 01:56 - 00268216 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00266192 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00242104 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00236472 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00232376 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00231864 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00225232 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00222680 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00220112 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4642.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00205304 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00192976 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00183928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00182904 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00181784 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00175032 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00173520 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00160216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00160208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00111568 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00103888 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00103376 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00100816 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00099792 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00095184 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00084944 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00052688 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00029136 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00029136 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00027600 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00027600 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00022480 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00022480 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2017-06-11 22:49 - 2017-06-11 22:49 - 00004862 _____ C:\WINDOWS\system32\iglhxs64.vp
2017-06-06 10:30 - 2017-06-28 10:53 - 00000000 ____D C:\Users\**** *******\Desktop\EcADEMY

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-01 16:53 - 2015-02-14 17:23 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-07-01 16:50 - 2016-11-20 16:25 - 00000000 ____D C:\Users\**** *******\AppData\LocalLow\Mozilla
2017-07-01 16:48 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-01 16:46 - 2015-02-13 18:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-01 16:43 - 2017-04-13 09:55 - 00000000 ____D C:\Users\**** *******
2017-07-01 16:42 - 2016-07-30 11:27 - 00000000 ___RD C:\Users\**** *******\OneDrive
2017-07-01 16:42 - 2015-02-14 15:53 - 00000000 ___RD C:\Users\**** *******\Google Drive
2017-07-01 16:41 - 2017-04-13 09:54 - 02421494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-01 16:41 - 2017-03-20 06:41 - 01068244 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-01 16:41 - 2017-03-20 06:41 - 00248016 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-01 16:40 - 2017-04-13 09:53 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-07-01 16:40 - 2015-11-30 10:17 - 00000000 ____D C:\Temp
2017-07-01 16:37 - 2017-04-13 10:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-01 16:34 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-01 16:34 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-07-01 16:30 - 2015-02-02 14:43 - 00000000 ____D C:\ProgramData\Energy Manager
2017-07-01 16:28 - 2017-04-13 09:48 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-30 17:25 - 2017-04-13 10:55 - 00000000 ____D C:\Users\**** *******\AppData\Local\Deployment
2017-06-30 09:20 - 2015-02-02 14:41 - 00000000 ____D C:\Users\**** *******\AppData\Local\Packages
2017-06-30 08:28 - 2015-02-14 00:02 - 00000000 ____D C:\Users\**** *******\Pictures\Documents\Steuerfälle
2017-06-29 13:52 - 2016-10-23 17:35 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-29 08:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-28 16:04 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-28 15:10 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-28 15:07 - 2017-05-11 19:20 - 939465192 _____ C:\WINDOWS\MEMORY.DMP
2017-06-28 15:07 - 2017-05-11 19:20 - 00000000 ____D C:\WINDOWS\Minidump
2017-06-28 07:30 - 2015-09-14 17:49 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-06-27 15:28 - 2016-11-22 15:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-06-27 14:51 - 2017-04-13 09:53 - 00000000 ____D C:\Program Files\DisplayLink Core Software
2017-06-26 20:58 - 2015-03-18 22:10 - 00000000 ____D C:\AdwCleaner
2017-06-26 17:09 - 2015-03-22 13:29 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-23 17:54 - 2016-08-23 18:06 - 00000000 ___RD C:\Users\**** *******\Dropbox
2017-06-23 16:08 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-23 16:07 - 2015-02-13 17:54 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-06-23 12:12 - 2017-04-13 09:55 - 00000000 ____D C:\Users\DefaultAppPool
2017-06-21 11:31 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-06-20 11:59 - 2017-04-13 09:53 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-06-18 10:47 - 2015-02-02 14:51 - 00000000 ____D C:\Users\**** *******\AppData\Local\Adobe
2017-06-18 09:04 - 2017-04-13 10:25 - 00004654 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-06-18 09:03 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-18 09:03 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-15 18:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-06-14 19:12 - 2016-07-30 10:53 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-14 19:07 - 2017-04-13 09:48 - 00339512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-14 19:06 - 2015-02-02 18:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-14 19:06 - 2015-02-02 18:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-06-14 16:48 - 2015-02-02 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-14 16:45 - 2015-02-02 17:42 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 16:36 - 2015-02-02 17:42 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 16:12 - 2016-07-30 11:15 - 00000000 __SHD C:\Users\**** *******\IntelGraphicsProfiles
2017-06-13 20:36 - 2015-06-17 13:08 - 00000000 ____D C:\Users\**** *******\AppData\Local\Dropbox
2017-06-12 01:56 - 2017-04-13 09:53 - 00099792 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-06-12 01:56 - 2017-03-20 06:43 - 00103888 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2017-06-12 01:56 - 2016-11-02 00:06 - 13071112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2017-06-12 01:56 - 2016-11-02 00:06 - 06693096 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2017-06-12 01:56 - 2016-11-02 00:06 - 05137760 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2017-06-12 01:56 - 2016-11-02 00:06 - 00055192 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2017-06-12 01:56 - 2016-11-02 00:05 - 16456200 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2017-06-12 01:56 - 2016-11-02 00:05 - 07970232 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2017-06-12 01:56 - 2016-11-02 00:05 - 02141648 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2017-06-12 01:56 - 2016-11-02 00:05 - 00755152 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2017-06-12 01:56 - 2016-11-02 00:05 - 00398288 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2017-06-12 01:56 - 2016-11-02 00:05 - 00373688 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2017-06-12 01:56 - 2016-11-02 00:05 - 00254928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2017-06-03 17:31 - 2017-05-26 08:36 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2017-06-03 11:37 - 2011-02-24 19:03 - 00395232 __RSH C:\bootmgr
2017-06-03 08:32 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:32 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-01-24 18:25 - 2017-01-30 15:11 - 0002325 _____ () C:\Users\**** *******\AppData\Roaming\com.living-e.timeEdition.plist
2015-07-15 18:11 - 2015-07-15 18:11 - 0000151 _____ () C:\Users\**** *******\AppData\Roaming\dllreg.bat
2015-11-21 17:26 - 2015-11-21 17:27 - 0598586 _____ () C:\Users\**** *******\AppData\Roaming\Scorch_Install.log
2015-04-02 22:28 - 2017-05-19 17:14 - 0005120 _____ () C:\Users\**** *******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-06 12:44 - 2015-12-06 12:44 - 0001525 _____ () C:\Users\**** *******\AppData\Local\recently-used.xbel
2015-02-14 09:11 - 2015-02-14 09:11 - 0000057 _____ () C:\ProgramData\Ament.ini
2017-04-13 09:51 - 2017-04-13 09:51 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-06-26 14:14

==================== Ende von FRST.txt ============================
         
Und hier der Addition.txt

Code:
ATTFilter
==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 8120.36 MB
Verfügbarer physikalischer RAM: 4337.86 MB
Summe virtueller Speicher: 16312.36 MB
Verfügbarer virtueller Speicher: 12304.84 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:894.54 GB) (Free:477.47 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Backup) (Fixed) (Total:25 GB) (Free:22.47 GB) NTFS
Drive e: (KINGSTON) (Removable) (Total:3.73 GB) (Free:3.73 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8FF49E15)
Partition 1: (Not Active) - (Size=200 MB) - (Type=27)
Partition 2: (Active) - (Size=894.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=11.8 GB) - (Type=12)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0C)

==================== Ende von Addition.txt ============================
         
TDSSKILLER hat keinen Rootkot gefunden. DAs Protokoll ist aber irre lange 130.000 Zeichen. Wie soll ich dir das senden? Danke schon einmal, dass Du DIch meines Rechners annimmst.
__________________

Alt 02.07.2017, 12:47   #4
M-K-D-B
/// TB-Ausbilder
 
Dummerweise auf einen Link geklickt in Mail - Standard

Dummerweise auf einen Link geklickt in Mail



Addition.txt ist unvollständig, bitte nochmal schicken.

TDSS-Killer Logfile auf mehrere Posts (2-3) aufteilen.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 03.07.2017, 08:03   #5
JoeS2013
 
Dummerweise auf einen Link geklickt in Mail - Standard

Dummerweise auf einen Link geklickt in Mail



Hier kommz TSSDSKiller Part 1:
Code:
ATTFilter
17:09:32.0945 0x27b0  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
17:09:37.0932 0x27b0  ============================================================
17:09:37.0932 0x27b0  Current date / time: 2017/07/01 17:09:37.0932
17:09:37.0932 0x27b0  SystemInfo:
17:09:37.0932 0x27b0  
17:09:37.0932 0x27b0  OS Version: 10.0.15063 ServicePack: 0.0
17:09:37.0932 0x27b0  Product type: Workstation
17:09:37.0932 0x27b0  ComputerName: JSCHMIDT-MOBIL
17:09:37.0932 0x27b0  UserName: Jörg Schmidt
17:09:37.0932 0x27b0  Windows directory: C:\WINDOWS
17:09:37.0932 0x27b0  System windows directory: C:\WINDOWS
17:09:37.0932 0x27b0  Running under WOW64
17:09:37.0932 0x27b0  Processor architecture: Intel x64
17:09:37.0932 0x27b0  Number of processors: 4
17:09:37.0932 0x27b0  Page size: 0x1000
17:09:37.0932 0x27b0  Boot type: Normal boot
17:09:37.0932 0x27b0  CodeIntegrityOptions = 0x00000001
17:09:37.0932 0x27b0  ============================================================
17:09:38.0706 0x27b0  KLMD registered as C:\WINDOWS\system32\drivers\23429758.sys
17:09:38.0706 0x27b0  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
17:09:39.0115 0x27b0  System UUID: {B8DF4E30-3744-0238-F5C1-D25F2BF08A28}
17:09:39.0835 0x27b0  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:09:39.0841 0x27b0  Drive \Device\Harddisk1\DR1 - Size: 0xEF200000 ( 3.74 Gb ), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:09:39.0847 0x27b0  ============================================================
17:09:39.0847 0x27b0  \Device\Harddisk0\DR0:
17:09:39.0847 0x27b0  MBR partitions:
17:09:39.0847 0x27b0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x6FD15000
17:09:39.0847 0x27b0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x6FD79800, BlocksNum 0x3200000
17:09:39.0847 0x27b0  \Device\Harddisk1\DR1:
17:09:39.0848 0x27b0  MBR partitions:
17:09:39.0848 0x27b0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0x777080
17:09:39.0848 0x27b0  ============================================================
17:09:39.0894 0x27b0  C: <-> \Device\Harddisk0\DR0\Partition1
17:09:39.0930 0x27b0  D: <-> \Device\Harddisk0\DR0\Partition2
17:09:39.0930 0x27b0  ============================================================
17:09:39.0930 0x27b0  Initialize success
17:09:39.0930 0x27b0  ============================================================
17:09:54.0366 0x30c4  ============================================================
17:09:54.0366 0x30c4  Scan started
17:09:54.0366 0x30c4  Mode: Manual; 
17:09:54.0366 0x30c4  ============================================================
17:09:54.0366 0x30c4  KSN ping started
17:09:54.0589 0x30c4  KSN ping finished: true
17:09:59.0028 0x30c4  ================ Scan system memory ========================
17:09:59.0028 0x30c4  System memory - ok
17:09:59.0030 0x30c4  ================ Scan services =============================
17:09:59.0287 0x30c4  [ AAB860A5E606B9621E130D8C29D3F305, 93466620433B27F3BCFECDA26DD420AD1E5219034BA3B4E930EDED6D6728AE5C ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
17:09:59.0301 0x30c4  1394ohci - ok
17:09:59.0335 0x30c4  [ 4140B14929C555E9513D59A2EEB5C471, 39A8400B3AA7FB1D8EBE87E65F89881AB23B6AE911BECAEC1FD86C7DADD4F1AA ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
17:09:59.0338 0x30c4  3ware - ok
17:09:59.0446 0x30c4  [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
17:09:59.0453 0x30c4  AAV UpdateService - ok
17:09:59.0506 0x30c4  [ D3DB4E3C096EFF74FB6E73E37CB66DD7, 451BE72D50D2316690910B86ACA1EBB5C0F3FE688BAB806EC94BCCB6F3798A0A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
17:09:59.0526 0x30c4  ACPI - ok
17:09:59.0573 0x30c4  [ 3E5E5DAE5CAEC0209C93D3AD8128D8A0, 5CFA4D715AE8D928EA11F213C5A7B0B1C1705D2A8FF041E0A1988E645E669C54 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
17:09:59.0575 0x30c4  AcpiDev - ok
17:09:59.0595 0x30c4  [ F72D7CC7E7A97A09757313F3B4C7E17A, 36E3363380C51A2DB58D3177655A0A75DAA977C00C5A9C60A189068C0AFDC643 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
17:09:59.0601 0x30c4  acpiex - ok
17:09:59.0619 0x30c4  [ F04B6F53FBDB2B6B0451AE53DE19F0C9, 41A8C314A46867BAA45CD9666AAF734AD45B74E2033A8E66D93E17CDDAD66578 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
17:09:59.0621 0x30c4  acpipagr - ok
17:09:59.0670 0x30c4  [ C347A6095F3BE417D24F1E1349F4AF0F, 72C9D759BB132985AF55860658DC01F08590A2BD7E976FCF25E1314C5AA1D37B ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
17:09:59.0672 0x30c4  AcpiPmi - ok
17:09:59.0681 0x30c4  [ 686BFFC47454DD2F58795C2EE891CA9F, 6CC4B6679914742D700A8373DED2DD9A821CA5284D4D73493BA0855DB8E6520A ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
17:09:59.0685 0x30c4  acpitime - ok
17:09:59.0729 0x30c4  [ 14572310DA2749078790582492DA04E9, 7AEF2A6ECB8D8B29905E173569E5ADCB09BB7AC57EE01D30BCFEC5497EAB3EDB ] ACPIVPC         C:\WINDOWS\System32\drivers\AcpiVpc.sys
17:09:59.0731 0x30c4  ACPIVPC - ok
17:09:59.0838 0x30c4  [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:09:59.0841 0x30c4  AdobeARMservice - ok
17:09:59.0889 0x30c4  [ FBDA59118E59B3722248C66BAD89CAA9, 11AB83499757E3143834348DE39E85D56EC853071C96337C3ADD8A1E374C6CBC ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
17:09:59.0916 0x30c4  ADP80XX - ok
17:09:59.0953 0x30c4  [ AC1928C2F7505BD556C552F153B062AB, B48EA30F76DEA57868CA74CC775DD60257021A3DE10CE101B8BEFA1CE9D22CF4 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
17:09:59.0968 0x30c4  AFD - ok
17:09:59.0988 0x30c4  [ 1D914C996F2C3134E2344BB74F79BCF6, D27AF01BA29784555AF7D2E89A3A65E81D6AFE1D3C7E8F9367F06D9DF5F88069 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
17:09:59.0993 0x30c4  ahcache - ok
17:10:00.0045 0x30c4  [ 41856B40EE15F96DEC8755AB01FA3CF7, 33C3C899AF9CA15BE5A4CF097FF43DF3F0DBA0E48B6F1E28AE3E76AD76A1C361 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
17:10:00.0047 0x30c4  AJRouter - ok
17:10:00.0097 0x30c4  [ F485CA5559DB37A4882467A4F7D58BEA, A1C648EFE12A5A3356BC0949372ADD0FF0CA2F5A8F992EB71C87E9C0D5C92BB2 ] ALG             C:\WINDOWS\System32\alg.exe
17:10:00.0100 0x30c4  ALG - ok
17:10:00.0120 0x30c4  [ 9C39FBA94FFEF04561D13ED0D1B50DD0, 53FA118DEF37F0BA6030B9CB4C17019E6B5934941514756D66143B7BB66D7CA1 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
17:10:00.0125 0x30c4  AmdK8 - ok
17:10:00.0166 0x30c4  [ 395D56FA2E22A10AE4774440D086F559, 24D7CBE9B82DC8900D9A5E345347FEC330D47FDBD1517A2AC10218BA2A9DFAA9 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
17:10:00.0172 0x30c4  AmdPPM - ok
17:10:00.0198 0x30c4  [ EB729A9ADCB9F9C406B533F95E2F67D4, EDCB8E39C503FF30ECB82F368242179E2788C12B4FD9B557F38380A934E7D8E7 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
17:10:00.0201 0x30c4  amdsata - ok
17:10:00.0227 0x30c4  [ 3B5C5C696F33FE61F1922533B03B9316, C9BAAA9B02547C66A276A31958DFD2A289C5963A4EE3FF306535565240D816CC ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
17:10:00.0236 0x30c4  amdsbs - ok
17:10:00.0251 0x30c4  [ A7D45A303FF8A9493C96C4B804051E6E, 6074C264876A398039D3F89905A486ABA5BDACA038B79920A34323B38CFCB358 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
17:10:00.0255 0x30c4  amdxata - ok
17:10:00.0337 0x30c4  [ C7F9F91698572CF9EDC18EDDE345BF97, 07C02E275686C2AB165EF37825F6D63AA9AAC08FD29878FEF665353DF0C7D23A ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
17:10:00.0340 0x30c4  AppHostSvc - ok
17:10:00.0383 0x30c4  [ 5180537517C27375B1F2CB37ED599FAF, 121BF0E3BDE068CC1E1E9B24DC334BA29348725E9BFB790699E4CC66664A4C3D ] AppID           C:\WINDOWS\system32\drivers\appid.sys
17:10:00.0390 0x30c4  AppID - ok
17:10:00.0431 0x30c4  [ F7FEBF66A705F18DC063DFD259F15102, 394DA8A7355573C4D81C375450DF5C5B2FA6360E246B06FDE8E7F9ADF21360FA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
17:10:00.0436 0x30c4  AppIDSvc - ok
17:10:00.0462 0x30c4  [ 13D7FEA71091D1EAD8ADDD10BFFEA06D, A707CAC76CBF0334E2FCE3220147B382F5E44DEF9E23DD459CF7C40F27771695 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
17:10:00.0467 0x30c4  Appinfo - ok
17:10:00.0489 0x30c4  [ EAF36A714E16A69B8B4ED7591CBA77B6, 11FE2A5D991FB8AF78F4E78FB6DF02005EC5404DC298FE2D4E7774BB0011AB52 ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
17:10:00.0491 0x30c4  applockerfltr - ok
17:10:00.0523 0x30c4  [ 290469FC9FDE400248DA3E528E729BC2, D9ABBEB76673D136698AA2F53C8EB1EAFBBDE365ACCA9AE348523B346143CA9C ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
17:10:00.0530 0x30c4  AppMgmt - ok
17:10:00.0591 0x30c4  [ 1C8DA5C681B603BBC893D50C5D643504, D38EDDB67C993498761978D5DC3DB648E20CB2CA16BA66A8629B16EAA04519EA ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
17:10:00.0608 0x30c4  AppReadiness - ok
17:10:00.0660 0x30c4  [ 9CEB98E9BB0B9C4C9C6C6C248480BE00, 064F06B707956502FE34435AE4C2BCD328056786FF081D37D06B7456DAB6E51D ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
17:10:00.0678 0x30c4  AppVClient - ok
17:10:00.0709 0x30c4  [ 2D2DF2463FACFBF2FEE39DCCDF49D1B5, F083C1B5B2284AB818431ECC6C9A61EBAFA241840727B97DD0E3B4FF0CBD07C5 ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
17:10:00.0713 0x30c4  AppvStrm - ok
17:10:00.0734 0x30c4  [ B86E646CE67FE9D75C0D762B19B465FC, B50C45A06AC6862DB4B183F567D55AE289EB05E6A1B32CC3AEBB6163C4296D79 ] AppvVemgr       C:\WINDOWS\system32\drivers\AppvVemgr.sys
17:10:00.0739 0x30c4  AppvVemgr - ok
17:10:00.0777 0x30c4  [ 2207D2A001A3C30B825F191CD2A76C91, A43EA8CB9E2D1A1FB2DDC738827514588BFFA420A2D618DBCA55614BE2E3B45D ] AppvVfs         C:\WINDOWS\system32\drivers\AppvVfs.sys
17:10:00.0782 0x30c4  AppvVfs - ok
17:10:00.0930 0x30c4  [ CC2D94671F2185383AEAEAD8784784CD, 98453192A1203B768F59EEF48EDE9CF0F45BF259F3771B254920E1FC0A8BAF06 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
17:10:00.0998 0x30c4  AppXSvc - ok
17:10:01.0024 0x30c4  [ 6E456A94B9BD7F6B4758729BCEDE40C3, 2F3146AC960992FA947A8E8C4D5497624A5BC69B7A3EECA117AD599C70DDE8E3 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
17:10:01.0028 0x30c4  arcsas - ok
17:10:01.0165 0x30c4  [ 6FCFBDF7D820CEB7426D988FA6E3DBA2, BC5C0564AB565F911FC99AD3D8C8FDA61E73BA4387CAAE3AE172DD443C56E617 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:10:01.0168 0x30c4  aspnet_state - ok
17:10:01.0184 0x30c4  [ 766F3A7E42AFCF74265FAC78987D1665, 8FE82913DF5CF79B49B28B3CD782AF09FF30585A37473AE3E518A26C5D6453D0 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
17:10:01.0186 0x30c4  AsyncMac - ok
17:10:01.0257 0x30c4  [ 01733BEEE02E51F712330D5909BD701C, A583B482DBE701A752EDFDEAE2EF16D7160DFEA6077E0C8EF013828E285D960A ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
17:10:01.0259 0x30c4  atapi - ok
17:10:01.0409 0x30c4  [ 835E2C1A3D32492E2B90BD4FE5527CB6, DE129E570C85EE8AAE8084B40F4E32766B4B789A2EED81E46311712B0826053D ] athr            C:\WINDOWS\System32\drivers\athw8x.sys
17:10:01.0497 0x30c4  athr - ok
17:10:01.0555 0x30c4  [ 5F9C86F133D50EC14BC247B1408EB339, D5C9DC375B91774E580C128677F36C4A4949FC70C7EE82F573EFC8841C084D18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:10:01.0569 0x30c4  AudioEndpointBuilder - ok
17:10:01.0618 0x30c4  [ 18DD15CD20F3AFB8A056B6250CDD4ABE, B17DDF9C79EE51CBF274BB8763935F841CC865168A8C27512290946D053EC332 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
17:10:01.0648 0x30c4  Audiosrv - ok
17:10:01.0698 0x30c4  [ F161CF8F628130B464E6A908723D488C, 95D40B679C132989B6031CC566235033400DA88006CF258F1CEFFB0D105E3B5B ] AVMPowerlineService C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe
17:10:01.0701 0x30c4  AVMPowerlineService - ok
17:10:01.0768 0x30c4  [ 03B45C52179E8DAE51A0F685C30D06D6, E06F066B4BFE5344BBF5749B9B8B8CFBA0C02920FD2B9C73BDDA7E34F1785DA7 ] AVP17.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
17:10:01.0774 0x30c4  AVP17.0.0 - ok
17:10:01.0836 0x30c4  [ 6086B5EE0DA4600B2EC2725D82DEB74E, C67CA7021D710CFDCF62B17A2B2890E61E4F1E3D956312688454FD85738C303F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
17:10:01.0840 0x30c4  AxInstSV - ok
17:10:01.0893 0x30c4  [ 0914A5E66C0775CE11960452A6434FEC, 978C1E20023841FBFEF0CEAFE09EDB679612C8E5986C6E40C1F6D0835112D13E ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
17:10:01.0906 0x30c4  b06bdrv - ok
17:10:01.0922 0x30c4  [ F8129321B1874D4386F7FEB754BC3380, 7264E7E2A339E456C0A1A40FDFAE0D202905467400B93FA0700498B86172337F ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:10:01.0925 0x30c4  BasicDisplay - ok
17:10:01.0964 0x30c4  [ E2BFD01BD0ECF2BDE9420022147952A4, 7798211996143067787881A1362D07B95CF688E96192E3627D30347C719D40CB ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
17:10:01.0966 0x30c4  BasicRender - ok
17:10:01.0991 0x30c4  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
17:10:01.0993 0x30c4  bcmfn2 - ok
17:10:02.0054 0x30c4  [ C3B27514035315E3C1FCE64E69E253ED, 03AF100927077AD608C5EA47A17081CEA849F44C471AF978F410B83E2ABA5AE7 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
17:10:02.0065 0x30c4  BDESVC - ok
17:10:02.0106 0x30c4  [ ED03D2ACE378C9EB8BB957ABBD85B951, E9AE3025DC4956B736651B20AEA665909C2B468F9AE3E317F545DD4EEEA7D9E8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:10:02.0107 0x30c4  Beep - ok
17:10:02.0177 0x30c4  [ 1FDC6CB56572203E6F4BF4E3FB30B886, 81D5C77C823DC078EEEB2DABEE5203D542C824E04FEDD96AA58F96037C065155 ] BFE             C:\WINDOWS\System32\bfe.dll
17:10:02.0197 0x30c4  BFE - ok
17:10:02.0273 0x30c4  [ 5C0D4DBACB90D9ECE77907F4F6CF9EF6, FC29F03FB7E58A9ED17A34BC2D8E39533070B8B23D1A110622C3A213BF48CD2D ] BITS            C:\WINDOWS\System32\qmgr.dll
17:10:02.0300 0x30c4  BITS - ok
17:10:02.0321 0x30c4  [ 2342B8619193B0D9FAC0D02C69DCE74A, 06A1512C9750ACD154DE8873DE6628355B7195759CE54FA96097EA6D56BE320E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
17:10:02.0324 0x30c4  bowser - ok
17:10:02.0408 0x30c4  [ DD459140CBD075DCFA898097327DB8EB, 8EB685107F06566BC7516F6921547844F1E05A6CD3F0EE80E449638302F46F97 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:10:02.0430 0x30c4  BrokerInfrastructure - ok
17:10:02.0492 0x30c4  [ 9C7F445B018AB4744B6E0C657B5D1833, 83D04F5E3D4BA46BBD8A67764A60F5731F86B0BE3A85C2858E002ABCC362F592 ] Browser         C:\WINDOWS\System32\browser.dll
17:10:02.0502 0x30c4  Browser - ok
17:10:02.0556 0x30c4  [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS       C:\WINDOWS\System32\drivers\btath_bus.sys
17:10:02.0559 0x30c4  BTATH_BUS - ok
17:10:02.0632 0x30c4  [ C8BF11D79B29BB23A461B65B58BA8593, 35AFAD5ED40304976287E6C982085DF7A91FF48F0320DAC32370FA039AA03C69 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
17:10:02.0651 0x30c4  BtFilter - ok
17:10:02.0667 0x30c4  [ AEABEB30B5015C635D615D4225FA21D6, 37514D769682A6EF6C0A8CA29F662789DBC4D6F00C0DF1B3E80D8CD5D1C2ADFC ] BthA2DP         C:\WINDOWS\system32\drivers\BthA2DP.sys
17:10:02.0684 0x30c4  BthA2DP - ok
17:10:02.0737 0x30c4  [ AF57F0B0E284BE06860A7B701341324D, F94E44C777FDC049158B7BF73DAFCDB103D08493AC898D1C928771650F664412 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:10:02.0741 0x30c4  BthAvrcpTg - ok
17:10:02.0780 0x30c4  [ 4C0FCF1BF33A706D2D23C122D5AF990C, 8FF78C6ABF1DB8D9EF318D2C71EA29E65EC80BCA24BC53CE1F521182733383CC ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
17:10:02.0785 0x30c4  BthEnum - ok
17:10:02.0802 0x30c4  [ 729CC10B1658178F0F009FE0E9159281, B0F692CAB2BE47415C8A8CCCE8D53CDDF2B70518536ACF91CF96D74ADD04AF9C ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
17:10:02.0806 0x30c4  BthHFEnum - ok
17:10:02.0828 0x30c4  [ 336A9C0254A0178ED50281B6EDF5B836, C9C454C6EC4FF5897B1873A7E90D1CE8122E43783E978A570CEA75E15F65DE97 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
17:10:02.0831 0x30c4  bthhfhid - ok
17:10:02.0907 0x30c4  [ D8428BEF4033C7BFCD981074E2318F89, 9C0692F8387BAD94CCA4E36B59701A7A7B8FDCB5377B4C2CA75424583835E112 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
17:10:02.0919 0x30c4  BthHFSrv - ok
17:10:02.0970 0x30c4  [ 096C2A149591410A44F1C6CBE4866729, 4ED981A9AA10979C305DEC6E02DD0FF445C64055B5493007BDD5283B4626C0B9 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
17:10:02.0973 0x30c4  BthLEEnum - ok
17:10:02.0993 0x30c4  [ 5428242193611BF91DDBF4F58900A55A, 91D59B0D0C7CA3DBBA8CA7CAD1E24845A224F451FC1880BE8CB7C1585AC79080 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
17:10:02.0996 0x30c4  BTHMODEM - ok
17:10:03.0019 0x30c4  [ E39223EAA36AC546A03ABE213C960A37, D1CFCC3BE2DD76BAE1EA927E9F32BD178D5C5593A4CD34E81038BB692957894E ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
17:10:03.0022 0x30c4  BthPan - ok
17:10:03.0078 0x30c4  [ 622833A26A27F15F42CE0888B1C70472, 9EED4C69DD955AE591270F0E371BEA256AA6DD9C527231BAD191FF3ED3A0826E ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
17:10:03.0099 0x30c4  BTHPORT - ok
17:10:03.0120 0x30c4  [ 6927D295017E9F1A5D655A8F3A122672, 4B686C93056924580390440B49C721BD9039D5C972994D8EA96CA848B786B693 ] bthserv         C:\WINDOWS\system32\bthserv.dll
17:10:03.0125 0x30c4  bthserv - ok
17:10:03.0151 0x30c4  [ FA5CE6301192DD6ED4AA747B2C88FD42, F06A7748FCB6BBF0BB0A8348F505A1703EF2D1B59DC5BA6B600951200463F876 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
17:10:03.0153 0x30c4  BTHUSB - ok
17:10:03.0171 0x30c4  [ 102CAA11BA89290D48FBFD2E04274BA0, 9C6786AD6C8BE5AF7538BAD553C401B0D7443E533CDE59E975CF3E07EF262F0C ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
17:10:03.0173 0x30c4  buttonconverter - ok
17:10:03.0194 0x30c4  [ 029434AC0A3935F9125ABBD08BF7C30B, 742338B882488CA83F502ACEBFEDC2783B8D9D6C391FE1088988276315A065F6 ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
17:10:03.0195 0x30c4  CAD - ok
17:10:03.0218 0x30c4  [ 307AE8BC9B45772DA02FB952A1D86C35, 4983AC71C8E164D9E6669D345925B4FBEDD0A0A4566887E7ECC56C996B66DBD4 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
17:10:03.0222 0x30c4  CapImg - ok
17:10:03.0243 0x30c4  [ B6E5AD7C83A5254DEE9D86023C0E5A81, 40F297406A025378A6273535475C1FF8C99BC6502B17C0E161131DA754D7974B ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:10:03.0247 0x30c4  cdfs - ok
17:10:03.0316 0x30c4  [ A0E5905465CBCCB63FE915F5B08752A8, 435B39A8B1684FFE9F2720A2CD11AF5A5F55E701709939756322C2CD6A22E0FA ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
17:10:03.0338 0x30c4  CDPSvc - ok
17:10:03.0393 0x30c4  [ 618DA70D0D90DF3602259C1B121794DD, D2AF7967DE38F3B7C10824A1C900A145F45C57C0F179753A85989406600C4279 ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
17:10:03.0429 0x30c4  CDPUserSvc - ok
17:10:03.0512 0x30c4  [ ABE77AD954BC3D72F559CF0C381E50BC, D0F24B023D7CADD4893AAF223A9BAC00B2C58D552E0C314B506C01767FB74133 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
17:10:03.0524 0x30c4  cdrom - ok
17:10:03.0561 0x30c4  [ 0EC94DA356D89CACD89B6E139E4D0A7D, 2F887681FDD5AB787154403E34623B1DFB61C70DAE5E2BFF1565E100F228870B ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
17:10:03.0576 0x30c4  CertPropSvc - ok
17:10:03.0647 0x30c4  [ 05EA22CFC40EDE05BF6E3BC782E5204C, F0C9C692FC31387E9D19426D3253317B6BA86D7118E3884C11E3287695006443 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
17:10:03.0664 0x30c4  cht4iscsi - ok
17:10:03.0764 0x30c4  [ 863E1C9F6750446DFB9EDCAEC3531367, 88C5EE76FD85640EB1440DEFC7B6CB918E18DC09507BA91FAE285370B8C7D56A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
17:10:03.0809 0x30c4  cht4vbd - ok
17:10:03.0831 0x30c4  [ 3E416539352B007AD0610BF34AC15D31, E2041129770B24AE95C5EC4B507477C72DFE8CB08D412E2621BF67207F9DEB8C ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
17:10:03.0834 0x30c4  circlass - ok
17:10:03.0848 0x30c4  [ 616E1ED94FA7F96D429D985FDB203D2E, EA681C442AA0F7D424C8DABD8D1C14653E61BDE740C0BC4C6C308B5FB4FE67AA ] CldFlt          C:\WINDOWS\system32\drivers\cldflt.sys
17:10:03.0850 0x30c4  CldFlt - ok
17:10:03.0874 0x30c4  [ 96C01F97576D2542FCBD28E13C8CC6A1, 98E2501197B97399EB1F7C8AA96B5696931736E44400314E768A6C029B9E1C62 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
17:10:03.0883 0x30c4  CLFS - ok
17:10:04.0100 0x30c4  [ 209D07A9F54C2211C4C1E387EC971C97, 02112545E31E617602ED527E9191BD819413FB3732EAD16699E0C5795F8C58B2 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
17:10:04.0162 0x30c4  ClickToRunSvc - ok
17:10:04.0225 0x30c4  [ FA57DEAD00DF87AF861B5FAF253ED3B9, 81BD591549CC1F2312AE85A455B28D051FC7D3A54D6371A634DF09DF8A00F952 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
17:10:04.0244 0x30c4  ClipSVC - ok
17:10:04.0288 0x30c4  [ 5118CFC33BBB51C7E3ED441B7085AD26, 8D33864FF750926C4B95827FFAD24C558DE8A90FC5B2663084DEAB5ADBBFAFD2 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
17:10:04.0290 0x30c4  clreg - ok
17:10:04.0340 0x30c4  [ 232F3A3AC3A2FB32C5C46503A6517073, 9E0232E095471E6C8825E870F5842838F1AE515E56410F6A5CC3D58A9A4AF33A ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
17:10:04.0342 0x30c4  CmBatt - ok
17:10:04.0377 0x30c4  [ B29A764A1E76473CD9D64C9438705C19, CD0497EB84DE60E1E491CA495AF981A8DFC4949BB373C1978CAF1BCF4321D30E ] cm_km           C:\WINDOWS\system32\DRIVERS\cm_km.sys
17:10:04.0383 0x30c4  cm_km - ok
17:10:04.0416 0x30c4  [ 3413CE81E02C091F33C4C3DD3071630F, 4758A2BB2FD453E9867C04CC420D12B279BB97E3C4E664A7058EA5F1EC63D04C ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
17:10:04.0430 0x30c4  CNG - ok
17:10:04.0447 0x30c4  [ E1BFF774FF67CA951A5DFF0E104FB132, 68809C4B72C54CEDE3AD33F5634E15A0225A67B391F9012EC7CEBA8AFC6EC3D5 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
17:10:04.0450 0x30c4  cnghwassist - ok
17:10:04.0559 0x30c4  [ DFDAEDB857BC18764F0D8ECDCC3C1499, AE12E908BAF53C605A17A9FB1AFD6BFBEC75EBE45D893541281473C197C71FED ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys
17:10:04.0561 0x30c4  CompositeBus - ok
17:10:04.0567 0x30c4  COMSysApp - ok
17:10:04.0586 0x30c4  [ 04532711732BE9DBC364E88E4A9EC18A, FCEB1F486E146A3FE7307397C1EB6760BFD8A327545F81C546F7134B08615B9E ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
17:10:04.0589 0x30c4  condrv - ok
17:10:04.0666 0x30c4  [ 605D4C2E374197FEA0D0BC9C41E5945A, 0E655CEBB86DECC76153776AA4B78B7B7457ABA899B3437F76A7BE09F08752BB ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
17:10:04.0688 0x30c4  CoreMessagingRegistrar - ok
17:10:04.0816 0x30c4  [ F8E91A03B632FD007B8BC13250719A3E, 46D8B3738534A061A07718031953F4DD20220C7045E1EFD0B00ED2B897723CEC ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
17:10:04.0824 0x30c4  cphs - ok
17:10:04.0875 0x30c4  [ 1F7F1A15B807BC7B241BB2FEEA79BC92, D756E2247757C274F3470B46FCDBB63317C05E8E66FDA9DB7ABF3A6820933D4C ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
17:10:04.0879 0x30c4  CryptSvc - ok
17:10:04.0913 0x30c4  [ EFB2A77F0CD1B8A79899C1D37B01CA86, 9FA32E0853FA93513ACA2CD4203DE8BC22268ABCA4BBDB366307C106F4FD5917 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
17:10:04.0926 0x30c4  CSC - ok
17:10:04.0964 0x30c4  [ 04199CA5C4A6F6E935906A74EAFCA8E7, F02E807E04DA16117E9E4D183186DF9425E9E1AD7CBC34AEED63A38F7D1E75E6 ] CSCrySec        C:\WINDOWS\system32\DRIVERS\CSCrySec.sys
17:10:04.0967 0x30c4  CSCrySec - ok
17:10:05.0031 0x30c4  [ F010BDED808E86E1046F08865C11EDF2, 48FE0D176F7FA1F04685C0A1FD4FFB6464B6B88883D7D50E05C9C6C0636E895A ] CscService      C:\WINDOWS\System32\cscsvc.dll
17:10:05.0048 0x30c4  CscService - ok
17:10:05.0054 0x30c4  [ 7D7F90460F1309B5205BF8CDFAD63E42, 885B9EA530E7B6D51DC24A5009F37A2D4CCACAFCA0A7CB693F4320E110AFFA4F ] CSVirtualDiskDrv C:\WINDOWS\system32\DRIVERS\CSVirtualDiskDrv.sys
17:10:05.0057 0x30c4  CSVirtualDiskDrv - ok
17:10:05.0102 0x30c4  [ F51953EC4B9AACD92A3B3CE66E05CEF4, D39C9696213F53F89209000F245AC178B342A84E46EE766B634BB8DB86A26BB8 ] dam             C:\WINDOWS\system32\drivers\dam.sys
17:10:05.0110 0x30c4  dam - ok
17:10:05.0270 0x30c4  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
17:10:05.0275 0x30c4  dbupdate - ok
17:10:05.0283 0x30c4  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
17:10:05.0287 0x30c4  dbupdatem - ok
17:10:05.0292 0x30c4  dbx - ok
17:10:05.0356 0x30c4  [ 8FC11CF02CDF8C958EACCD8CC6479BE6, 451DF418FE72716B4AE75F36D77810F66046ABE4E870504AE4052D53121A526E ] DbxSvc          C:\WINDOWS\system32\DbxSvc.exe
17:10:05.0358 0x30c4  DbxSvc - ok
17:10:05.0431 0x30c4  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:10:05.0456 0x30c4  DcomLaunch - ok
17:10:05.0521 0x30c4  [ 1175E107082287A58A756239F48E1A73, 0DB2017061D94FAC95CEBD7C4729E42018A92698D72CEE3EA412A9D14DB8D552 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
17:10:05.0537 0x30c4  defragsvc - ok
17:10:05.0606 0x30c4  [ BBCAC50027D030E07EC7E5C36469FAFF, FEF39659F21D2AE676E4882FBAF5A881C534BB7EA26E5EFF9F7B5F8B952D6532 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:10:05.0618 0x30c4  DeviceAssociationService - ok
17:10:05.0667 0x30c4  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
17:10:05.0674 0x30c4  DeviceInstall - ok
17:10:05.0739 0x30c4  [ 5B84093D490A6B060C8BE60BA52C876F, D34A854418A66529B18313A50E6D7EAB982611AD9AB0335245AE764FE0602C22 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
17:10:05.0756 0x30c4  DevicesFlowUserSvc - ok
17:10:05.0831 0x30c4  [ F08F70BBD833BAA3BF0D5E500CBEE6CC, 8BB99E6D96CB8B25036549030986EC267C26BF1FC66E4EB00A3E41FE3BB5DE70 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
17:10:05.0834 0x30c4  DevQueryBroker - ok
17:10:05.0882 0x30c4  [ 185A4519B7764F4DEF714D890A7A9FD2, 9805D9DB42D11582583EA3F0FFEE9EF2B0C536DA99A9A3D3863B2669B1CC34A7 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
17:10:05.0886 0x30c4  Dfsc - ok
17:10:05.0950 0x30c4  [ BC5188B3F35BB8070888441A2A740465, 05C18A3DC1BD96C6751E76DBF57C47E526A1F9DF5E013B20B69EA0159CD6CE56 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
17:10:05.0962 0x30c4  Dhcp - ok
17:10:06.0055 0x30c4  [ 5DF493C7954890EEC65CC2A21D479F76, 67087AAAC2AF93F265077AA392444E32DC299918A843A8AECFBE73636A5F2314 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
17:10:06.0058 0x30c4  diagnosticshub.standardcollector.service - ok
17:10:06.0167 0x30c4  [ 3835D0DD7A932266CC0746FDC5EC5568, 9F0933698C94FB51960818D20DAF2EE7530EA77DCA6E30603EEE85B60D807891 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
17:10:06.0223 0x30c4  DiagTrack - ok
17:10:06.0249 0x30c4  [ 1203EA16F36C5BEB2509FB7CC03DC178, 195209CB711E5BDE24A50C88AA62F32E8AE26F6A83B423374FCA41444F55D1CE ] Disk            C:\WINDOWS\system32\drivers\disk.sys
17:10:06.0253 0x30c4  Disk - ok
17:10:06.0293 0x30c4  [ A43458FBA31903E5F69A8E019E50FD13, 96E0F29A8F4CBA8A28E321E92D2DFC4D57E162D9C3CA06944D017627DC9021EE ] dlcdcncm        C:\WINDOWS\System32\drivers\dlcdcncm62_x64.sys
17:10:06.0330 0x30c4  dlcdcncm - ok
17:10:06.0352 0x30c4  [ DEB4F93B5B2257A3F49560DD1E1A276D, EFFFC783E39614B4A5FA42B4CD360B8DF16EDDA6DD5C03757F4963A8D2A7A350 ] dlusbaudio      C:\WINDOWS\system32\DRIVERS\dlusbaudio_x64.sys
17:10:06.0361 0x30c4  dlusbaudio - ok
17:10:06.0430 0x30c4  [ 626E3564A7588139DE2367E14F8CAAB2, 472530B6DD70F4A5E61A8572B0479A6DF3BE8B4DD1E021BF00D05B3553927463 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
17:10:06.0445 0x30c4  DmEnrollmentSvc - ok
17:10:06.0463 0x30c4  [ 038B8B76284BC291EC75B005BB3EB13F, FE7BD7CF833C4A96ABF4FD6EBAB829CC4D8096780A22A313035D7E49BBA12D36 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
17:10:06.0465 0x30c4  dmvsc - ok
17:10:06.0514 0x30c4  [ 32C76DFE2586EBECFFA4112E9196591C, 190C294F50B96B13D0B776F7C19DCB47EAACBEE999CBA50236CF8C856CF38B17 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
17:10:06.0517 0x30c4  dmwappushservice - ok
17:10:06.0564 0x30c4  [ FC3AA34608A69BDAC67E31FB70C8A720, 38815F527DF963B4A7D93895776DDD618BD29782B1FA74EB1A7319AE58739A06 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:10:06.0574 0x30c4  Dnscache - ok
17:10:06.0628 0x30c4  [ F08CB37830A1F9950E8B2F7B1F78CC7E, E4E75645893597F6A02B98DC4F126A664F5DEF7B1CD4C2DEE5CA8ED18DB64C9C ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
17:10:06.0635 0x30c4  dot3svc - ok
17:10:06.0652 0x30c4  [ 3425E26D0A7792F2EE7745C0336C2062, 54A3AFFC31C2641BCE1877F2CBA61D2CD7191BA39FD5B3659491E4E307570C1E ] DPS             C:\WINDOWS\system32\dps.dll
17:10:06.0662 0x30c4  DPS - ok
17:10:06.0679 0x30c4  [ 3D934A1C02EB6979CF45C70A71F580EC, 279B325E18ABF82FF523095D8D5958A3A48C7B7A4F64BD562DDED1D0662B608A ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
17:10:06.0682 0x30c4  drmkaud - ok
17:10:06.0737 0x30c4  [ 5E92CB292D676634058E6C62653C9227, CE35C51B444664641306B4C2E21978B3418B58B2A973B19B908D86FE723FB4C4 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
17:10:06.0744 0x30c4  DsmSvc - ok
17:10:06.0786 0x30c4  [ F2D97A85F4F6E0942BC17C4EECEEE6B7, 3583D00634C36B16880766F7635BFF48D04CECA4F2489E2720EBE33007CA0B9B ] dsNcAdpt        C:\WINDOWS\System32\drivers\dsNcAdpt.sys
17:10:06.0788 0x30c4  dsNcAdpt - ok
17:10:06.0892 0x30c4  [ 05937DDDBB80D89D6CA3E226AC3268D2, 479D4A0FA353A8F0354D900738C4E7A2CD010662EA7587EC0984A5802643302E ] dsNcService     C:\Program Files (x86)\Pulse Secure\Common Files\dsNcService.exe
17:10:06.0908 0x30c4  dsNcService - ok
17:10:06.0956 0x30c4  [ E479C2656A3A47F5D4FAD10AE6EAED52, B17D18D5440CF131EEADA385989A8ED0DB7728CAAC4E745720947DD1BC4F9EF6 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
17:10:06.0961 0x30c4  DsSvc - ok
17:10:06.0979 0x30c4  [ 682D7DF9704217DD8716307F9E2EEC05, A8D36414A7316C59995CF9689DD84B2FD3FECE47E39F515C81BC3C439890E993 ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
17:10:06.0987 0x30c4  DusmSvc - ok
17:10:07.0100 0x30c4  [ F5DFB6D800946ADE35C71BE9928098A9, 7B187EC9CCA233C16C9F98F9CFFB1A85A42FC79C652B26C8FED40890F11871F3 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:10:07.0152 0x30c4  DXGKrnl - ok
17:10:07.0198 0x30c4  [ ECA1628436628362856ACF239E6AFD29, 19051DC348918B863E0A272CF56891B8CB49E7E705B8BAC7663D36C797A7B962 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
17:10:07.0202 0x30c4  EapHost - ok
17:10:07.0340 0x30c4  [ D64CD3AE93125EDA383190C2AF607E70, 3D180B96C6A2318842FA03AE5F703320A93CF1F440FF7D0E6F6F9BAD98F2FA02 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
17:10:07.0411 0x30c4  ebdrv - ok
17:10:07.0456 0x30c4  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] EFS             C:\WINDOWS\System32\lsass.exe
17:10:07.0459 0x30c4  EFS - ok
17:10:07.0480 0x30c4  [ FFBB37982E6D24AEC7A2E5459098EAC9, E89DD74540088ECAC9E802D7A059C0A6E3E5412BD42E5E9F26258724458EF8DB ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
17:10:07.0483 0x30c4  EhStorClass - ok
17:10:07.0509 0x30c4  [ ABF38D02E01D6ED87AE1DF65FC5DF62D, 57D48609DA30F60016D2ADEB9A772942FB39A117247EB63FAE3FCF50D726B698 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:10:07.0512 0x30c4  EhStorTcgDrv - ok
17:10:07.0556 0x30c4  [ 5E4AB60D50F368A09275F4055D621EDC, C840F5DF3C0813EC6CB9BA0C3C91F2C6410227A6255DEF5FA94C8AC1E43E36A0 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
17:10:07.0561 0x30c4  embeddedmode - ok
17:10:07.0590 0x30c4  [ CA966CED8970A60FB00A3592564EF093, 4BD904032445235EE69DAA0024E0FB3D8B2325D897A683E334754EB3CA90AB39 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
17:10:07.0598 0x30c4  EntAppSvc - ok
17:10:07.0618 0x30c4  [ B9A59B4AD516E38C39FA416398B96CCB, 4630A9AD414476B47F634F2EB5659597797222A8938B68847B97FECCE1A1B5F8 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
17:10:07.0620 0x30c4  ErrDev - ok
17:10:07.0678 0x30c4  [ 6BD85B39B7B23F03B24CF641ED29147B, 850F21750BB39E5239B1584E1117844CAAAF6A5C58E79366552309F917675CE5 ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
17:10:07.0691 0x30c4  ETD - ok
17:10:07.0760 0x30c4  [ 8916EACF1256E1C5A3AF81FD39C747E7, FF28FB95E9F9287C1005CF0D9EB84F7CA3D137689862860C9848398504E1EFFF ] ETDService      C:\Program Files\Elantech\ETDService.exe
17:10:07.0771 0x30c4  ETDService - ok
17:10:07.0835 0x30c4  [ 1541374239F33512D7F4D24ED1E9238C, 8B1548D4052A72175EB6ADA9FD4286ACD5041E1CE071DCAC3760BB227FCD3621 ] EventSystem     C:\WINDOWS\system32\es.dll
17:10:07.0852 0x30c4  EventSystem - ok
17:10:07.0877 0x30c4  [ 9C4D88E8614487AD85A6F18A71A7298F, EE6F48C89D6379C7361484EAE7C7FAAA477D48032BFDD0D363E48642E62EADF4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
17:10:07.0885 0x30c4  exfat - ok
17:10:07.0940 0x30c4  [ C61014A176ECAAF97589E6FC979CE786, FB913AC647B68DB9854367BB1E53A504A85833966211279C8D7171698F743B27 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
17:10:07.0949 0x30c4  fastfat - ok
17:10:08.0028 0x30c4  [ ECC5AEFEA31F1A078E954305B8CA6373, 15948D017E3B52D3B4BBEC047F963BD77247E24A59F0532B6A023B0C4159FC84 ] Fax             C:\WINDOWS\system32\fxssvc.exe
17:10:08.0043 0x30c4  Fax - ok
17:10:08.0098 0x30c4  [ 853081957BA148F38FD8DE4390CFCF4A, 37C92C7ABA55A5FF7094F77F8EBEEE1F4BEE161CEC6B01A50FC0D0C39E36C142 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
17:10:08.0100 0x30c4  fdc - ok
17:10:08.0125 0x30c4  [ 885C06C35CC8FAEDDE3CDA36B72CA2A9, FF6584E7AF2FB540B2183665C3E216BE98DE953CEA6A7E4C5F13514BE4AAC9D3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
17:10:08.0128 0x30c4  fdPHost - ok
17:10:08.0144 0x30c4  [ 367E878C79D9F391E3D53B6BBC1B6386, 739D89F6954E17B73F53702CFF8EE985FB241255D962A83BAF1A20E783CAF466 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
17:10:08.0147 0x30c4  FDResPub - ok
17:10:08.0164 0x30c4  [ 514F6A0B83527DD6ACCC8B21A57B10E3, EA3D401E42D05BA39E5874513DFB895A086BECE4D69FC1AC12F85F326A435A4B ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
17:10:08.0169 0x30c4  fhsvc - ok
17:10:08.0214 0x30c4  [ 27E764D6460504B7271AFECE7A59FB76, A32B08142068BF042B3E47C0CA7F4FCFD07A37807B1B8DAAE614F3A132475D52 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
17:10:08.0216 0x30c4  FileCrypt - ok
17:10:08.0235 0x30c4  [ 3D6087F51110F3CC0DA89385354F8C5E, 49FF976C3391A257BCD4B048BF6D1273F8537005E32D65E5F272AF3294639F05 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
17:10:08.0242 0x30c4  FileInfo - ok
17:10:08.0270 0x30c4  [ 057E95E53C38260C4EF49B3A077770CD, 7008E71663046FF1D91D9DC3570094561C812067E1CA07715A1D2E4F787207AE ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
17:10:08.0274 0x30c4  Filetrace - ok
17:10:08.0293 0x30c4  [ 90B2983D8495C26345A1DC5F0C3BB07B, 50D834D40C27EEF5023556A77B13D3335789333E302A73DF221CD86D156FDEE9 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
17:10:08.0296 0x30c4  flpydisk - ok
17:10:08.0333 0x30c4  [ A84261F75F490E45CFEDBA77EFE4F67E, 292BA04D8996140255E4B6105015C2A640890BEFB6C022E30E0D9CBF45D5F4DB ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
17:10:08.0344 0x30c4  FltMgr - ok
17:10:08.0457 0x30c4  [ 4255A21E89EFEDD8488E3ED81A9F7993, CA918E83A204A38C022A8EF28ACBF4575CEA39EED04FC739C5AD9BC464FF1753 ] FontCache       C:\WINDOWS\system32\FntCache.dll
17:10:08.0510 0x30c4  FontCache - ok
17:10:08.0691 0x30c4  [ B282011D13BBEEA0273DF33C5E776D55, B4AF068BBB09D0F546F5590FCDD745250CFD58DD3A8ABF5DC26670FA32D181FB ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:10:08.0694 0x30c4  FontCache3.0.0.0 - ok
17:10:08.0756 0x30c4  [ 8E0A89C8BC29F4B066B1DA4B96A63609, 1F4ABEC209ECDCA20620C7D7DB0C407F8D1032D506259B11FEAF2A0C3E14B1A3 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
17:10:08.0774 0x30c4  FrameServer - ok
17:10:08.0815 0x30c4  [ D2814848206DFC18EB8D3D069FAE703E, A62263CDF9261B692423473F4FF23B01AC864C05850BA5591EB9019906B4A08B ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
17:10:08.0818 0x30c4  FsDepends - ok
17:10:08.0838 0x30c4  [ AE7EDF845F41ACA3B74567C3CE20E987, 6159C227C85912B03D8C35A1EF91705AE6C1C23C7228D6FCC0A9529844798E1B ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:10:08.0840 0x30c4  Fs_Rec - ok
17:10:08.0885 0x30c4  [ FF0699483185CE3B4E1144DF19AC5E97, 9BA0A2F04A1A51AFC3B830452AC75BE2D76300BAF1918BCF5AB60E4EB9888F0F ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:10:08.0901 0x30c4  fvevol - ok
17:10:08.0949 0x30c4  [ 4616F61E24B3AEA6E0E4EA7D69531EF4, 34CB16F68E4A4D19346C7FEC29BB5FE09BAAEC19EA730C9B93450F940D124D49 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
17:10:08.0951 0x30c4  gencounter - ok
17:10:08.0964 0x30c4  [ 23174BB6937459B924BB8EF667FB28EF, 6675B87F4DE9CCA96B6BAB9F77C4E0B377828613D9FFB03F7D443AF11321F157 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
17:10:08.0966 0x30c4  genericusbfn - ok
17:10:08.0997 0x30c4  [ 14908F4F9005C29DE8F5587E271390EE, 43DDFA99F52467F91019DB858989F111EBE48A2BED8D43EA2C15D1FD3C104489 ] gfibto          C:\WINDOWS\system32\drivers\gfibto.sys
17:10:08.0998 0x30c4  gfibto - ok
17:10:09.0044 0x30c4  [ 4B11CFBE1D9B73A9D865F6AB26F800BA, BD76CB5AF0EE6DD404875A4C36622C6BC8CCF2975C47E28DD305EB041C6C0B91 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:10:09.0049 0x30c4  GPIOClx0101 - ok
17:10:09.0142 0x30c4  [ CF22C0941409C772AA1568DC4F89A111, ED5895F024E64B672EB3FAE6C456FA0D30A068CF2B475A7EE988DEA4DCD6D8DE ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
17:10:09.0175 0x30c4  gpsvc - ok
17:10:09.0199 0x30c4  [ 3FC3FCF557D0BE3D724EA10642E1F6FF, 744D0DDE748A1B681087668CB893F9A60A2BBE80A71098944E75B6A9AA934C82 ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
17:10:09.0201 0x30c4  GpuEnergyDrv - ok
17:10:09.0299 0x30c4  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:10:09.0303 0x30c4  gupdate - ok
17:10:09.0311 0x30c4  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:10:09.0316 0x30c4  gupdatem - ok
17:10:09.0334 0x30c4  [ DD1A6F4998E7E21564FA9BAFE21C87ED, CAD04E9B8244ACA3314C6FD4422BE7A3B578AF1E61F13773A2C5DB388B3337F6 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
17:10:09.0337 0x30c4  HDAudBus - ok
17:10:09.0359 0x30c4  [ 9F90819E301C70A3A042FC05D3E41B5F, D2175786775D08686264001ABAA4B61DC08A847666F6B9A2A64D10BFC022F646 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
17:10:09.0360 0x30c4  HidBatt - ok
17:10:09.0384 0x30c4  [ 3CA3244C45B25F3B3ED9445C195E40EB, 9C43B31DAB473D29069D0D6BC130660424FE2414BA519107641FA1561C10C76D ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
17:10:09.0387 0x30c4  HidBth - ok
17:10:09.0402 0x30c4  [ 55DAF856F9633DD2519BA4E942870F02, 5283548CB93EB46C5FD3B08E45C97BBFB33D47F11F89560508775889FBF2F754 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
17:10:09.0404 0x30c4  hidi2c - ok
17:10:09.0421 0x30c4  [ E34216A190D9BF8EAA666F6903BCD0EF, DA8529DAF903B447CC5FF2D112F670696549A4B66F54DF9A8C8C615D969CD477 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
17:10:09.0423 0x30c4  hidinterrupt - ok
17:10:09.0443 0x30c4  [ 852DBB5185996AD8C73872A43A453729, 8C20331AE99E280799407CC5FCF88F8F645C331604230876A2CD7C253B9BD633 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
17:10:09.0445 0x30c4  HidIr - ok
17:10:09.0502 0x30c4  [ 6339CC87F0F610D1575C9A419940602A, B2A054ED0B669FA54E250EC2926955B1D944FA1FB2AF5B590C181CB2E9D297BA ] hidserv         C:\WINDOWS\system32\hidserv.dll
17:10:09.0505 0x30c4  hidserv - ok
17:10:09.0515 0x30c4  [ C1A608120DE0DF52E51B8BAF86AF19F9, F3529822E78CFCA2E323A75926A833529889E40BB9602B287CC343C496CB2062 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
17:10:09.0517 0x30c4  HidUsb - ok
17:10:09.0590 0x30c4  [ BD1CF47172B97707DFC66ADA741AE2BE, 9607AB7074FC54D88FDF6E2A31506BCF8ECBF8FD651BB5CEA2421471C24BCED1 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:10:09.0604 0x30c4  HomeGroupListener - ok
17:10:09.0679 0x30c4  [ A004895B838003BAE2281DAF193B6A09, 587FCDCEF769B2AED12551B6426477B764CB8A025E692D4EC8B24E1CBA1C06E3 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:10:09.0698 0x30c4  HomeGroupProvider - ok
17:10:09.0719 0x30c4  [ 8ADD9CA3E0F18CEA11EA6FAED794A228, B46BA885ED8253A253B1C87C331CA145F7F397AF49853038B3F1EDAF81B2C4BA ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
17:10:09.0722 0x30c4  HpSAMD - ok
17:10:09.0805 0x30c4  [ 2413454E305678EA9A486E8DE2E67849, 5E821E909F99BAB782D89A0CDBFAE5474FEA211EB4F626A824D10D733F3FDC67 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
17:10:09.0828 0x30c4  HTTP - ok
17:10:09.0883 0x30c4  [ D3C45F1B5BB3EE772CDA416A4A3EEB9B, 97CD988CF307EBCC34F37F130F4F2C989DD17E70B2498DB1929B566A3387887B ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
17:10:09.0891 0x30c4  HvHost - ok
17:10:09.0941 0x30c4  [ F60F8390B635156593F7493AE898AFB0, AC5E58CDA12072C5FDBFEA0FA009CE2E251D143FC0878B2658ECCCF797B8B0EC ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
17:10:09.0948 0x30c4  hvservice - ok
17:10:09.0969 0x30c4  [ 563F5FC3B46A70A91AB6C8822AC8BF25, 43E647A7752D7444BF306E38571130AB778AA2A6892782C6C1112E47FBEFBC87 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
17:10:09.0973 0x30c4  hwpolicy - ok
17:10:09.0998 0x30c4  [ C082249BC3E972C8A132D9EC6AD9EAD5, D69EEFD97CF5E0BD64D11DE1C331D02A9BE522BB93A40FF32ED434D960B85D39 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
17:10:10.0002 0x30c4  hyperkbd - ok
17:10:10.0024 0x30c4  [ C6C8315E3262FAE460529C6DA2951682, 4ADBFA6601209BF6F5A9797721CBE2011905775CF4E266D7B42F89915D477E95 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
17:10:10.0029 0x30c4  i8042prt - ok
17:10:10.0050 0x30c4  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
17:10:10.0052 0x30c4  iagpio - ok
17:10:10.0068 0x30c4  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
17:10:10.0072 0x30c4  iai2c - ok
17:10:10.0086 0x30c4  [ 42962355A7911407026E920E7252E3E5, 4A4016A53ED61354C81C594968339E6F3CCCFF4A64F8F28AD008ED8137E05AD2 ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
17:10:10.0089 0x30c4  iaLPSS2i_GPIO2 - ok
17:10:10.0103 0x30c4  [ BD47B2FEABFA48C6224D43EE9EA9BC06, 304628CA458AA7B1B8B1CFF12074AD75C1CE7BD41820B99607D7FA99A817D007 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
17:10:10.0106 0x30c4  iaLPSS2i_GPIO2_BXT_P - ok
17:10:10.0125 0x30c4  [ 2184CB3A65888F446FCD6DBA9F073F4C, 0B3D63EC7F61BFAD490C123084965A9F38DBFE587AC9DAE6F4E6B68AD8093DB2 ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
17:10:10.0129 0x30c4  iaLPSS2i_I2C - ok
17:10:10.0149 0x30c4  [ 4126F8DA08CE7924A3AE6F7235F85D5F, 668DC1D09496A95F44C07C5C1F6ED7D3EFC6F89523B2744A86B460E5BECAEFB5 ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
17:10:10.0153 0x30c4  iaLPSS2i_I2C_BXT_P - ok
17:10:10.0168 0x30c4  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
17:10:10.0170 0x30c4  iaLPSSi_GPIO - ok
17:10:10.0186 0x30c4  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
17:10:10.0189 0x30c4  iaLPSSi_I2C - ok
         
Und hier Part 2:
Code:
ATTFilter
17:10:10.0271 0x30c4  [ 71341219FBB4BAB7F2462C4267DAB594, 0C6B684781D27F423D20186A40D7513DD6ABC38AD286D013791B37CBF5477A55 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
17:10:10.0296 0x30c4  iaStorA - ok
17:10:10.0350 0x30c4  [ D820075D3395BED28FC57AEF8FBA666F, 7589CCCD355D2685C0E6D317AB39F0DB061153E6859A0F53834B001643CFDF57 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
17:10:10.0365 0x30c4  iaStorAV - ok
17:10:10.0483 0x30c4  [ B64E1D5BABD095C13A382838F9DCC77F, D8FF4E1BBA7EF5EE136CC5892C72E0774D0AAE40CD9EB3368A698DA6C078BBAA ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:10:10.0488 0x30c4  IAStorDataMgrSvc - ok
17:10:10.0555 0x30c4  [ A243E0CE8644378C9A9D015ABC3EDA27, 0C72F6D39DD64A16F54BCE185F4D8E670D386823F6364E9ED284F7F8DE11CBF5 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
17:10:10.0570 0x30c4  iaStorV - ok
17:10:10.0626 0x30c4  [ E16E4FC9F250E48CB2CAD93E59D010E2, EFF558EDD63DB0FD8BA240E94BD5999106233B95BF86BFB99EE9B897F41C542B ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
17:10:10.0653 0x30c4  ibbus - ok
17:10:10.0729 0x30c4  [ E3061D5ABA80394D29E26EA58AF7F69A, 9BCF1AD2CC9C7E48FD350F9D59797E17F355C840EDE428143764F93716159C20 ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
17:10:10.0744 0x30c4  icssvc - ok
17:10:11.0027 0x30c4  [ EEBA67845830AA226BC8863B7365BF63, 866D2166B97536776E7315EFB5D6428237EEDEE520845A19D4D658302551FDC9 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
17:10:11.0190 0x30c4  igfx - ok
17:10:11.0252 0x30c4  [ 670F652C0738992BF94E0F2D1CF2DFF7, A3D921DCF2EA9DAF3B3D2F2C2F9222ABB60CE4534C94F955D60B13EE35DD69CF ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
17:10:11.0261 0x30c4  igfxCUIService2.0.0.0 - ok
17:10:11.0366 0x30c4  [ E9E4BB312F6B544392F44D513FAA2243, 3E6917BCE9F1AF554D57FED9E76B33F36D92145B0090A5F8F64E2A53EB4C54A4 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
17:10:11.0399 0x30c4  IKEEXT - ok
17:10:11.0421 0x30c4  [ 0E33BC018502E7FDE77C343055D9C626, CD1C60E8EDAA044E03E5776962E091C1288204033A57A799D446F9B058D6AD59 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
17:10:11.0423 0x30c4  IndirectKmd - ok
17:10:11.0623 0x30c4  [ 7EF2C326CFE5BD1E7F5A69F0B4ED67E9, C0B9748BC2B047F941FBB7F439C0CEA458A8C6E9BF017C01C365A8B4BCE8EF0B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
17:10:11.0726 0x30c4  IntcAzAudAddService - ok
17:10:11.0800 0x30c4  [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
17:10:11.0815 0x30c4  IntcDAud - ok
17:10:11.0897 0x30c4  [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:10:11.0920 0x30c4  Intel(R) Capability Licensing Service Interface - ok
17:10:11.0987 0x30c4  [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
17:10:12.0014 0x30c4  Intel(R) Capability Licensing Service TCP IP Interface - ok
17:10:12.0123 0x30c4  [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
17:10:12.0132 0x30c4  Intel(R) ME Service - ok
17:10:12.0198 0x30c4  [ 4B7F8A1AAC7172DB6918A0E10E1D78A3, 1E9922AF9B5458F23A379EDCD61B615B6E53BAF8927237C1C7DCC04122CCF417 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
17:10:12.0202 0x30c4  intelide - ok
17:10:12.0258 0x30c4  [ 0A3DBE89C965FFB7C0D0E38834E77B90, 0166BE79228ED6B3D7AA1BACB4F1BB68357DBF70DF778B2F8A3776E374EE690C ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
17:10:12.0264 0x30c4  intelpep - ok
17:10:12.0291 0x30c4  [ 64EC687A811DC4F69DF3816F073352AA, F70942B67448DF9848F32F88D37E1E0C548CE9FEFC4376628D7CBEF62494D8E1 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
17:10:12.0297 0x30c4  intelppm - ok
17:10:12.0317 0x30c4  [ 549C278119FF539C3B219C55B98B0E87, B4C15AB0C77EAB6C5ADEBD014F610BBFC537EAEB0E3960636624001C8A5DE56E ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
17:10:12.0320 0x30c4  iorate - ok
17:10:12.0339 0x30c4  [ A0F9F2E87F0C751FE164D90EB44A9B63, BE816F17E43E5F80AC65E913AB7F9E77B8D6B70B90A784CB00C907D3DAFFD4DB ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:10:12.0342 0x30c4  IpFilterDriver - ok
17:10:12.0434 0x30c4  [ 57A93FCF94FAB8C2161335E56C81CD16, 4A642E4FF70DA209074B78EC50B76A024DB5D01B8C9FCC405A64AF0F1A7EA389 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
17:10:12.0460 0x30c4  iphlpsvc - ok
17:10:12.0517 0x30c4  [ 656DDB34996A96539BA6E2843B5F2A77, EDC3F1A2BA38A9655361A20B6C8001984AEB1A530C5385CF6EC0AF595305DBC7 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:10:12.0521 0x30c4  IPMIDRV - ok
17:10:12.0551 0x30c4  [ DCC05E5EAA580C97F13B434FAFACED85, 5C6CFD3D9FAEB7274E05F3D19D3AA064624500C616650DE227B849B505662BB4 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
17:10:12.0557 0x30c4  IPNAT - ok
17:10:12.0577 0x30c4  [ 9A6B993A95CCA15502DE3C980508DC44, 370A1A4531A72CFBF331ED274913925A269115A13E3A6B5E1821FB48DD7242AE ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
17:10:12.0581 0x30c4  IpxlatCfgSvc - ok
17:10:12.0630 0x30c4  [ 9035C10C7EB8CF7C87CEA82A62EBB43A, A0DA94E80E503DB3C2877CE1BCDC70B3FCC6861ADFBCCE66C6D2592BD63F27DC ] irda            C:\WINDOWS\system32\drivers\irda.sys
17:10:12.0637 0x30c4  irda - ok
17:10:12.0657 0x30c4  [ E7FD479E3298F3C8852A0D2F092BDB35, 07F2E779268EBBF4F32ED1C8423493B36BA823905E71B524C6AEBA0093193307 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
17:10:12.0659 0x30c4  IRENUM - ok
17:10:12.0678 0x30c4  [ 65B145143F6E5E1B5A213F0D9F4C4C44, 0E390BD8D7B4B9562E8FEE0D109DCE0D9EA823FD2D20B39FFACE3331F30FE5BC ] irmon           C:\WINDOWS\System32\irmon.dll
17:10:12.0683 0x30c4  irmon - ok
17:10:12.0699 0x30c4  [ 7FE3B3A30FA20F27AF7022A01C2266BA, 8AB924F08ABF1DCB154B6A3BDB7E3E5A863008B5AFF8E3DB9759848774E00E8A ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
17:10:12.0702 0x30c4  isapnp - ok
17:10:12.0756 0x30c4  [ D492648D96A14BA639B76D177B24CD82, D65D2494BAC8A317FD70293E59D039078D1D19FAE20A4EB2665246CAACFF0C6F ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
17:10:12.0766 0x30c4  iScsiPrt - ok
17:10:12.0837 0x30c4  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:10:12.0842 0x30c4  jhi_service - ok
17:10:12.0886 0x30c4  [ D36B404BF979297C6572AEF98B2594F2, CB2F4E6589936D35D59CA70B39A29D091540EA125BE4B937AF92CEA0C6D0AAEB ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
17:10:12.0889 0x30c4  kbdclass - ok
17:10:12.0901 0x30c4  [ 7E2036A846789D6D6A2EE21915017EE1, 82AF85CA30B440E453F7694C7EDABB5D2DB213AD2FE8620B92667DFB492229A1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
17:10:12.0903 0x30c4  kbdhid - ok
17:10:12.0912 0x30c4  [ 4C054B8E901F41F5743DADE8A29FF256, 1009CC2503E08AFEA849BA83135C2D75C573FC4D6EFB5DBCDCC7ACB17AF83152 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
17:10:12.0914 0x30c4  kdnic - ok
17:10:12.0925 0x30c4  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] KeyIso          C:\WINDOWS\system32\lsass.exe
17:10:12.0928 0x30c4  KeyIso - ok
17:10:12.0971 0x30c4  [ 97E3E8F35632EECD0ABD2DE6519A9666, ABE96FDEB1076E380D7FB4975C020B43ED4E821097EFC6AFE8C75D764167D6E8 ] kl1             C:\WINDOWS\system32\DRIVERS\kl1.sys
17:10:12.0984 0x30c4  kl1 - ok
17:10:13.0008 0x30c4  [ B01AD8DA034EE42D4C2282F77FDB03AE, 3FF55F3CEE4A0E5D559F04F5A639297EA0F36580720E94CF9DD56DEBF2E98F39 ] klbackupdisk    C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
17:10:13.0010 0x30c4  klbackupdisk - ok
17:10:13.0030 0x30c4  [ 10549B5BFD9A3DCF4FFA6287236FA959, 6BDFA335A8E3A69425CB23230660D3168CB82911ACB3AAAF85C19263511EAF51 ] klbackupflt     C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
17:10:13.0033 0x30c4  klbackupflt - ok
17:10:13.0039 0x30c4  [ 7DAA9047F50BF5A3F8C147719FC520AF, 0740387075AF46DB1E9AEE3B12C65A06EDFE58EADB8B562C36CB1FEFF9905C26 ] kldisk          C:\WINDOWS\system32\DRIVERS\kldisk.sys
17:10:13.0042 0x30c4  kldisk - ok
17:10:13.0093 0x30c4  [ 5766A27C85EE813029831D125D2EFB45, BB5BAFD5A58E80C7F0B8D24121352E0386B3422FFC16B56F1D1B1C6A482AC9F0 ] klelam          C:\WINDOWS\system32\DRIVERS\klelam.sys
17:10:13.0098 0x30c4  klelam - ok
17:10:13.0158 0x30c4  [ FA0253329B8951509D9B5A476CCD41D4, 1981BFCBEB8AF7D677791E1D46AD4434DA3CE0AC2A5CFB26916821FAB45EA757 ] klflt           C:\WINDOWS\system32\DRIVERS\klflt.sys
17:10:13.0165 0x30c4  klflt - ok
17:10:13.0220 0x30c4  [ 432A489DEF978702210732364E7CF486, 0D911843EB49F70BC60AEB56DD66BBC328E065F6AD2ED4EC7FCCD30C61A3B017 ] klhk            C:\WINDOWS\System32\drivers\klhk.sys
17:10:13.0234 0x30c4  klhk - ok
17:10:13.0356 0x30c4  [ 5760DA02C78CF275D7980C87D724B221, AF724342F8A8F83163DCC0D106B2ACA3E73765F1628DB1EEA5BEDA1B2D6AF1CE ] klids           C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys
17:10:13.0367 0x30c4  klids - ok
17:10:13.0406 0x30c4  [ 4DF87FF594381901C224866A61A25B7B, AFAF93F4C08B481F0203ECFB2B4F0997728E9C91B694CB2BF9BBBF4889EFC48B ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
17:10:13.0429 0x30c4  KLIF - ok
17:10:13.0474 0x30c4  [ 6357C533C30650361110DBAF59A25DF8, FA8CF6292CCBC7E23527D968E54CD773706CF091E35563B0CF9F8A1DF0B724B9 ] KLIM6           C:\WINDOWS\system32\DRIVERS\klim6.sys
17:10:13.0480 0x30c4  KLIM6 - ok
17:10:13.0512 0x30c4  [ 5480CC93737F48282552C84FA7EBA59B, B7D92424399B647132F6B9409FE75EAA310C984F796FC0B65BBE2EA180110968 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
17:10:13.0516 0x30c4  klkbdflt - ok
17:10:13.0545 0x30c4  [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
17:10:13.0548 0x30c4  klmouflt - ok
17:10:13.0565 0x30c4  [ 6B0C605591C892CBB683F63EA47822DC, E74C0A0501A1B4B56B417402108521F34DA6A23FCD1C05E4E524E41EBA0906FF ] klpd            C:\WINDOWS\system32\DRIVERS\klpd.sys
17:10:13.0568 0x30c4  klpd - ok
17:10:13.0584 0x30c4  [ 097D722294B9C1FA6E514A088F2E6B6E, FB0492CAF45FDF7F656CFF6662309435679C946269577ECF76A3077B7D7F940B ] klupd_klif_arkmon C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
17:10:13.0592 0x30c4  klupd_klif_arkmon - ok
17:10:13.0630 0x30c4  [ 34D207C9300529BE5E29267922483778, 6F2888A3E649B78477A568E8F8A2527493D9D0D1FD13822E5D90AE575D2041D2 ] klupd_klif_kimul C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
17:10:13.0633 0x30c4  klupd_klif_kimul - ok
17:10:13.0674 0x30c4  [ 6A80ECDC10138AC34E48A4BE684E06F9, DF8BD9139B82614614D9E1B5DAEA74E4DF4D5CE95F11ED503FD3B8E07722A1CA ] klupd_klif_klark C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
17:10:13.0682 0x30c4  klupd_klif_klark - ok
17:10:13.0697 0x30c4  [ EBC5ACF5F373981161752650BC17DD4E, 892A6758F5C7589D38A6A01D08F7B3F6D144591E0D3337C0E4B2CA9B66C70C37 ] klupd_klif_klbg C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
17:10:13.0702 0x30c4  klupd_klif_klbg - ok
17:10:13.0740 0x30c4  [ D0B29808F37C6F6373AB16B716D9A1F8, 82E5760F0A313E43E3B9AF44E2A811021B84E7954CB5DC1462C7033AAEA8AF4B ] klupd_klif_mark C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
17:10:13.0747 0x30c4  klupd_klif_mark - ok
17:10:13.0814 0x30c4  [ D7F0B46844565E2ED68AC99AF0F4263F, AB419CBC29F96703237127AC4178A5365D4CCA010BAB1BD66D100D635E6E89B8 ] klvssbrigde64   C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe
17:10:13.0819 0x30c4  klvssbrigde64 - ok
17:10:13.0849 0x30c4  [ 4C5305295B51BA72FC9C8CDAB32F95C3, 0E5850AC4CA14D971E7B04FED23CB2F6CEEE2796E905AADA0104677982ECD58A ] klwfp           C:\WINDOWS\system32\DRIVERS\klwfp.sys
17:10:13.0853 0x30c4  klwfp - ok
17:10:13.0893 0x30c4  [ 4799405773BB400A2FF96663CF0EE4A2, F7650B80AC388675724D9A43D709FF9CCDE99374D7C5E3B900F61FC61D6816D2 ] Klwtp           C:\WINDOWS\system32\DRIVERS\klwtp.sys
17:10:13.0898 0x30c4  Klwtp - ok
17:10:13.0909 0x30c4  [ 098D3EBDC599E05449A3BFB5BB519FE0, 00A02DE53312D4DF52E26E14E0E803255DF5AFAE95455EAE5A004F9E84C8B2F5 ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys
17:10:13.0915 0x30c4  kneps - ok
17:10:13.0953 0x30c4  [ EFF5EA6088DB81C6EF6EDCDA5EE79909, 4D364B0BF012C335FA3B25BDF042D4AF672D961B9B48CB7C5BE34FCFD1D64979 ] KSDE1.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
17:10:13.0959 0x30c4  KSDE1.0.0 - ok
17:10:13.0974 0x30c4  [ BA7A5838866618A4E82FBC05B8923605, 96E898C7768BED66487A00E02B2E50516602BCF54E6648F5528E3334AE8527EB ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
17:10:13.0978 0x30c4  KSecDD - ok
17:10:13.0992 0x30c4  [ 6629CAA1F157088B9EDD1EAD24C6D753, 3E5F3BCB34F4B52BE46B96F9F720FE5FB37A01D4E408875F6BB89F5B5C5A3900 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:10:13.0997 0x30c4  KSecPkg - ok
17:10:14.0039 0x30c4  [ 9778205F28DC4F2EFFCC146647FE5CF0, 6B7EFFB08C7757A2830745920A624F89DBD5B323E0A884932FECF06471894F9D ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
17:10:14.0041 0x30c4  ksthunk - ok
17:10:14.0085 0x30c4  [ 08F9C3F7FE3019BF53B1405B1820528F, E90940533F88A33C396E1DF9D186E945F030315FB2201E479F144E27387333CA ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
17:10:14.0096 0x30c4  KtmRm - ok
17:10:14.0149 0x30c4  [ 0DD3C5101AE1AA7E28B4CE5AB190C261, FAFFE2102972798210ED5E766F54C5EED6262354E132E1C24539DAA598895608 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
17:10:14.0159 0x30c4  LanmanServer - ok
17:10:14.0207 0x30c4  [ B82D6C634638534E41748FCEC909E55D, C286EB7B3E780549F77E75B4B9F053861D82EFDCD43B1308848A08D23EFADDCA ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:10:14.0217 0x30c4  LanmanWorkstation - ok
17:10:14.0318 0x30c4  [ C57D9A5DC8075D6BDC5C0360191CC366, 4E1532EF0FEE52108851DD42BDB926294F0A4708C6ED163008D91EDD026AE925 ] LENOVO.CAMMUTE  C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
17:10:14.0320 0x30c4  LENOVO.CAMMUTE - ok
17:10:14.0358 0x30c4  [ E4AEC51E55A8351BFBF8567663862BAA, 3255E367776FEFE0543E951E30E45936696D699607DD271E29600D402BAE6142 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
17:10:14.0360 0x30c4  LENOVO.TPKNRSVC - ok
17:10:14.0373 0x30c4  [ DCB08CA5FF82E764E29516B0C4DA4674, 22D9952FE2149FBA170DC55B42F88447258E2640C5C49C3748EB66D6D1F8EE92 ] LENOVO.TVTVCAM  C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
17:10:14.0378 0x30c4  LENOVO.TVTVCAM - ok
17:10:14.0417 0x30c4  [ 031199B929009F268A478F0283E1CE32, B7BFB848A03535C16798085D489AB294935955F2982330B39190B2074BF9122B ] LenovoWiFiHotspotSvr C:\Windows\System32\LenovoWiFiHotspotSvr.exe
17:10:14.0423 0x30c4  LenovoWiFiHotspotSvr - ok
17:10:14.0464 0x30c4  [ AF1077E89AD4458EC9B1CABB35595346, 762AE3218B7B05032C4199F0AE9ABCC822C3DF88BBB09536202B6B26A7944024 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
17:10:14.0470 0x30c4  lfsvc - ok
17:10:14.0491 0x30c4  [ C0CB3B9F1F92C36B91309FDACCDF918B, 5D40C11388A48323D9D9AC18A950B09E2654092BC2F9DE45779A9354668BA18E ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
17:10:14.0494 0x30c4  LicenseManager - ok
17:10:14.0509 0x30c4  [ FC37745959DFA4871759E4DCC836227A, 8B63F798440FD0A34E2F2940B2598238BC852EF3EFD22147A77AB4BA6FB9E704 ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
17:10:14.0512 0x30c4  lltdio - ok
17:10:14.0534 0x30c4  [ 1797F544956D46966C67A2F7879403A9, D7820D2F8E936FF13D709BA1BD0541AABA8402F38698FE96DAE70B4E7A730835 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
17:10:14.0543 0x30c4  lltdsvc - ok
17:10:14.0579 0x30c4  [ AE561CB0813D4DFA7D3E4471B2B70F5F, 344EA5E02D04098F032353962C1B70B0F578BCCD2843C70D6330B3F967D2FDB5 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
17:10:14.0584 0x30c4  lmhosts - ok
17:10:14.0653 0x30c4  [ D9A646E8BC99F0383E9BC0D3A96C4501, C36ECF85E591AACCCE2D1E02A3B07806193A04BDE8752464C6703E3CF53C8CD2 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:10:14.0663 0x30c4  LMS - ok
17:10:14.0712 0x30c4  [ 16C9D4D822CCA795A72DC88B25A577CC, AEF93AA4E815F90C1A42D574C6DE7EF31FE69AD7B78B8E1AC7C27304F3CD7959 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
17:10:14.0716 0x30c4  LSI_SAS - ok
17:10:14.0733 0x30c4  [ 920F0CFCED5F28A31B79F1C470649D11, 5A5F390F2FD7C26807E7896E9F8F94EE7E69FE3C4B247BEA515588EB076148EF ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
17:10:14.0737 0x30c4  LSI_SAS2i - ok
17:10:14.0758 0x30c4  [ 0FE63316F1C70A0F759A449FAC64C24B, CF99D62FDA862095BA1EB57DD58CEC070E0552E15B6F454B87D593707132636B ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
17:10:14.0761 0x30c4  LSI_SAS3i - ok
17:10:14.0778 0x30c4  [ 80E82C46B27A923A3744531069B63857, C73A200FC2A009D19F2C26FAC07489EA0F4329CD7A1D80EB3200B19DFC883F8D ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
17:10:14.0781 0x30c4  LSI_SSS - ok
17:10:14.0818 0x30c4  [ A69A59CD52D26443FF728FD52283598C, E416481B23CDADBB9E608E49C9DC9A520D14935E92CA9B63E7763692DB382D7D ] LSM             C:\WINDOWS\System32\lsm.dll
17:10:14.0834 0x30c4  LSM - ok
17:10:14.0889 0x30c4  [ 88F5570C04766EE561FF129B2F93030C, A36F7FF563F813EC0F69E5BFB76C58A1C9824F54BA1729C4096E8B7B7C8D90EC ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
17:10:14.0899 0x30c4  luafv - ok
17:10:14.0978 0x30c4  [ D365217A6D4528ABB41B40C8FBD227E8, 340129785A5788A8FFE0E1B339A616D290F7504F3658F63E1A3B169B38460FBF ] MapsBroker      C:\WINDOWS\System32\moshost.dll
17:10:14.0988 0x30c4  MapsBroker - ok
17:10:15.0060 0x30c4  [ C3EED732789052C98A2613A7E1C37CDA, D71735C8FB772EEB7F3F304CD79D8D774A9A285A94365DE0E635F61357EC9F0F ] mausbhost       C:\WINDOWS\System32\drivers\mausbhost.sys
17:10:15.0069 0x30c4  mausbhost - ok
17:10:15.0106 0x30c4  [ 4DCE65116A28488593FF5A6A18B03DB0, AAFA7E7C1C9A38B8CF5CE530F96028191F52B1FDD2790246E413B63CF7C5F02A ] mausbip         C:\WINDOWS\System32\drivers\mausbip.sys
17:10:15.0108 0x30c4  mausbip - ok
17:10:15.0124 0x30c4  [ 0609BF877A2F4DEECC62EEE220AB6242, 393268836EB055669997BD05866487497AFC396C9516DA4C4F143679B1DDCA6E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
17:10:15.0126 0x30c4  megasas - ok
17:10:15.0143 0x30c4  [ EEC64C8D498D121607C7615FDFBEE4D0, B605B9886C1A05C999B005AEA6D0677DF632E2F34F4FF03F09C2E6C05F554D50 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
17:10:15.0146 0x30c4  megasas2i - ok
17:10:15.0179 0x30c4  [ 2B7D3B206833D769218A1F4BE2D73B97, 25901A5E931DC3659993448E59ABC3601B7B0ED9AFEF0F5ECC139D0D0442F73B ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
17:10:15.0192 0x30c4  megasr - ok
17:10:15.0239 0x30c4  [ 8FE46E9374DAD76ED081936DEDD3F6B0, 2CEA37D4C9BD68BCF554120FF2A6A6B6E2A5CBB48C62071D1210557CB6A1D32D ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
17:10:15.0242 0x30c4  MEIx64 - ok
17:10:15.0285 0x30c4  [ 4F708DA590EDBCC124FB79066D44759B, B8DA803299AF5FDE1594CF958EA6B99D4B99E8163438A70A692CA33A96DBF8DE ] MessagingService C:\WINDOWS\System32\MessagingService.dll
17:10:15.0288 0x30c4  MessagingService - ok
17:10:15.0341 0x30c4  [ 89257B8D3826B5629CF7F73F97DA44F9, F056D67EC82072BA209FF7942862862FDF562F8C038F3128861C387F8F63B494 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
17:10:15.0360 0x30c4  mlx4_bus - ok
17:10:15.0382 0x30c4  [ 9AE3C0CC0865B1618A3C97744A6A9E9B, BF72AEF0360AC278B36ED31E5BFC2E8F72136B0952490A105CB6929654C97F6C ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
17:10:15.0384 0x30c4  MMCSS - ok
17:10:15.0416 0x30c4  [ 0CD29540C32C2E2E0E3D7E9832752AF3, E64C3F5323C59D53409E33E88989FDD2A38B5B602336FC1D8C3702CA9B5EBFC7 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
17:10:15.0418 0x30c4  Modem - ok
17:10:15.0443 0x30c4  [ 534477FCAFDFCA6B841BFA06BD26BCC5, 96404FDF0BA2127A3BD24319637EC0C8BE8C42618D9FEDF66F41C5F72840D427 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
17:10:15.0445 0x30c4  monitor - ok
17:10:15.0561 0x30c4  [ A8FD4605AACF006BBA3B2B90AC9565B2, 267003FFFCB7C3786694111C57E6B53140C198C1B4FB263766191B8C2E50AD56 ] Motorola Device Manager C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
17:10:15.0570 0x30c4  Motorola Device Manager - ok
17:10:15.0598 0x30c4  [ F5D4E18A70BA069D479154442CDEB60D, 96345E88BC6A50415E112A4B4CFDF3F4306EA049741C5B0A2BFFC142F15EB5CB ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
17:10:15.0603 0x30c4  mouclass - ok
17:10:15.0624 0x30c4  [ 5C09868963B0C076AC3BC7759A46B7B1, 64CD200A8D90CDC31317009636A3BB6574ABF04BCAC903F93C47823C40CC03F6 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
17:10:15.0628 0x30c4  mouhid - ok
17:10:15.0648 0x30c4  [ 8BF7039787036529B98E50AE86A0E46B, 69C04D012D026A14E2D2A138EDA79227F9BE4BE1892D517DCDB797F2A5AEDB14 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
17:10:15.0656 0x30c4  mountmgr - ok
17:10:15.0726 0x30c4  [ 86C9215967686BB8A6AEE8008D914BF8, 907A156AADC880F06EB7BBBC0C57EC14A205CEE43A2AD509F6BD4040CA4F327D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:10:15.0784 0x30c4  MozillaMaintenance - ok
17:10:15.0833 0x30c4  [ AD118EC95E9EF4D5223D681D8F183567, 395B76626956F5B7992676B9CA57B2CA075F0CDA881E14B3ED07ABE2DC0EEDBC ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
17:10:15.0837 0x30c4  mpsdrv - ok
17:10:15.0923 0x30c4  [ FA53A01517BBA97EA3B71CF5CC2052F4, C6F7CBDFAD629B2D4B6ED6A471708E8DBEB5CD5E0A992848359D3C0A82FDFCBE ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
17:10:15.0947 0x30c4  MpsSvc - ok
17:10:16.0007 0x30c4  [ 84A7AF1DB4EEBEDBA3F41FF4D3234091, F49E140D0DEA2BB98205A8CA7C0ECB366FFF02D528A83760E9358DFCFF5A90D8 ] MQAC            C:\WINDOWS\system32\drivers\mqac.sys
17:10:16.0019 0x30c4  MQAC - ok
17:10:16.0045 0x30c4  [ D14C297933C82B8CB0B5CBBA4DDC830B, 2EF356F5373F16A7AE2421187FC5C150C09452C835229275B7403181D65C210F ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
17:10:16.0055 0x30c4  MRxDAV - ok
17:10:16.0130 0x30c4  [ F2AD1B72C5A6475FB5FF332E1980DF88, 41E24496FBD61C0A333F567DA7C4E38C5A792724FB56448189099F60114749D5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:10:16.0147 0x30c4  mrxsmb - ok
17:10:16.0174 0x30c4  [ 469DD958B1D8CB09E38BE2298B8C398D, 97CCEFF58D8865B0D27C4E16B082C20FA5279CF01A37F47B5F2DA39B334F0667 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:10:16.0182 0x30c4  mrxsmb10 - ok
17:10:16.0218 0x30c4  [ 1FC4802B593494746B6FE3BDAC25E371, 774CC950B46B3E32603D368D9938BFCF60D2BB3C14C3FE8B03CB1E724AAC29EF ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:10:16.0224 0x30c4  mrxsmb20 - ok
17:10:16.0293 0x30c4  [ BD12E1941A87671A767447B02C6A51A1, 7FCB3077E827639CE23CC2C6FE997A33F7A702D266C0277AF01453B5ACC0966D ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
17:10:16.0301 0x30c4  MsBridge - ok
17:10:16.0349 0x30c4  [ 41C5D9B52F4A1B30C3F7219D601CF12C, E1C1B1CED19D32FA1B765C7C380B9E749893B2018CF358F448E40DA60CB63166 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
17:10:16.0362 0x30c4  MSDTC - ok
17:10:16.0396 0x30c4  [ 92C00BD9616F353CA59A755C33269757, E67F05A4A1C44137CCAC0C7292A7010B5920172ACAE32638600E231F28F33035 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:10:16.0398 0x30c4  Msfs - ok
17:10:16.0448 0x30c4  [ F27EC8F7A0A779276E5DA2E70C2B01EE, A450DB309F84CAFFCE2A720612BDB260D88E9C390D2BC60874D73A55D8567E04 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:10:16.0454 0x30c4  msgpiowin32 - ok
17:10:16.0481 0x30c4  [ CBA955A54C9446CAAD28C76789D3B071, F6CA1BECA35B13B7CCC9FFB325FACF22713F6B81E8A6540C9967A462E425BBEC ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:10:16.0483 0x30c4  mshidkmdf - ok
17:10:16.0512 0x30c4  [ E8E568EF60677E4534F387C53EE1B35F, 2E250EE1A9AE8AFDCA5216BED87328B05713386BD7E61C66A74EF021F2AFE7D7 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
17:10:16.0515 0x30c4  mshidumdf - ok
17:10:16.0534 0x30c4  [ 16376B7B0730C04DD1A2C0CC8E09E420, 2F39D3254FD272E277B5496A8C93A7CBFBF80F6004AE0343BE9F09C538975910 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
17:10:16.0537 0x30c4  msisadrv - ok
17:10:16.0592 0x30c4  [ 75FE54E84C1EB0C9C5E09F9FD5928ECC, 971CFEE8FB8364D17CD392E32A32AE57BE6461EAB6C580B52E6D752D4CFDD6B3 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
17:10:16.0599 0x30c4  MSiSCSI - ok
17:10:16.0605 0x30c4  msiserver - ok
17:10:16.0654 0x30c4  [ B26E1C10C8323D2B6ADAF504CD487757, 758DBCDA43D62547ED274D2E09A66B266470C86A89A3BEF387E535DB37A7EA44 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
17:10:16.0657 0x30c4  MSKSSRV - ok
17:10:16.0672 0x30c4  [ E40B960078A15D4901265D32E071C42D, AC11B8221C8F529FE3CA6FEB99AF699664C86008A732C3A8E6B1CE31C2272454 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
17:10:16.0676 0x30c4  MsLldp - ok
17:10:16.0778 0x30c4  [ 1EC9FC8E5101139CF84589E8EAC24B9A, F351661FC548FEC2652018B4F1A2BC64FD938637A518EEDC9B6ED97471BAAC9B ] MSMQ            C:\WINDOWS\system32\mqsvc.exe
17:10:16.0784 0x30c4  MSMQ - ok
17:10:16.0835 0x30c4  [ B4860AB91DC4E73936F0FF504D6B4B07, 7371093D9EB62218D20F6B8B3C88CBF01932AEA2923ED119962A78BE46E5A939 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
17:10:16.0837 0x30c4  MSPCLOCK - ok
17:10:16.0848 0x30c4  [ 8EDC45C3F7F64A51C98B59E24648F74B, 445731F32A37A99FAB3CD5D178A84FB4F835727826211FF18623409D29FF3A1A ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
17:10:16.0850 0x30c4  MSPQM - ok
17:10:16.0909 0x30c4  [ 7DA5FAC2A49D30CA5B7B96B8B26281AC, 168C3AA5C7318184D8F67EA832920FCE64E11D4CC418517D7BDACB9632F0BEA8 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
17:10:16.0925 0x30c4  MsRPC - ok
17:10:16.0952 0x30c4  [ 4369BBFCDDCCE61856DD862C8E5C4E19, 23BA06675997A3A46723D0FC9E3DFEBC17E4149FC67B9DCED3011BBB5B5DCFF9 ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
17:10:16.0958 0x30c4  MsSecFlt - ok
17:10:16.0973 0x30c4  [ 7E3365C8BC83DCE88D6226BB5C7170C4, 69D741039CAAFCA93A4CC09CEC14F117527D732A6CF3077AA83E935B03EC3F9C ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
17:10:16.0974 0x30c4  mssmbios - ok
17:10:16.0992 0x30c4  [ 09D51564E49181E9928910D6B91C920E, FB3C918820ACF4506AC49478709B4D4C6489BA0B5113E666C34B916CA5CD6DE7 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
17:10:16.0994 0x30c4  MSTEE - ok
17:10:17.0007 0x30c4  [ 793AE56A3946EAD5F906C28D294FEFE6, BB563D088084026606C2FBD30A0850BA18363CC173CC6C77272D727CA6C1F9BD ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
17:10:17.0009 0x30c4  MTConfig - ok
17:10:17.0037 0x30c4  [ E35F51C7474A26680627477462715206, 435490915CDD416D666B64C6B4526285EC946E6918CFA85585692B9ED43518B6 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
17:10:17.0040 0x30c4  Mup - ok
17:10:17.0069 0x30c4  [ 74BD1149BF50F1E24934042A3BD17C90, DC4626DC4D629CA7DF336EC7E6435F27D2E252D81945E57F4BF2C981DBCD9B45 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
17:10:17.0072 0x30c4  mvumis - ok
17:10:17.0149 0x30c4  [ 39C772E20B8C61858F969E4D60699D89, 32146D265CD315597C48FB233D77DDACB0FEDDB7E800A0F411A67844BB3ACC67 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:10:17.0162 0x30c4  NativeWifiP - ok
17:10:17.0306 0x30c4  [ BC80F85C129F12A5F64D6741A120B539, AD410F13BCBDE54F98E353BD4DAF30CC5A0A9990FC4F1AB3623EF3175EEBCAF7 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
17:10:17.0326 0x30c4  NaturalAuthentication - ok
17:10:17.0360 0x30c4  [ F2EA6F3165E154C24C084AC35DD6C3F8, 4F8CB75770945F5A28CC308917A124109F7462CE933695B9CAA3FE2CAE76C445 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
17:10:17.0367 0x30c4  NcaSvc - ok
17:10:17.0397 0x30c4  [ 9B3C6582CFB91BA2A04B1D06D8E2FB98, 431E6B075FD24002724E8A2ED9FB3221AD66D1F1D021B56466187D97E5B43A1F ] NcbService      C:\WINDOWS\System32\ncbservice.dll
17:10:17.0408 0x30c4  NcbService - ok
17:10:17.0423 0x30c4  [ 932E2E43078A3D786A46A5428F21B314, 17F1CC3388D80F1E1850063114C1EB72EEA149D9C8FA3501C0F9EB55C9E0C58D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
17:10:17.0428 0x30c4  NcdAutoSetup - ok
17:10:17.0464 0x30c4  [ 0FFE8AF1B94C5FD54E6ACC6DAE990D31, B67D3CA3460D4700D8B83EFE4B6A7AA940650E84D985484FBAA1EE80F3632133 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
17:10:17.0469 0x30c4  ndfltr - ok
17:10:17.0722 0x30c4  [ E27876B335FEB441DA511030AA85624D, 6B4FA08463166A2B32F317E6FEDE3C22EB8FFA5B2077955A0B2F2184858BDDE7 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
17:10:17.0750 0x30c4  NDIS - ok
17:10:17.0804 0x30c4  [ 4EA73CFDEE4A628D387D95464A131F29, 38A6E2389FA9B20A7AFDF3CFCD13B66489B92D853EE486BF81019F0A36A142E1 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
17:10:17.0810 0x30c4  NdisCap - ok
17:10:17.0847 0x30c4  [ EB127689AF6F24091AB73538A556257F, BC25067D355084D6893E9262750433044C28893BB27A67BF7AF5008742C6D359 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
17:10:17.0855 0x30c4  NdisImPlatform - ok
17:10:17.0887 0x30c4  [ 73B4C72FB6170A08C64BDA92DE93ECF7, 766BBE659232F0F5EAEE577EE88091FB76175BC52D65B9637126069C97E795D4 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:10:17.0891 0x30c4  NdisTapi - ok
17:10:17.0922 0x30c4  [ 6704F27EB15A5B30AA7FA5A4F4D1FD47, 841F99B3C751F4D4E23C0E7B5C275B4871C1D5EF937A93129DF64DF49F6B6736 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
17:10:17.0929 0x30c4  Ndisuio - ok
17:10:17.0953 0x30c4  [ FE87CCAA89433FC306A80F15E848F4B2, 3269FDF53DA59057E066D582FCBB96B71C8063B8F488856A9DEA414B4797E43A ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
17:10:17.0957 0x30c4  NdisVirtualBus - ok
17:10:18.0016 0x30c4  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
17:10:18.0028 0x30c4  NdisWan - ok
17:10:18.0045 0x30c4  [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:10:18.0051 0x30c4  ndiswanlegacy - ok
17:10:18.0092 0x30c4  [ AC6AC99075732F5C29DB0004DD5B1AC6, 684EC821EF5C60DA540CA36EC192B09E62440AAD5B13F0F4C23DDC4A9B96F28C ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
17:10:18.0095 0x30c4  ndproxy - ok
17:10:18.0123 0x30c4  [ 9AC090451D92E6081EB89CDA83D74189, D4D442412F112853AA8D88DFB5F695AE4E8E2C361905992537EE53BE675FECE8 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
17:10:18.0128 0x30c4  Ndu - ok
17:10:18.0155 0x30c4  [ A115DDB2C7805C41EEC9A5276FF5764E, FC81D0BE2DAAC6E7161C0FC5C90050022A39AD50E28040D5357C0E1FD6C0B6B5 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
17:10:18.0160 0x30c4  NetAdapterCx - ok
17:10:18.0188 0x30c4  [ F420B6CAB5151A38E4DBBFFB500C11DA, 271F495B261461B8EA847BFDD87C155E6DC1B6236C161B8253A1F023706B1B1D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
17:10:18.0191 0x30c4  NetBIOS - ok
17:10:18.0249 0x30c4  [ 30C2F67EC84EB11B22011620107E0325, 98088685F457566FD8D13B83A0BF6B06CDC70AC156B67BF87A8A8446C150C1F3 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:10:18.0261 0x30c4  NetBT - ok
17:10:18.0295 0x30c4  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:10:18.0300 0x30c4  Netlogon - ok
17:10:18.0369 0x30c4  [ D9FF8CA42C3541F4840693F17143C595, B05FB0B6439B34BD93EE59DC48BBE3D712A7428EFBFE37A887CE8546E57EE68F ] Netman          C:\WINDOWS\System32\netman.dll
17:10:18.0377 0x30c4  Netman - ok
17:10:18.0526 0x30c4  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:10:18.0717 0x30c4  NetMsmqActivator - ok
17:10:18.0736 0x30c4  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:10:18.0739 0x30c4  NetPipeActivator - ok
17:10:18.0900 0x30c4  [ 96173660A4DD4A56E4B8938A67DAD9B7, F1D8F94625C6461DB89F8D3BDC73748F8A7F3446694BD1F148AF9BE6F17E9543 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
17:10:18.0913 0x30c4  netprofm - ok
17:10:18.0952 0x30c4  [ 79C810D49E6D2825F51B0D7CAA6E2FAD, 19B7FB87FC8CE8FEA456F06D32099ED5B69FE38D2954580D4CEC32998D206E9F ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
17:10:18.0975 0x30c4  NetSetupSvc - ok
17:10:18.0993 0x30c4  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:10:18.0997 0x30c4  NetTcpActivator - ok
17:10:19.0012 0x30c4  [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:10:19.0015 0x30c4  NetTcpPortSharing - ok
17:10:19.0078 0x30c4  [ 8C03F2F5A9E93AEB08B3AEE51552394A, F95185FB8D5FDEAB39E593488BA6ABCFA9C081BFED05008E0CD95F29B894AFC8 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
17:10:19.0087 0x30c4  netvsc - ok
17:10:19.0189 0x30c4  [ 0C124EAC0EF7B3767280C94A8C03615B, D10216726A221C8FBC67C47F4B266C271A7C7A4438F77AC44BB561E0A6EB6D34 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
17:10:19.0209 0x30c4  NgcCtnrSvc - ok
17:10:19.0384 0x30c4  [ 9ECFD7DD594DBEAED3A2889045B2DCBD, 984B10A88E304B805153C49B3D618315926635A270AB34D2976E7AA5AE00E2F4 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
17:10:19.0412 0x30c4  NgcSvc - ok
17:10:19.0490 0x30c4  [ 50F98CD010326B58F09082BACF3123AE, 124446A2905E23BB3F5763E347842F3F511EC44C37C2F85E409F73EC8F53924E ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
17:10:19.0502 0x30c4  NlaSvc - ok
17:10:19.0543 0x30c4  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf             C:\WINDOWS\system32\drivers\npf.sys
17:10:19.0545 0x30c4  npf - ok
17:10:19.0598 0x30c4  [ 6D8F6A9C53CFB0C49E8251A442B7283F, C3E913E4997C35A9B4C2E613A499F01D15264EAB699B93269B690B2A74A70E9A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:10:19.0604 0x30c4  Npfs - ok
17:10:19.0655 0x30c4  [ BABF7E1757D6908941C9F9CBD66A5EF0, 323E743CB26583763A9C5DE64E7E08138CB8D3E2DE0A8BCE9F774E1C7426E7F8 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
17:10:19.0660 0x30c4  npsvctrig - ok
17:10:19.0688 0x30c4  [ A85EB5721C7203AAAAAA04F551960CD9, E61ED728E154799346C749159BFE36FAEB2CE64FC5735F533B910017D66A7EE5 ] nsi             C:\WINDOWS\system32\nsisvc.dll
17:10:19.0696 0x30c4  nsi - ok
17:10:19.0738 0x30c4  [ 7A6BA778B48DF9FB7AC231D4FF6E3248, 5959CA59C75D2C4DD8A539CAA8D99EF6A0CB5AA3F0D485B14C8B35911748F1F7 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
17:10:19.0743 0x30c4  nsiproxy - ok
17:10:20.0161 0x30c4  [ 731FD52461C8107E5B19B9AEDBB82BFB, 51B6722B9B2863B4AE23CE6B1DBD8481DA341748196BD482C6C5F4A6959F24F9 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
17:10:20.0215 0x30c4  NTFS - ok
17:10:20.0236 0x30c4  [ 4FFB2D5655D10700D5B8E205C4DB86BD, 69078960669A373F9C2D47AF2ED841619831106B681EBAAEAAE5BD569A54CE6D ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:10:20.0237 0x30c4  Null - ok
17:10:20.0251 0x30c4  [ 99EB6376EC2C03CE5F668577651E3454, A783FFBF89A9074E2074ACAF3F55862DF2F05CAFEAF6A2D509DDA665EB0D59CB ] nvdimmn         C:\WINDOWS\System32\drivers\nvdimmn.sys
17:10:20.0253 0x30c4  nvdimmn - ok
17:10:20.0273 0x30c4  [ 3DB2E9E207358BFBD09B77B5119ECA5B, 55FED85EFC06B7AB5031D9986E4E4D2FA8841C549081ABBA9F9D9BBAB7852B37 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
17:10:20.0277 0x30c4  nvraid - ok
17:10:20.0309 0x30c4  [ 4C04BFBD4DB2EECCC47F5FA39D65BB6E, 9312DC4F7000991946D92D87DD9D37D70E336629EDBA553BFC79804049E34B73 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
17:10:20.0313 0x30c4  nvstor - ok
17:10:20.0420 0x30c4  [ 0D611DC17E48B6F8DD466A089170D118, E55A78E2CC6A0A5F7B8F0B75DFB2297FBC3B959C4FDEFBEA1C6C4E7706724AEB ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
17:10:20.0434 0x30c4  OneSyncSvc - ok
17:10:20.0502 0x30c4  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:10:20.0505 0x30c4  ose - ok
17:10:20.0845 0x30c4  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:10:20.0951 0x30c4  osppsvc - ok
17:10:21.0017 0x30c4  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
17:10:21.0034 0x30c4  p2pimsvc - ok
17:10:21.0095 0x30c4  [ D1A9C22A98A10EB11A190B8FC7C07C6A, 1DE5F07E707DA9D833F105A8D948BBAEF0172DB2147D9A665EC7320F88D57B9E ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
17:10:21.0106 0x30c4  p2psvc - ok
17:10:21.0133 0x30c4  [ 2CC6C325B271C7CA60F374F8F868CB45, 569391CA5DF003ED33CAA89FD38834641023C24F7FAE2261F6DA8ABC5CC9C3C9 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
17:10:21.0137 0x30c4  Parport - ok
17:10:21.0156 0x30c4  [ 664B7DDEE982ADF5EAB480C75B9F6218, 1D1403CBD75916B83EEFA9B235E237583C40025C87C13676247F1EAD3F1D33EE ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
17:10:21.0160 0x30c4  partmgr - ok
17:10:21.0187 0x30c4  [ 72ABB842C15A6C3AC3D954308C6BF206, 8F2A69E3BE43BCD2C8A39153062216B5CCEC9FA62205EC8A23FAB209DFAE7062 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
17:10:21.0200 0x30c4  PcaSvc - ok
17:10:21.0297 0x30c4  [ C5B74C6D87E77BC64DEBD1BF57DEB375, AEBC86E404D4E3985D9FBAD9913AC52127DDE7C79062830717CDFEEA4CD7CC0B ] pci             C:\WINDOWS\system32\drivers\pci.sys
17:10:21.0309 0x30c4  pci - ok
17:10:21.0360 0x30c4  [ CFB85CB7A6F6926EA0EB96EDFB3C8A91, 7B3A58C165DF231BB202D8A2036272932439864F8EBDC62811E2BEFA8B36FC01 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
17:10:21.0363 0x30c4  pciide - ok
17:10:21.0394 0x30c4  [ 13B7D84B397A90E82682C47A15C3A98D, 7F897DA83209381A8C26B34416899E276256AB587DC4E2B60B185CAC8D1877F0 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
17:10:21.0403 0x30c4  pcmcia - ok
17:10:21.0428 0x30c4  [ 76EA512FD9D4673CF7A57775EE8922E2, 6D2B90616A46BC4F9BB6BACBD78EB33C23834987365C87617AFC2E147871C984 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
17:10:21.0433 0x30c4  pcw - ok
17:10:21.0466 0x30c4  [ 4A88D29869609A39782EF53145E6F7CA, 6200E0B96FD0289D7F95779723E3CABBDEE17EDE5F802CC51E5539F475711027 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
17:10:21.0477 0x30c4  pdc - ok
17:10:21.0557 0x30c4  [ 4F190BA3C9BD2F0277BCBF480F396091, F09613C76350706992B39D7EA9B859D28F00790E5AC17CA7D49C3E270B9D8994 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
17:10:21.0579 0x30c4  PEAUTH - ok
17:10:21.0710 0x30c4  [ F5C8E47E2F7B72ACEA49F7AD2EA60D3B, 184B5C91BF36A03257A38E8FB5FDBEF96AE88F0F5FF2EEEAE7BFC6CA15CC1602 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
17:10:21.0778 0x30c4  PeerDistSvc - ok
17:10:21.0831 0x30c4  [ FE52FF97A094609429FEF098EDC6FB08, 6762ED340048AF61B756CB7B576BE2057768FDB677623D01F2A592727C0E5A00 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
17:10:21.0838 0x30c4  percsas2i - ok
17:10:21.0864 0x30c4  [ FCA143274792F12383C35902E801E83A, 87D93226E32153794993035553C9935D07242631E182460D8ED13650175C0F01 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
17:10:21.0868 0x30c4  percsas3i - ok
17:10:21.0961 0x30c4  [ 4DAD2C73778D41F951B33854936E7BDC, 1421FDA2D083D5923422A038C54603BF798C48DDB7244DBEDA46D537B8CE1534 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
17:10:21.0964 0x30c4  PerfHost - ok
17:10:22.0039 0x30c4  [ B730E963A31B73938A76D7B80666D60D, FADF452637E2EB50CC8C0E75956FE01F029C587F6EF2F8B347213263DE9D3A80 ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
17:10:22.0058 0x30c4  PhoneSvc - ok
17:10:22.0108 0x30c4  [ 97D85602B8131C487EB08A36F7343F5E, BEDC106AF06358D40BB034390645A5BFF9C138CFD51B5997D32614741D3D2372 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
17:10:22.0114 0x30c4  PimIndexMaintenanceSvc - ok
17:10:22.0220 0x30c4  [ F9FB601621FF33376F3908C2C27C6EF4, 8689565D4FD1C68826EA0A9C2B44377A2AEC3CD812595F0D32904D8FA5809672 ] pla             C:\WINDOWS\system32\pla.dll
17:10:22.0254 0x30c4  pla - ok
17:10:22.0297 0x30c4  [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
17:10:22.0302 0x30c4  PlugPlay - ok
17:10:22.0327 0x30c4  [ 414CA4DCC31D795882B25ADC1DACE779, AFD8D9AA24C64DD9569FDCBE65171810FE27AF24B8DD2941FECE6245EABB6AAC ] pmem            C:\WINDOWS\System32\drivers\pmem.sys
17:10:22.0331 0x30c4  pmem - ok
17:10:22.0389 0x30c4  [ D54385DD5A39A5636D1587FC9ECFC337, DEEA5D433CB2DA55AE58C7C5431A1249C94B61606F0A75E4A44D516619060263 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
17:10:22.0393 0x30c4  PNRPAutoReg - ok
17:10:22.0439 0x30c4  [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
17:10:22.0448 0x30c4  PNRPsvc - ok
17:10:22.0510 0x30c4  [ 118E91AEE8F6DDAD088F955498CF2487, F4447C64CF1F36432E0FF09B6712DCE61BF28E3499F20C6C69E80D98B42D671E ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
17:10:22.0521 0x30c4  PolicyAgent - ok
17:10:22.0585 0x30c4  [ F6A0B848F75CF55E3980EA0FADCBA317, 11D8B12B4DE867B180965B0F2FD0F362265C518F76FE3351A2B7C9C2FFC5E137 ] Power           C:\WINDOWS\system32\umpo.dll
17:10:22.0592 0x30c4  Power - ok
17:10:22.0646 0x30c4  [ D292D7FADCEE481CC64A9DE8FE9C3347, BD870A375E33CD8434CA97FFE9C2F84E58C6CD0EAEEEE8922172CB01F9674B55 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
17:10:22.0649 0x30c4  PptpMiniport - ok
17:10:22.0703 0x30c4  [ 980573FAECD185238D5B683958DC044D, 01A3BDE70F5E532F7B9AF3387689ACCAE30C18C04801ABD1FF46C85E9431BF97 ] Printer Control C:\Windows\system32\PrintCtrl.exe
17:10:22.0708 0x30c4  Printer Control - ok
17:10:23.0079 0x30c4  [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
17:10:23.0141 0x30c4  PrintNotify - ok
17:10:23.0171 0x30c4  [ D57CF871B3977731A91FE9611A54C7C1, B6C7F685716A88D0978377B83C5320C88EED0CAA44A001849AAFF71E4E0682E7 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
17:10:23.0177 0x30c4  Processor - ok
17:10:23.0242 0x30c4  [ 56A7713DE64B16FB309D132E88FDB098, A658C8DCA87442F33B726A9B2060B20393D83B8658D0894C046CAFEAB00E2D8A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
17:10:23.0264 0x30c4  ProfSvc - ok
17:10:23.0323 0x30c4  [ B60431D2A046AD97F8427F6E568370F5, CD488E343585A5AC19D9AAF88BF0BB7EEA1BC48F6DA4A4FBF9BE5A04ECF5040B ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
17:10:23.0332 0x30c4  Psched - ok
17:10:23.0418 0x30c4  [ EA735BF6DF13A857A83C99BF27A422AD, 026A57155FB9E01CFAFD8613980CDF0F3D744ABBBC66EFDC6C20B89980FB45CF ] PST Service     C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
17:10:23.0424 0x30c4  PST Service - ok
17:10:23.0492 0x30c4  [ E0DCCA2A78516D155A6485CCA99F0EA5, EAFD24F815ECD6373BEC8E75B24FB54694CB8E4FF430FB6886F9B5B1C1762BFC ] QWAVE           C:\WINDOWS\system32\qwave.dll
17:10:23.0512 0x30c4  QWAVE - ok
17:10:23.0533 0x30c4  [ A2B0F46FBA2521E7E732BDBDB1238515, 7F0FEFB09770BF5889D6C2219F68399C962A3F1071E70C4951B6FDAE196CF041 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
17:10:23.0536 0x30c4  QWAVEdrv - ok
17:10:23.0578 0x30c4  [ EA9EB06EFC325CD2ACF5DF2F26A4894E, 32AC7EDB42CDA736E2AD9AB67795735F16234D9BD80D56FDAE5B8B3C3C1CC26F ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:10:23.0580 0x30c4  RasAcd - ok
17:10:23.0634 0x30c4  [ 4E9379389D0A851DD19D130C8FAEFBD0, 279A25EF8949A5BAF311CA75493A5F89F74A02711EF875F67D0A95849B409C00 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
17:10:23.0640 0x30c4  RasAgileVpn - ok
17:10:23.0686 0x30c4  [ 3E8CB44832FE3F96047187291523CDA1, 999A10D4D50CD2C39309FDC04A9F4CB0959BA061AE9305D4DF7F00F37F3813F9 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:10:23.0699 0x30c4  RasAuto - ok
         


Alt 03.07.2017, 08:04   #6
JoeS2013
 
Dummerweise auf einen Link geklickt in Mail - Standard

Dummerweise auf einen Link geklickt in Mail



Und hier der dritte Teil - Danke für den Hinweis:
Code:
ATTFilter
17:10:23.0730 0x30c4  [ 5279EC98F6218D29EADDFECCC0D80E9A, 6F376FC3BEFA9F521635192177962AF1F41173502EC067896B7C2A5FB71E7A3B ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
17:10:23.0735 0x30c4  Rasl2tp - ok
17:10:23.0784 0x30c4  [ AC6A0AE3B33EE783717820458882F91C, EA503A90DBC31FB6B5D047D59E0F2855880EF3877877AD576579DB5CD8188E4A ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:10:23.0807 0x30c4  RasMan - ok
17:10:23.0829 0x30c4  [ D7FF75ED7A48FD60A573C9E959CF4DB5, C67673E2D678527F8C07C9BCC487D385B92282D9D73396CFB01F14F5211CA991 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:10:23.0834 0x30c4  RasPppoe - ok
17:10:23.0848 0x30c4  [ 6A4E45A7F17FA0B4B1B48C550E311944, 1E84A559B7AA5F07E8156D223EFFB1B2B43D1E4E90E561D8DF2C257FFBCFDC0D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
17:10:23.0851 0x30c4  RasSstp - ok
17:10:23.0884 0x30c4  [ F2C575A9657F7B2E027C6CE7BC8F1A2D, 5D002488CCEDCEBF0542F508FCE47DC9105C67D5685489970048437BD243AC0E ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:10:23.0894 0x30c4  rdbss - ok
17:10:23.0914 0x30c4  [ 9414B22E093243636D362BF8C8C12A67, 575CE91AFADD771CBF86377962EDFAF70150BBA575F8DF144FEE6CC1C0FF88E0 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
17:10:23.0916 0x30c4  rdpbus - ok
17:10:23.0943 0x30c4  [ 53A01D3FDB701AC5D9DDE4140227E3D9, 833AF0BAAB49B58C71C684D2AA20B900C27E19DDCE5E15355C7ABAAB33BC7673 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
17:10:23.0948 0x30c4  RDPDR - ok
17:10:23.0999 0x30c4  [ DF32ED51DC0C3F6F3B1C4CEF71B8B426, DBEAD271B5DE6439E3106BDDB8B1E47D7BA47AE203CF3E1F8924CE02FDCA6E0B ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:10:24.0001 0x30c4  RdpVideoMiniport - ok
17:10:24.0024 0x30c4  [ 2369A5B651308E0C3458143976E9B03B, 0EDE99F7E2A7668E90C2FCA11D4BCE0676FBEA2CCFB57A004827CE5FE96D1584 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
17:10:24.0031 0x30c4  rdyboost - ok
17:10:24.0128 0x30c4  [ 3581FB9529035F8EC6DB681664CA70B1, 0C7BCD6A3B4248683C52B69F0B373D5929C2375F9BBF6CA80C480A8E7446A30C ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
17:10:24.0164 0x30c4  ReFS - ok
17:10:24.0213 0x30c4  [ 79E1ADE19D8B7C56EF29D098EAF57AD0, 295D0F04359A00849759976710F6CB83DB96E5007946930EA19865620EA3EFE7 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
17:10:24.0233 0x30c4  ReFSv1 - ok
17:10:24.0405 0x30c4  [ D91C597DE82E1500525945E1FFF24B0F, 3F5837A743715FB2CCBFC9458FBE010AED170B46515925D4C7C59BBAC792F695 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:10:24.0430 0x30c4  RemoteAccess - ok
17:10:24.0510 0x30c4  [ 19D1072193DAF71C97E5A05FC7673BB3, 313C3762CCC490C20B5561A78E6002E7A52F0142B370F17849DD4AB2F0AF6513 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:10:24.0520 0x30c4  RemoteRegistry - ok
17:10:24.0747 0x30c4  [ A12D167F73C3E285AC623BCA62B3A8BC, 6E8213808C22C0688BD40721FBBBAA88BFEFA1BD304BC19AA015FC541CA5BF84 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
17:10:24.0766 0x30c4  RetailDemo - ok
17:10:24.0839 0x30c4  [ 5F44B0167AA65BFFC778227725CB258C, 00027F82639C7E054CF42179A26B5D43FD789C943979EF3F29BC364319A2D306 ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
17:10:24.0851 0x30c4  RFCOMM - ok
17:10:24.0894 0x30c4  [ D31B2CD9458D2E212A5F24D56D2FB8D5, D8EC0BDB9D143C050A48217C57AA1BA6D60EEFEF67A98441064BD8FD339987DD ] RmSvc           C:\WINDOWS\System32\RMapi.dll
17:10:24.0903 0x30c4  RmSvc - ok
17:10:24.0952 0x30c4  [ C79F1F7C8A5FCBE90E3C833299AA1F59, 7969E79B2095BDA144AA369DE21F49C9FAD272B5864B2F0FD28CB28D148F2AD6 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
17:10:24.0959 0x30c4  RpcEptMapper - ok
17:10:25.0007 0x30c4  [ 1CE6928C1587F9760F7C3A036786CAE8, 3E4F5371E0DDDBA612BF61891D17D691DCAFB2E1010BBD84737FBD98DA8C03DE ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:10:25.0013 0x30c4  RpcLocator - ok
17:10:25.0211 0x30c4  [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
17:10:25.0241 0x30c4  RpcSs - ok
17:10:25.0330 0x30c4  [ 835EB4A0F78610760DB6A802B65C4323, 93BEB9348D9A2DB28D6BB166A2011FF8D2F487C125E0D2391771612ABEA36E0B ] RSP2STOR        C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys
17:10:25.0378 0x30c4  RSP2STOR - ok
17:10:25.0416 0x30c4  [ E87EECED9287C275B6CF30EB598B1D77, D0C5D4E37A3FAD422C0ECFFAB53904D9FD5385129DE2BC5AF75D91CD016EA6AC ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
17:10:25.0420 0x30c4  rspndr - ok
17:10:25.0467 0x30c4  [ CF0F908B50CD8FB12B7B69DA56A44681, F35FFF3F6BFBC3B2452C5E0A63D94575236EEB49665BE0FBBB26ADAF189F777E ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
17:10:25.0491 0x30c4  rt640x64 - ok
17:10:25.0553 0x30c4  [ D787F86566F6EA23053D9C5F401E33B7, 82B1952A57FB800425E12FEFF5B326C7B7815980646F5359673CBC8BBB4C46CF ] RTL8167         C:\WINDOWS\system32\DRIVERS\Rt64win7.sys
17:10:25.0572 0x30c4  RTL8167 - ok
17:10:25.0636 0x30c4  [ 6308366D3CDEA5F427CFF4BCF0081B4E, ABB91A41C09A1607C66BD380FD0A3EECAAF9AD534856CCC78DE1A4E450ADB07F ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
17:10:25.0638 0x30c4  s3cap - ok
17:10:25.0685 0x30c4  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] SamSs           C:\WINDOWS\system32\lsass.exe
17:10:25.0691 0x30c4  SamSs - ok
17:10:25.0738 0x30c4  [ 33B2DC5C2F19DA89F862484E23D9833D, 1C3BD1804767D087BE1510EEDCE94FFAC096922C821A123DB1BACDA5777246A7 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
17:10:25.0748 0x30c4  sbp2port - ok
17:10:25.0810 0x30c4  [ 6A7F961E0E6382F185809AEC6A97E078, 434E215337453C3973762A2F10806A57F3B296DDD34A948F781B67E374836AF5 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
17:10:25.0818 0x30c4  SCardSvr - ok
17:10:25.0844 0x30c4  [ 45B203A8CD642F72E86690B957B6490D, 29D5733D2A6FF9F051FD74FFDCCDB5272EC8E7734021F5BBF0E9E521E61B150F ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
17:10:25.0851 0x30c4  ScDeviceEnum - ok
17:10:25.0899 0x30c4  [ 5CFEEFCC6FAD1FD09ACCFBD652DDD85B, F90104CC42073ACD48A2FCCEDF58B57D8663223406ECB0A270140A053E9260B3 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:10:25.0905 0x30c4  scfilter - ok
17:10:25.0968 0x30c4  [ 5BBFA6CA63E8A5BB8FA2FA84A5562CE2, C74CD0A76473343A8620D26C96F7300026C295EDF61B8A336AB326DFE861678D ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:10:25.0993 0x30c4  Schedule - ok
17:10:26.0023 0x30c4  [ 5C8620FAC0E3C1658C8EF7AD7BB7EA5F, FEBE7FC79FCDF692167D82DE54031FD68BD2941544007EEB3D82C21E7F1C5C83 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
17:10:26.0026 0x30c4  scmbus - ok
17:10:26.0066 0x30c4  [ 0EC94DA356D89CACD89B6E139E4D0A7D, 2F887681FDD5AB787154403E34623B1DFB61C70DAE5E2BFF1565E100F228870B ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
17:10:26.0070 0x30c4  SCPolicySvc - ok
17:10:26.0132 0x30c4  [ 71A494A502F24465317E88E80F6C0C2C, D85F139982804B8419D7CCF01F35CCDDA580BA5276A6261D0662028080F7765B ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
17:10:26.0139 0x30c4  sdbus - ok
17:10:26.0174 0x30c4  [ 464B615872981015AC4FEEBDEA83A063, 5CF491352B267241CA11F08E72E6EA668A595662561892E0D02CCA5B71172E14 ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
17:10:26.0176 0x30c4  SDFRd - ok
17:10:26.0197 0x30c4  [ 847F01FB8504425BB255856A14278A86, 41997D25D12779CA79551988C56FA0A302367076B09A82F620858EDDDBFCE3FF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
17:10:26.0203 0x30c4  SDRSVC - ok
17:10:26.0218 0x30c4  [ 6BC219F1D9CDE08CEB9084ADB41FBA01, DA8AC3B42A72515A1976961976203A52D4C8636586EB5EF6B466AAF967A6567E ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
17:10:26.0221 0x30c4  sdstor - ok
17:10:26.0232 0x30c4  [ 2AE8505519C7E8A903DD7BE793A79846, 7044B1BC183E028BCFB544489B033F0968F033696F9816F354329ABD26C6EE7E ] seclogon        C:\WINDOWS\system32\seclogon.dll
17:10:26.0236 0x30c4  seclogon - ok
17:10:26.0310 0x30c4  [ 112134D19C8F08228D4EC84C16342ED6, F99095458BDD74F1531C4FB7A283D7A3F07BEC33FA8423F26D647EB4C5AAFC2E ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
17:10:26.0333 0x30c4  SecurityHealthService - ok
17:10:26.0425 0x30c4  [ 77FB9BE8EDDCC999D09F2B1A7878A2A9, 589774C006A339FCA9772C37C9103C73C8592E018553804B97F34E2A0069A3F7 ] SEMgrSvc        C:\WINDOWS\system32\SEMgrSvc.dll
17:10:26.0453 0x30c4  SEMgrSvc - ok
17:10:26.0518 0x30c4  [ 25456AF499A0C9C4A93CFAC70BDE9CC2, 885C1A9C8BFA73D9C9C454759DF871237F7C0F28D879E98B4BE0D0113C549B09 ] SENS            C:\WINDOWS\System32\sens.dll
17:10:26.0530 0x30c4  SENS - ok
17:10:26.0536 0x30c4  Sense - ok
17:10:26.0653 0x30c4  [ 892C955E1081412942F64679E0DD7A5D, 6A28012270FA1FB3BB279102C67FA5296564630181C887E1EA6EA1F952A30C37 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
17:10:26.0683 0x30c4  SensorDataService - ok
17:10:26.0821 0x30c4  [ 358008CBDE5603F3B56789C977661CE3, 2C81180B27B854F201A683D2C75677660CA54ADC685F86CD414537C60D51FB4A ] SensorService   C:\WINDOWS\system32\SensorService.dll
17:10:26.0835 0x30c4  SensorService - ok
17:10:26.0924 0x30c4  [ 9B3744C26F206F9F90713D93A93C8B6E, D194F668D8BDDDB4356136CACF1FAD46E7566939C624029EF6E28D7A192B8EBF ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
17:10:26.0941 0x30c4  SensrSvc - ok
17:10:26.0997 0x30c4  [ 585329F62195A4B7AAD0A95F6EC89751, E7ADED97ACA8E8E06C368E24702C22D4C2B0B9495DEA24A2DC2A30782099BDCE ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
17:10:27.0000 0x30c4  SerCx - ok
17:10:27.0021 0x30c4  [ C8F4FDA8B3D039D7947344614FF5BFB2, 1A3B88EC59F2A820AFE4F3AC65F7149EAC68672D1F0D729CBB575694005A8911 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
17:10:27.0025 0x30c4  SerCx2 - ok
17:10:27.0040 0x30c4  [ E5B450E4E0DC1591254BF9CCF6C57B40, 958E7378D9BDE1F2EBE736D8D9912D56835A606AABDD042443A35CA37EC70F11 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
17:10:27.0043 0x30c4  Serenum - ok
17:10:27.0064 0x30c4  [ 628D8DD136F92316BFEB58FA005338B7, 0CDA673D31F40EBD07E9F67667DB6077F23DCADE2DD8376AB550575224625D44 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
17:10:27.0067 0x30c4  Serial - ok
17:10:27.0087 0x30c4  [ E5BA0B7353ADC5C95AB466D2E4DC89B1, 98F2A22ED892B2610C85EAAAB51DF25939599955A27611FCE9E68C3701CFD4EA ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
17:10:27.0089 0x30c4  sermouse - ok
17:10:27.0136 0x30c4  [ 043D7B39E693C610036BD56DF30EF440, 329D29CE1CB5F502B7DFCBE24878CA61EC56787A1B02195E19499701B194DE08 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
17:10:27.0147 0x30c4  SessionEnv - ok
17:10:27.0161 0x30c4  [ 15CFCC4692DA8887B977CE5FC5181084, 31D86E122E35AB9E7275F2B0573EE98770BBE517ED3B9CCED97F4969C9A619F9 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
17:10:27.0163 0x30c4  sfloppy - ok
17:10:27.0236 0x30c4  [ 87B083252816171A17F833CBCB7AA85E, 200AB93CEF384791DC9B04D2AF17877CA10595B2CEDF4B9505E367A2382C4AB7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:10:27.0253 0x30c4  SharedAccess - ok
17:10:27.0364 0x30c4  [ 4293E11951DEAAFB3924AB1DAB1FAC08, 644974816DDF690B26F369E48533D654A5B298BCA993EE53EACB5C00E52E5243 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:10:27.0396 0x30c4  ShellHWDetection - ok
17:10:27.0458 0x30c4  [ 7CA2E9B6EDC87FCCA9C49D3D9BE62B65, 3FE1A2DD8581BF8D29EA2000424EB992BCA8E00986F107C22489D006F729D2E3 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
17:10:27.0475 0x30c4  shpamsvc - ok
17:10:27.0519 0x30c4  [ 2339F6B45E1D863B1D327F3AFD75A675, 03304ADC42EF6E8F671C8AA78A0D3E40408D870FBF2DA2B31A1727F86EF8F213 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:10:27.0522 0x30c4  SiSRaid2 - ok
17:10:27.0537 0x30c4  [ F520D50AD7266ED31D25DF4C8EA6BC2D, F68CF9EFB8319E59A8D9C24A36A198185DD79CBACD14510F5450F0024F0CD4D3 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
17:10:27.0540 0x30c4  SiSRaid4 - ok
17:10:27.0595 0x30c4  [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
17:10:27.0603 0x30c4  SkypeUpdate - ok
17:10:27.0646 0x30c4  [ 70A2FD5F5B7B1A5E1146BE45E4DFB75D, 598824F06BBC2E37B9A6474411637C73233C8D2E13AE963C3229279A8519A9D3 ] smphost         C:\WINDOWS\System32\smphost.dll
17:10:27.0650 0x30c4  smphost - ok
17:10:27.0707 0x30c4  [ CB001810FD0C56F1D57229D023A84AE8, E423B53EE3A3710D6F45CD14C8BA5EF8E955344C8477385D470E6687FC661A75 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
17:10:27.0723 0x30c4  SmsRouter - ok
17:10:27.0778 0x30c4  [ 9977AFF389C0C32DE419226564886E09, 453ABAB020E3ACD04A45BD05B224C182A47534C23023C4E1AD1903E5377B3CCF ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
17:10:27.0782 0x30c4  SNMPTRAP - ok
17:10:27.0971 0x30c4  [ BAD3D2689B3A4BC770CDD07B5B5AEBED, BA59C0BF99840FAD1537DAA5F6DCC45ED262E22F1D7E6D73AEBFF50A5C8F584D ] SNP2UVC         C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
17:10:28.0047 0x30c4  SNP2UVC - ok
17:10:28.0091 0x30c4  [ 2334ED0B61CAE7E7B1B454674206CDAC, 4EAA11805C2282E0306A381CF56E4B28D83C68BA1B401BFD512AE70C05C8A4CD ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
17:10:28.0105 0x30c4  spaceport - ok
17:10:28.0151 0x30c4  [ F3F0B8CAC1F3E6C3382EAFCE762475AD, 9F2EB373FB9216CDA71965979EE5E18F3AFDD26FF7E0C09DD7C3D880205C2554 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
17:10:28.0156 0x30c4  SpatialGraphFilter - ok
17:10:28.0183 0x30c4  [ 83E82B0E292DCDE4C75B9241BF0FB300, 494D2FD4CD082CC416CA5FF1ABE06BDC65A769F371CF0E18AD25C380B45AEE32 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
17:10:28.0190 0x30c4  SpbCx - ok
17:10:28.0274 0x30c4  [ 10CD42898C9E4849193E78A87337B2E9, 7C4FCB36EE1AF92C6962F14AE6DEF2CB154468EC3963DCDB9BDF8398C98B475B ] spectrum        C:\WINDOWS\system32\spectrum.exe
17:10:28.0300 0x30c4  spectrum - ok
17:10:28.0346 0x30c4  [ 29D813B5D84BC2C26BBC607CAA57A675, 2C4D5F4E2F7B6580E22ABF67690B0D32CAF5063DEA79E6F57E565782973F3990 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
17:10:28.0366 0x30c4  Spooler - ok
17:10:28.0548 0x30c4  [ E910861720DE6EDFB5CC6158CE3C7E17, 526BA8EEB9EE5312FEC39753D728E05F49AD81132346A354C95D4D4938001E2B ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
17:10:28.0644 0x30c4  sppsvc - ok
17:10:28.0691 0x30c4  [ 36EAC4FE629FC036632F13EC14788FD1, 6AEE37816306FE46FA99EADB23E98CE6A6674C11ED847F1F5575926E26B09F9A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:10:28.0701 0x30c4  srv - ok
17:10:28.0750 0x30c4  [ A84B05C7C2A233497BE1D518A662C326, 85B291B6783AD48F2111B46050311A553BE6D6A7C3D90861DC010FA65730D2B5 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
17:10:28.0768 0x30c4  srv2 - ok
17:10:28.0826 0x30c4  [ 0351B28EEDFBD6C8CC69A7224A098CFA, D1D08D63F773CAEEA66585D090C073C0748AE96A2AAE8487E4B8BA54F7E59558 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:10:28.0837 0x30c4  srvnet - ok
17:10:28.0890 0x30c4  [ E95A6C339AE68515897B2E4C6B0842CA, 29DD7E83CD68432EAE4A7ED92CDA40AA52028F5FBB52152F0A1C752B572C2684 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:10:28.0900 0x30c4  SSDPSRV - ok
17:10:28.0952 0x30c4  [ FBD45746B2EDEECA10CCA6A861F8049B, 34383B0A07A93E0FA89CA32CD45AC5061F73723B2A9E0BF4AF93A53F70F1678E ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
17:10:28.0959 0x30c4  SstpSvc - ok
17:10:29.0173 0x30c4  [ F1A5AC00B8CD7E28BBC8DD7E60D48B65, AC185DD46A8B63500DDE74C2446F6409B0B4612068C33B4B7C30E43F389908DF ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
17:10:29.0283 0x30c4  StateRepository - ok
17:10:29.0308 0x30c4  [ D40C589F80EB1C511263D0547C0259AE, A0236F6BB515AE006CC4C9F40FCCE250407888757A3646BB4BCB59EF8EEF1311 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
17:10:29.0310 0x30c4  stexstor - ok
17:10:29.0356 0x30c4  [ 01726E4BD1D1A5AF1F23833C79528555, 736DDA82BF17880A2C596571CBCA4C8E3829526AACC3C50B9E2D3A0DA9744E41 ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
17:10:29.0358 0x30c4  StillCam - ok
17:10:29.0418 0x30c4  [ F83F43CD328E6CEEAAC27612F3EB1FF5, E3D35E5154CD228301806706E6EADCA36E9113EAF44BC06E3C43B2E902187326 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
17:10:29.0434 0x30c4  stisvc - ok
17:10:29.0462 0x30c4  [ 576A818562069B1E091CC719C143AED2, 48880CF4D33033E9A6024C2A0AD673AFBCE400C74574913F8E24717BA6BADE7C ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
17:10:29.0479 0x30c4  storahci - ok
17:10:29.0512 0x30c4  [ E5F703788DFA05411F1469E96838F438, A7E8D2DC23E23EA52B068C71D9387E69FF49798A27CE0243A994A2B1B09FA042 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
17:10:29.0512 0x30c4  storflt - ok
17:10:29.0528 0x30c4  [ 0D0128244FF55EAD3F878D3FE542DBA5, 4FCFA1B2113E07264A71A22298CA6E9FDC2AB722E0AE184A8F5656C18113A858 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
17:10:29.0528 0x30c4  stornvme - ok
17:10:29.0545 0x30c4  [ 3A62FF78619258E6126C5C4B4CC82C8E, C72CC295680B35E0EEE5A5310E0241E2FFE0E540BFAA49C35C06AA882229C1CD ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
17:10:29.0562 0x30c4  storqosflt - ok
17:10:29.0596 0x30c4  [ 212CB512B785E218667CCA56C4BFD71D, 5FD4CFEE5AB2187D928632076E6AD5C2C53D66884479C4D34930DCFCA3CCEE34 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
17:10:29.0612 0x30c4  StorSvc - ok
17:10:29.0629 0x30c4  [ C6097966F8EA3B288070CDF7C3C8C3E8, D12C4AF3E54DCE1E5DC9C8AA0E83420F481DC0165A7F7845083A85BABC102D37 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
17:10:29.0645 0x30c4  storufs - ok
17:10:29.0645 0x30c4  [ 3DC3B17E92DA02E36B4138733DF6C1AC, 398F20B6D6DAF6DA950C149F63F3B23864E1478119BFE53218C220CEADEC800D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
17:10:29.0645 0x30c4  storvsc - ok
17:10:29.0695 0x30c4  [ D284AB2CA6C30317D142D38CE1F848BE, 4C9EAE174F5C673CA550C9382E85CE7DAF5DC9965495BAB09078B634A4CDD4FB ] svsvc           C:\WINDOWS\system32\svsvc.dll
17:10:29.0695 0x30c4  svsvc - ok
17:10:29.0729 0x30c4  [ 2BC4D0EBC2467FE90302AE0AFAF23768, CF8BCC9CA1FBA8407FD044613A2497BEEC641DE463B076F0ED1FA7674C202ADE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
17:10:29.0729 0x30c4  swenum - ok
17:10:29.0796 0x30c4  [ 13985DA558FBCBFD9108A2CACB5FE494, DD457A73E82147AA90C36D695A47E862FF90D96FB1E22760FAB5780F7C332A46 ] swprv           C:\WINDOWS\System32\swprv.dll
17:10:29.0812 0x30c4  swprv - ok
17:10:29.0878 0x30c4  [ 572F81CF08972D53BAFFC2A110A2A586, D9AF8EBB31CE097849F93FC8C0F06178B2E1CA8C48D08BBDD85174CCD64A16D6 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
17:10:29.0879 0x30c4  Synth3dVsc - ok
17:10:30.0012 0x30c4  [ 7C29BBF63178BB6788AD1C2B231150A5, 5114AC1260C5447D3B21C7C56D825C1E77FCE388C5630D0200C8256F69EFA6B4 ] SysMain         C:\WINDOWS\system32\sysmain.dll
17:10:30.0029 0x30c4  SysMain - ok
17:10:30.0078 0x30c4  [ 97E0FD613D031EAA73E8AD259169AC22, E86E9B9C18AF2E79D7CF80B177A12D89418CDBD3CBB74307809DD0377408DB82 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:10:30.0095 0x30c4  SystemEventsBroker - ok
17:10:30.0145 0x30c4  [ 7750219DFABC38261575B6CEFBF84EC6, 50DF85E34AF7C1343281AD0EF34FD94AB0E279DA5C61976ABA0135B8F013C543 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:10:30.0145 0x30c4  TabletInputService - ok
17:10:30.0212 0x30c4  [ C1C6A802C2A9A57029D4347E251F4D18, 9F75B7F003C829FFDB2CDC98231D32FE988754D23873048FA4F6EB82ED1DCED4 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:10:30.0245 0x30c4  TapiSrv - ok
17:10:30.0379 0x30c4  [ D8D7A91B56DEF4A771A4414E9F07D138, 47712749937D945B15181F79D3FBD0151C021E0F4030E152CED88C96F1D072E6 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
17:10:30.0446 0x30c4  Tcpip - ok
17:10:30.0512 0x30c4  [ D8D7A91B56DEF4A771A4414E9F07D138, 47712749937D945B15181F79D3FBD0151C021E0F4030E152CED88C96F1D072E6 ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
17:10:30.0562 0x30c4  Tcpip6 - ok
17:10:30.0595 0x30c4  [ 1C35A5C62D110346379C55E39A3D547C, 5BDBD593AB51ECA5A6B703E86F300E3B2B153E128BEB9A006ABD827AE726BD62 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
17:10:30.0595 0x30c4  tcpipreg - ok
17:10:30.0612 0x30c4  [ 892AB2637603A5E9507C39E61101C3C3, 04B06BBEFC033BC9395123AE623E0BB3A241F05AA93EA2625CF2DBE1B3FFD1B6 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
17:10:30.0612 0x30c4  tdx - ok
17:10:30.0661 0x30c4  [ 96A35CDBA661D41C5A3914257CA1D200, 691ABBAA99C673E7D0B81D811BCC60976C3EC050F2B39B35B87A3BCC211F119A ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
17:10:30.0662 0x30c4  terminpt - ok
17:10:30.0762 0x30c4  [ 0B5C6D1683CDE89B3488326C60EA6EF2, 3B822CF005FA3002F27FF9BF39E7E133987230DA3481CFCF99F3B2B6B373A718 ] TermService     C:\WINDOWS\System32\termsrv.dll
17:10:30.0778 0x30c4  TermService - ok
17:10:30.0795 0x30c4  [ 6568EF1B30101979107055B7E515EE58, A318082E5FDD79C9F85E8C00A78EBFA0EC44B1046976E85633DC7BD123DA38B9 ] Themes          C:\WINDOWS\system32\themeservice.dll
17:10:30.0812 0x30c4  Themes - ok
17:10:30.0879 0x30c4  [ 2ABC11CFC2F03A919AF78A6E3E29C570, 54D91F89993A0FF090E2213EED92DE3659DCB693FBDA5932E31C6D6D7CFC8E80 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
17:10:30.0911 0x30c4  TieringEngineService - ok
17:10:30.0995 0x30c4  [ 8949EED671F531E7B4A0FD7333CCC125, 2D55A1B4FD6843A11383BB71D0409943CA0C47350153F3EDAAA3CADFA4A3504A ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
17:10:31.0029 0x30c4  tiledatamodelsvc - ok
17:10:31.0062 0x30c4  [ E59D4F92FE11B47AB727C6D192CC977F, 1DA06663889A20A1B22DDF90E5C99A5668023C0B89E252F3E820C0D1964B1948 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
17:10:31.0062 0x30c4  TimeBrokerSvc - ok
17:10:31.0145 0x30c4  [ C83505A5CC15E39D6C6D7B3C20187E5C, A6AB47C041A7C99CB0D5EA706CC31B3D88DC83BAF5AF7E59F651F9D7068D94B2 ] TokenBroker     C:\WINDOWS\System32\TokenBroker.dll
17:10:31.0179 0x30c4  TokenBroker - ok
17:10:31.0229 0x30c4  [ F76A92975340DAA99939DA297D677EA8, 51DA87E921BBA21BF39D7D9B691CEF8B1D2BCE2BBB0BA5B3C12B7E98CB5C702E ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
17:10:31.0245 0x30c4  TPM - ok
17:10:31.0279 0x30c4  [ 85E0D4431D61675A94EA99C9E1F56436, 9FA750703E04D20A62DBB0185CBDD70AFC4573FB65F86E61AAF7CF7A7D8E1E3E ] TrkWks          C:\WINDOWS\System32\trkwks.dll
17:10:31.0295 0x30c4  TrkWks - ok
17:10:31.0362 0x30c4  [ F21A69013A67B372675F523262AC1E33, C3F910E375C0F4B7FFA6F6D755622FF6B0CAE36DF691C938DE177C94815FE3C8 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:10:31.0378 0x30c4  TrustedInstaller - ok
17:10:31.0395 0x30c4  [ 9856BCCD1CD5DE4D17E8DBBA7CEFC688, F4B532DCE6F4728092848FE7B2FC05AB921EC7B3FDD7E62AB40EE0029C008398 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
17:10:31.0395 0x30c4  TsUsbFlt - ok
17:10:31.0428 0x30c4  [ 837AD2B941E721BCCEB7EF137E2DEE18, 84BE22616A50467B1957434C8BD19C8B0FC3B21CD77FFB8E16A09347CEAE0F4E ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:10:31.0428 0x30c4  TsUsbGD - ok
17:10:31.0462 0x30c4  [ 5DED9E34D133F4A363652CDB595D83F3, E8CFE5DF737D7C2A576B2D6D508977E1F6961122D541DF82AA581C7B3B1C384B ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
17:10:31.0462 0x30c4  tsusbhub - ok
17:10:31.0495 0x30c4  [ B3142C6118703E98EB0510CF7B43D0F2, 40FDCBAA2AD93026AD479BF8C1B4EE7A4E2E65590608B6B1C5DEB3C4716E5C03 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
17:10:31.0495 0x30c4  tunnel - ok
17:10:31.0529 0x30c4  [ 760B34088C2AD8D634CC3784EF3A2CA2, 20D23EDBDE7EBBA495C032097E7C5B1C6F94037971D9B2D6B98ABE11E7FF3643 ] tvtvcamd        C:\WINDOWS\system32\DRIVERS\tvtvcamd.sys
17:10:31.0529 0x30c4  tvtvcamd - ok
17:10:31.0578 0x30c4  [ B097B77121A057AB6D70C647636978D4, 10F78A18AC898CDD0FA91D6FA29B8B45C6D8F6CE65B064C39256EB20FC6CD085 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
17:10:31.0578 0x30c4  tzautoupdate - ok
17:10:31.0645 0x30c4  [ B4C846ABD462558D45CA578C855759C3, E0F0DD39A6C101C2209CA46EF2B5A5F4559843C9EE37CC08ED78D9E124A566D2 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
17:10:31.0645 0x30c4  UASPStor - ok
17:10:31.0662 0x30c4  [ 5C2C0296D9EE7DC92A3F14642FBE656D, 94A7D549EC53C71095AD8DE4DB8F846D1DB3438FE2679E41DCAE62C34C0654DD ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
17:10:31.0679 0x30c4  UcmCx0101 - ok
17:10:31.0746 0x30c4  [ 8BB64E04CD97AD8C68543181D93E2AFC, FBA2FB9A9906721BAD42CDFFCCE0234AF3F72B83E2571E526801F19173B7C9CE ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
17:10:31.0746 0x30c4  UcmTcpciCx0101 - ok
17:10:31.0779 0x30c4  [ 5A7CE114C8DA9060F32633F81A5625E5, B49163951B380827ADBF13D336D5BDC1EEE90A70058019928A603AA1C24D8EB7 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
17:10:31.0779 0x30c4  UcmUcsi - ok
17:10:31.0845 0x30c4  [ 5D4EAF3D0911338CB8FDB088386D6DCA, 1AC5B494C39570E66C4D4F867C6B8E37C174FB5D67C2865B07247122F60F8895 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
17:10:31.0863 0x30c4  Ucx01000 - ok
17:10:31.0879 0x30c4  [ 384E1F0D84B465820416338E52FE7C2B, 8F82778332EA1199987BA569536CBED8FEAF5E9D920321B0C9DFCBDDD91EEA35 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
17:10:31.0879 0x30c4  UdeCx - ok
17:10:31.0912 0x30c4  [ C82BE75239D412057C9E3DB1785680C6, AE712E40440F5725DA41C95C3E558B5E9ABB17C55B70297DD40D7D1BDA7CE45D ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
17:10:31.0929 0x30c4  udfs - ok
17:10:31.0945 0x30c4  [ CCDF6EFF952BF3BF34DC17600F479397, 2A2009B3C4BD1A44F1C6E334CB0A7DD02443BCE1EB48837C1C70A2A04CC7C54A ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
17:10:31.0945 0x30c4  UEFI - ok
17:10:31.0962 0x30c4  [ 244A80A1A881E2B9303A0364AAB33F16, 3C58D5D5B1AF6AB598E6450817381E7D6B8700151B66DCDAD6002E73BD0EDF27 ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
17:10:31.0962 0x30c4  UevAgentDriver - ok
17:10:32.0046 0x30c4  [ 5F1DA3635C2F6B74EBFDEBFC747B63B5, 1B456B777C5099A67E405FEF20B5CBCB24C6FCE9ED7A5A421C6574618364FD47 ] UevAgentService C:\WINDOWS\system32\AgentService.exe
17:10:32.0079 0x30c4  UevAgentService - ok
17:10:32.0128 0x30c4  [ 00BEF71C45FD6B06E7525E7B31EFA88C, C0BDE8CB41BF9A34E395EA86756637E4CD6B88EF1C842364ECA639948D6CD59A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
17:10:32.0144 0x30c4  Ufx01000 - ok
17:10:32.0179 0x30c4  [ 9450AB15C30CF7D1F23C8A42E778C3A2, E62455008ED5B7220AEE62E0F459A67E26FB2878349ABA5AAF0164C2E7A8C0E9 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
17:10:32.0179 0x30c4  UfxChipidea - ok
17:10:32.0229 0x30c4  [ CEE12C7A689BDF448715024A7E0EB9C3, EC48E1469800E34A71C8A97A6F2F0B7C67385BCB8438844E6967DE0A82E39B94 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
17:10:32.0245 0x30c4  ufxsynopsys - ok
17:10:32.0295 0x30c4  [ 5A2F610B31CC3FD23D3E20C1D5F1EF52, D470B7C1CAE066C2DCDBA47001913FB1A7C9CC5B200FB8324DB896B641C1A132 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
17:10:32.0295 0x30c4  UI0Detect - ok
17:10:32.0312 0x30c4  [ F39ED750EDF5948FA8CD99D1F4EC9372, AE42AE50DE09F26D3CA4ACDCD5ECABD59D26926707030F0532A885266FE83EF9 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
17:10:32.0312 0x30c4  umbus - ok
17:10:32.0329 0x30c4  [ 55984D4E64C2F8E4223542CBCC15EDEB, ECBC832FBBA6AFCAEDEBB2728FA4A6DDCF52A6421929E72CA29B61CDBED840DF ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
17:10:32.0329 0x30c4  UmPass - ok
17:10:32.0395 0x30c4  [ FBEF4641E3E08A03CA84AF5C393CA86B, 9A14A0FB645AB6DD0B49F3A14FBF38FECC65796F2503324E93994113CC7AD52F ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
17:10:32.0412 0x30c4  UmRdpService - ok
17:10:32.0528 0x30c4  [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
17:10:32.0562 0x30c4  UMVPFSrv - ok
17:10:32.0596 0x30c4  [ 3699DED879B2FF8FC1ECE91489109796, 05B1283256F6CA6AF3ABBE003360BF0BAB3400223092E7E9F0822120BF576BD2 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
17:10:32.0628 0x30c4  UnistoreSvc - ok
17:10:32.0662 0x30c4  [ BBB6BDBE5ADCE6F87F70623D5A1EC5BC, E8BD5804FF82417890A9D1A44096B174E81A8C7AD3059B1F0C62740E0B39D137 ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:10:32.0662 0x30c4  upnphost - ok
17:10:32.0712 0x30c4  [ 4D23214CB8B1C36B82061280EB8FDAB3, 387C01A7F9D8F89ED894EDF894AAAF8830DD7C90DF2F12A2CB4C4E9C7CB773BE ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
17:10:32.0712 0x30c4  UrsChipidea - ok
17:10:32.0744 0x30c4  [ 4329D880DB96B504F0DDC991A7374CCD, 1486BEF2C03ED281B24A17D3C18FEA2360E37A6B46D1A67D4690CD871B0A13DA ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
17:10:32.0745 0x30c4  UrsCx01000 - ok
17:10:32.0762 0x30c4  [ 93FAD0AC5879F274FA248A49E3F3EA33, D936F408E23040B33F30AB3B43D8B8BB9F3CCF2549E821F4C47357987AFF386F ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
17:10:32.0762 0x30c4  UrsSynopsys - ok
17:10:32.0779 0x30c4  [ 6B09AA6A04C8261E787B6523229E7159, F97BED424E988AC6272D51025FD0D3180E89BAF0FFC83DAB609774D6269B353A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
17:10:32.0795 0x30c4  usbccgp - ok
17:10:32.0812 0x30c4  [ ECE3AD18B4C22ED0C4AB1A2AD9AC32C8, 2062D400305075E886CF2C9D710A1C48B3F4AD48E7A75A77C66547357E96CB6E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
17:10:32.0812 0x30c4  usbcir - ok
17:10:32.0862 0x30c4  [ F8BCB536866474C6D8008F4C69B778A1, F86F4330DE2F50D48559C1ED46168ADB8F6AA7C8FE3834FFE00085C1783C5750 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
17:10:32.0862 0x30c4  usbehci - ok
17:10:32.0913 0x30c4  [ 1F723DA014062DBF3288B408A7611845, 0CCC9360259E6FBC510BBF69AE991A53A92516023AAC32C60A44BD3B43371C66 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
17:10:32.0913 0x30c4  usbhub - ok
17:10:32.0945 0x30c4  [ C3F953D10C486D6A190AF548B3CF7DC9, B0FB45B3045D499A44853A9D4CFD39C9D92873FC0A62A3D76B6149E601DFECD8 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
17:10:32.0945 0x30c4  USBHUB3 - ok
17:10:32.0995 0x30c4  [ BE6ED98FD0D3FE5FB11762AD7CCD6C96, 54C6C929CA55EA6770474F7E230190FC7574C1FA52437B564B3B5FA4D6106D8A ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
17:10:32.0995 0x30c4  usbohci - ok
17:10:33.0012 0x30c4  [ CEE43CD5357DB8786CE6E2C430841AE4, 50F4629AE488A12D18EFFAD486D2F95545049AB1F6A3248BA44D2132EEC9A653 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
17:10:33.0028 0x30c4  usbprint - ok
17:10:33.0062 0x30c4  [ 96B48485A7CC2C0A63C196A16403C5F3, 4E364DE1FE19D14D5BA4F4360563BB49F4DEC90430771C12376C0B1BB70CFD37 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:10:33.0079 0x30c4  usbscan - ok
17:10:33.0096 0x30c4  [ 99F0738B320B7A8D11351A32F68AA5F1, DAA887C31E3F56245C15F04044C12B6E832FA7E837F4107376A6F8D8E3A99FEC ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
17:10:33.0112 0x30c4  usbser - ok
17:10:33.0128 0x30c4  [ 67E26F56CF7EACCBD9C9F75343A3D7C2, 210FA280897CCCB2458E9E683A8B4CA8A5DF9606B54F8B9CE05CA4AA6FD810AB ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:10:33.0145 0x30c4  USBSTOR - ok
17:10:33.0178 0x30c4  [ 7BA802C9F73A84B75BB22538ADA495BE, 7D97E6305168C4CA86AB9BD5B63300156DFE97032251CB83DB1D4C4DB9C28DC8 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
17:10:33.0178 0x30c4  usbuhci - ok
17:10:33.0245 0x30c4  [ 1854D3C5FBBA761BE838B58F2C96B3A6, 12042C28884F417C6B36648FC0CA8FB75D8732542B6384D8362E7BC9C8417C3E ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
17:10:33.0262 0x30c4  usbvideo - ok
17:10:33.0312 0x30c4  [ 50E70B3A95138AA4A30B095270EE0DE6, 9B7072C36230102A089C4A6DFE1980CD9DB28E566EF02830600DEBAF3AAD31C7 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:10:33.0312 0x30c4  USBXHCI - ok
17:10:33.0413 0x30c4  [ 3156FFFB2B3BF5375814F777D343AD9F, C4E63043EB9D9227CDD487608AF9BA25C755D85E5FF8E63C2079D68CCC79E4BB ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
17:10:33.0446 0x30c4  UserDataSvc - ok
17:10:33.0545 0x30c4  [ C0E60CC6D48013728C7E4168D61A0B39, CA283312E9669BCC74A3B5E6332502D1CAA7148C049B94AF3996F3C7CD2676EF ] UserManager     C:\WINDOWS\System32\usermgr.dll
17:10:33.0579 0x30c4  UserManager - ok
17:10:33.0645 0x30c4  [ 86FF5780D885B09F3C4CD62145470CB1, B0070E3567A7F8E993F2650E251026DF0A4FA0D3F5258C4F88D9819F9B9EC395 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
17:10:33.0662 0x30c4  UsoSvc - ok
17:10:33.0679 0x30c4  [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
17:10:33.0679 0x30c4  VaultSvc - ok
17:10:33.0712 0x30c4  [ C1EC9211C7759D2487FD30934AA3EE96, 6914BB8B44550DFE75E5A3772E93ADF8459EB621CA400BDD9B7E3185A09B6F9A ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
17:10:33.0712 0x30c4  vdrvroot - ok
17:10:33.0779 0x30c4  [ 374CD93271184F04988FDC1C25B3E855, 09727093C5F7B258867C16D41F7F9835BF549CC339288BFE01A8F34AC7E93E23 ] vds             C:\WINDOWS\System32\vds.exe
17:10:33.0795 0x30c4  vds - ok
17:10:33.0862 0x30c4  [ C83F3BC00651448DB127D497CF955089, 31B8838CEED08E7D5DD8635A805A8010798BD9B10A3775FAFDB576FBD7303D39 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
17:10:33.0862 0x30c4  VerifierExt - ok
17:10:33.0945 0x30c4  [ 0E12F5F6B1C813D17AFDA197C4394423, B0AFDFE0E12633C6D984DA366197BE09ED2649BAFF525FA0DE84701E5B335DB9 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
17:10:33.0962 0x30c4  vhdmp - ok
17:10:33.0979 0x30c4  [ 1AD096A5C00E522398D0092D875A8CB6, 6959FCD6DD2115CD293DBD4BCD6D1BA0AE4F7495A9BBB48F7388384EEABB38E9 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
17:10:33.0995 0x30c4  vhf - ok
17:10:34.0028 0x30c4  [ EE9A22CFD9AEDD7B52F98B0272494609, F668131BABD048857F011A471936B52EDF0F2A42CB6000ACB4E0E43F88782AAD ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
17:10:34.0028 0x30c4  vmbus - ok
17:10:34.0046 0x30c4  [ BFBD0895926FD98A03AD6BB845B569B7, 5B7913ACD6CC132B2F36B079BC5F897C21884A7F21046B8996CC3D74C4B6DA4C ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
17:10:34.0046 0x30c4  VMBusHID - ok
17:10:34.0078 0x30c4  [ C123C97D351C56C75FE5335AB18255EE, 67315E332E863E5C233BA113826A5DEEE08C1A0A3358E6AC21F25DC5EAC86D07 ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
17:10:34.0078 0x30c4  vmgid - ok
17:10:34.0145 0x30c4  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
17:10:34.0145 0x30c4  vmicguestinterface - ok
17:10:34.0162 0x30c4  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
17:10:34.0179 0x30c4  vmicheartbeat - ok
17:10:34.0179 0x30c4  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
17:10:34.0196 0x30c4  vmickvpexchange - ok
17:10:34.0229 0x30c4  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
17:10:34.0229 0x30c4  vmicrdv - ok
17:10:34.0245 0x30c4  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
17:10:34.0245 0x30c4  vmicshutdown - ok
17:10:34.0262 0x30c4  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
17:10:34.0262 0x30c4  vmictimesync - ok
17:10:34.0279 0x30c4  [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
17:10:34.0279 0x30c4  vmicvmsession - ok
17:10:34.0296 0x30c4  [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
17:10:34.0296 0x30c4  vmicvss - ok
17:10:34.0312 0x30c4  [ 0AB9C264F13E2A070A8CF10EDD099ED2, 2E7EB4EE8DCBBCA497CC0E7F4BE057627E9702B6FAF56A7DBCA1325236C880EC ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
17:10:34.0329 0x30c4  volmgr - ok
17:10:34.0345 0x30c4  [ 6EE608257C1137A25B402EF8FC77E83A, 3AE684EBA32563468AD917155C93220F938460A699FBFC3DB8436F83C0C54209 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
17:10:34.0362 0x30c4  volmgrx - ok
17:10:34.0379 0x30c4  [ E3429DBBEA3965BB96E24B16EF4A2551, 0CEE2DEF75C6761DA67AFD3BBF8DEEB1331796719EB84D658B3E517DEC824B49 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
17:10:34.0379 0x30c4  volsnap - ok
17:10:34.0428 0x30c4  [ 86E790B503C771E674C7DF8FFCBFEFDB, 634B27C4FA363A2165D3D6929D3B22F41EE06198C579A70D446A48830924467B ] volume          C:\WINDOWS\system32\drivers\volume.sys
17:10:34.0428 0x30c4  volume - ok
17:10:34.0462 0x30c4  [ B25589A0892E6DF8CC07E5CB48BFC954, DA29974426EFD4472A3828FA0EF31AD3860AA8068AB66B5F4BE6A412BC3E73E9 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
17:10:34.0462 0x30c4  vpci - ok
17:10:34.0478 0x30c4  [ AA4466A47D2CA7ECE3DCF5256017DCC3, 83414BFBD3DF1CB7417F0F55709E8180D97FA20A74581C34EAAFF667FBEBFD93 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
17:10:34.0495 0x30c4  vsmraid - ok
17:10:34.0596 0x30c4  [ 0BB73BF6FDDD19DE3DE9377EA95E4C64, 74B6E612F9E009A5E43B603BCAD854F3711F6C8A7ED0328B1E3A9B2D4C9EA342 ] VSS             C:\WINDOWS\system32\vssvc.exe
17:10:34.0645 0x30c4  VSS - ok
17:10:34.0678 0x30c4  [ 98BB6C9AD39D8F2E883093F28282FAEC, 63F4036A1DB23C20AAEEC1CA8ABDE9B46FA09A55EA4E5DB0C0B5D6D58ABAD62F ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
17:10:34.0695 0x30c4  VSTXRAID - ok
17:10:34.0728 0x30c4  [ B47026E109828102266CBE2F5F9AD113, 28C76B34C48BACEA267A208CC758BB55539323B16300E869AE71B6A99A849AB5 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
17:10:34.0728 0x30c4  vwifibus - ok
17:10:34.0745 0x30c4  [ 799ECD541A9B2764B36A22A095885365, E255E74682927D662294AA3F88FDA211EEE603466EB264E8941C3BACC6A0E530 ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
17:10:34.0761 0x30c4  vwififlt - ok
17:10:34.0762 0x30c4  [ 82CA088A33517D1C8571D6850CC13D7E, 0401A08EAF36DB393B74FE8693C60F62EDE10BBC9300C76812C7D01B6AE9A051 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
17:10:34.0762 0x30c4  vwifimp - ok
17:10:34.0829 0x30c4  [ E75460AC4E936BFC0703021DB0BB17B8, D9985C3206B503659FD2F4EE7FD0B9AF8CB2DE821BFD68B13C9E3BD9CE5AEF6B ] W32Time         C:\WINDOWS\system32\w32time.dll
17:10:34.0845 0x30c4  W32Time - ok
17:10:34.0928 0x30c4  [ A57B80F078FE71DEC1D0487DA70A56FD, F26F273BB45CBCACE440B08FF14C05D1B89046AE669195B4DAD50129835B1D9C ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
17:10:34.0928 0x30c4  w3logsvc - ok
17:10:35.0012 0x30c4  [ 08088DC69903630B80EEC8DB3C87FB1D, 939215139C185317B103516644F8B76DDC8C8A42078887C7E750A317E691C456 ] W3SVC           C:\WINDOWS\system32\inetsrv\iisw3adm.dll
17:10:35.0029 0x30c4  W3SVC - ok
17:10:35.0062 0x30c4  [ F0F477541F7AF67CC05DA1CF4921A500, F7DD2F49B61C484596DE3893683B1172A138386BD71F54BFCF37A31005C7368F ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
17:10:35.0063 0x30c4  WacomPen - ok
17:10:35.0095 0x30c4  [ A0957CBC1C054A87EE7A65A994102A96, CB6339F3F67D0E33C26E6756F88869574B84426B20C907E094F83B9DC5E36A3E ] WalletService   C:\WINDOWS\system32\WalletService.dll
17:10:35.0112 0x30c4  WalletService - ok
17:10:35.0129 0x30c4  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:10:35.0129 0x30c4  wanarp - ok
17:10:35.0129 0x30c4  [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:10:35.0129 0x30c4  wanarpv6 - ok
17:10:35.0161 0x30c4  [ 08088DC69903630B80EEC8DB3C87FB1D, 939215139C185317B103516644F8B76DDC8C8A42078887C7E750A317E691C456 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
17:10:35.0162 0x30c4  WAS - ok
17:10:35.0262 0x30c4  [ EA0524A2A01792796EC80AE2FE08307A, 68CC0F3451C6797222411C276376C7741C96C45E628DD77FB1FB17C10DC0EA8A ] wbengine        C:\WINDOWS\system32\wbengine.exe
17:10:35.0312 0x30c4  wbengine - ok
17:10:35.0379 0x30c4  [ 5E3E24AA72FA75D6322C7286917BEB4A, 97D0CF00873A5A70C1B4A73AD41F4053B22810DA37FF2E8528D510216311FEE1 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
17:10:35.0412 0x30c4  WbioSrvc - ok
17:10:35.0446 0x30c4  [ 2B7CCCFBB166100842D31440228588CF, FC0BE611C5497A0579E7D8F268BBE1BD520A8A764F112C7C5CC631767B683B79 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
17:10:35.0446 0x30c4  wcifs - ok
17:10:35.0512 0x30c4  [ E00FE13E415C97C60E5A418965372A74, E74EBE34D3056F52231C7B12E6294AED1C4F02219E853D5E70AA05D823C800D5 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
17:10:35.0545 0x30c4  Wcmsvc - ok
17:10:35.0579 0x30c4  [ 2C396871F724DDF871A2EF4CADE5151D, 8CAD8A393F0CC447432E1BED21A691E25356F7DBC06E3887138A6F86CB1D656D ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
17:10:35.0596 0x30c4  wcncsvc - ok
17:10:35.0645 0x30c4  [ 1737BEF60CA384423CE4B32AF1C2BFFC, D61353D3B2EAEDFDCBB5DB3AD27E76396CC7755AFF01233307EAA1967493DE63 ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
17:10:35.0645 0x30c4  wcnfs - ok
17:10:35.0679 0x30c4  [ 38130C1C5FE0E08820EE57E1B087B659, 3705AA4699D4C402C0BBC5BC4E1EE67CB4A4B9C27702E88952A76891C3A3F496 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
17:10:35.0679 0x30c4  WdBoot - ok
17:10:35.0729 0x30c4  [ 0C6CBF3490EE5F0D62B5820568CA30B8, 97EDEC84DA72A900D7740B8763DDDAB600628F3F1E1DDE1212383C2E60FDC77C ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
17:10:35.0762 0x30c4  Wdf01000 - ok
17:10:35.0779 0x30c4  [ F7B6CB0F9ECD28848E2BDACEAB0D9204, B64D91A36600AEBE656F0514AF8653C294DE88054FE6DBB7B1A6D0A23D2A5131 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
17:10:35.0795 0x30c4  WdFilter - ok
17:10:35.0829 0x30c4  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
17:10:35.0829 0x30c4  WdiServiceHost - ok
17:10:35.0845 0x30c4  [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
17:10:35.0845 0x30c4  WdiSystemHost - ok
17:10:35.0912 0x30c4  [ 2974422E31DBC953A585A065EF736948, B2E689579C12B1A8B2CB4F04875157E894CE747DF56A9B7083E04A8C9B85EAC5 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
17:10:35.0928 0x30c4  wdiwifi - ok
17:10:35.0945 0x30c4  [ 82A4F22C884B4BAE8B531640859F9871, 1C662557F671FA680E7CC2FC565B198470E421778BD03749CD05B2928568C430 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
17:10:35.0961 0x30c4  WdNisDrv - ok
17:10:35.0996 0x30c4  WdNisSvc - ok
17:10:36.0028 0x30c4  [ 9066FE8EAB91E15437CB3C43757F2A65, 1F8B3D8C90C7862CCAB91D170F49E7F1D58FABAFA1C8DDDE1796404D1DD98707 ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:10:36.0046 0x30c4  WebClient - ok
17:10:36.0078 0x30c4  [ F322B8E6C5614E7975C8BF34B7A6710E, 299816001856E8C91BFBB9C48D87B7ACBD5A39F6A65147F5AE6EDB3065A893E9 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
17:10:36.0078 0x30c4  Wecsvc - ok
17:10:36.0112 0x30c4  [ 04CA184EB5743DE5A2CCEEF2DB2DA8B3, E16921496F57B78A152A103F8D58601C9687360048A6CB51E76A96E3B64CC0FA ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
17:10:36.0112 0x30c4  WEPHOSTSVC - ok
17:10:36.0145 0x30c4  [ BA78F20F7FD7709EA3AAAD91F8535EDA, D1DFBFCBBB8D4D992FBF3B340DB6A2F5DDC7E55F52E1100297EA2004FF752A2B ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
17:10:36.0145 0x30c4  wercplsupport - ok
17:10:36.0212 0x30c4  [ E5AE3B23620126483B957BDFF38FE7B7, 306AAA0B37F3914FE590A5DBFBF640C79173150C006BC7A6CF1683D85C0AFC5F ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
17:10:36.0212 0x30c4  WerSvc - ok
17:10:36.0278 0x30c4  [ 51D61CA3CED9A0C4E5501EEDBD48039F, 95F9CC67537DEABE501B59351624F02126BC9B9DBB72016423FF997090A2128B ] WFDSConMgrSvc   C:\WINDOWS\System32\wfdsconmgrsvc.dll
17:10:36.0295 0x30c4  WFDSConMgrSvc - ok
17:10:36.0312 0x30c4  [ 3C8F0ABD00E197101DCF43FEF8FB0D76, AF5C68B85EE1503ACD4AEA1D997F816C34293A77791D59A605DC18450B4906DE ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
17:10:36.0312 0x30c4  WFPLWFS - ok
17:10:36.0345 0x30c4  [ 2DEB40D6837956CE08A8F9EB3ECA5A01, B40D23E54CDF6BE05D6C5DA536BF6D998E79EDE9C391A42452F9F69EE206EA1E ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
17:10:36.0346 0x30c4  WiaRpc - ok
17:10:36.0395 0x30c4  [ 75014BF6510D4C6C69EEE5B7743A52AF, 11AEEF4D52C35E5A7006713836ECF1198A53CD02736E792B1C698144CA1363F0 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
17:10:36.0395 0x30c4  WIMMount - ok
17:10:36.0395 0x30c4  WinDefend - ok
17:10:36.0445 0x30c4  [ C8EBCFED8FD2CDF725E44AF93016621E, A0B76E55CC535A0F1D79C3C0EC59753086EAB669EC7ADA4F97656DCAD2A69448 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
17:10:36.0445 0x30c4  WindowsTrustedRT - ok
17:10:36.0495 0x30c4  [ D318557F9D7CA3836104F0B8ECB1F32E, 6850BBFB4F65167B052F3CA22FD72E9188A14FD2A9CC085861B4BC40CBA34249 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
17:10:36.0495 0x30c4  WindowsTrustedRTProxy - ok
17:10:36.0562 0x30c4  [ 61F0D6574577499FB43D9F4870B08A7F, 757ACD4F292C43B04B6428D84A7147DE8E565716D94B6B02F288F3B5E2D1C135 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
17:10:36.0579 0x30c4  WinHttpAutoProxySvc - ok
17:10:36.0612 0x30c4  [ 31DDF1D001336B2DCE7DF24E99EF1D04, A1FCABF4A263BFAE042FE7A9F6C15FD9B3D8E985278C32AE8975ECE79B341277 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
17:10:36.0628 0x30c4  WinMad - ok
17:10:36.0712 0x30c4  [ 9A26F7834706A6D8C8824EB08FD7C362, 750F6A0759D70BE481C70FE4BB21D18E756A8F0C23A014C2CE1E7729A1E625FE ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:10:36.0728 0x30c4  Winmgmt - ok
17:10:36.0795 0x30c4  [ 2E1A614EFB0523E20860AE7978DDA0A4, E13564690F9977747CA676D3843B467506447F060A5FF6676835A9C7A30BA409 ] WinNat          C:\WINDOWS\system32\drivers\winnat.sys
17:10:36.0811 0x30c4  WinNat - ok
17:10:36.0995 0x30c4  [ 27DAA9AA3E03C1068678D5659461BB32, AFDED6D671C430F296C9EAA73590111D6A8A9FA93DFE0595B90467FFE28EFB35 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
17:10:37.0062 0x30c4  WinRM - ok
17:10:37.0112 0x30c4  [ 03858B18BB6DF6A400D9FC5153FD28A8, C7AD69B022AEFDDDAFB74CCCDF20AF9CCDBA0097634BBBD07A2EFBA5922560C1 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
17:10:37.0112 0x30c4  WINUSB - ok
17:10:37.0144 0x30c4  [ 0BF4A43CF1F3A4D50AFA4561C3B4628D, 2D0B4E7004C8AC8A9EE07E6D5241BF32395CA142BF3B03FA9CF00BC6720A6AC7 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
17:10:37.0145 0x30c4  WinVerbs - ok
17:10:37.0212 0x30c4  [ 11DDD4C9BDF095A5F5B5ACA98FBBF7A2, CFA76C197987CC9EBFE4AC2AD6FE9A9620819B50E9DD423BCE13F7DB5DA641D8 ] wisvc           C:\WINDOWS\system32\flightsettings.dll
17:10:37.0228 0x30c4  wisvc - ok
17:10:37.0362 0x30c4  [ E624376E7E7D9AC203113140D9E618A2, 3553D343665194492E38B8C437DE429CEAC135D69EC0CB951BA3E3A7549F673E ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
17:10:37.0429 0x30c4  WlanSvc - ok
17:10:37.0529 0x30c4  [ 2393C4DB3DF3D19B0B920AD607098E79, D632671247DE3808D9C5B36A3FF173C86BB3AD274D03C851BCD417CE62B3820D ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
17:10:37.0579 0x30c4  wlidsvc - ok
17:10:37.0696 0x30c4  [ E5AB2E0B4F766E34AFC768D9769A24D7, 0DE04B2F43B9DCC92F9215B1058EE4ABA228B9986051CF39959555C12DF017B3 ] wlpasvc         C:\WINDOWS\System32\lpasvc.dll
17:10:37.0729 0x30c4  wlpasvc - ok
17:10:37.0762 0x30c4  [ 0D6E1347A891607759340B1E55BA2A77, 033DF14920A581FE7E21C6930280AE159B5634F2FEAF79423E8D0B7D46500048 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
17:10:37.0762 0x30c4  WmiAcpi - ok
17:10:37.0812 0x30c4  [ F7B122E8A238354DE344B77216E8D9AC, 3C4F864655CFF786B33333E643AA929B2D2B01ECD56EEEEADE7CEAB38249DA3B ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
17:10:37.0829 0x30c4  wmiApSrv - ok
17:10:37.0862 0x30c4  WMPNetworkSvc - ok
17:10:37.0895 0x30c4  [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
17:10:37.0912 0x30c4  Wof - ok
17:10:38.0029 0x30c4  [ D571821EDAA1F23EB521314FB9AA1C88, 7F16E6915060BD5FABE0805284631F92EEC11234579D09C3CEDDBF73D312E7F5 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
17:10:38.0078 0x30c4  workfolderssvc - ok
17:10:38.0095 0x30c4  [ 2AD9CC8445F0E1A8900A9DE123643CD2, A5928B26722DFBB201A32DEF48B25D4BF291815EA68CF50CBE79EEA9260A71E3 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
17:10:38.0111 0x30c4  WPDBusEnum - ok
17:10:38.0145 0x30c4  [ 1FD80CBB192A20375F3664639DEB57B5, 7A4789D4B2F8E289726E1C723DC00D5AC1F8C5E00FB2879C9D0E6DDC97D2B1A6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:10:38.0162 0x30c4  WpdUpFltr - ok
17:10:38.0195 0x30c4  [ 3369EF007E43B88EAC8F1789B43D4393, 347F9F7DF980BB739895EDFE72E2E595EF56634330DC63DAA36403AB232B5B5A ] WpnService      C:\WINDOWS\system32\WpnService.dll
17:10:38.0212 0x30c4  WpnService - ok
17:10:38.0228 0x30c4  [ 41403B9466EDA80FACD7713478A56DF8, A71BF9C7A2483FE1F660AC9688FCB38BA2310F16A69EB117C948458364953F34 ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
17:10:38.0228 0x30c4  WpnUserService - ok
17:10:38.0278 0x30c4  [ DAF4451760B46CB383D287C4FAFFE97D, 658AFE31EF50E934FEDD2E7048257DBFE9E6DE5F1ACDC658B21737391CF1CC5A ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:10:38.0278 0x30c4  ws2ifsl - ok
17:10:38.0311 0x30c4  [ D4A0661AB0FE542460CA76BFB4FAA2D6, 149F0A0720C47BFFCA68165A46382E5CBB273F48483DBB598CEA320801664718 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
17:10:38.0312 0x30c4  wscsvc - ok
17:10:38.0329 0x30c4  [ F6E37A2C168A58F0172DA50018959228, C97305641F63BC84F5207A739F442ACB0A5FD9262331BB61C4B00CF2C6D94121 ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
17:10:38.0329 0x30c4  WSDPrintDevice - ok
17:10:38.0362 0x30c4  [ F454BF3F0D3F19057B8612CA523D22D5, 869EC91E7D709C15ADF9D53C82A87F2D5220ED3CA44CEBF34F4D601E78DA0481 ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
17:10:38.0362 0x30c4  WSDScan - ok
17:10:38.0362 0x30c4  WSearch - ok
17:10:38.0428 0x30c4  [ 1DF5220FE6F680B7DDD5815E6C274A31, CE7D591CB50F23DCB0E249B3591E280EAA8D364AEB4675DD962605D2205BE580 ] wsvd            C:\WINDOWS\system32\DRIVERS\wsvd.sys
17:10:38.0428 0x30c4  wsvd - ok
17:10:38.0562 0x30c4  [ 05BEDBBEEAAC22F98FCA529FAC659582, E4D2FFF98034E2E7FE0478AB9C8D677CA932349A976DFC0C2B65DB15C71354B4 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
17:10:38.0628 0x30c4  wuauserv - ok
17:10:38.0645 0x30c4  [ 455609BF60DA3B57EEAB863DEFCCF14D, F55271C42B7AFD17D01275703719C1F52C21996DB82AC78A70A8A8B62370623B ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
17:10:38.0662 0x30c4  WudfPf - ok
17:10:38.0679 0x30c4  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
17:10:38.0679 0x30c4  WUDFRd - ok
17:10:38.0695 0x30c4  [ 9EFE23CA208BF4B613FF4A6028DFAB10, 483D8D8DA578BF3EA5617EAB42457543EC6F97C1977BDD8ABFDF854AE3AAFD35 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
17:10:38.0712 0x30c4  wudfsvc - ok
17:10:38.0712 0x30c4  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:10:38.0728 0x30c4  WUDFWpdFs - ok
17:10:38.0728 0x30c4  [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
17:10:38.0745 0x30c4  WUDFWpdMtp - ok
17:10:38.0829 0x30c4  [ 3EEF7185E0974D9AB2D65CA3214132CF, 44DB1D11B6B1D180F59AB3FE4D7235F7F2FD709A853F6A64E8E379FFFD16CD3C ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
17:10:38.0879 0x30c4  WwanSvc - ok
17:10:38.0912 0x30c4  [ FC0147AB34C7CDB2D8A1B29C207F2CD1, 737D40A4BE35AD13C091D8E320FAD3FD7C0C7E41C8B50E48D3C2151712A55718 ] xbgm            C:\WINDOWS\System32\xbgmsvc.dll
17:10:38.0929 0x30c4  xbgm - ok
17:10:38.0996 0x30c4  [ 8C7C5945C3545CA767BE111D78C15314, 5A938679DA3EDA2D9CA7034908DFEFCC7DAADB10DFD0CF4ECE882FF536D1BFA2 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
17:10:39.0028 0x30c4  XblAuthManager - ok
17:10:39.0095 0x30c4  [ A8BD191F46CC58E45637CB3E262CF0F2, CA65524427ECDB5E1138A5F8E885566064E507BA60FC31E0D9D17B9556CC9ADC ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
17:10:39.0129 0x30c4  XblGameSave - ok
17:10:39.0196 0x30c4  [ B10655A4C2EFDC25483D670EF52A4854, 2D9DC81AE73FDFE7F4E395BEC8E806E6BAD8DE0470027EEEC256AC4A4B7C7AA4 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
17:10:39.0213 0x30c4  xboxgip - ok
17:10:39.0261 0x30c4  [ E099DED5C602AE4A7ECCF7CD4B1D2E33, 7FDAFFE13B87A8E6AA8721F8905FFF6EF04CAB93009F68EDA862B57EBB04514F ] XboxGipSvc      C:\WINDOWS\System32\XboxGipSvc.dll
17:10:39.0262 0x30c4  XboxGipSvc - ok
17:10:39.0362 0x30c4  [ EF83C2EF7F152DFDC6D9F1AEC6FBE66F, 21D4FCD12F9D40D066F05936131A4F7BAB301DD800C85921476EC182B9D27D0B ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
17:10:39.0395 0x30c4  XboxNetApiSvc - ok
17:10:39.0412 0x30c4  [ 2E50A379A8E4F6C5D85E87C26C08D329, ADA0C344FE58A3772FFF7417268160E488741C5B2F08CA12ED587AB7F75756F6 ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
17:10:39.0428 0x30c4  xinputhid - ok
17:10:39.0512 0x30c4  [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
17:10:39.0528 0x30c4  ZAtheros Bt and Wlan Coex Agent - ok
17:10:39.0528 0x30c4  ================ Scan global ===============================
17:10:39.0595 0x30c4  [ EEA8447A2E39A39F66C74BA66C421F92, 7FFC5294E0D0438E7450ED36947AB04D0C84DF4E1C9F2D49340D3BA586FFFAB2 ] C:\WINDOWS\system32\basesrv.dll
17:10:39.0678 0x30c4  [ A5AE05D3674CBA5DD28C5580E238B059, 5298CF9CEB84FBDC7CAD9969CAFE7D9FFFCA625D50F8BDF877FCEAE8426375F7 ] C:\WINDOWS\system32\winsrv.dll
17:10:39.0745 0x30c4  [ 7DD72CBE412C9567661F4B1CE9631FC1, 8D914805CBDAF448C8C132C4C3FEB1D90804F4F485180F7364A75EC5655A4DDB ] C:\WINDOWS\system32\sxssrv.dll
17:10:39.0879 0x30c4  [ 800D00D1A7ADA9E341CACDF287347584, 70AD5A458203B35F227F3F6B4783D00424C96AA9E29DB3090CEC8C00E62CD8E5 ] C:\WINDOWS\system32\services.exe
17:10:39.0895 0x30c4  [ Global ] - ok
17:10:39.0895 0x30c4  ================ Scan MBR ==================================
17:10:39.0895 0x30c4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:10:40.0212 0x30c4  \Device\Harddisk0\DR0 - ok
17:10:40.0212 0x30c4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
17:10:40.0228 0x30c4  \Device\Harddisk1\DR1 - ok
17:10:40.0228 0x30c4  ================ Scan VBR ==================================
17:10:40.0228 0x30c4  [ 78698AD9CB5C99206C58C093801A7949 ] \Device\Harddisk0\DR0\Partition1
17:10:40.0228 0x30c4  \Device\Harddisk0\DR0\Partition1 - ok
17:10:40.0228 0x30c4  [ A6BCD974037E1B8E3D0DC286A36D4B80 ] \Device\Harddisk0\DR0\Partition2
17:10:40.0228 0x30c4  \Device\Harddisk0\DR0\Partition2 - ok
17:10:40.0244 0x30c4  [ 755710FE1A3296690CE48C848F6C9734 ] \Device\Harddisk1\DR1\Partition1
17:10:40.0245 0x30c4  \Device\Harddisk1\DR1\Partition1 - ok
17:10:40.0245 0x30c4  ================ Scan generic autorun ======================
17:10:40.0278 0x30c4  SecurityHealth - ok
17:10:40.0829 0x30c4  [ BA6D2D72E4B3B5E6E092012F548F5182, D7DE4C0FF0683694F5A06BF36C1E772DAD232B7FCA2CE5F476C64925395D3EA4 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
17:10:41.0295 0x30c4  RtHDVCpl - ok
17:10:41.0395 0x30c4  [ 37BFB349262E269DD07A3D8323BCCEAF, 1AA11990194258B5C8FCD16B88ED32098C406477F541A8BA31C8C7AAACA6463B ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
17:10:41.0429 0x30c4  RtHDVBg_Dolby - ok
17:10:41.0462 0x30c4  [ 37BFB349262E269DD07A3D8323BCCEAF, 1AA11990194258B5C8FCD16B88ED32098C406477F541A8BA31C8C7AAACA6463B ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
17:10:41.0495 0x30c4  RtHDVBg_LENOVO_DOLBYDRAGON - ok
17:10:41.0529 0x30c4  [ 37BFB349262E269DD07A3D8323BCCEAF, 1AA11990194258B5C8FCD16B88ED32098C406477F541A8BA31C8C7AAACA6463B ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
17:10:41.0562 0x30c4  RtHDVBg_LENOVO_MICPKEY - ok
17:10:41.0562 0x30c4  ETDCtrl - ok
17:10:41.0662 0x30c4  [ BAD24090378CD1D9D70DD21CF21D1BFB, A5FB5F8DCF33BB252304D6DA7CB62906E5A437A561A066A647C8D199EE3C57B8 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
17:10:41.0662 0x30c4  IAStorIcon - ok
17:10:41.0729 0x30c4  [ AEDAEB361A737E1E4F520E40780E0D3F, CC426C0D3172339B18CF94F490DF2A155236766495F7D734F65CE5C87D04C729 ] C:\Windows\system32\igfxtray.exe
17:10:41.0745 0x30c4  IgfxTray - ok
17:10:41.0896 0x30c4  [ 6ADC22BC02AD75BD82BA3CCA4BE299B7, CC9E31CC6C30CCE48B3FB7E5073FEB52E371499D95771D399E100E75FE36D649 ] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
17:10:41.0912 0x30c4  LENOVO.TPKNRRES - ok
17:10:42.0562 0x30c4  [ D0F24D9FE702CFE79998245BE2C7A1E4, 006A51465D58B5EBD97A912A2685E1EE7A3E549C604B78B498AF9FB1A7AD398D ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
17:10:43.0112 0x30c4  Energy Manager - ok
17:10:43.0529 0x30c4  [ E2CAD31F34A257745BCE7621504B6901, F41AD33FE68865735CD31FB20D57D9BBA01739F1DBEB6B63AA167DD3007A193A ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
17:10:43.0879 0x30c4  Lenovo Utility - ok
17:10:43.0962 0x30c4  [ AC0E95348898DBC8FEAB5675B8584DD1, A53C2B6ED5477AF8A6E12FACD192AF5571DB5A2962DBDC5AA50DB4498035BB7C ] C:\Windows\system32\PrintDisp.exe
17:10:43.0979 0x30c4  PrintDisp - ok
17:10:44.0078 0x30c4  [ 8F83160C43C61FC6775391B46B7C16BF, 648588126B2CD0B9F50F478BF4F7474137D1285061A3B22B56C1CB5B4FD3C3BF ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
17:10:44.0095 0x30c4  UpdateP2GShortCut - ok
17:10:44.0145 0x30c4  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
17:10:44.0145 0x30c4  HP Software Update - ok
17:10:44.0395 0x30c4  [ 555ED8FE114EF3A2728625991DA64759, CF313C155FFB47304F2E06D68C62CEFF783D890B2331BE6F7B131B614EAFD1F3 ] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
17:10:44.0495 0x30c4  Dropbox - ok
17:10:44.0645 0x30c4  [ 395CB6E8C67BFB1063AD86987909C184, 15F3BA6DF6D0C5C8FB9FF0AB661A5A652F26BAB7A0FB0DB47874069522400B16 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
17:10:44.0645 0x30c4  SunJavaUpdateSched - ok
17:10:45.0579 0x30c4  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
17:10:46.0262 0x30c4  OneDriveSetup - ok
17:10:47.0379 0x30c4  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
17:10:47.0778 0x30c4  OneDriveSetup - ok
17:10:47.0879 0x30c4  GoogleDriveSync - ok
17:10:48.0061 0x30c4  [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
17:10:48.0112 0x30c4  HP Officejet Pro 8600 (NET) - ok
17:10:48.0495 0x30c4  [ 00F30FDFDE3E276C1A731C2DF951D67E, 018E6933882FCC41EE96E198E6F7ECEFB53EC650B1044A58876B26EDE011158B ] C:\Users\Jörg Schmidt\AppData\Local\Microsoft\OneDrive\OneDrive.exe
17:10:48.0545 0x30c4  OneDrive - ok
17:10:49.0262 0x30c4  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
17:10:49.0662 0x30c4  OneDriveSetup - ok
17:10:49.0962 0x30c4  [ AAE92457F50F4DD74E2D502ADB9549EE, 70C8FBE410FE388D6B85334215EBE3393C16E8F8B19F5A8BA50DB6DF23196D50 ] C:\Users\Arbeit\AppData\Local\Microsoft\OneDrive\OneDrive.exe
17:10:49.0996 0x30c4  OneDrive - ok
17:10:50.0112 0x30c4  [ 9203CEE59C720D1D4BB9A97E4DE4152D, 55743BBED85C3EDB764F30648F23951FE8C76FC4984216596306F4E453D0CCB5 ] C:\Program Files (x86)\Windows Mail\wab.exe
17:10:50.0163 0x30c4  WAB Migrate - ok
17:10:50.0829 0x30c4  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
17:10:51.0245 0x30c4  OneDriveSetup - ok
17:10:51.0361 0x30c4  [ 9203CEE59C720D1D4BB9A97E4DE4152D, 55743BBED85C3EDB764F30648F23951FE8C76FC4984216596306F4E453D0CCB5 ] C:\Program Files (x86)\Windows Mail\wab.exe
17:10:51.0362 0x30c4  WAB Migrate - ok
17:10:51.0362 0x30c4  Waiting for KSN requests completion. In queue: 12
17:10:52.0412 0x30c4  AV detected via SS2: Kaspersky Total Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\wmiav.exe ( 17.0.0.727 ), 0x41000 ( enabled : updated )
17:10:52.0412 0x30c4  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.332 ), 0x60100 ( disabled : updated )
17:10:52.0412 0x30c4  FW detected via SS2: Kaspersky Total Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\wmiav.exe ( 17.0.0.727 ), 0x41010 ( enabled )
17:10:52.0528 0x30c4  ============================================================
17:10:52.0528 0x30c4  Scan finished
17:10:52.0528 0x30c4  ============================================================
17:10:52.0546 0x2948  Detected object count: 0
17:10:52.0546 0x2948  Actual detected object count: 0
         

Alt 03.07.2017, 08:10   #7
JoeS2013
 
Dummerweise auf einen Link geklickt in Mail - Standard

Dummerweise auf einen Link geklickt in Mail



Und hier kommt die Addition. Viele Leiben Dank.
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-07-2017
durchgeführt von **** ******* (03-07-2017 07:59:32)
Gestartet von C:\Users\**** *******\Desktop\Troj
Windows 10 Pro Version 1703 (X64) (2017-04-13 08:44:09)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1623287776-416804053-2603140408-500 - Administrator - Disabled)
Arbeit (S-1-5-21-1623287776-416804053-2603140408-1001 - Administrator - Enabled) => C:\Users\Arbeit
DefaultAccount (S-1-5-21-1623287776-416804053-2603140408-503 - Limited - Disabled)
Gast (S-1-5-21-1623287776-416804053-2603140408-501 - Limited - Disabled)
**** ******* (S-1-5-21-1623287776-416804053-2603140408-1000 - Administrator - Enabled) => C:\Users\**** *******

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.118 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.126 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\Amazon Amazon Music) (Version: 3.11.1.1040 - Amazon Services LLC)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Ashampoo Cover Studio 1.01 (HKLM-x32\...\Ashampoo Cover Studio_is1) (Version: 1.0.1 - ashampoo GmbH & Co. KG)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
BRAINYOO (HKLM-x32\...\BRAINYOO) (Version:  - BRAINYOO Ltd.)
BurnAware Free 10.2 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
Cisco WebEx Meetings (HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
ClipGrab 3.6.5 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version:  - Philipp Schmieder Medien)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
DisplayLink Core Software (HKLM\...\{22822919-96E0-46E0-9CCC-1318A8ED0081}) (Version: 7.9.1589.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{F8D0059A-CC6D-414F-A36F-FEDAE2588000}) (Version: 7.4.51587.0 - DisplayLink Corp.)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 29.4.20 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Duden Korrektor (Release) (HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\{70600aec-2896-4c78-b615-936b3e3226fa}) (Version: 12.0.27 - EPC Consulting und Software GmbH)
Duden Korrektor für Microsoft Office (HKLM-x32\...\{69E3E8AE-4520-4647-A97E-2062537CDE03}) (Version: 12.0.27 - EPC Consulting und Software GmbH) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.0.20150211 - Landesfinanzdirektion Thüringen)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.18 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.18 - Lenovo)
FRITZ!Powerline (HKLM-x32\...\{F9C9378B-78D5-4CC0-8683-B7915DFEA9C5}) (Version: 01.00.65 - AVM Berlin)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Earth Pro (HKLM-x32\...\{6D5E5B27-D872-4A5F-A1D9-CE681DB7B96A}) (Version: 7.1.7.2606 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{FDE820DD-CC88-4395-AD5C-801365B8F316}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.4.40 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Lenovo Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.9.0 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1323.0_WHQL - Sonix)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6806.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6806.52 - CyberLink Corp.)
Lenovo Settings (HKLM-x32\...\{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Ihr Firmenname) Hidden
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Ihr Firmenname)
LibreOffice 4.3 Help Pack (German) (HKLM-x32\...\{25104DB0-0C1F-4038-BC99-26082D13602B}) (Version: 4.3.6.2 - The Document Foundation)
LibreOffice 5.2.7.2 (HKLM-x32\...\{C89BB248-1889-4D6B-B310-A744A0545123}) (Version: 5.2.7.2 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4937.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1623287776-416804053-2603140408-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.2.28 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{2AADC4EE-94C8-422B-977B-547774C4A463}) (Version: 1.0.40 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 5.9.0 (HKLM\...\{4E7CCB76-687B-4C53-9A5E-08780AF3A551}) (Version: 5.9.0 - Motorola Inc.) Hidden
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Mozilla Thunderbird 52.2.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 52.2.1 (x86 de)) (Version: 52.2.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MusicBee 3.0 (HKLM-x32\...\MusicBee) (Version: 3.0 - Steven Mayall)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4937.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4937.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0407-0000-0000000FF1CE}) (Version: 15.0.4937.1000 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCE}) (Version: 4.0.12 - dotPDN LLC)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10614 - CyberLink Corp.)
Pulse Secure Network Connect 8.0 (HKLM-x32\...\Pulse Secure Network Connect 8.0) (Version: 8.0.13.38659 - Pulse Secure, LLC)
Pulse Secure Network Connect 8.2 (HKLM-x32\...\Pulse Secure Network Connect 8.2) (Version: 8.2.5.49363 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\Juniper_Setup_Client) (Version: 8.0.13.61239 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\Pulse_Setup_Client) (Version: 8.2.5.869 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Pulse_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Pulse Secure Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Pulse Secure Setup Client Activex Control (HKLM-x32\...\Pulse_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.29071 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.78.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Steuer-Ratgeber 2016-2017 (HKLM-x32\...\{2D99CB45-87EE-4834-BB15-5DD59A024E4C}) (Version: 16.11.6 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2015 (HKLM-x32\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.42.175 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2016 (HKLM-x32\...\{D331D50C-C578-423B-8BC7-94D3133CE315}) (Version: 21.37.107 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2017  (HKLM-x32\...\{45815686-22F8-4D24-872D-E481A654B230}) (Version: 22.31.75 - Wolters Kluwer Deutschland GmbH)
Studie zur Verbesserung von HP Officejet Pro 8600 Produkten (HKLM\...\{B9824225-2055-4700-BCD4-64B25EC88264}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
ThinkPad OneLink Dock (HKLM-x32\...\{8E1CACF5-2493-4950-9AD5-189903FE57E7}) (Version: 1.08.26 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.5.1 - VideoLAN)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17384 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (09/24/2013 11.19.0.845) (HKLM\...\BD8A640DD72A18DFC3CEF8418113F7170A6CB417) (Version: 09/24/2013 11.19.0.845 - Lenovo)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers01: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers01: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll -> Keine Datei
ContextMenuHandlers01: [ASZip] -> {d03d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} =>  -> Keine Datei
ContextMenuHandlers01: [ASZip64] -> {d03d3e78-0f44-3d45-b15f-bcfd8a8b4c7e} =>  -> Keine Datei
ContextMenuHandlers01: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers01: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google)
ContextMenuHandlers01: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers01: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers02: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers04: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} =>  -> Keine Datei
ContextMenuHandlers04: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll -> Keine Datei
ContextMenuHandlers04: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers04: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google)
ContextMenuHandlers04: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers05: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers05: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Keine Datei
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-06-12] (Intel Corporation)
ContextMenuHandlers06: [ASZip] -> {d03d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} =>  -> Keine Datei
ContextMenuHandlers06: [ASZip64] -> {d03d3e78-0f44-3d45-b15f-bcfd8a8b4c7e} =>  -> Keine Datei
ContextMenuHandlers06: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers06: [PintoStartScreen] -> {470C0EBD-5D73-4d58-9CED-E91E22E23282} => C:\Windows\System32\appresolver.dll [2017-04-14] (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0583BD80-8B4B-4717-9C68-C1AD0D7EE162} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {07503EE7-1CFA-4D6A-98E1-8A08806070B7} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {07AA1D0E-BA89-414D-B885-FB4FB77F9557} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {11F2DEB2-D99A-4B68-B2FF-84A7C143F40A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {14AB2298-1620-4479-9A14-FE2E0B6646AE} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] ()
Task: {1AFEC9DE-A96A-40B6-8DB5-C1B8F03FF1BC} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B8B7EF2-7051-4E74-9959-CDFB0E676863} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {268EB81C-418C-47DD-A100-ABA799C4F9B0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {2FAB4AF3-DD0F-41BA-A029-BC21922B559F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {3DE77B65-97D4-424C-9CEB-FE57664CCDA7} - System32\Tasks\{71BA29AA-C47B-4B8A-836A-76CED96A31C9} => pcalua.exe -a "C:\Users\**** *******\Downloads\Plattenkiste257_1_PHBW.exe" -d "C:\Users\**** *******\Downloads"
Task: {3E4B47C2-38B4-40C6-87ED-238A0F1D7FA2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3EBF690D-B35F-4EBD-B0C0-E3FCC345477F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4AAA2335-0EE4-4296-936F-542F0BC8EBE3} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {4CBBF093-5095-4A96-89F4-FC033FB5E91B} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {4EB70EDC-4411-41B8-9B60-9C77131F228F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {51C36AF0-7A39-46E4-BA53-5F1BB2E50254} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {51D1F21F-05EE-4BEB-8D01-42B03B1729A1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {5436ADC2-8B82-4998-AA43-DB70CC76DB9D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {559F9F55-1F82-4A09-9133-EB899B070280} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {64D307F4-C5B5-4272-8C06-20ACA1D69DBC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6FECC40E-273A-4558-8C0F-798CBCB87863} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {702C19E0-E049-4526-81B6-0CE13F619057} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {70591BC0-7B8B-4791-BC28-76294078F326} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {751F2FD3-B289-474B-A1F2-0DD0226B60DA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {774D8D60-E937-49C1-AE9F-2A15FC38E01B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {77576AA6-0743-47C6-A890-F86E17073CA1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {78DE1DBE-4307-4E27-B377-9D3ABA07EF80} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {7B3790BC-B4B8-43C1-9146-846C23642F17} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {80F888D1-E9CE-40C6-881D-4424458A013F} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {815A8BA9-0622-49A0-AEEE-3879FEFC37AA} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8565DE5B-A508-4AB2-97CF-8A09F3CEF4E4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8FD18F73-7B10-4539-BACC-5F1BC531B2B9} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9526D466-51D3-4771-B05B-207B16821A5F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {9AC7906F-F43C-4127-B9F4-D2AAF90E53F8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9C9E80CD-67E1-422D-811B-59093C67F981} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-24] (Dropbox, Inc.)
Task: {9D02ACF5-BA85-4EA9-A598-EB9F2D478171} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {A585C283-6F1B-496B-9F3F-C7B03FD04D34} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {A7641E1D-7114-49D8-8CF6-ABBC5FE34366} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-14] (Google Inc.)
Task: {AA2DCA43-5DCC-4D37-8F5A-1E8C9FCF61CC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AA80116F-D9C0-4499-B299-AEC5E56C7624} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0578703-9EAF-4195-AB6D-304D027228E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-14] (Google Inc.)
Task: {BAB48103-1974-4B65-8F7F-AEF12B42C2BB} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C0075C6C-CCB9-4314-9DB4-A71A640B33E8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-06-18] (Adobe Systems Incorporated)
Task: {C0F18505-B1C8-4817-AD7B-67B00FC7EA63} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] ()
Task: {C1C79CA9-4DC7-4F35-843A-36823EB6F269} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {C68B180D-626F-40C7-BBE8-B47283D7D6BE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C7A96E46-0EE0-442D-AA53-C0C6A9C95003} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {C9200B7B-727D-44D7-B220-930A1DD6D355} - System32\Tasks\{89060D6F-4F60-4A05-87AA-CFA3021FCF3C} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\StartCenter.exe"
Task: {CAD382B2-BEE9-4AAC-AB19-A4514E879E0E} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {CFA54271-5AC5-4CB9-97EA-5447D2E3AFC2} - System32\Tasks\{6A9B8A68-7F55-45F0-B340-6F3B04710EE9} => pcalua.exe -a "C:\Users\**** *******\AppData\Local\Temp\Temp1_SteuerSparErklaerung_21.20.38.zip\SSEStandard_21.20.38.exe" <==== ACHTUNG
Task: {DF6F389D-E3CD-48F2-B83E-6B5B216BDFE3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {EB6BFC21-A6DF-47A8-83F7-E5928584F407} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FA298B14-0449-412E-9C61-62F61D9F6790} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FB60C248-ABA9-4C22-8C26-6B02DD5B61CF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {FBB83FA1-5815-4FEF-895F-57A7E10729A4} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-24] (Dropbox, Inc.)
Task: {FE0A3BA0-817C-4B76-959E-9D7D12A63AC1} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2008-10-24 17:35 - 2008-10-24 17:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2012-07-17 22:31 - 2012-07-17 22:31 - 00116632 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
2015-02-13 17:54 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-07-17 22:31 - 2012-07-17 22:31 - 00776088 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-06-04 13:20 - 2015-06-04 13:20 - 00133184 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-03-26 12:50 - 2014-08-04 12:10 - 00058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2014-08-04 11:48 - 2013-11-13 17:48 - 00915968 ____N () C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\kpcengine.2.3.dll
2014-08-04 12:09 - 2011-08-02 20:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2014-08-04 12:09 - 2011-08-02 20:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2014-08-04 11:40 - 2013-12-03 13:35 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-06-23 07:38 - 2017-06-23 07:38 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2017-06-28 07:29 - 2017-06-26 12:27 - 00801600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-06-28 07:29 - 2017-06-26 12:27 - 01787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-06-28 07:24 - 2017-06-26 12:26 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-06-28 07:24 - 2017-06-26 12:29 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-06-28 07:29 - 2017-06-26 12:28 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-06-28 07:29 - 2017-06-26 12:26 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-06-28 07:29 - 2017-06-26 12:26 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-06-28 07:29 - 2017-06-26 12:27 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-06-28 07:24 - 2017-06-26 12:26 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-06-28 07:29 - 2017-06-26 12:27 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-06-28 07:29 - 2017-06-26 12:26 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-06-28 07:24 - 2017-06-26 12:29 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-06-28 07:29 - 2017-06-26 12:28 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-06-28 07:29 - 2017-06-26 12:28 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-06-28 07:29 - 2017-06-26 12:27 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-06-28 07:29 - 2017-06-26 12:29 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-06-28 07:29 - 2017-06-26 12:27 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-06-28 07:29 - 2017-06-26 12:29 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-06-28 07:24 - 2017-06-26 12:30 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-06-28 07:29 - 2017-06-26 12:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-06-28 07:29 - 2017-06-26 12:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-06-28 07:24 - 2017-06-26 12:30 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-06-28 07:24 - 2017-06-26 12:29 - 00023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-04-28 08:48 - 2017-06-26 12:27 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2017-07-03 07:50 - 2017-07-03 07:50 - 00098816 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\win32api.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00110080 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\pywintypes27.dll
2017-07-03 07:50 - 2017-07-03 07:50 - 00364544 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\pythoncom27.dll
2017-07-03 07:50 - 2017-07-03 07:50 - 00320512 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\win32com.shell.shell.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00914432 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\_hashlib.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 01176576 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\wx._core_.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00806400 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\wx._gdi_.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00816128 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\wx._windows_.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 01067008 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\wx._controls_.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00733184 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\wx._misc_.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00682496 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\pysqlite2._sqlite.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00088064 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\_ctypes.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00686080 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\unicodedata.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00119808 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\win32file.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00108544 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\win32security.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00007168 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\hashobjs_ext.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00017920 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\thumbnails_ext.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00088064 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\usb_ext.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00012800 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\common.time34.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00018432 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\win32event.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00167936 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\win32gui.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00046080 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\_socket.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 01303552 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\_ssl.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00128512 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\_elementtree.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00127488 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\pyexpat.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00038912 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\win32inet.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00036864 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\_psutil_windows.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00524248 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\windows._lib_cacheinvalidation.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00011264 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\win32crypt.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00123392 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\wx._wizard.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00077312 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\wx._html2.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00027648 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\_multiprocessing.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00020480 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\_yappi.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00035840 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\win32process.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00078848 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\wx._animate.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00024064 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\win32pipe.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00010240 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\select.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00025600 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\win32pdh.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00017408 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\win32profile.pyd
2017-07-03 07:50 - 2017-07-03 07:50 - 00022528 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI87722\win32ts.pyd
2016-09-13 10:36 - 2016-09-13 10:36 - 00126232 _____ () C:\Users\**** *******\AppData\Local\Duden Korrektor\Duden Korrektor\win32\bin\SGAnalyseSP.dll
2016-09-13 10:35 - 2016-09-13 10:35 - 00103192 _____ () C:\Users\**** *******\AppData\Local\Duden Korrektor\Duden Korrektor\win32\bin\CSegmentation.dll
2016-09-13 10:36 - 2016-09-13 10:36 - 00291096 _____ () C:\Users\**** *******\AppData\Local\Duden Korrektor\Duden Korrektor\win32\bin\GAMORPHDPF.dll
2016-09-13 10:35 - 2016-09-13 10:35 - 00104728 _____ () C:\Users\**** *******\AppData\Local\Duden Korrektor\Duden Korrektor\win32\bin\DpfDict.dll
2016-09-13 10:35 - 2016-09-13 10:35 - 00606488 _____ () C:\Users\**** *******\AppData\Local\Duden Korrektor\Duden Korrektor\win32\bin\CTokenizer.dll
2016-09-13 10:36 - 2016-09-13 10:36 - 00772376 _____ () C:\Users\**** *******\AppData\Local\Duden Korrektor\Duden Korrektor\win32\bin\sprt4-2-3.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\**** *******\Pictures\Documents\Antiquariat:com.dropbox.attributes [168]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2017-06-28 15:08 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1623287776-416804053-2603140408-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
HKU\S-1-5-21-1623287776-416804053-2603140408-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo_1\Lenovo_11.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.176.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Amazon Music => "C:\Users\**** *******\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: BrainYoo2 => "C:\Program Files (x86)\BrainYoo2\BrainYoo2.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Power2GoExpress => NA
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{346AC7F8-46D3-4C8A-A003-CB98641E0C47}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe
FirewallRules: [{6E552B46-B616-4AF7-80BC-11E194893C62}] => (Allow) C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe
FirewallRules: [{24DC6282-4237-4CBD-9B6F-C92642CDB192}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\TuneItUp.exe
FirewallRules: [{05832130-26F6-4FA7-8460-6C277AB4C7D7}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\TuneItUp.exe
FirewallRules: [{BCCBEE42-A77C-4AAC-97B6-FEAE72BAEA14}] => (Allow) LPort=3306
FirewallRules: [{30274473-993E-4FBC-B7AC-74E15FA342B1}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{20145B7D-4D84-4B4A-859D-0DAF54F705C3}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{1FC7BC08-C54E-4F68-BF70-EA8E8EE18BA5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6DAB287F-9D3D-4904-A2F6-5EBD31B97959}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{0D2E513F-D172-465E-8074-4C679A05CED8}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{8ED79079-9CD4-41AE-B6FA-557F85BA2001}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{598CCC32-9376-43B6-9C06-9EA13772CCCB}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{B8C6B224-ED9B-403B-AD4A-D6C67D5F05A9}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{1A468716-446E-4C76-A509-D56897168892}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{4972CCA1-A821-4006-B79F-45C00AF82CA0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8DAA8CB3-A30A-440E-ADF4-90214D405C64}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{8AF3A320-4126-4892-B5BA-C645B9348518}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

20-06-2017 11:55:06 Windows Update
27-06-2017 14:49:44 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/01/2017 05:27:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: J*******-mobil)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/01/2017 04:43:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: J*******-mobil)
Description: Bei der Aktivierung der App „Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/01/2017 04:25:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: J*******-mobil)
Description: Bei der Aktivierung der App „Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (07/03/2017 07:49:46 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Benutzerdienst für die Plattform für verbundene Geräte_c810067" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (07/03/2017 07:49:45 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/03/2017 07:49:45 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/02/2017 12:42:17 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (07/02/2017 12:42:14 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (07/02/2017 12:42:12 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (07/02/2017 12:42:09 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (07/02/2017 12:42:07 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (07/02/2017 12:42:04 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (07/02/2017 12:42:02 PM) (Source: Disk) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.


CodeIntegrity:
===================================
  Date: 2017-06-15 19:40:20.548
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:20.514
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:20.476
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:20.373
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:20.333
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:20.299
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:18.632
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:18.360
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 18:26:59.025
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 18:26:58.802
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 8120.36 MB
Verfügbarer physikalischer RAM: 4171.65 MB
Summe virtueller Speicher: 16312.36 MB
Verfügbarer virtueller Speicher: 11784.37 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:894.54 GB) (Free:476.74 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Backup) (Fixed) (Total:25 GB) (Free:22.47 GB) NTFS
Drive e: (KINGSTON) (Removable) (Total:3.73 GB) (Free:3.73 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8FF49E15)
Partition 1: (Not Active) - (Size=200 MB) - (Type=27)
Partition 2: (Active) - (Size=894.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=11.8 GB) - (Type=12)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 3.7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=3.7 GB) - (Type=0C)

==================== Ende von Addition.txt ============================
         

Alt 03.07.2017, 19:12   #8
M-K-D-B
/// TB-Ausbilder
 
Dummerweise auf einen Link geklickt in Mail - Standard

Dummerweise auf einen Link geklickt in Mail



Servus,





Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Firewall
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
  • Deinstalliere Malwarebytes' Anti-Malware 2 über die Systemsteuerung. (Bebilderte Anleitung)
  • Starte den Rechner im Anschluss neu auf.
  • Downloade dir den MBAM Uninstaller auf deinen Desktop.
  • Schließe alle offenen Programme und führe den Uninstaller aus. Der Rechner muss zum Abschluss neu gestartet werden.





Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware 3
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.





Schritt 4
  • Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist.
  • Setze einen Haken vor Shortcut.txt und drücke auf Untersuchen.
  • FRST erstellt nun drei Logdateien (FRST.txt, Addition.txt und Shortcut.txt).
  • Poste mir alle drei Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die drei neuen Logdateien von FRST.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 03.07.2017, 23:13   #9
JoeS2013
 
Dummerweise auf einen Link geklickt in Mail - Standard

Dummerweise auf einen Link geklickt in Mail



Lieber M-K-D-B

hier kommt die Shortcut.txt
Code:
ATTFilter
Untersuchungsergebnis der Verknüpfungen des Benutzers (x64) Version: 03-07-2017 01
durchgeführt von **** ******* (03-07-2017 23:03:51)
Gestartet von C:\Users\**** *******\Desktop\Troj
Start-Modus: Normal

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\01 - File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\03 - Documents.lnk -> C:\Users\**** *******\Pictures\Documents ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\04 - Downloads.lnk -> C:\Users\**** *******\Downloads ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\05 - Music.lnk -> C:\Users\**** *******\Music ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\06 - Pictures.lnk -> C:\Users\**** *******\Pictures ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\07 - Videos.lnk -> C:\Users\**** *******\Videos ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\08 - Homegroup.lnk -> Microsoft.Windows.Homegroup
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\09 - Network.lnk -> Microsoft.Windows.Network
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu Places\10 - UserProfile.lnk -> C:\Users\**** ******* ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}\SC_Reader.ico (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk -> C:\Program Files\GIMP 2\bin\gimp-2.8.exe (Spencer Kimball, Peter Mattis and the GIMP Development Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk -> C:\Program Files (x86)\HP\IrisOCR_12.3.4.0\regipe.exe (I.R.I.S. Image Recognition Integarted Systems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk -> C:\Windows\MiracastView\MiracastView.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk -> C:\Program Files\paint.net\PaintDotNet.exe (dotPDN LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk -> C:\Windows\PrintDialog\PrintDialog.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Upgrade-Assistent.lnk -> C:\Windows10Upgrade\Windows10UpgraderApp.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuertipps\SteuerSparErklärung 2015\Start-Center 2015.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2015\StartCenter.exe (Akademische Arbeitsgemeinschaft Verlag)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuertipps\SteuerSparErklärung 2015\Informationen und Hilfe\TeamViewer.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2015\TeamViewerQS_AAV_Win.exe (TeamViewer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2017\Start-Center 2017.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2017\StartCenter.exe (Akademische Arbeitsgemeinschaft - Wolters Kluwer Deutschland GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2017\Informationen und Hilfe\Report erstellen.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2017\ReportTool.exe (Akademische Arbeitsgemeinschaft Verlag)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2017\Informationen und Hilfe\TeamViewer.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2017\TeamViewerQS_AAV_Win.exe (TeamViewer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016\Start-Center 2016.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\StartCenter.exe (Akademische Arbeitsgemeinschaft Verlag)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016\Informationen und Hilfe\Report erstellen.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\ReportTool.exe (Akademische Arbeitsgemeinschaft Verlag)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016\Informationen und Hilfe\TeamViewer.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\TeamViewerQS_AAV_Win.exe (TeamViewer)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Ratgeber 2016-2017\Handbuch.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\Steuer-Ratgeber 2017\hilfe.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulse Secure\Network Connect 8.2\Network Connect.lnk -> C:\Program Files (x86)\Pulse Secure\Network Connect 8.2\dsNetworkConnect.exe (Pulse Secure, LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulse Secure\Network Connect 8.2\Uninstall Network Connect.lnk -> C:\Program Files (x86)\Pulse Secure\Network Connect 8.2\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulse Secure\Network Connect 8.0\Network Connect.lnk -> C:\Program Files (x86)\Juniper Networks\Network Connect 8.0\dsNetworkConnect.exe (Pulse Secure, LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulse Secure\Network Connect 8.0\Uninstall Network Connect.lnk -> C:\Program Files (x86)\Juniper Networks\Network Connect 8.0\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicBee\Uninstall MusicBee.lnk -> C:\Program Files (x86)\MusicBee\Uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\An OneNote 2013 senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Excel 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\excel.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenote.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\PowerPoint 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\powerpnt.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Word 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\winword.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Office 2013 Upload Center.lnk -> C:\Program Files\Microsoft Office 15\root\office15\msouc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013\Office 2013-Tools\Office 2013-Spracheinstellungen.lnk -> C:\Program Files\Microsoft Office 15\root\office15\setlang.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes\Uninstall Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\PowerDVD 10\Lenovo PowerDVD 10.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Infodatei.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Power2Go Express.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Power2Go Hilfe.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\Power2Go\Power2Go.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\OneKey Recovery\OneKey Recovery.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Settings\Help doc.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Settings\Lenovo Settings.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Settings\Uninstall.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security\Kaspersky Lab im Internet.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security\Kaspersky Total Security entfernen.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security\Kaspersky Total Security.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security\Lizenzvertrag.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection\Kaspersky Secure Connection entfernen.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection\Kaspersky Secure Connection.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection\Lizenzvertrag.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection\My Kaspersky.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Java konfigurieren.lnk -> C:\Program Files\Java\jre1.8.0_121\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel\Intel(R) Rapid Storage Technology.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape 0.91\Inkscape 0.91.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape 0.91\Inkscape Homepage.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP*Update.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet Pro 8600\Deinstallieren.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet Pro 8600\Druckereinrichtung & -software.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet Pro 8600\Hilfe.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet Pro 8600\HP Officejet Pro 8600.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet Pro 8600\HP Scan.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet Pro 8600\IP-Adresse aktualisieren.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet Pro 8600\Shop für Zubehör.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet Pro 8600\Studie zur Verbesserung von HP Produkten.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet Pro 8600\Website für Produktsupport.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP\HP Officejet Pro 8600\Wireless-Druck - Onlinehilfe.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro\Start Google Earth Pro.lnk -> C:\Program Files (x86)\Google\Google Earth Pro\client\googleearth.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Start Google Earth.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Powerline\FRITZ!Powerline.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\ElsterFormular - Deinstallation.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\ElsterFormular - Hilfe.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\ElsterFormular - Hotline.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\ElsterFormular - Installationsverwaltung.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\ElsterFormular - Integritätsprüfer.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\ElsterFormular - Screenreadermodus.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular\ElsterFormular.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby\Dolby Profile.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DeepBurner\DeepBurner help.lnk -> C:\Program Files (x86)\Astonsoft\DeepBurner\BurnerHelp.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DeepBurner\DeepBurner.lnk -> C:\Program Files (x86)\Astonsoft\DeepBurner\DeepBurner.exe (Astonsoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DeepBurner\Uninstall DeepBurner.lnk -> C:\Program Files (x86)\Astonsoft\DeepBurner\Uninstall.exe (Keine Datei)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3\CyberLink PhotoDirector 3.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClipGrab\ClipGrab entfernen.lnk -> C:\Program Files (x86)\ClipGrab\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClipGrab\ClipGrab.lnk -> C:\Program Files (x86)\ClipGrab\ClipGrab.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free\BurnAware Free entfernen.lnk -> C:\Program Files (x86)\BurnAware Free\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free\BurnAware Free.lnk -> C:\Program Files (x86)\BurnAware Free\BurnAware.exe (Burnaware)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free\Help.lnk -> C:\Program Files (x86)\BurnAware Free\burnaware.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrainYoo2\BrainYoo2.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrainYoo2\Deinstallieren.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Cover Studio\Ashampoo Cover Studio entfernen.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Cover Studio\Ashampoo Cover Studio.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Cover Studio\Hilfe.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Cover Studio\Liesmich.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio FREE\Ashampoo Burning Studio FREE  .lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio FREE\Ashampoo Burning Studio FREE entfernen.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio FREE\Hilfe.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio FREE\Liesmich.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Bluetooth File Transfer Wizard.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Quick Assist.lnk -> C:\Windows\System32\quickassist.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk -> 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk -> 
Shortcut: C:\Users\Arbeit\Links\Desktop.lnk -> C:\Users\Arbeit\Desktop ()
Shortcut: C:\Users\Arbeit\Links\Downloads.lnk -> C:\Users\Arbeit\Downloads ()
Shortcut: C:\Users\Arbeit\Links\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}]
Shortcut: C:\Users\Arbeit\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Arbeit\Desktop\MusicBee.lnk -> C:\Program Files (x86)\MusicBee\MusicBee.exe (Steven Mayall)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\Arbeit\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Energy Manager\Energy Manager.Lnk -> C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Energy Manager\Help file.Lnk -> C:\Program Files (x86)\Lenovo\Energy Manager\Deu.chm ()
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\Links\OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\Links\OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\Pictures\Documents\Job - Verknüpfung.lnk -> C:\Users\JS\Documents\Job (Keine Datei)
Shortcut: C:\Users\**** *******\Pictures\Documents\Job\Verlagsbüro\Verlage\VVW\Konzept Fachwirt\MAterial 13_04_2015\BrainYoo2.lnk -> C:\Program Files (x86)\BrainYoo2\BrainYoo2.exe (Brainyoo Limited)
Shortcut: C:\Users\**** *******\Pictures\Documents\Job\Verlagsbüro\Verlage\eCademy\Workflows\10_WorkflowStandards\01_Kopie von KostenRessourcen230216_Tool_AH.xlsx - Verknüpfung.lnk -> H:\07_KostenPreise\01_Kopie von KostenRessourcen230216_Tool_AH.xlsx (Keine Datei)
Shortcut: C:\Users\**** *******\Pictures\Documents\Job\Verlagsbüro\Verlage\eCademy\Workflows\10_WorkflowStandards\01_Kopie von KostenRessourcen230216_Tool_AH_Rework.xlsx - Verknüpfung.lnk -> H:\07_KostenPreise\01_Kopie von KostenRessourcen230216_Tool_AH_Rework.xlsx (Keine Datei)
Shortcut: C:\Users\**** *******\Pictures\Documents\Job\Verlagsbüro\Verlage\eCademy\Workflows\10_WorkflowStandards\02_BudgetKosten2016.xlsx - Verknüpfung.lnk -> H:\04_BugetKostenRevenues\KostenBudget eCademy\2016\02_BudgetKosten2016.xlsx (Keine Datei)
Shortcut: C:\Users\**** *******\Pictures\Documents\Job\Verlagsbüro\Verlage\eCademy\Workflows\10_WorkflowStandards\CMS - Verknüpfung.lnk -> H:\05_CMS\Inhalte\AlleKomponenten (Keine Datei)
Shortcut: C:\Users\**** *******\Pictures\Documents\Job\Verlagsbüro\Verlage\eCademy\AEVO\Wallraf\an Wallraf\03_02_2015\Papierkorb - Verknüpfung.lnk -> [LFx@_dP/Nr1SPS0%G`)Papierkorb-Systemordner1SPSjc(=Oe)::{645FF040-5081-101B-9F08-00AA002F954E}]
Shortcut: C:\Users\**** *******\Pictures\Documents\Job\Verlagsbüro\Verlage\DPV\PSP\Redaktionskonferenz\Planung_Ausgabe 4_27_07_16 - Verknüpfung.lnk -> C:\Users\**** *******\Pictures\Documents\Job\Verlagsbüro\Verlage\DPV\PSP\Ausgaben\2016\08_12_2016\Planung_Ausgabe 4_27_07_16.docx (Keine Datei)
Shortcut: C:\Users\**** *******\Pictures\Documents\Job\Verlagsbüro\Verlage\DPV\PSP\Ausgaben\2016\07_10_2016\PSP7_28092016\**** ******* - Verknüpfung.lnk -> C:\Users\**** ******* ()
Shortcut: C:\Users\**** *******\Pictures\Documents\Fax\Bilder - Verknüpfung.lnk -> C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms ()
Shortcut: C:\Users\**** *******\Pictures\Documents\A\Orga\Handbücher\Benutzerhandbuch.lnk -> C:\Windows\System32\oobe\Info\E6224_Manual.pdf (Keine Datei)
Shortcut: C:\Users\**** *******\Pictures\Documents\A\Orga\Handbücher\Quick Guide Medion FastBoot.lnk -> C:\Windows\System32\oobe\info\FastBoot.pdf (Keine Datei)
Shortcut: C:\Users\**** *******\Music\Zaz\Paris\Videos - Verknüpfung.lnk -> C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Libraries\Videos.library-ms ()
Shortcut: C:\Users\**** *******\Music\Johnny Cash\The Best Of Johnny Cash\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}]
Shortcut: C:\Users\**** *******\Music\Gene\Olympian\Folder.jpg - Verknüpfung.lnk -> C:\Users\JS\Pictures\Album Art\gene\olympian\Folder.jpg (Keine Datei)
Shortcut: C:\Users\**** *******\Music\David Sylvian\Dead Bees on a Cake\Monster Soundtrack\TV-Aufzeichnungen.lnk -> C:\Users\Public\Libraries\RecordedTV.library-ms ()
Shortcut: C:\Users\**** *******\Links\Desktop.lnk -> C:\Users\**** *******\Desktop ()
Shortcut: C:\Users\**** *******\Links\Downloads.lnk -> C:\Users\**** *******\Downloads ()
Shortcut: C:\Users\**** *******\Links\Dropbox (Privat).lnk -> C:\Users\**** *******\Dropbox (Privat) ()
Shortcut: C:\Users\**** *******\Links\Dropbox (QS).lnk -> C:\Users\**** *******\Dropbox (QS) ()
Shortcut: C:\Users\**** *******\Links\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}]
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Word\Frederich_PSP9_JS305983771191104277\Frederich_PSP9_JS.docx.lnk -> 
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7zG.lnk -> C:\Program Files\7-Zip\7zG.exe (Igor Pavlov)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\burningstudio.lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio FREE\burningstudio.exe (Ashampoo)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Powerline.lnk -> C:\Program Files (x86)\FRITZ!Powerline\FRITZ!Powerline.exe (AVM GmbH)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk -> C:\Users\**** *******\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk -> C:\Windows\System32\fodhelper.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\timeEdition.lnk -> C:\Users\**** *******\Pictures\Documents\Dienstprogramme\timeEdition 1.1.6\timeEdition.exe ()
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer (1).lnk -> 
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\computer.lnk -> C:\Windows\explorer.exe,-30
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel (1).lnk -> 
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer (1).lnk -> 
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run (1).lnk -> 
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MusicBee\MusicBee.lnk -> C:\Program Files (x86)\MusicBee\MusicBee.exe (Steven Mayall)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Energy Manager\Energy Manager.Lnk -> C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Energy Manager\Help file.Lnk -> C:\Program Files (x86)\Lenovo\Energy Manager\Deu.chm ()
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\About IrfanView.lnk -> C:\Program Files (x86)\IrfanView\i_about.txt ()
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Available Languages.lnk -> C:\Program Files (x86)\IrfanView\i_languages.txt ()
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Available PlugIns.lnk -> C:\Program Files (x86)\IrfanView\i_plugins.txt ()
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Command line Options.lnk -> C:\Program Files (x86)\IrfanView\i_options.txt ()
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView 4.38.lnk -> C:\Program Files (x86)\IrfanView\i_view32.exe (Irfan Skiljan)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView Help.lnk -> C:\Program Files (x86)\IrfanView\i_view32.chm ()
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\Uninstall IrfanView.lnk -> C:\Program Files (x86)\IrfanView\iv_uninstall.exe (Irfan Skiljan, IrfanView)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\What's New.lnk -> C:\Program Files (x86)\IrfanView\i_changes.txt ()
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music\Amazon Music.lnk -> C:\Users\**** *******\AppData\Local\Amazon Music\Amazon Music.exe (Amazon)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Music\Uninstall Amazon Music.lnk -> C:\Users\**** *******\AppData\Local\Amazon Music\Uninstall.exe (Amazon)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth-Dateiübertragung.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox (Privat).lnk -> C:\Users\**** *******\Dropbox (Privat) ()
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\SendTo\Dropbox (QS).lnk -> C:\Users\**** *******\Dropbox (QS) ()
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DeepBurner.lnk -> C:\Program Files (x86)\Astonsoft\DeepBurner\DeepBurner.exe (Astonsoft)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop (1).lnk -> 
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher (1).lnk -> 
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acrobat Reader DC.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}\SC_Reader.ico (Flexera Software LLC)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Ashampoo Burning Studio FREE  .lnk -> C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio FREE\burningstudio.exe (Ashampoo)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\BurnAware Free.lnk -> C:\Program Files (x86)\BurnAware Free\BurnAware.exe (Burnaware)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\ClipGrab.lnk -> C:\Program Files (x86)\ClipGrab\ClipGrab.exe ()
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Drive.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Kaspersky Total Security.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe (AO Kaspersky Lab)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Lenovo Settings.lnk -> C:\Program Files (x86)\Lenovo\Lenovo Settings\Lenovo Settings.exe (Lenovo(beijing) Limited)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\MusicBee.lnk -> C:\Program Files (x86)\MusicBee\MusicBee.exe (Steven Mayall)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Power2Go.lnk -> C:\Program Files (x86)\Lenovo\Power2Go\Power2Go.exe (Cyberlink)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PowerDVD 10.lnk -> C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.exe (CyberLink Corp.)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\SteuerSparErklärung 2015.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2015\StartCenter.exe (Akademische Arbeitsgemeinschaft Verlag)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\SteuerSparErklärung 2016.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\StartCenter.exe (Akademische Arbeitsgemeinschaft Verlag)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\SteuerSparErklärung 2017.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2017\StartCenter.exe (Akademische Arbeitsgemeinschaft - Wolters Kluwer Deutschland GmbH)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TFC.lnk -> C:\Users\**** *******\Pictures\Documents\Dienstprogramme\TFC.exe (OldTimer Tools)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\ClipGrab.lnk -> C:\Program Files (x86)\ClipGrab\ClipGrab.exe ()
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Excel 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\excel.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\OneNote 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenote.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Word 2013.lnk -> C:\Program Files\Microsoft Office 15\root\office15\winword.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group3\01a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group3\02a - Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation)
Shortcut: C:\Users\**** *******\AppData\Local\Amazon Music\Uninstall Amazon Music.lnk -> C:\Users\**** *******\AppData\Local\Amazon Music\Uninstall.exe (Amazon)
Shortcut: C:\Users\Public\Desktop\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)


ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuertipps\SteuerSparErklärung 2015\Programmfunktionen\Gesonderte Feststellung 2014.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2015\sse.exe (Akademische Arbeitsgemeinschaft Verlag) -> -mfest
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuertipps\SteuerSparErklärung 2015\Programmfunktionen\Gewinn-Erfassung 2015.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2015\sse.exe (Akademische Arbeitsgemeinschaft Verlag) -> -meinurvor
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuertipps\SteuerSparErklärung 2015\Programmfunktionen\Gewinnermittlung 2014.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2015\sse.exe (Akademische Arbeitsgemeinschaft Verlag) -> -meinur
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuertipps\SteuerSparErklärung 2015\Programmfunktionen\Lohnsteuer-Ermäßigung 2015.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2015\sse.exe (Akademische Arbeitsgemeinschaft Verlag) -> -mermaess
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuertipps\SteuerSparErklärung 2015\Programmfunktionen\Steuererklärung 2014.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2015\sse.exe (Akademische Arbeitsgemeinschaft Verlag) -> -mnormal
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuertipps\SteuerSparErklärung 2015\Programmfunktionen\Steuerprognose 2015.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2015\sse.exe (Akademische Arbeitsgemeinschaft Verlag) -> -mvorweg
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuertipps\SteuerSparErklärung 2015\Informationen und Hilfe\Report erstellen.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2015\ReportTool.exe (Akademische Arbeitsgemeinschaft Verlag) -> --createReport
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuertipps\SteuerSparErklärung 2015\Informationen und Hilfe\SteuerSparErklärung 2015 deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {312C0E08-8F94-4536-AAF6-3413F784AC5F}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2017\Programm-Module\Feststellungserklärung 2016.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2017\SSE.exe (Akademische Arbeitsgemeinschaft - Wolters Kluwer Deutschland GmbH) -> -mfest
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2017\Programm-Module\Gewinn-Erfassung 2017.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2017\SSE.exe (Akademische Arbeitsgemeinschaft - Wolters Kluwer Deutschland GmbH) -> -meinurvor
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2017\Programm-Module\Gewinnermittlung 2016.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2017\SSE.exe (Akademische Arbeitsgemeinschaft - Wolters Kluwer Deutschland GmbH) -> -meinur
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2017\Programm-Module\Lohnsteuer-Ermäßigung 2017.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2017\SSE.exe (Akademische Arbeitsgemeinschaft - Wolters Kluwer Deutschland GmbH) -> -mermaess
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2017\Programm-Module\Steuererklärung 2016.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2017\SSE.exe (Akademische Arbeitsgemeinschaft - Wolters Kluwer Deutschland GmbH) -> -mnormal
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2017\Programm-Module\Steuerprognose 2017.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2017\SSE.exe (Akademische Arbeitsgemeinschaft - Wolters Kluwer Deutschland GmbH) -> -mvorweg
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2017\Informationen und Hilfe\SteuerSparErklärung 2017 deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {45815686-22F8-4D24-872D-E481A654B230}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016\Programm-Module\Feststellungserklärung 2015.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\SSE.exe (Akademische Arbeitsgemeinschaft Verlag) -> -mfest
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016\Programm-Module\Gewinn-Erfassung 2016.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\SSE.exe (Akademische Arbeitsgemeinschaft Verlag) -> -meinurvor
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016\Programm-Module\Gewinnermittlung 2015.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\SSE.exe (Akademische Arbeitsgemeinschaft Verlag) -> -meinur
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016\Programm-Module\Lohnsteuer-Ermäßigung 2016.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\SSE.exe (Akademische Arbeitsgemeinschaft Verlag) -> -mermaess
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016\Programm-Module\Steuererklärung 2015.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\SSE.exe (Akademische Arbeitsgemeinschaft Verlag) -> -mnormal
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016\Programm-Module\Steuerprognose 2016.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\SSE.exe (Akademische Arbeitsgemeinschaft Verlag) -> -mvorweg
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SteuerSparErklärung 2016\Informationen und Hilfe\SteuerSparErklärung 2016 deinstallieren.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {D331D50C-C578-423B-8BC7-94D3133CE315}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Ratgeber 2016-2017\Deinstallation des Steuer-Ratgebers.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {2D99CB45-87EE-4834-BB15-5DD59A024E4C}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Ratgeber 2016-2017\Steuer-Ratgeber.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\Steuer-Ratgeber 2017\starter\StartCenterCL.exe () -> -start
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ThinkPad OneLink Dock Management.lnk -> C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe () -> 1.08.26
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulse Secure\Network Connect 8.2\NC Troubleshooting.lnk -> C:\Program Files (x86)\Pulse Secure\Network Connect 8.2\dsNetworkConnect.exe (Pulse Secure, LLC) -> -D
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pulse Secure\Network Connect 8.0\NC Troubleshooting.lnk -> C:\Program Files (x86)\Juniper Networks\Network Connect 8.0\dsNetworkConnect.exe (Pulse Secure, LLC) -> -D
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Auf Updates prüfen.lnk -> C:\Program Files\Java\jre1.8.0_121\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Info zu Java.lnk -> C:\Program Files\Java\jre1.8.0_121\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro\Start Google Earth Pro in DirectX mode.lnk -> C:\Program Files (x86)\Google\Google Earth Pro\client\googleearth.exe (Google) ->  -setDX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro\Start Google Earth Pro in OpenGL mode.lnk -> C:\Program Files (x86)\Google\Google Earth Pro\client\googleearth.exe (Google) ->  -setOGL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro\Uninstall Google Earth Pro.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {6D5E5B27-D872-4A5F-A1D9-CE681DB7B96A}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Start Google Earth in DirectX mode.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google) ->  -setDX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Start Google Earth in OpenGL mode.lnk -> C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe (Google) ->  -setOGL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Uninstall Google Earth.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {F6430171-B86B-4639-839E-374913E7911D}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_document
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_spreadsheet
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_presentation
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Arbeit\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Arbeit\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\**** *******\AppData\Roaming\Microsoft\Word\tdss306021793978993520\tdss.docx.lnk -> C:\Users\**** *******\Desktop\Troj\tdss.docx () -> 0
ShortcutWithArgument: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation) -> /tsr
ShortcutWithArgument: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - .lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> "C:\Program Files\HP\HP Officejet Pro 8600\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN39HE4JG505KD;CONNECTION=NW;MONITOR=1;
ShortcutWithArgument: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView\IrfanView - Thumbnails.lnk -> C:\Program Files (x86)\IrfanView\i_view32.exe (Irfan Skiljan) -> /thumbs
ShortcutWithArgument: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\SendTo\Faxempfänger.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Dropbox (QS).lnk -> C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) -> /home
ShortcutWithArgument: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Sicherer Zahlungsverkehr.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe (AO Kaspersky Lab) -> -safebanking
ShortcutWithArgument: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Steuer-Ratgeber 2016-2017.lnk -> C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\Steuer-Ratgeber 2017\starter\StartCenterCL.exe () -> -start
ShortcutWithArgument: C:\Users\**** *******\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> ::{7007ACC7-3202-11D1-AAD2-00805FC1270E}
ShortcutWithArgument: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - NetworkStatus.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageNetworkStatus
ShortcutWithArgument: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group3\06 - SystemAbout.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPagePCSystemInfo
ShortcutWithArgument: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group3\08 - PowerAndSleep.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageScreenPowerAndSleep
ShortcutWithArgument: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group3\10 - AppsAndFeatures.lnk -> C:\Windows\ImmersiveControlPanel\systemsettings.exe (Microsoft Corporation) -> page=SettingsPageAppsSizes
ShortcutWithArgument: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{52205fd8-5dfb-447d-801a-d0b52f2e83e1}
ShortcutWithArgument: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\**** *******\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}


InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Besuchen Sie Java.com.url -> URL: hxxp://java.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Hilfe aufrufen.url -> URL: hxxp://java.com/help
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox Website.URL -> 
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClipGrab\ClipGrab im Internet.url -> URL: hxxp://clipgrab.de
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Free\BurnAware Free im Internet.url -> URL: hxxp://www.burnaware.com/
InternetURL: C:\Users\Arbeit\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Arbeit\Favorites\Links\Web Slice-Katalog.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\Arbeit\Favorites\Lenovo\Lenovo Support.url -> URL: hxxp://support.lenovo.com/
InternetURL: C:\Users\Arbeit\Favorites\Lenovo\Lenovo.url -> URL: hxxp://www.lenovo.com/
InternetURL: C:\Users\Default\Favorites\Lenovo\Lenovo Support.url -> URL: hxxp://support.lenovo.com/
InternetURL: C:\Users\Default\Favorites\Lenovo\Lenovo.url -> URL: hxxp://www.lenovo.com/
InternetURL: C:\Users\DefaultAppPool\Favorites\Lenovo\Lenovo Support.url -> URL: hxxp://support.lenovo.com/
InternetURL: C:\Users\DefaultAppPool\Favorites\Lenovo\Lenovo.url -> URL: hxxp://www.lenovo.com/
InternetURL: C:\Users\**** *******\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\**** *******\Favorites\Links\Vorgeschlagene Sites.url -> URL: hxxps://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\**** *******\Favorites\Links\Web Slice-Katalog.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\**** *******\Favorites\Lenovo\Lenovo Support.url -> URL: hxxp://support.lenovo.com/
InternetURL: C:\Users\**** *******\Favorites\Lenovo\Lenovo.url -> URL: hxxp://www.lenovo.com/
InternetURL: C:\Users\**** *******\Dropbox (QS)\Team-Ordner „QS“\Elektro Professional Hauptmodule\Nachlieferung für Autor\03_Module an Lektorat\I_10\ECAD T H4\www.dropbox.com.url -> URL: hxxps://www.dropbox.com/logout
InternetURL: C:\Users\**** *******\Dropbox (QS)\Team-Ordner „QS“\Elektro Professional Hauptmodule\Nachlieferung für Autor\02_Module bearbeitet von Fachexperten\I_10\ECAD T H4\www.dropbox.com.url -> URL: hxxps://www.dropbox.com/logout
InternetURL: C:\Users\**** *******\Dropbox (QS)\Team-Ordner „QS“\Elektro Professional Hauptmodule\Nachlieferung für Autor\01_Module zum Bearbeiten Fachexperte\ECAD E Hx25\www.dropbox.com.url -> URL: hxxps://www.dropbox.com/logout
InternetURL: C:\Users\**** *******\Dropbox (QS)\04_an_Lektor\A\ECAD M H2 PRES_TS\dl-web.dropbox.com.url -> URL: hxxps://dl-web.dropbox.com/get/02_von_Fachlektor_1_bearbeitet/1/B/ECAD%20M%20H2%20PRES_TS/Measurement%20Tolerances_ts_02102015.ppt?_subject_uid=474597032&w=AAA7N417e-l1Uq-QiCMggnb9wL2q5AXc-2107OJzVcUdOQ
InternetURL: C:\Users\**** *******\Dropbox (QS)\02_von_Fachlektor_1_bearbeitet\1\B\www.dropbox.com.url -> URL: hxxps://www.dropbox.com/home/1/ECAD%20M%20H6%20PRES_TS
InternetURL: C:\Users\**** *******\Dropbox (QS)\02_von_Fachlektor_1_bearbeitet\1\B\ECAD M H2 PRES_TS\dl-web.dropbox.com.url -> URL: hxxps://dl-web.dropbox.com/get/02_von_Fachlektor_1_bearbeitet/1/B/ECAD%20M%20H2%20PRES_TS/Measurement%20Tolerances_ts_02102015.ppt?_subject_uid=474597032&w=AAA7N417e-l1Uq-QiCMggnb9wL2q5AXc-2107OJzVcUdOQ
InternetURL: C:\Users\**** *******\Dropbox\Berufseinstieg Psychologie\www.dropbox.com.url -> URL: hxxps://www.dropbox.com/home/Berufseinstieg%20Psychologie/03_Lektor%20an%20Autoren#
InternetURL: C:\Users\**** *******\AppData\Roaming\Microsoft\PowerPoint\Meine Folienbibliotheken\'Hess' auf 'C'.url -> URL: file:///C:/Users/J%F6rg%20*******/Pictures/Documents/Job/Verlagsb%FCro/Projekte/Bonner%20Werkstaetten/Hess/2016-10-18%20GF%20Pr%E4sentation%20Elterninoabend.pptx

==================== Ende vom Shortcut.txt =============================
         

Alt 03.07.2017, 23:14   #10
JoeS2013
 
Dummerweise auf einen Link geklickt in Mail - Standard

Dummerweise auf einen Link geklickt in Mail



...und die Addition.txt
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 03-07-2017 01
durchgeführt von **** ******* (03-07-2017 22:53:58)
Gestartet von C:\Users\**** *******\Desktop\Troj
Windows 10 Pro Version 1703 (X64) (2017-04-13 08:44:09)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1623287776-416804053-2603140408-500 - Administrator - Disabled)
Arbeit (S-1-5-21-1623287776-416804053-2603140408-1001 - Administrator - Enabled) => C:\Users\Arbeit
DefaultAccount (S-1-5-21-1623287776-416804053-2603140408-503 - Limited - Disabled)
Gast (S-1-5-21-1623287776-416804053-2603140408-501 - Limited - Disabled)
**** ******* (S-1-5-21-1623287776-416804053-2603140408-1000 - Administrator - Enabled) => C:\Users\**** *******

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.118 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.126 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\Amazon Amazon Music) (Version: 3.11.1.1040 - Amazon Services LLC)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Ashampoo Cover Studio 1.01 (HKLM-x32\...\Ashampoo Cover Studio_is1) (Version: 1.0.1 - ashampoo GmbH & Co. KG)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
BRAINYOO (HKLM-x32\...\BRAINYOO) (Version:  - BRAINYOO Ltd.)
BurnAware Free 10.2 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
Cisco WebEx Meetings (HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
ClipGrab 3.6.5 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version:  - Philipp Schmieder Medien)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
DisplayLink Core Software (HKLM\...\{22822919-96E0-46E0-9CCC-1318A8ED0081}) (Version: 7.9.1589.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{F8D0059A-CC6D-414F-A36F-FEDAE2588000}) (Version: 7.4.51587.0 - DisplayLink Corp.)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 29.4.20 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Duden Korrektor (Release) (HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\{70600aec-2896-4c78-b615-936b3e3226fa}) (Version: 12.0.27 - EPC Consulting und Software GmbH)
Duden Korrektor für Microsoft Office (HKLM-x32\...\{69E3E8AE-4520-4647-A97E-2062537CDE03}) (Version: 12.0.27 - EPC Consulting und Software GmbH) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.0.20150211 - Landesfinanzdirektion Thüringen)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.18 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.18 - Lenovo)
FRITZ!Powerline (HKLM-x32\...\{F9C9378B-78D5-4CC0-8683-B7915DFEA9C5}) (Version: 01.00.65 - AVM Berlin)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Earth Pro (HKLM-x32\...\{6D5E5B27-D872-4A5F-A1D9-CE681DB7B96A}) (Version: 7.1.7.2606 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{FDE820DD-CC88-4395-AD5C-801365B8F316}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.4.40 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Lenovo Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.9.0 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1323.0_WHQL - Sonix)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6806.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6806.52 - CyberLink Corp.)
Lenovo Settings (HKLM-x32\...\{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Ihr Firmenname) Hidden
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Ihr Firmenname)
LibreOffice 4.3 Help Pack (German) (HKLM-x32\...\{25104DB0-0C1F-4038-BC99-26082D13602B}) (Version: 4.3.6.2 - The Document Foundation)
LibreOffice 5.2.7.2 (HKLM-x32\...\{C89BB248-1889-4D6B-B310-A744A0545123}) (Version: 5.2.7.2 - The Document Foundation)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4937.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1623287776-416804053-2603140408-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.2.28 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{2AADC4EE-94C8-422B-977B-547774C4A463}) (Version: 1.0.40 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 5.9.0 (HKLM\...\{4E7CCB76-687B-4C53-9A5E-08780AF3A551}) (Version: 5.9.0 - Motorola Inc.) Hidden
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Mozilla Thunderbird 52.2.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 52.2.1 (x86 de)) (Version: 52.2.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MusicBee 3.0 (HKLM-x32\...\MusicBee) (Version: 3.0 - Steven Mayall)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4937.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4937.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0407-0000-0000000FF1CE}) (Version: 15.0.4937.1000 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCE}) (Version: 4.0.12 - dotPDN LLC)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10614 - CyberLink Corp.)
Pulse Secure Network Connect 8.0 (HKLM-x32\...\Pulse Secure Network Connect 8.0) (Version: 8.0.13.38659 - Pulse Secure, LLC)
Pulse Secure Network Connect 8.2 (HKLM-x32\...\Pulse Secure Network Connect 8.2) (Version: 8.2.5.49363 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\Juniper_Setup_Client) (Version: 8.0.13.61239 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\Pulse_Setup_Client) (Version: 8.2.5.869 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Pulse_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Pulse Secure Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Pulse Secure Setup Client Activex Control (HKLM-x32\...\Pulse_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.29071 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.78.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Steuer-Ratgeber 2016-2017 (HKLM-x32\...\{2D99CB45-87EE-4834-BB15-5DD59A024E4C}) (Version: 16.11.6 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2015 (HKLM-x32\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.42.175 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2016 (HKLM-x32\...\{D331D50C-C578-423B-8BC7-94D3133CE315}) (Version: 21.37.107 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2017  (HKLM-x32\...\{45815686-22F8-4D24-872D-E481A654B230}) (Version: 22.31.75 - Wolters Kluwer Deutschland GmbH)
Studie zur Verbesserung von HP Officejet Pro 8600 Produkten (HKLM\...\{B9824225-2055-4700-BCD4-64B25EC88264}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
ThinkPad OneLink Dock (HKLM-x32\...\{8E1CACF5-2493-4950-9AD5-189903FE57E7}) (Version: 1.08.26 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.5.1 - VideoLAN)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17384 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (09/24/2013 11.19.0.845) (HKLM\...\BD8A640DD72A18DFC3CEF8418113F7170A6CB417) (Version: 09/24/2013 11.19.0.845 - Lenovo)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers01: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers01: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll -> Keine Datei
ContextMenuHandlers01: [ASZip] -> {d03d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} =>  -> Keine Datei
ContextMenuHandlers01: [ASZip64] -> {d03d3e78-0f44-3d45-b15f-bcfd8a8b4c7e} =>  -> Keine Datei
ContextMenuHandlers01: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers01: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google)
ContextMenuHandlers01: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers01: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers02: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers04: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} =>  -> Keine Datei
ContextMenuHandlers04: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll -> Keine Datei
ContextMenuHandlers04: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers04: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google)
ContextMenuHandlers04: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers05: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers05: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Keine Datei
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-06-12] (Intel Corporation)
ContextMenuHandlers06: [ASZip] -> {d03d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} =>  -> Keine Datei
ContextMenuHandlers06: [ASZip64] -> {d03d3e78-0f44-3d45-b15f-bcfd8a8b4c7e} =>  -> Keine Datei
ContextMenuHandlers06: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0583BD80-8B4B-4717-9C68-C1AD0D7EE162} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {07503EE7-1CFA-4D6A-98E1-8A08806070B7} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {07AA1D0E-BA89-414D-B885-FB4FB77F9557} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {11F2DEB2-D99A-4B68-B2FF-84A7C143F40A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {14AB2298-1620-4479-9A14-FE2E0B6646AE} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] ()
Task: {1AFEC9DE-A96A-40B6-8DB5-C1B8F03FF1BC} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B8B7EF2-7051-4E74-9959-CDFB0E676863} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {268EB81C-418C-47DD-A100-ABA799C4F9B0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {2FAB4AF3-DD0F-41BA-A029-BC21922B559F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {3DE77B65-97D4-424C-9CEB-FE57664CCDA7} - System32\Tasks\{71BA29AA-C47B-4B8A-836A-76CED96A31C9} => pcalua.exe -a "C:\Users\**** *******\Downloads\Plattenkiste257_1_PHBW.exe" -d "C:\Users\**** *******\Downloads"
Task: {3E4B47C2-38B4-40C6-87ED-238A0F1D7FA2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3EBF690D-B35F-4EBD-B0C0-E3FCC345477F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4AAA2335-0EE4-4296-936F-542F0BC8EBE3} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {4CBBF093-5095-4A96-89F4-FC033FB5E91B} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {4EB70EDC-4411-41B8-9B60-9C77131F228F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {51C36AF0-7A39-46E4-BA53-5F1BB2E50254} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {51D1F21F-05EE-4BEB-8D01-42B03B1729A1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {5436ADC2-8B82-4998-AA43-DB70CC76DB9D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {559F9F55-1F82-4A09-9133-EB899B070280} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {64D307F4-C5B5-4272-8C06-20ACA1D69DBC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6FECC40E-273A-4558-8C0F-798CBCB87863} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {702C19E0-E049-4526-81B6-0CE13F619057} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {70591BC0-7B8B-4791-BC28-76294078F326} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {751F2FD3-B289-474B-A1F2-0DD0226B60DA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {774D8D60-E937-49C1-AE9F-2A15FC38E01B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {77576AA6-0743-47C6-A890-F86E17073CA1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {78DE1DBE-4307-4E27-B377-9D3ABA07EF80} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {7B3790BC-B4B8-43C1-9146-846C23642F17} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {80F888D1-E9CE-40C6-881D-4424458A013F} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {815A8BA9-0622-49A0-AEEE-3879FEFC37AA} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8565DE5B-A508-4AB2-97CF-8A09F3CEF4E4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8FD18F73-7B10-4539-BACC-5F1BC531B2B9} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9526D466-51D3-4771-B05B-207B16821A5F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {9AC7906F-F43C-4127-B9F4-D2AAF90E53F8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9C9E80CD-67E1-422D-811B-59093C67F981} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-24] (Dropbox, Inc.)
Task: {9D02ACF5-BA85-4EA9-A598-EB9F2D478171} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {A585C283-6F1B-496B-9F3F-C7B03FD04D34} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {A7641E1D-7114-49D8-8CF6-ABBC5FE34366} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-14] (Google Inc.)
Task: {AA2DCA43-5DCC-4D37-8F5A-1E8C9FCF61CC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AA80116F-D9C0-4499-B299-AEC5E56C7624} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0578703-9EAF-4195-AB6D-304D027228E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-14] (Google Inc.)
Task: {BAB48103-1974-4B65-8F7F-AEF12B42C2BB} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C0075C6C-CCB9-4314-9DB4-A71A640B33E8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-06-18] (Adobe Systems Incorporated)
Task: {C0F18505-B1C8-4817-AD7B-67B00FC7EA63} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] ()
Task: {C1C79CA9-4DC7-4F35-843A-36823EB6F269} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {C68B180D-626F-40C7-BBE8-B47283D7D6BE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C7A96E46-0EE0-442D-AA53-C0C6A9C95003} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {C9200B7B-727D-44D7-B220-930A1DD6D355} - System32\Tasks\{89060D6F-4F60-4A05-87AA-CFA3021FCF3C} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\StartCenter.exe"
Task: {CAD382B2-BEE9-4AAC-AB19-A4514E879E0E} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {CFA54271-5AC5-4CB9-97EA-5447D2E3AFC2} - System32\Tasks\{6A9B8A68-7F55-45F0-B340-6F3B04710EE9} => pcalua.exe -a "C:\Users\**** *******\AppData\Local\Temp\Temp1_SteuerSparErklaerung_21.20.38.zip\SSEStandard_21.20.38.exe" <==== ACHTUNG
Task: {DF6F389D-E3CD-48F2-B83E-6B5B216BDFE3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {EB6BFC21-A6DF-47A8-83F7-E5928584F407} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FA298B14-0449-412E-9C61-62F61D9F6790} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FB60C248-ABA9-4C22-8C26-6B02DD5B61CF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {FBB83FA1-5815-4FEF-895F-57A7E10729A4} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-24] (Dropbox, Inc.)
Task: {FE0A3BA0-817C-4B76-959E-9D7D12A63AC1} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2008-10-24 17:35 - 2008-10-24 17:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2015-02-13 17:54 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-07-17 22:31 - 2012-07-17 22:31 - 00116632 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
2012-07-17 22:31 - 2012-07-17 22:31 - 00776088 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-06-21 08:08 - 2017-06-21 08:09 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-21 08:08 - 2017-06-21 08:09 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-21 08:08 - 2017-06-21 08:08 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-06-21 08:08 - 2017-06-21 08:09 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2015-06-04 13:20 - 2015-06-04 13:20 - 00133184 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-03-26 12:50 - 2014-08-04 12:10 - 00058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2014-08-04 11:48 - 2013-11-13 17:48 - 00915968 ____N () C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe
2017-07-03 22:35 - 2017-06-27 12:06 - 02260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-06-29 13:52 - 2017-06-23 05:21 - 02692440 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\swiftshader\libglesv2.dll
2017-06-29 13:52 - 2017-06-23 05:21 - 00137048 _____ () C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\swiftshader\libegl.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\kpcengine.2.3.dll
2014-08-04 12:09 - 2011-08-02 20:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2014-08-04 12:09 - 2011-08-02 20:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2017-06-23 07:38 - 2017-06-23 07:38 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2017-06-28 07:29 - 2017-06-26 12:27 - 00801600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-06-28 07:29 - 2017-06-26 12:27 - 01787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-06-28 07:24 - 2017-06-26 12:26 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-06-28 07:24 - 2017-06-26 12:29 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-06-28 07:29 - 2017-06-26 12:28 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-06-28 07:29 - 2017-06-26 12:26 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-06-28 07:29 - 2017-06-26 12:26 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-06-28 07:29 - 2017-06-26 12:27 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-06-28 07:24 - 2017-06-26 12:26 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-06-28 07:29 - 2017-06-26 12:27 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-06-28 07:29 - 2017-06-26 12:26 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-06-28 07:24 - 2017-06-26 12:29 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-06-28 07:29 - 2017-06-26 12:28 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-06-28 07:29 - 2017-06-26 12:28 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-06-28 07:29 - 2017-06-26 12:27 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-06-28 07:29 - 2017-06-26 12:29 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-06-28 07:29 - 2017-06-26 12:27 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-06-28 07:29 - 2017-06-26 12:29 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-06-28 07:24 - 2017-06-26 12:30 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-06-28 07:29 - 2017-06-26 12:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-06-28 07:29 - 2017-06-26 12:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-06-28 07:24 - 2017-06-26 12:30 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-06-28 07:24 - 2017-06-26 12:29 - 00023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00098816 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\win32api.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00110080 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\pywintypes27.dll
2017-07-03 22:28 - 2017-07-03 22:28 - 00364544 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\pythoncom27.dll
2017-07-03 22:28 - 2017-07-03 22:28 - 00320512 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\win32com.shell.shell.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00914432 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\_hashlib.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 01176576 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\wx._core_.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00806400 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\wx._gdi_.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00816128 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\wx._windows_.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 01067008 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\wx._controls_.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00733184 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\wx._misc_.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00682496 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\pysqlite2._sqlite.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00088064 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\_ctypes.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00686080 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\unicodedata.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00119808 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\win32file.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00108544 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\win32security.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00007168 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\hashobjs_ext.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00017920 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\thumbnails_ext.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00088064 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\usb_ext.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00012800 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\common.time34.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00018432 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\win32event.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00167936 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\win32gui.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00046080 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\_socket.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 01303552 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\_ssl.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00128512 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\_elementtree.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00127488 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\pyexpat.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00038912 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\win32inet.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00036864 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\_psutil_windows.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00524248 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\windows._lib_cacheinvalidation.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00011264 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\win32crypt.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00123392 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\wx._wizard.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00077312 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\wx._html2.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00027648 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\_multiprocessing.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00020480 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\_yappi.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00035840 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\win32process.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00078848 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\wx._animate.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00024064 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\win32pipe.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00010240 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\select.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00025600 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\win32pdh.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00017408 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\win32profile.pyd
2017-07-03 22:28 - 2017-07-03 22:28 - 00022528 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI101682\win32ts.pyd
2014-08-04 11:40 - 2013-12-03 13:35 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\**** *******\Pictures\Documents\Antiquariat:com.dropbox.attributes [168]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2017-06-28 15:08 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1623287776-416804053-2603140408-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
HKU\S-1-5-21-1623287776-416804053-2603140408-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo_1\Lenovo_11.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.176.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Amazon Music => "C:\Users\**** *******\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: BrainYoo2 => "C:\Program Files (x86)\BrainYoo2\BrainYoo2.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Power2GoExpress => NA
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

20-06-2017 11:55:06 Windows Update
27-06-2017 14:49:44 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/03/2017 10:29:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: J*******-mobil)
Description: Bei der Aktivierung der App „Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/03/2017 10:16:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: J*******-mobil)
Description: Bei der Aktivierung der App „Microsoft.ZuneVideo_8wekyb3d8bbwe!Microsoft.ZuneVideo“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/03/2017 03:38:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: J*******-mobil)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (07/03/2017 10:30:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Übermittlungsoptimierung" wurde nicht richtig gestartet.

Error: (07/03/2017 10:27:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (07/03/2017 10:27:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Presentation Foundation-Schriftartcache 3.0.0.0 erreicht.

Error: (07/03/2017 10:26:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (07/03/2017 10:26:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst FontCache3.0.0.0 erreicht.

Error: (07/03/2017 10:26:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/03/2017 10:26:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (07/03/2017 10:26:16 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_60420" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler

Error: (07/03/2017 10:25:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (07/03/2017 10:25:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Anforderung wird nicht unterstützt.


CodeIntegrity:
===================================
  Date: 2017-06-15 19:40:20.548
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:20.514
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:20.476
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:20.373
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:20.333
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:20.299
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:18.632
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:18.360
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 18:26:59.025
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 18:26:58.802
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8120.36 MB
Verfügbarer physikalischer RAM: 5060.89 MB
Summe virtueller Speicher: 16312.36 MB
Verfügbarer virtueller Speicher: 13012.78 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:894.54 GB) (Free:476.41 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Backup) (Fixed) (Total:25 GB) (Free:22.47 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8FF49E15)
Partition 1: (Not Active) - (Size=200 MB) - (Type=27)
Partition 2: (Active) - (Size=894.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=11.8 GB) - (Type=12)

==================== Ende von Addition.txt ============================
         

Alt 03.07.2017, 23:20   #11
JoeS2013
 
Dummerweise auf einen Link geklickt in Mail - Standard

Dummerweise auf einen Link geklickt in Mail



Sowie FRST.txt
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 03-07-2017 01
durchgeführt von **** ******* (Administrator) auf J*******-MOBIL (03-07-2017 22:51:21)
Gestartet von C:\Users\**** *******\Desktop\Troj
Geladene Profile: **** ******* & Arbeit & DefaultAppPool (Verfügbare Profile: **** ******* & Arbeit & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(AVM GmbH) C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Pulse Secure, LLC) C:\Program Files (x86)\Pulse Secure\Common Files\dsNcService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\lenovo\Communications Utility\CamMute.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
() C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo Group Limited) C:\Program Files\lenovo\Communications Utility\TpKnrres.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
() C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401848 2017-06-12] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [297008 2014-01-28] (Lenovo Group Limited)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-08-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10843120 2014-08-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [588424 2015-08-03] (ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-06-26] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1623287776-416804053-2603140408-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ThinkPad OneLink Dock Management.lnk [2014-08-04]
ShortcutTarget: ThinkPad OneLink Dock Management.lnk -> C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe ()
Startup: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2016-12-13]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
Startup: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - .lnk [2016-12-13]
ShortcutTarget: Tintenwarnungen überwachen - .lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.176.1
Tcpip\..\Interfaces\{48848a52-8936-4984-aba3-4511c7c714c9}: [DhcpNameServer] 192.168.176.1
Tcpip\..\Interfaces\{49db7834-e303-4579-bd61-2e097c8da28e}: [DhcpNameServer] 192.168.176.1
Tcpip\..\Interfaces\{5fd2148b-391c-4bad-97c3-ac67867c9c14}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{61978f6b-de49-4064-a6c2-accb5c2cd825}: [DhcpNameServer] 10.8.108.1 10.8.108.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-1623287776-416804053-2603140408-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1623287776-416804053-2603140408-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1623287776-416804053-2603140408-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1623287776-416804053-2603140408-1000 -> {C0B3AF33-4238-4F73-BA03-8D4401835099} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-09] (AO Kaspersky Lab)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-27] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2017-03-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-27] (Oracle Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2016-12-09] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-27] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-09] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2016-12-09] (AO Kaspersky Lab)
DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: d27fells.default-1458306383649
FF ProfilePath: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1623287776-416804053-2603140408-1000\FireFox [nicht gefunden] <==== ACHTUNG
FF DefaultProfile: 8prope9g.default
FF ProfilePath: C:\Users\**** *******\AppData\Roaming\Mozilla\Firefox\Profiles\d27fells.default-1458306383649 [2017-07-03]
FF user.js: detected! => C:\Users\**** *******\AppData\Roaming\Mozilla\Firefox\Profiles\d27fells.default-1458306383649\user.js [2016-03-18]
FF Extension: (anonymoX) - C:\Users\**** *******\AppData\Roaming\Mozilla\Firefox\Profiles\d27fells.default-1458306383649\Extensions\client@anonymox.net.xpi [2017-06-21]
FF Extension: (Adblock Plus) - C:\Users\**** *******\AppData\Roaming\Mozilla\Firefox\Profiles\d27fells.default-1458306383649\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (BetterPrivacy) - C:\Users\**** *******\AppData\Roaming\Mozilla\Firefox\Profiles\d27fells.default-1458306383649\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2016-11-01]
FF ProfilePath: C:\Users\**** *******\AppData\Roaming\CLIQZ\Profiles\8prope9g.default [2016-03-19]
FF Extension: (Cliqz) - C:\Users\**** *******\AppData\Roaming\CLIQZ\Profiles\8prope9g.default\Extensions\cliqz@cliqz.com.xpi [2016-03-10] [ist nicht signiert]
FF SearchPlugin: C:\Users\**** *******\AppData\Roaming\CLIQZ\Profiles\8prope9g.default\searchplugins\google-images.xml [2016-03-08]
FF SearchPlugin: C:\Users\**** *******\AppData\Roaming\CLIQZ\Profiles\8prope9g.default\searchplugins\google-maps.xml [2016-03-08]
FF SearchPlugin: C:\Users\**** *******\AppData\Roaming\CLIQZ\Profiles\8prope9g.default\searchplugins\youtube.xml [2016-03-08]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-09]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_126.dll [2017-06-15] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_126.dll [2017-06-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-27] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\**** *******\AppData\Roaming\mozilla\plugins\npatgpc.dll [2016-04-22] (Cisco WebEx LLC)

Chrome: 
=======
CHR Profile: C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default [2017-07-03]
CHR Extension: (Google Präsentationen) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-28]
CHR Extension: (Google Docs) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-28]
CHR Extension: (Google Drive) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-28]
CHR Extension: (YouTube) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-28]
CHR Extension: (Google-Suche) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-28]
CHR Extension: (Google Tabellen) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-28]
CHR Extension: (Kaspersky Protection) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-01-28]
CHR Extension: (Google Docs Offline) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-29]
CHR Extension: (Save to Pocket) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2017-06-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Google Mail) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-28]
CHR Extension: (Chrome Media Router) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-30]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1623287776-416804053-2603140408-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
OPR StartupUrls:  "hxxp://www.google.de/" 

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AVMPowerlineService; C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert]
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-24] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-06-26] (Dropbox, Inc.)
R2 dsNcService; C:\Program Files (x86)\Pulse Secure\Common Files\dsNcService.exe [690128 2016-08-26] (Pulse Secure, LLC)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373688 2017-06-12] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [198704 2014-01-28] (Lenovo Group Limited)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-08-04] (Lenovo(beijing) Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [116632 2012-07-17] ()
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-12-24] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R0 CSCrySec; C:\WINDOWS\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\WINDOWS\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
R3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm62_x64.sys [92400 2017-05-29] (DisplayLink Corp.)
R3 dlusbaudio; C:\WINDOWS\system32\DRIVERS\dlusbaudio_x64.sys [238320 2017-05-29] (DisplayLink Corp.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] ()
R0 gfibto; C:\WINDOWS\System32\drivers\gfibto.sys [14456 2016-05-19] (GFI Software)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197336 2017-04-12] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [520176 2017-04-12] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [168736 2017-06-30] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1018592 2017-04-12] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2017-04-13] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-04-29] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-03-14] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251656 2017-04-29] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-04-29] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-04-29] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-15] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-03-15] (AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-07-03] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-07-03] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-07-03] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-03] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-07-03] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [290520 2013-09-24] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek                                            )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-24] (Sonix Co. Ltd.)
R3 tvtvcamd; C:\WINDOWS\system32\DRIVERS\tvtvcamd.sys [27432 2013-09-26] (ThinkVantage Communications Utility)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\System32\DRIVERS\wsvd.sys [101840 2012-07-05] ("CyberLink)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-03 22:36 - 2017-07-03 22:36 - 00188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-07-03 22:35 - 2017-07-03 22:36 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-07-03 22:35 - 2017-07-03 22:35 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-03 22:35 - 2017-07-03 22:35 - 00101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-07-03 22:35 - 2017-07-03 22:35 - 00045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-07-03 22:35 - 2017-07-03 22:35 - 00001918 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-03 22:35 - 2017-07-03 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-03 22:35 - 2017-07-03 22:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-03 22:35 - 2017-07-03 22:35 - 00000000 ____D C:\Program Files\Malwarebytes
2017-07-03 22:35 - 2017-06-27 12:06 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-03 22:30 - 2017-07-03 22:30 - 00000000 ___HD C:\OneDriveTemp
2017-07-03 21:26 - 2017-07-03 21:27 - 00138324 _____ C:\Users\**** *******\Downloads\Muster_PP.pdf
2017-07-03 14:46 - 2017-07-03 21:49 - 05054165 _____ C:\Users\**** *******\Desktop\Repetitorium-3aufl-20170622-js.pdf
2017-07-03 14:38 - 2017-07-03 14:38 - 00122554 _____ C:\Users\**** *******\Desktop\Kapitel 1 Datenschutz - DLGI.epub
2017-07-03 14:29 - 2017-07-03 14:30 - 07971149 _____ C:\Users\**** *******\Downloads\Planen.zip
2017-07-03 13:49 - 2017-07-03 13:49 - 00655570 _____ C:\Users\**** *******\Desktop\Rock-den-Grill_2017_DL_Web.pdf
2017-07-03 09:53 - 2017-07-03 09:53 - 90006533 _____ C:\Users\**** *******\Desktop\Fatal Schwach - Friends Of Gas.zip
2017-07-03 09:10 - 2017-07-03 09:11 - 06900079 _____ C:\Users\**** *******\Downloads\20150424-091422Der-Lieserpfad-von-der-Quelle-bis-zur-Muendung-tour-de.pdf
2017-07-03 08:06 - 2017-07-03 08:06 - 00073263 _____ C:\Users\**** *******\Desktop\RG150362068696.pdf
2017-07-03 07:52 - 2017-07-03 22:51 - 00000000 ____D C:\Users\**** *******\Desktop\Troj
2017-07-02 13:14 - 2017-07-02 13:14 - 39799968 _____ (Samsung Electronics) C:\Users\**** *******\Desktop\Smart_Switch_PC_Setup.exe
2017-07-01 17:09 - 2017-07-01 17:21 - 00304100 _____ C:\TDSSKiller.3.1.0.15_01.07.2017_17.09.32_log.txt
2017-07-01 16:48 - 2017-07-01 16:48 - 02440704 _____ (Farbar) C:\Users\**** *******\Downloads\FRST64.exe
2017-06-30 11:09 - 2017-07-03 22:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-30 08:03 - 2017-06-30 08:03 - 01387014 _____ C:\Users\**** *******\Desktop\rfdr_Woerterverzeichnis_2017.pdf
2017-06-29 17:04 - 2017-06-29 17:04 - 02024960 _____ C:\Users\**** *******\Desktop\CNC Turning_H2b-js.ppt
2017-06-29 17:03 - 2017-06-29 17:03 - 02706432 _____ C:\Users\**** *******\Desktop\CNC Turning_H2a-js.ppt
2017-06-29 12:06 - 2017-06-29 12:06 - 01576226 _____ C:\Users\**** *******\Desktop\592fcecac2144_wdp-185-barrierefrei_urn.pdf
2017-06-29 09:04 - 2017-06-29 09:04 - 02710016 _____ C:\Users\**** *******\Desktop\CNC Turning_H2a.ppt
2017-06-29 09:04 - 2017-06-29 09:04 - 02027008 _____ C:\Users\**** *******\Desktop\CNC Turning_H2b.ppt
2017-06-29 08:55 - 2017-06-29 08:55 - 00138324 _____ C:\Users\**** *******\Desktop\Muster_PP.pdf
2017-06-28 15:07 - 2017-06-28 15:07 - 01574460 _____ C:\WINDOWS\Minidump\062817-30593-01.dmp
2017-06-28 12:30 - 2017-06-28 12:30 - 00000000 ____D C:\Users\**** *******\Desktop\Imprimatur
2017-06-28 12:12 - 2017-06-28 12:12 - 02951541 _____ C:\Users\**** *******\Desktop\Preparatory Programming - Turning_RJ 2017-02-07_070317_MZS.PDF
2017-06-28 12:11 - 2017-06-28 12:11 - 00729720 _____ C:\Users\**** *******\Desktop\Beispielfragen ELEK PV_Umsetzung in App.pdf
2017-06-28 07:29 - 2017-06-28 07:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-06-26 12:27 - 2017-06-26 12:27 - 00049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-06-26 08:50 - 2017-07-03 22:51 - 00000000 ____D C:\FRST
2017-06-24 14:18 - 2017-06-24 14:21 - 26435280 _____ (Microsoft Corporation) C:\Users\**** *******\Downloads\OneDriveSetup.exe
2017-06-23 12:12 - 2017-06-23 12:12 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2017-06-21 16:42 - 2017-06-21 16:42 - 00000000 ____D C:\Users\**** *******\Desktop\Haushaltsplanung
2017-06-20 22:02 - 2017-06-20 22:02 - 00000000 ____D C:\Users\**** *******\Desktop\Herole
2017-06-18 16:44 - 2017-06-18 16:44 - 00230567 _____ C:\Users\**** *******\Desktop\Wirtschaftspsychologie 12.06..pdf
2017-06-14 08:19 - 2017-06-03 12:09 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-06-14 08:19 - 2017-06-03 12:07 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 08:19 - 2017-06-03 12:00 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-06-14 08:19 - 2017-06-03 11:59 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-14 08:19 - 2017-06-03 11:59 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-14 08:19 - 2017-06-03 11:59 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-14 08:19 - 2017-06-03 11:59 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-06-14 08:19 - 2017-06-03 11:58 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-06-14 08:19 - 2017-06-03 11:55 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 08:19 - 2017-06-03 11:36 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-06-14 08:19 - 2017-06-03 11:35 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-14 08:19 - 2017-06-03 11:28 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 08:19 - 2017-06-03 11:26 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-06-14 08:19 - 2017-06-03 11:23 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-14 08:19 - 2017-06-03 11:23 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-14 08:19 - 2017-06-03 11:23 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-06-14 08:19 - 2017-06-03 11:21 - 01516448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-06-14 08:19 - 2017-06-03 11:20 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-14 08:19 - 2017-06-03 11:14 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-06-14 08:19 - 2017-06-03 11:12 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 08:19 - 2017-06-03 11:11 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-14 08:19 - 2017-06-03 11:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-14 08:19 - 2017-06-03 11:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 08:19 - 2017-06-03 11:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-14 08:19 - 2017-06-03 11:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 08:19 - 2017-06-03 11:10 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 08:19 - 2017-06-03 11:10 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 08:19 - 2017-06-03 11:09 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 08:19 - 2017-06-03 11:09 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-06-14 08:19 - 2017-06-03 11:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-14 08:19 - 2017-06-03 11:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 08:19 - 2017-06-03 11:07 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 08:19 - 2017-06-03 11:07 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-14 08:19 - 2017-06-03 11:05 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-14 08:19 - 2017-06-03 11:05 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 08:19 - 2017-06-03 11:05 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-06-14 08:19 - 2017-06-03 11:04 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 08:19 - 2017-06-03 11:03 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-14 08:19 - 2017-06-03 11:03 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-06-14 08:19 - 2017-06-03 11:02 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 08:19 - 2017-06-03 11:00 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 08:19 - 2017-06-03 11:00 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 08:19 - 2017-06-03 11:00 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-14 08:19 - 2017-06-03 10:59 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 08:19 - 2017-06-03 10:59 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-14 08:19 - 2017-06-03 10:59 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 08:19 - 2017-06-03 10:59 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 08:19 - 2017-06-03 10:59 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-06-14 08:19 - 2017-06-03 10:58 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 08:19 - 2017-06-03 10:58 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-06-14 08:19 - 2017-06-03 10:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-06-14 08:19 - 2017-06-03 10:58 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 08:19 - 2017-06-03 10:57 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-06-14 08:19 - 2017-06-03 10:57 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-06-14 08:19 - 2017-06-03 10:57 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-06-14 08:19 - 2017-06-03 10:57 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-14 08:19 - 2017-06-03 10:56 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-14 08:19 - 2017-06-03 10:55 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-14 08:19 - 2017-06-03 10:55 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-14 08:19 - 2017-06-03 10:55 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-14 08:19 - 2017-06-03 10:54 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-14 08:19 - 2017-06-03 10:54 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-06-14 08:19 - 2017-06-03 10:54 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-06-14 08:19 - 2017-06-03 10:53 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-06-14 08:19 - 2017-05-20 11:13 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-06-14 08:19 - 2017-05-20 10:55 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-06-14 08:19 - 2017-05-20 10:48 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-06-14 08:19 - 2017-05-20 10:47 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-06-14 08:19 - 2017-05-20 10:46 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-06-14 08:19 - 2017-05-20 10:46 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-06-14 08:19 - 2017-05-20 10:46 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-06-14 08:19 - 2017-05-20 10:45 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-14 08:19 - 2017-05-20 10:44 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-06-14 08:19 - 2017-05-20 10:44 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-06-14 08:19 - 2017-05-20 10:29 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-06-14 08:19 - 2017-05-20 10:27 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-06-14 08:19 - 2017-05-20 10:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-06-14 08:19 - 2017-05-20 10:26 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-06-14 08:19 - 2017-05-20 10:26 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-06-14 08:19 - 2017-05-20 10:25 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-06-14 08:19 - 2017-05-20 10:25 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-06-14 08:19 - 2017-05-20 10:24 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-06-14 08:19 - 2017-05-20 10:23 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-06-14 08:19 - 2017-05-20 10:22 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-06-14 08:19 - 2017-05-20 10:22 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-06-14 08:19 - 2017-05-20 10:22 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-06-14 08:19 - 2017-05-20 10:21 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-06-14 08:19 - 2017-05-20 10:21 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-06-14 08:19 - 2017-05-20 10:21 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-06-14 08:19 - 2017-05-20 10:20 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-06-14 08:19 - 2017-05-20 10:20 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-06-14 08:19 - 2017-05-20 10:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-06-14 08:19 - 2017-05-20 10:20 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-06-14 08:19 - 2017-05-20 10:19 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-06-14 08:19 - 2017-05-20 10:18 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-06-14 08:19 - 2017-05-20 10:17 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-06-14 08:19 - 2017-05-20 10:17 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-06-14 08:19 - 2017-05-20 10:17 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-06-14 08:19 - 2017-05-20 10:17 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-06-14 08:19 - 2017-05-20 10:16 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-06-14 08:19 - 2017-05-20 10:16 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-06-14 08:19 - 2017-05-20 10:16 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-06-14 08:19 - 2017-05-20 10:16 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-06-14 08:19 - 2017-05-20 10:15 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-06-14 08:19 - 2017-05-20 10:14 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-06-14 08:19 - 2017-05-20 10:14 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-06-14 08:19 - 2017-05-20 10:14 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-06-14 08:19 - 2017-05-20 10:14 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-06-14 08:19 - 2017-05-20 10:14 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-06-14 08:19 - 2017-05-20 10:11 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-06-14 08:19 - 2017-05-20 10:10 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-06-14 08:19 - 2017-05-20 10:10 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-06-14 08:19 - 2017-05-20 10:10 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-06-14 08:19 - 2017-05-20 10:08 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-06-14 08:19 - 2017-05-20 09:07 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-14 08:19 - 2017-05-20 09:03 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-06-14 08:19 - 2017-05-20 08:58 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-14 08:19 - 2017-05-20 08:55 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-06-14 08:19 - 2017-05-20 08:55 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-06-14 08:19 - 2017-05-20 08:54 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-06-14 08:19 - 2017-05-20 08:54 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-14 08:19 - 2017-05-20 08:54 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-06-14 08:19 - 2017-05-20 08:53 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-06-14 08:19 - 2017-05-20 08:52 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-06-14 08:19 - 2017-05-20 08:52 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-06-14 08:19 - 2017-05-20 08:51 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-06-14 08:19 - 2017-05-20 08:51 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-06-14 08:19 - 2017-05-20 08:51 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-06-14 08:19 - 2017-05-20 08:51 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-06-14 08:19 - 2017-05-20 08:48 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-06-14 08:19 - 2017-05-20 08:10 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-06-14 08:19 - 2017-05-20 08:08 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-06-14 08:19 - 2017-05-20 08:07 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-06-14 08:19 - 2017-05-20 08:07 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-06-14 08:19 - 2017-05-20 08:07 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-06-14 08:19 - 2017-05-20 08:06 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-06-14 08:19 - 2017-05-20 08:03 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-06-14 08:19 - 2017-05-20 08:01 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-06-14 08:19 - 2017-05-20 08:00 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-06-14 08:19 - 2017-05-20 08:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-06-14 08:19 - 2017-05-20 07:59 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-06-14 08:19 - 2017-05-20 07:58 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-06-14 08:19 - 2017-05-20 07:58 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-06-14 08:19 - 2017-05-20 07:58 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-06-14 08:19 - 2017-05-20 07:58 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-06-14 08:19 - 2017-05-20 07:54 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-06-14 08:19 - 2017-05-20 07:54 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-06-14 08:19 - 2017-05-20 07:52 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-06-14 08:19 - 2017-05-20 07:52 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-06-14 08:19 - 2017-05-20 07:50 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-06-14 08:18 - 2017-06-03 12:15 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 08:18 - 2017-06-03 12:15 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 08:18 - 2017-06-03 12:15 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 08:18 - 2017-06-03 12:14 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-14 08:18 - 2017-06-03 12:14 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-14 08:18 - 2017-06-03 12:10 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 08:18 - 2017-06-03 12:09 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 08:18 - 2017-06-03 12:08 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-14 08:18 - 2017-06-03 12:07 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-14 08:18 - 2017-06-03 12:02 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 08:18 - 2017-06-03 12:01 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-06-14 08:18 - 2017-06-03 12:00 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-06-14 08:18 - 2017-06-03 12:00 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-06-14 08:18 - 2017-06-03 11:58 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 08:18 - 2017-06-03 11:58 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-06-14 08:18 - 2017-06-03 11:58 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-06-14 08:18 - 2017-06-03 11:57 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 02228120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 01693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 01458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 00848288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 00846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-06-14 08:18 - 2017-06-03 11:56 - 00844696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 00697760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 00672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 00399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-06-14 08:18 - 2017-06-03 11:14 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 08:18 - 2017-06-03 11:14 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-06-14 08:18 - 2017-06-03 11:14 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-06-14 08:18 - 2017-06-03 11:14 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 08:18 - 2017-06-03 11:11 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-14 08:18 - 2017-06-03 11:10 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-06-14 08:18 - 2017-06-03 11:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-14 08:18 - 2017-06-03 11:07 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-06-14 08:18 - 2017-06-03 11:07 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-06-14 08:18 - 2017-06-03 11:06 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-06-14 08:18 - 2017-06-03 11:05 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 08:18 - 2017-06-03 11:05 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-06-14 08:18 - 2017-06-03 11:04 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 08:18 - 2017-06-03 11:04 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-06-14 08:18 - 2017-06-03 11:03 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-06-14 08:18 - 2017-06-03 11:01 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-06-14 08:18 - 2017-06-03 11:01 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-06-14 08:18 - 2017-06-03 10:59 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-14 08:18 - 2017-06-03 10:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 08:18 - 2017-06-03 10:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-14 08:18 - 2017-06-03 10:59 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 08:18 - 2017-06-03 10:58 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-06-14 08:18 - 2017-06-03 10:58 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 08:18 - 2017-06-03 10:57 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-14 08:18 - 2017-06-03 10:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-06-14 08:18 - 2017-06-03 10:57 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 08:18 - 2017-06-03 10:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-06-14 08:18 - 2017-05-20 10:29 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-06-14 08:18 - 2017-05-20 09:08 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-06-14 08:18 - 2017-05-20 09:08 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-14 08:18 - 2017-05-20 08:59 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-06-14 08:18 - 2017-05-20 08:56 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-06-14 08:18 - 2017-05-20 08:56 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-06-14 08:18 - 2017-05-20 08:56 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-06-14 08:18 - 2017-05-20 08:55 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-06-14 08:18 - 2017-05-20 08:55 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-06-14 08:18 - 2017-05-20 08:55 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-14 08:18 - 2017-05-20 08:55 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-06-14 08:18 - 2017-05-20 08:53 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-06-14 08:18 - 2017-05-20 08:53 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-14 08:18 - 2017-05-20 08:53 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-06-14 08:18 - 2017-05-20 08:53 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-06-14 08:18 - 2017-05-20 08:51 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-06-14 08:18 - 2017-05-20 08:10 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-06-14 08:18 - 2017-05-20 08:10 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-06-14 08:18 - 2017-05-20 08:10 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-06-14 08:18 - 2017-05-20 08:10 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-06-14 08:18 - 2017-05-20 08:09 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-06-14 08:18 - 2017-05-20 08:09 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-06-14 08:18 - 2017-05-20 08:09 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-06-14 08:18 - 2017-05-20 08:08 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-06-14 08:18 - 2017-05-20 08:08 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-06-14 08:18 - 2017-05-20 08:06 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-06-14 08:18 - 2017-05-20 08:06 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-06-14 08:18 - 2017-05-20 08:05 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-06-14 08:18 - 2017-05-20 08:05 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-06-14 08:18 - 2017-05-20 08:03 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-06-14 08:18 - 2017-05-20 08:03 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-06-14 08:18 - 2017-05-20 08:03 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-06-14 08:18 - 2017-05-20 08:03 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-06-14 08:18 - 2017-05-20 08:03 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-06-14 08:18 - 2017-05-20 08:02 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-06-14 08:18 - 2017-05-20 08:02 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-06-14 08:18 - 2017-05-20 08:00 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-06-14 08:18 - 2017-05-20 08:00 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-06-14 08:18 - 2017-05-20 08:00 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-06-14 08:18 - 2017-05-20 07:58 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-06-14 08:18 - 2017-05-20 07:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-06-14 08:18 - 2017-05-20 07:57 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-06-14 08:18 - 2017-05-20 07:56 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-06-14 08:18 - 2017-05-20 07:56 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-06-14 08:18 - 2017-05-20 07:55 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-06-14 08:18 - 2017-05-20 07:55 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-06-14 08:18 - 2017-05-20 07:55 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-06-14 08:18 - 2017-05-20 07:55 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-06-14 08:18 - 2017-05-20 07:54 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-06-14 08:18 - 2017-05-20 07:54 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-06-14 08:18 - 2017-05-20 07:54 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-06-14 08:18 - 2017-05-20 07:52 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-06-14 08:18 - 2017-05-20 07:52 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-06-14 08:18 - 2017-05-20 07:51 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-06-14 08:18 - 2017-05-20 07:51 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-06-14 08:18 - 2017-05-20 07:50 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-06-14 08:18 - 2017-05-20 07:48 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-06-14 08:18 - 2017-05-20 07:48 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-06-14 08:18 - 2017-05-20 07:47 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-06-14 08:18 - 2017-05-20 07:47 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 39860744 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 38903336 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 34823400 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 33470408 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 29101512 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 19861456 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 15477928 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 13483144 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 11748304 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 08734672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 05683664 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 05262800 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 04931024 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 04368848 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 04268480 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 04240160 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 03972048 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 02393112 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01858584 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01816664 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01814008 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01590736 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01178576 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01023928 _____ C:\WINDOWS\system32\igfxSDK.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00968112 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00964528 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00704976 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00466872 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00448952 _____ (Intel Corporation) C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00438736 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00416208 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00401848 _____ C:\WINDOWS\system32\igfxTray.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00389584 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00388560 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00354232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00318416 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00312248 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00301496 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00297112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00273360 _____ C:\WINDOWS\system32\igfxCPL.cpl
2017-06-12 01:56 - 2017-06-12 01:56 - 00268216 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00266192 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00242104 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00236472 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00232376 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00231864 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00225232 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00222680 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00220112 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4642.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00205304 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00192976 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00183928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00182904 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00181784 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00175032 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00173520 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00160216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00160208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00111568 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00103888 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00103376 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00100816 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00099792 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00095184 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00084944 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00052688 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00029136 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00029136 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00027600 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00027600 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00022480 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00022480 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2017-06-11 22:49 - 2017-06-11 22:49 - 00004862 _____ C:\WINDOWS\system32\iglhxs64.vp
2017-06-06 10:30 - 2017-06-28 10:53 - 00000000 ____D C:\Users\**** *******\Desktop\EcADEMY

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-03 22:42 - 2015-02-14 17:23 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-07-03 22:41 - 2016-11-20 16:25 - 00000000 ____D C:\Users\**** *******\AppData\LocalLow\Mozilla
2017-07-03 22:32 - 2017-04-13 09:55 - 00000000 ____D C:\Users\**** *******
2017-07-03 22:30 - 2016-07-30 11:27 - 00000000 ___RD C:\Users\**** *******\OneDrive
2017-07-03 22:29 - 2015-02-14 15:53 - 00000000 ___RD C:\Users\**** *******\Google Drive
2017-07-03 22:27 - 2017-04-13 09:53 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-07-03 22:26 - 2015-11-30 10:17 - 00000000 ____D C:\Temp
2017-07-03 22:25 - 2017-04-13 10:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-03 22:23 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-07-03 22:15 - 2015-03-18 22:10 - 00000000 ____D C:\AdwCleaner
2017-07-03 22:11 - 2015-02-13 18:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-03 21:48 - 2017-04-13 10:55 - 00000000 ____D C:\Users\**** *******\AppData\Local\Deployment
2017-07-03 18:55 - 2017-04-13 09:48 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-03 17:06 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-03 17:06 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-03 11:45 - 2015-02-14 00:02 - 00000000 ____D C:\Users\**** *******\Pictures\Documents\Steuerfälle
2017-07-03 07:50 - 2015-02-02 14:43 - 00000000 ____D C:\ProgramData\Energy Manager
2017-07-01 16:41 - 2017-04-13 09:54 - 02421494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-01 16:41 - 2017-03-20 06:41 - 01068244 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-01 16:41 - 2017-03-20 06:41 - 00248016 _____ C:\WINDOWS\system32\perfc007.dat
2017-06-30 09:20 - 2015-02-02 14:41 - 00000000 ____D C:\Users\**** *******\AppData\Local\Packages
2017-06-29 13:52 - 2016-10-23 17:35 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-29 08:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-28 16:04 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-28 15:10 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-28 15:07 - 2017-05-11 19:20 - 939465192 _____ C:\WINDOWS\MEMORY.DMP
2017-06-28 15:07 - 2017-05-11 19:20 - 00000000 ____D C:\WINDOWS\Minidump
2017-06-28 07:30 - 2015-09-14 17:49 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-06-27 15:28 - 2016-11-22 15:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-06-27 14:51 - 2017-04-13 09:53 - 00000000 ____D C:\Program Files\DisplayLink Core Software
2017-06-23 17:54 - 2016-08-23 18:06 - 00000000 ___RD C:\Users\**** *******\Dropbox
2017-06-23 16:08 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-23 16:07 - 2015-02-13 17:54 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-06-23 12:12 - 2017-04-13 09:55 - 00000000 ____D C:\Users\DefaultAppPool
2017-06-21 11:31 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-06-20 11:59 - 2017-04-13 09:53 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-06-18 10:47 - 2015-02-02 14:51 - 00000000 ____D C:\Users\**** *******\AppData\Local\Adobe
2017-06-18 09:04 - 2017-04-13 10:25 - 00004654 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-06-18 09:03 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-18 09:03 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-15 18:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-06-14 19:12 - 2016-07-30 10:53 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-14 19:07 - 2017-04-13 09:48 - 00339512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-14 19:06 - 2015-02-02 18:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-14 19:06 - 2015-02-02 18:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-06-14 16:48 - 2015-02-02 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-14 16:45 - 2015-02-02 17:42 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 16:36 - 2015-02-02 17:42 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 16:12 - 2016-07-30 11:15 - 00000000 __SHD C:\Users\**** *******\IntelGraphicsProfiles
2017-06-13 20:36 - 2015-06-17 13:08 - 00000000 ____D C:\Users\**** *******\AppData\Local\Dropbox
2017-06-12 01:56 - 2017-04-13 09:53 - 00099792 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-06-12 01:56 - 2017-03-20 06:43 - 00103888 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2017-06-12 01:56 - 2016-11-02 00:06 - 13071112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2017-06-12 01:56 - 2016-11-02 00:06 - 06693096 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2017-06-12 01:56 - 2016-11-02 00:06 - 05137760 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2017-06-12 01:56 - 2016-11-02 00:06 - 00055192 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2017-06-12 01:56 - 2016-11-02 00:05 - 16456200 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2017-06-12 01:56 - 2016-11-02 00:05 - 07970232 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2017-06-12 01:56 - 2016-11-02 00:05 - 02141648 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2017-06-12 01:56 - 2016-11-02 00:05 - 00755152 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2017-06-12 01:56 - 2016-11-02 00:05 - 00398288 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2017-06-12 01:56 - 2016-11-02 00:05 - 00373688 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2017-06-12 01:56 - 2016-11-02 00:05 - 00254928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2017-06-03 17:31 - 2017-05-26 08:36 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2017-06-03 11:37 - 2011-02-24 19:03 - 00395232 __RSH C:\bootmgr
2017-06-03 08:32 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-03 08:32 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-01-24 18:25 - 2017-01-30 15:11 - 0002325 _____ () C:\Users\**** *******\AppData\Roaming\com.living-e.timeEdition.plist
2015-07-15 18:11 - 2015-07-15 18:11 - 0000151 _____ () C:\Users\**** *******\AppData\Roaming\dllreg.bat
2015-11-21 17:26 - 2015-11-21 17:27 - 0598586 _____ () C:\Users\**** *******\AppData\Roaming\Scorch_Install.log
2015-04-02 22:28 - 2017-05-19 17:14 - 0005120 _____ () C:\Users\**** *******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-06 12:44 - 2015-12-06 12:44 - 0001525 _____ () C:\Users\**** *******\AppData\Local\recently-used.xbel
2015-02-14 09:11 - 2015-02-14 09:11 - 0000057 _____ () C:\ProgramData\Ament.ini
2017-04-13 09:51 - 2017-04-13 09:51 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-06-26 14:14

==================== Ende von FRST.txt ============================
         
ZUdem hier wie gewünscht das Log von Antimalware:
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 03.07.17
Scan-Zeit: 22:36
Protokolldatei: Malwarebyte.txt
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.160
Version des Aktualisierungspakets: 1.0.2285
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10 (Build 15063.413)
CPU: x64
Dateisystem: NTFS
Benutzer: J*******-mobil\J\u00c3\u00b6rg *******

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 496119
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 13 Min., 13 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
         
Und das von Adware... Vielen Dank schon mal!
Code:
ATTFilter
# AdwCleaner v6.047 - Logfile created 03/07/2017 at 22:07:24
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-06-29.3 [Server]
# Operating System : Windows 10 Pro  (X64)
# Username : **** ******** - J*******-MOBIL
# Running from : C:\Users\**** ********\Desktop\adwcleaner_6.047.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Folders ] *****



***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****



***** [ Web browsers ] *****



*************************

:: "Tracing" keys deleted
:: Winsock settings cleared
:: "Prefetch" files deleted
:: Proxy settings cleared
:: Firewall rules cleared
:: IE policies deleted
:: Chrome policies deleted

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1127 Bytes] - [26/04/2017 18:04:53]
C:\AdwCleaner\AdwCleaner[C2].txt - [1552 Bytes] - [21/05/2017 21:31:23]
C:\AdwCleaner\AdwCleaner[C3].txt - [1052 Bytes] - [03/07/2017 22:07:24]
C:\AdwCleaner\AdwCleaner[S0].txt - [1263 Bytes] - [26/04/2017 17:45:26]
C:\AdwCleaner\AdwCleaner[S1].txt - [1311 Bytes] - [11/05/2017 08:07:13]
C:\AdwCleaner\AdwCleaner[S2].txt - [1823 Bytes] - [21/05/2017 20:20:04]
C:\AdwCleaner\AdwCleaner[S3].txt - [1528 Bytes] - [23/06/2017 22:51:29]
C:\AdwCleaner\AdwCleaner[S4].txt - [1601 Bytes] - [26/06/2017 20:58:39]
C:\AdwCleaner\AdwCleaner[S5].txt - [1674 Bytes] - [03/07/2017 22:06:56]

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1563 Bytes] ##########
         

Alt 04.07.2017, 15:17   #12
M-K-D-B
/// TB-Ausbilder
 
Dummerweise auf einen Link geklickt in Mail - Standard

Dummerweise auf einen Link geklickt in Mail



Servus,



wir kontrollieren nochmal alles.



Hinweis: Der Suchlauf mit ESET kann länger dauern.




Schritt 1
  • Kopiere den Inhalt der folgenden Code-Box:
    Code:
    ATTFilter
    Start::
    CloseProcesses:
    RemoveProxy:
    CMD: ipconfig /flushdns
    CMD: netsh winsock reset
    EmptyTemp:
    End::
             
  • Starte nun FRST und klicke den Entfernen Button.
  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
  • Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.





Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset








Schritt 4
  • Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.







Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von HitmanPro,
  • die Logdatei von ESET,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 05.07.2017, 12:57   #13
JoeS2013
 
Dummerweise auf einen Link geklickt in Mail - Standard

Dummerweise auf einen Link geklickt in Mail



FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-07-2017
durchgeführt von **** ******* (Administrator) auf J*******-MOBIL (05-07-2017 07:28:39)
Gestartet von C:\Users\**** *******\Desktop\Troj
Geladene Profile: **** ******* & Arbeit & DefaultAppPool (Verfügbare Profile: **** ******* & Arbeit & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Pulse Secure, LLC) C:\Program Files (x86)\Pulse Secure\Common Files\dsNcService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Lenovo Group Limited) C:\Program Files\lenovo\Communications Utility\CamMute.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Lenovo Group Limited) C:\Program Files\lenovo\Communications Utility\vcamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Lenovo Group Limited) C:\Program Files\lenovo\Communications Utility\TPKNRSVC.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AVM GmbH) C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo Group Limited) C:\Program Files\lenovo\Communications Utility\TpKnrres.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
() C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Users\**** *******\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
(Microsoft Corporation) C:\Users\**** *******\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401848 2017-06-12] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [297008 2014-01-28] (Lenovo Group Limited)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-08-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10843120 2014-08-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [588424 2015-08-03] (ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-06-26] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1623287776-416804053-2603140408-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ThinkPad OneLink Dock Management.lnk [2014-08-04]
ShortcutTarget: ThinkPad OneLink Dock Management.lnk -> C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe ()
Startup: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2016-12-13]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
Startup: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - .lnk [2016-12-13]
ShortcutTarget: Tintenwarnungen überwachen - .lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.176.1
Tcpip\..\Interfaces\{48848a52-8936-4984-aba3-4511c7c714c9}: [DhcpNameServer] 192.168.176.1
Tcpip\..\Interfaces\{49db7834-e303-4579-bd61-2e097c8da28e}: [DhcpNameServer] 192.168.176.1
Tcpip\..\Interfaces\{5fd2148b-391c-4bad-97c3-ac67867c9c14}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{61978f6b-de49-4064-a6c2-accb5c2cd825}: [DhcpNameServer] 10.8.108.1 10.8.108.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-1623287776-416804053-2603140408-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1623287776-416804053-2603140408-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1623287776-416804053-2603140408-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1623287776-416804053-2603140408-1000 -> {C0B3AF33-4238-4F73-BA03-8D4401835099} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-09] (AO Kaspersky Lab)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-27] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2017-03-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-27] (Oracle Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2016-12-09] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-27] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-09] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2016-12-09] (AO Kaspersky Lab)
DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: d27fells.default-1458306383649
FF ProfilePath: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1623287776-416804053-2603140408-1000\FireFox [nicht gefunden] <==== ACHTUNG
FF DefaultProfile: 8prope9g.default
FF ProfilePath: C:\Users\**** *******\AppData\Roaming\Mozilla\Firefox\Profiles\d27fells.default-1458306383649 [2017-07-05]
FF user.js: detected! => C:\Users\**** *******\AppData\Roaming\Mozilla\Firefox\Profiles\d27fells.default-1458306383649\user.js [2016-03-18]
FF Extension: (anonymoX) - C:\Users\**** *******\AppData\Roaming\Mozilla\Firefox\Profiles\d27fells.default-1458306383649\Extensions\client@anonymox.net.xpi [2017-06-21]
FF Extension: (Adblock Plus) - C:\Users\**** *******\AppData\Roaming\Mozilla\Firefox\Profiles\d27fells.default-1458306383649\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (BetterPrivacy) - C:\Users\**** *******\AppData\Roaming\Mozilla\Firefox\Profiles\d27fells.default-1458306383649\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2016-11-01]
FF ProfilePath: C:\Users\**** *******\AppData\Roaming\CLIQZ\Profiles\8prope9g.default [2016-03-19]
FF Extension: (Cliqz) - C:\Users\**** *******\AppData\Roaming\CLIQZ\Profiles\8prope9g.default\Extensions\cliqz@cliqz.com.xpi [2016-03-10] [ist nicht signiert]
FF SearchPlugin: C:\Users\**** *******\AppData\Roaming\CLIQZ\Profiles\8prope9g.default\searchplugins\google-images.xml [2016-03-08]
FF SearchPlugin: C:\Users\**** *******\AppData\Roaming\CLIQZ\Profiles\8prope9g.default\searchplugins\google-maps.xml [2016-03-08]
FF SearchPlugin: C:\Users\**** *******\AppData\Roaming\CLIQZ\Profiles\8prope9g.default\searchplugins\youtube.xml [2016-03-08]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-09]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_126.dll [2017-06-15] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_126.dll [2017-06-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-27] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\**** *******\AppData\Roaming\mozilla\plugins\npatgpc.dll [2016-04-22] (Cisco WebEx LLC)

Chrome: 
=======
CHR Profile: C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default [2017-07-04]
CHR Extension: (Google Präsentationen) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-28]
CHR Extension: (Google Docs) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-28]
CHR Extension: (Google Drive) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-28]
CHR Extension: (YouTube) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-28]
CHR Extension: (Google-Suche) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-28]
CHR Extension: (Google Tabellen) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-28]
CHR Extension: (Kaspersky Protection) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-01-28]
CHR Extension: (Google Docs Offline) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-29]
CHR Extension: (Save to Pocket) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2017-06-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Google Mail) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-28]
CHR Extension: (Chrome Media Router) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-30]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1623287776-416804053-2603140408-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
OPR StartupUrls:  "hxxp://www.google.de/" 

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AVMPowerlineService; C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert]
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-24] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-06-26] (Dropbox, Inc.)
R2 dsNcService; C:\Program Files (x86)\Pulse Secure\Common Files\dsNcService.exe [690128 2016-08-26] (Pulse Secure, LLC)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373688 2017-06-12] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [198704 2014-01-28] (Lenovo Group Limited)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-08-04] (Lenovo(beijing) Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [116632 2012-07-17] ()
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-12-24] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R0 CSCrySec; C:\WINDOWS\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\WINDOWS\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
R3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm62_x64.sys [92400 2017-05-29] (DisplayLink Corp.)
R3 dlusbaudio; C:\WINDOWS\system32\DRIVERS\dlusbaudio_x64.sys [238320 2017-05-29] (DisplayLink Corp.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] ()
R0 gfibto; C:\WINDOWS\System32\drivers\gfibto.sys [14456 2016-05-19] (GFI Software)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197336 2017-04-12] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [520176 2017-04-12] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [168736 2017-06-30] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1018592 2017-04-12] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2017-04-13] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-04-29] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-03-14] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251656 2017-04-29] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-04-29] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-04-29] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-15] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-03-15] (AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-07-03] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-07-04] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-07-04] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-04] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-07-05] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [290520 2013-09-24] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek                                            )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-24] (Sonix Co. Ltd.)
R3 tvtvcamd; C:\WINDOWS\system32\DRIVERS\tvtvcamd.sys [27432 2013-09-26] (ThinkVantage Communications Utility)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\System32\DRIVERS\wsvd.sys [101840 2012-07-05] ("CyberLink)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-04 16:52 - 2017-07-04 16:57 - 06138396 _____ C:\Users\**** *******\Desktop\Repetitorium-3aufl-20170704c.pdf
2017-07-04 16:19 - 2017-07-04 16:19 - 00000000 ____D C:\Program Files (x86)\ESET
2017-07-04 16:18 - 2017-07-04 16:18 - 02870984 _____ (ESET) C:\Users\**** *******\Desktop\esetsmartinstaller_deu.exe
2017-07-04 15:51 - 2017-07-04 16:15 - 00000000 ____D C:\ProgramData\HitmanPro
2017-07-04 15:50 - 2017-07-04 15:50 - 11584088 _____ (SurfRight B.V.) C:\Users\**** *******\Desktop\HitmanPro_x64.exe
2017-07-04 14:14 - 2017-07-04 14:23 - 00000000 ____D C:\Users\**** *******\Desktop\Freigabedatei
2017-07-04 12:47 - 2017-07-04 12:52 - 07598223 _____ C:\Users\**** *******\Desktop\Repetitorium-3aufl-20170704.pdf
2017-07-04 09:03 - 2017-07-04 09:07 - 01637212 _____ C:\WINDOWS\Minidump\070417-32375-01.dmp
2017-07-04 08:25 - 2017-07-04 08:25 - 00000000 ____D C:\Users\**** *******\Desktop\zerspaner - geteilte PPT
2017-07-04 08:13 - 2017-07-04 08:13 - 00000000 ____D C:\Users\**** *******\Desktop\Planen
2017-07-04 08:10 - 2017-07-04 08:10 - 00000000 ____D C:\Users\**** *******\Desktop\Fatal Schwach - Friends Of Gas
2017-07-04 07:38 - 2017-07-04 07:38 - 00000000 ___HD C:\OneDriveTemp
2017-07-03 22:36 - 2017-07-03 22:36 - 00188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-07-03 22:35 - 2017-07-05 04:52 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-07-03 22:35 - 2017-07-04 15:43 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-03 22:35 - 2017-07-04 15:43 - 00101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-07-03 22:35 - 2017-07-04 15:43 - 00045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-07-03 22:35 - 2017-07-03 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-03 22:35 - 2017-07-03 22:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-03 22:35 - 2017-07-03 22:35 - 00000000 ____D C:\Program Files\Malwarebytes
2017-07-03 22:35 - 2017-06-27 12:06 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-03 13:49 - 2017-07-03 13:49 - 00655570 _____ C:\Users\**** *******\Desktop\Rock-den-Grill_2017_DL_Web.pdf
2017-07-03 09:10 - 2017-07-03 09:11 - 06900079 _____ C:\Users\**** *******\Desktop\20150424-091422Der-Lieserpfad-von-der-Quelle-bis-zur-Muendung-tour-de.pdf
2017-07-03 07:52 - 2017-07-05 07:28 - 00000000 ____D C:\Users\**** *******\Desktop\Troj
2017-07-01 17:09 - 2017-07-01 17:21 - 00304100 _____ C:\TDSSKiller.3.1.0.15_01.07.2017_17.09.32_log.txt
2017-06-30 11:09 - 2017-07-03 22:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-29 12:06 - 2017-06-29 12:06 - 01576226 _____ C:\Users\**** *******\Desktop\592fcecac2144_wdp-185-barrierefrei_urn.pdf
2017-06-28 15:07 - 2017-06-28 15:07 - 01574460 _____ C:\WINDOWS\Minidump\062817-30593-01.dmp
2017-06-28 12:12 - 2017-06-28 12:12 - 02951541 _____ C:\Users\**** *******\Desktop\Preparatory Programming - Turning_RJ 2017-02-07_070317_MZS.PDF
2017-06-28 12:11 - 2017-06-28 12:11 - 00729720 _____ C:\Users\**** *******\Desktop\Beispielfragen ELEK PV_Umsetzung in App.pdf
2017-06-28 07:29 - 2017-06-28 07:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-06-26 12:27 - 2017-06-26 12:27 - 00049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-06-26 08:50 - 2017-07-05 07:28 - 00000000 ____D C:\FRST
2017-06-24 14:18 - 2017-06-24 14:21 - 26435280 _____ (Microsoft Corporation) C:\Users\**** *******\Downloads\OneDriveSetup.exe
2017-06-23 12:12 - 2017-06-23 12:12 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2017-06-20 22:02 - 2017-06-20 22:02 - 00000000 ____D C:\Users\**** *******\Desktop\Herole
2017-06-18 16:44 - 2017-06-18 16:44 - 00230567 _____ C:\Users\**** *******\Desktop\Wirtschaftspsychologie 12.06..pdf
2017-06-14 08:19 - 2017-06-03 12:09 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-06-14 08:19 - 2017-06-03 12:07 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 08:19 - 2017-06-03 12:00 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-06-14 08:19 - 2017-06-03 11:59 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-14 08:19 - 2017-06-03 11:59 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-14 08:19 - 2017-06-03 11:59 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-14 08:19 - 2017-06-03 11:59 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-06-14 08:19 - 2017-06-03 11:58 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-06-14 08:19 - 2017-06-03 11:55 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 08:19 - 2017-06-03 11:36 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-06-14 08:19 - 2017-06-03 11:35 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-14 08:19 - 2017-06-03 11:28 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 08:19 - 2017-06-03 11:26 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-06-14 08:19 - 2017-06-03 11:23 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-14 08:19 - 2017-06-03 11:23 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-14 08:19 - 2017-06-03 11:23 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-06-14 08:19 - 2017-06-03 11:21 - 01516448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-06-14 08:19 - 2017-06-03 11:20 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-14 08:19 - 2017-06-03 11:14 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-06-14 08:19 - 2017-06-03 11:12 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 08:19 - 2017-06-03 11:11 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-14 08:19 - 2017-06-03 11:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-14 08:19 - 2017-06-03 11:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 08:19 - 2017-06-03 11:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-14 08:19 - 2017-06-03 11:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 08:19 - 2017-06-03 11:10 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 08:19 - 2017-06-03 11:10 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 08:19 - 2017-06-03 11:09 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 08:19 - 2017-06-03 11:09 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-06-14 08:19 - 2017-06-03 11:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-14 08:19 - 2017-06-03 11:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 08:19 - 2017-06-03 11:07 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 08:19 - 2017-06-03 11:07 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-14 08:19 - 2017-06-03 11:05 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-14 08:19 - 2017-06-03 11:05 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 08:19 - 2017-06-03 11:05 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-06-14 08:19 - 2017-06-03 11:04 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 08:19 - 2017-06-03 11:03 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-14 08:19 - 2017-06-03 11:03 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-06-14 08:19 - 2017-06-03 11:02 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 08:19 - 2017-06-03 11:00 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 08:19 - 2017-06-03 11:00 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 08:19 - 2017-06-03 11:00 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-14 08:19 - 2017-06-03 10:59 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 08:19 - 2017-06-03 10:59 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-14 08:19 - 2017-06-03 10:59 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 08:19 - 2017-06-03 10:59 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 08:19 - 2017-06-03 10:59 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-06-14 08:19 - 2017-06-03 10:58 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 08:19 - 2017-06-03 10:58 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-06-14 08:19 - 2017-06-03 10:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-06-14 08:19 - 2017-06-03 10:58 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 08:19 - 2017-06-03 10:57 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-06-14 08:19 - 2017-06-03 10:57 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-06-14 08:19 - 2017-06-03 10:57 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-06-14 08:19 - 2017-06-03 10:57 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-14 08:19 - 2017-06-03 10:56 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-14 08:19 - 2017-06-03 10:55 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-14 08:19 - 2017-06-03 10:55 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-14 08:19 - 2017-06-03 10:55 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-14 08:19 - 2017-06-03 10:54 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-14 08:19 - 2017-06-03 10:54 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-06-14 08:19 - 2017-06-03 10:54 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-06-14 08:19 - 2017-06-03 10:53 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-06-14 08:19 - 2017-05-20 11:13 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-06-14 08:19 - 2017-05-20 10:55 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-06-14 08:19 - 2017-05-20 10:48 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-06-14 08:19 - 2017-05-20 10:47 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-06-14 08:19 - 2017-05-20 10:46 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-06-14 08:19 - 2017-05-20 10:46 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-06-14 08:19 - 2017-05-20 10:46 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-06-14 08:19 - 2017-05-20 10:45 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-14 08:19 - 2017-05-20 10:44 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-06-14 08:19 - 2017-05-20 10:44 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-06-14 08:19 - 2017-05-20 10:29 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-06-14 08:19 - 2017-05-20 10:27 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-06-14 08:19 - 2017-05-20 10:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-06-14 08:19 - 2017-05-20 10:26 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-06-14 08:19 - 2017-05-20 10:26 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-06-14 08:19 - 2017-05-20 10:25 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-06-14 08:19 - 2017-05-20 10:25 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-06-14 08:19 - 2017-05-20 10:24 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-06-14 08:19 - 2017-05-20 10:23 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-06-14 08:19 - 2017-05-20 10:22 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-06-14 08:19 - 2017-05-20 10:22 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-06-14 08:19 - 2017-05-20 10:22 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-06-14 08:19 - 2017-05-20 10:21 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-06-14 08:19 - 2017-05-20 10:21 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-06-14 08:19 - 2017-05-20 10:21 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-06-14 08:19 - 2017-05-20 10:20 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-06-14 08:19 - 2017-05-20 10:20 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-06-14 08:19 - 2017-05-20 10:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-06-14 08:19 - 2017-05-20 10:20 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-06-14 08:19 - 2017-05-20 10:19 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-06-14 08:19 - 2017-05-20 10:18 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-06-14 08:19 - 2017-05-20 10:17 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-06-14 08:19 - 2017-05-20 10:17 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-06-14 08:19 - 2017-05-20 10:17 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-06-14 08:19 - 2017-05-20 10:17 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-06-14 08:19 - 2017-05-20 10:16 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-06-14 08:19 - 2017-05-20 10:16 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-06-14 08:19 - 2017-05-20 10:16 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-06-14 08:19 - 2017-05-20 10:16 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-06-14 08:19 - 2017-05-20 10:15 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-06-14 08:19 - 2017-05-20 10:14 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-06-14 08:19 - 2017-05-20 10:14 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-06-14 08:19 - 2017-05-20 10:14 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-06-14 08:19 - 2017-05-20 10:14 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-06-14 08:19 - 2017-05-20 10:14 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-06-14 08:19 - 2017-05-20 10:11 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-06-14 08:19 - 2017-05-20 10:10 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-06-14 08:19 - 2017-05-20 10:10 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-06-14 08:19 - 2017-05-20 10:10 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-06-14 08:19 - 2017-05-20 10:08 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-06-14 08:19 - 2017-05-20 09:07 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-14 08:19 - 2017-05-20 09:03 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-06-14 08:19 - 2017-05-20 08:58 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-14 08:19 - 2017-05-20 08:55 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-06-14 08:19 - 2017-05-20 08:55 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-06-14 08:19 - 2017-05-20 08:54 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-06-14 08:19 - 2017-05-20 08:54 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-14 08:19 - 2017-05-20 08:54 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-06-14 08:19 - 2017-05-20 08:53 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-06-14 08:19 - 2017-05-20 08:52 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-06-14 08:19 - 2017-05-20 08:52 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-06-14 08:19 - 2017-05-20 08:51 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-06-14 08:19 - 2017-05-20 08:51 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-06-14 08:19 - 2017-05-20 08:51 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-06-14 08:19 - 2017-05-20 08:51 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-06-14 08:19 - 2017-05-20 08:48 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-06-14 08:19 - 2017-05-20 08:10 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-06-14 08:19 - 2017-05-20 08:08 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-06-14 08:19 - 2017-05-20 08:07 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-06-14 08:19 - 2017-05-20 08:07 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-06-14 08:19 - 2017-05-20 08:07 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-06-14 08:19 - 2017-05-20 08:06 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-06-14 08:19 - 2017-05-20 08:03 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-06-14 08:19 - 2017-05-20 08:01 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-06-14 08:19 - 2017-05-20 08:00 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-06-14 08:19 - 2017-05-20 08:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-06-14 08:19 - 2017-05-20 07:59 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-06-14 08:19 - 2017-05-20 07:58 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-06-14 08:19 - 2017-05-20 07:58 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-06-14 08:19 - 2017-05-20 07:58 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-06-14 08:19 - 2017-05-20 07:58 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-06-14 08:19 - 2017-05-20 07:54 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-06-14 08:19 - 2017-05-20 07:54 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-06-14 08:19 - 2017-05-20 07:52 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-06-14 08:19 - 2017-05-20 07:52 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-06-14 08:19 - 2017-05-20 07:50 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-06-14 08:18 - 2017-06-03 12:15 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 08:18 - 2017-06-03 12:15 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 08:18 - 2017-06-03 12:15 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 08:18 - 2017-06-03 12:14 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-14 08:18 - 2017-06-03 12:14 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-14 08:18 - 2017-06-03 12:10 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 08:18 - 2017-06-03 12:09 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 08:18 - 2017-06-03 12:08 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-14 08:18 - 2017-06-03 12:07 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-14 08:18 - 2017-06-03 12:02 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 08:18 - 2017-06-03 12:01 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-06-14 08:18 - 2017-06-03 12:00 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-06-14 08:18 - 2017-06-03 12:00 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-06-14 08:18 - 2017-06-03 11:58 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 08:18 - 2017-06-03 11:58 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-06-14 08:18 - 2017-06-03 11:58 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-06-14 08:18 - 2017-06-03 11:57 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 02228120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 01693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 01458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 00848288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 00846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-06-14 08:18 - 2017-06-03 11:56 - 00844696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 00697760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 00672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 00399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-06-14 08:18 - 2017-06-03 11:14 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 08:18 - 2017-06-03 11:14 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-06-14 08:18 - 2017-06-03 11:14 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-06-14 08:18 - 2017-06-03 11:14 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 08:18 - 2017-06-03 11:11 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-14 08:18 - 2017-06-03 11:10 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-06-14 08:18 - 2017-06-03 11:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-14 08:18 - 2017-06-03 11:07 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-06-14 08:18 - 2017-06-03 11:07 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-06-14 08:18 - 2017-06-03 11:06 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-06-14 08:18 - 2017-06-03 11:05 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 08:18 - 2017-06-03 11:05 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-06-14 08:18 - 2017-06-03 11:04 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 08:18 - 2017-06-03 11:04 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-06-14 08:18 - 2017-06-03 11:03 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-06-14 08:18 - 2017-06-03 11:01 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-06-14 08:18 - 2017-06-03 11:01 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-06-14 08:18 - 2017-06-03 10:59 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-14 08:18 - 2017-06-03 10:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 08:18 - 2017-06-03 10:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-14 08:18 - 2017-06-03 10:59 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 08:18 - 2017-06-03 10:58 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-06-14 08:18 - 2017-06-03 10:58 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 08:18 - 2017-06-03 10:57 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-14 08:18 - 2017-06-03 10:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-06-14 08:18 - 2017-06-03 10:57 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 08:18 - 2017-06-03 10:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-06-14 08:18 - 2017-05-20 10:29 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-06-14 08:18 - 2017-05-20 09:08 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-06-14 08:18 - 2017-05-20 09:08 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-14 08:18 - 2017-05-20 08:59 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-06-14 08:18 - 2017-05-20 08:56 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-06-14 08:18 - 2017-05-20 08:56 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-06-14 08:18 - 2017-05-20 08:56 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-06-14 08:18 - 2017-05-20 08:55 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-06-14 08:18 - 2017-05-20 08:55 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-06-14 08:18 - 2017-05-20 08:55 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-14 08:18 - 2017-05-20 08:55 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-06-14 08:18 - 2017-05-20 08:53 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-06-14 08:18 - 2017-05-20 08:53 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-14 08:18 - 2017-05-20 08:53 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-06-14 08:18 - 2017-05-20 08:53 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-06-14 08:18 - 2017-05-20 08:51 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-06-14 08:18 - 2017-05-20 08:10 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-06-14 08:18 - 2017-05-20 08:10 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-06-14 08:18 - 2017-05-20 08:10 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-06-14 08:18 - 2017-05-20 08:10 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-06-14 08:18 - 2017-05-20 08:09 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-06-14 08:18 - 2017-05-20 08:09 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-06-14 08:18 - 2017-05-20 08:09 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-06-14 08:18 - 2017-05-20 08:08 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-06-14 08:18 - 2017-05-20 08:08 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-06-14 08:18 - 2017-05-20 08:06 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-06-14 08:18 - 2017-05-20 08:06 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-06-14 08:18 - 2017-05-20 08:05 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-06-14 08:18 - 2017-05-20 08:05 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-06-14 08:18 - 2017-05-20 08:03 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-06-14 08:18 - 2017-05-20 08:03 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-06-14 08:18 - 2017-05-20 08:03 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-06-14 08:18 - 2017-05-20 08:03 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-06-14 08:18 - 2017-05-20 08:03 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-06-14 08:18 - 2017-05-20 08:02 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-06-14 08:18 - 2017-05-20 08:02 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-06-14 08:18 - 2017-05-20 08:00 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-06-14 08:18 - 2017-05-20 08:00 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-06-14 08:18 - 2017-05-20 08:00 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-06-14 08:18 - 2017-05-20 07:58 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-06-14 08:18 - 2017-05-20 07:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-06-14 08:18 - 2017-05-20 07:57 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-06-14 08:18 - 2017-05-20 07:56 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-06-14 08:18 - 2017-05-20 07:56 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-06-14 08:18 - 2017-05-20 07:55 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-06-14 08:18 - 2017-05-20 07:55 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-06-14 08:18 - 2017-05-20 07:55 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-06-14 08:18 - 2017-05-20 07:55 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-06-14 08:18 - 2017-05-20 07:54 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-06-14 08:18 - 2017-05-20 07:54 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-06-14 08:18 - 2017-05-20 07:54 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-06-14 08:18 - 2017-05-20 07:52 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-06-14 08:18 - 2017-05-20 07:52 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-06-14 08:18 - 2017-05-20 07:51 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-06-14 08:18 - 2017-05-20 07:51 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-06-14 08:18 - 2017-05-20 07:50 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-06-14 08:18 - 2017-05-20 07:48 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-06-14 08:18 - 2017-05-20 07:48 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-06-14 08:18 - 2017-05-20 07:47 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-06-14 08:18 - 2017-05-20 07:47 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 39860744 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 38903336 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 34823400 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 33470408 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 29101512 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 19861456 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 15477928 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 13483144 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 11748304 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 08734672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 05683664 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 05262800 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 04931024 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 04368848 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 04268480 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 04240160 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 03972048 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 02393112 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01858584 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01816664 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01814008 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01590736 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01178576 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01023928 _____ C:\WINDOWS\system32\igfxSDK.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00968112 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00964528 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00704976 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00466872 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00448952 _____ (Intel Corporation) C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00438736 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00416208 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00401848 _____ C:\WINDOWS\system32\igfxTray.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00389584 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00388560 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00354232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00318416 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00312248 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00301496 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00297112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00273360 _____ C:\WINDOWS\system32\igfxCPL.cpl
2017-06-12 01:56 - 2017-06-12 01:56 - 00268216 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00266192 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00242104 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00236472 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00232376 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00231864 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00225232 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00222680 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00220112 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4642.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00205304 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00192976 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00183928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00182904 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00181784 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00175032 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00173520 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00160216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00160208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00111568 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00103888 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00103376 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00100816 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00099792 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00095184 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00084944 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00052688 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00029136 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00029136 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00027600 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00027600 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00022480 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00022480 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2017-06-11 22:49 - 2017-06-11 22:49 - 00004862 _____ C:\WINDOWS\system32\iglhxs64.vp
2017-06-06 10:30 - 2017-07-04 09:00 - 00000000 ____D C:\Users\**** *******\Desktop\EcADEMY

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-05 07:25 - 2017-04-13 09:48 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-05 06:36 - 2015-02-14 17:23 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-07-04 15:49 - 2016-11-20 16:25 - 00000000 ____D C:\Users\**** *******\AppData\LocalLow\Mozilla
2017-07-04 15:47 - 2017-04-13 09:54 - 02452624 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-04 15:47 - 2017-03-20 06:41 - 01085186 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-04 15:47 - 2017-03-20 06:41 - 00252752 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-04 15:47 - 2015-02-14 15:53 - 00000000 ___RD C:\Users\**** *******\Google Drive
2017-07-04 15:46 - 2016-07-30 11:27 - 00000000 ___RD C:\Users\**** *******\OneDrive
2017-07-04 15:44 - 2017-04-13 09:53 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-07-04 15:43 - 2015-11-30 10:17 - 00000000 ____D C:\Temp
2017-07-04 15:42 - 2017-04-13 10:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-04 15:40 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-07-04 15:38 - 2017-04-13 09:55 - 00000000 ____D C:\Users\**** *******
2017-07-04 15:38 - 2015-05-11 08:40 - 00000000 ____D C:\Users\**** *******\AppData\LocalLow\Temp
2017-07-04 15:21 - 2017-04-13 10:55 - 00000000 ____D C:\Users\**** *******\AppData\Local\Deployment
2017-07-04 13:49 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-04 13:49 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-04 09:19 - 2017-04-13 09:55 - 00000000 ____D C:\Users\DefaultAppPool
2017-07-04 09:19 - 2017-04-13 09:55 - 00000000 ____D C:\Users\Arbeit
2017-07-04 09:03 - 2017-05-11 19:20 - 919534112 _____ C:\WINDOWS\MEMORY.DMP
2017-07-04 09:03 - 2017-05-11 19:20 - 00000000 ____D C:\WINDOWS\Minidump
2017-07-04 08:57 - 2015-02-02 14:41 - 00000000 ____D C:\Users\**** *******\AppData\Local\Packages
2017-07-04 07:41 - 2015-02-02 14:43 - 00000000 ____D C:\ProgramData\Energy Manager
2017-07-03 22:15 - 2015-03-18 22:10 - 00000000 ____D C:\AdwCleaner
2017-07-03 22:11 - 2015-02-13 18:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-03 11:45 - 2015-02-14 00:02 - 00000000 ____D C:\Users\**** *******\Pictures\Documents\Steuerfälle
2017-06-29 13:52 - 2016-10-23 17:35 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-29 08:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-28 16:04 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-28 15:10 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-28 07:30 - 2015-09-14 17:49 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-06-27 15:28 - 2016-11-22 15:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-06-27 14:51 - 2017-04-13 09:53 - 00000000 ____D C:\Program Files\DisplayLink Core Software
2017-06-23 17:54 - 2016-08-23 18:06 - 00000000 ___RD C:\Users\**** *******\Dropbox
2017-06-23 16:08 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-23 16:07 - 2015-02-13 17:54 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-06-21 11:31 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-06-20 11:59 - 2017-04-13 09:53 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-06-18 10:47 - 2015-02-02 14:51 - 00000000 ____D C:\Users\**** *******\AppData\Local\Adobe
2017-06-18 09:04 - 2017-04-13 10:25 - 00004654 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-06-18 09:03 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-18 09:03 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-15 18:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-06-14 19:12 - 2016-07-30 10:53 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-14 19:07 - 2017-04-13 09:48 - 00339512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-14 19:06 - 2015-02-02 18:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-14 19:06 - 2015-02-02 18:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-06-14 16:48 - 2015-02-02 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-14 16:45 - 2015-02-02 17:42 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 16:36 - 2015-02-02 17:42 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 16:12 - 2016-07-30 11:15 - 00000000 __SHD C:\Users\**** *******\IntelGraphicsProfiles
2017-06-13 20:36 - 2015-06-17 13:08 - 00000000 ____D C:\Users\**** *******\AppData\Local\Dropbox
2017-06-12 01:56 - 2017-04-13 09:53 - 00099792 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-06-12 01:56 - 2017-03-20 06:43 - 00103888 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2017-06-12 01:56 - 2016-11-02 00:06 - 13071112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2017-06-12 01:56 - 2016-11-02 00:06 - 06693096 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2017-06-12 01:56 - 2016-11-02 00:06 - 05137760 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2017-06-12 01:56 - 2016-11-02 00:06 - 00055192 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2017-06-12 01:56 - 2016-11-02 00:05 - 16456200 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2017-06-12 01:56 - 2016-11-02 00:05 - 07970232 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2017-06-12 01:56 - 2016-11-02 00:05 - 02141648 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2017-06-12 01:56 - 2016-11-02 00:05 - 00755152 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2017-06-12 01:56 - 2016-11-02 00:05 - 00398288 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2017-06-12 01:56 - 2016-11-02 00:05 - 00373688 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2017-06-12 01:56 - 2016-11-02 00:05 - 00254928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-01-24 18:25 - 2017-01-30 15:11 - 0002325 _____ () C:\Users\**** *******\AppData\Roaming\com.living-e.timeEdition.plist
2015-07-15 18:11 - 2015-07-15 18:11 - 0000151 _____ () C:\Users\**** *******\AppData\Roaming\dllreg.bat
2015-11-21 17:26 - 2015-11-21 17:27 - 0598586 _____ () C:\Users\**** *******\AppData\Roaming\Scorch_Install.log
2015-04-02 22:28 - 2017-05-19 17:14 - 0005120 _____ () C:\Users\**** *******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-06 12:44 - 2015-12-06 12:44 - 0001525 _____ () C:\Users\**** *******\AppData\Local\recently-used.xbel
2015-02-14 09:11 - 2015-02-14 09:11 - 0000057 _____ () C:\ProgramData\Ament.ini
2017-04-13 09:51 - 2017-04-13 09:51 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-06-26 14:14

==================== Ende von FRST.txt ============================
         
Und hier HitMan Pro
Code:
ATTFilter
Code:
ATTFilter
HitmanPro 3.7.20.286
www.hitmanpro.com

   Computer name . . . . : J*******-MOBIL
   Windows . . . . . . . : 10.0.0.15063.X64/4
   User name . . . . . . : J*******-mobil\**** *******
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-07-04 15:51:39
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 21m 50s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 7

   Objects scanned . . . : 2.934.919
   Files scanned . . . . : 159.708
   Remnants scanned  . . : 962.345 files / 1.812.866 keys

Suspicious files ____________________________________________________________

   C:\Users\**** *******\Desktop\Troj\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.435.584 bytes
      Age  . . . . . . . : 8.3 days (2017-06-26 08:48:17)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : EEB86294D4428CF1671E2227DA8D3C5C68F7BB15FC7FD78E87F3973C31D46F8A
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 23.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\**** *******\Desktop\Troj\FRST64.exe
      Size . . . . . . . : 2.436.096 bytes
      Age  . . . . . . . : 0.7 days (2017-07-03 22:50:55)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 87597C22EE9977C3EDB02CC48894C109CBF328E4E107E9227488167D0D651D86
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\**** *******\Desktop\Troj\FRST64.exe
          0.5s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{07684CF8-64AC-4EB0-8170-772BF90F0D98}

   C:\Users\**** *******\Dropbox (QS)\Team-Ordner „QS“\ChemikantProfessional\01_Arbeitsordner\VonCurrenta\Arbeitsordner CHK-VT-Ch\Medien\ELCH\Modul 1 - Betriebsanalytik\medien\1_Chromatographie\2_Gaschromatographie\LernModul\2014_WBT_ELCH_Gaschromatographie_deut.exe
      Size . . . . . . . : 9.513.839 bytes
      Age  . . . . . . . : 299.2 days (2016-09-08 11:08:50)
      Entropy  . . . . . : 7.0
      SHA-256  . . . . . : AFC5825569FD0D80024A5BDF1F7872F86CB660D71D3B7658C062568D574856F4
      Product  . . . . . : Shockwave Flash
      Publisher  . . . . : Adobe Systems, Inc.
      Description  . . . : Adobe Flash Player 11.4 r402
      Version  . . . . . : 11,4,402,278
      Copyright  . . . . : Adobe® Flash® Player. Copyright © 1996 Adobe Systems Incorporated. All Rights Reserved. Adobe and Flash are either trademarks or registered trademarks in the United States and/or other countries.
      LanguageID . . . . : 1033
      Fuzzy  . . . . . . : 22.0
         The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.

   C:\Users\**** *******\Dropbox (QS)\Team-Ordner „QS“\ChemikantProfessional\01_Arbeitsordner\VonCurrenta\Arbeitsordner CHK-VT-Ch\Medien\ELCH\Modul 2 - Trennprozesse\medien\content\Trennprozesse\ElchGame_Filtration\Lernmodul_Spiel_Filtration\resources\dats_kg\action\game.exe
      Size . . . . . . . : 2.474.395 bytes
      Age  . . . . . . . : 299.2 days (2016-09-08 11:16:29)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : 001883F446FF4575D4102CAA2D3E3CE510C9EB72FD3AD6674ADC6EA22A9C4DEA
      Product  . . . . . : Flying Elch
      Publisher  . . . . : Provadis GmbH
      Description  . . . : Flying Elch
      Version  . . . . . : 2.5.0.25
      LanguageID . . . . : 2057
      Fuzzy  . . . . . . : 28.0
         The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.

   C:\Users\**** *******\Dropbox (QS)\Team-Ordner „QS“\ChemikantProfessional\01_Arbeitsordner\VonCurrenta\Arbeitsordner CHK-VT-Ch\Medien\ELCH\Modul 2 - Trennprozesse\medien\content\Trennprozesse\ElchGame_Thermisches_Trennen\Lernmodul_Spiel_Thermisches_Trennen\KnowQuiz.exe
      Size . . . . . . . : 4.701.210 bytes
      Age  . . . . . . . : 299.2 days (2016-09-08 11:17:23)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : 9A3970D5CB20A291D20F4B140C4432BBA898805CF00B6C3F53B8E24736B38485
      Product  . . . . . : FIT² KnowQuiz                       
      Publisher  . . . . : Provadis GmbH                       
      Description  . . . : FIT² KnowQuiz                       
      Version  . . . . . : 3.0.0.0
      LanguageID . . . . : 2057
      Fuzzy  . . . . . . : 23.0
         The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.

   C:\Users\**** *******\Dropbox (QS)\Team-Ordner „QS“\ChemikantProfessional\01_Arbeitsordner\VonCurrenta\Arbeitsordner CHK-VT-Ch\Medien\ELCH\Modul 5 - Qualitaetssicherung\medien\content\Qualitaetssicherung\ElchGame_Qualitaet\Lernmodul_Spiel_Qualitaet\KnowQuiz.exe
      Size . . . . . . . : 4.701.210 bytes
      Age  . . . . . . . : 299.2 days (2016-09-08 11:33:00)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : 9A3970D5CB20A291D20F4B140C4432BBA898805CF00B6C3F53B8E24736B38485
      Product  . . . . . : FIT² KnowQuiz                       
      Publisher  . . . . : Provadis GmbH                       
      Description  . . . : FIT² KnowQuiz                       
      Version  . . . . . : 3.0.0.0
      LanguageID . . . . : 2057
      Fuzzy  . . . . . . : 23.0
         The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.

   C:\Users\**** *******\Dropbox (QS)\Team-Ordner „QS“\ChemikantProfessional\01_Arbeitsordner\VonCurrenta\Arbeitsordner CHK-VT-Ch\Medien\ELCH\Modul 5 - Qualitaetssicherung\medien\content\Qualitaetssicherung\Qualitaetssicherung\Lernmodul_Qualitaetssicherung\fitq_course.exe
      Size . . . . . . . : 4.684.651 bytes
      Age  . . . . . . . : 299.2 days (2016-09-08 11:34:18)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : 11A3B556C1169747331FE567F27CA33D81FEEABCB8A740A076342EB76B8E3EAA
      Product  . . . . . : fitq_course                         
      Publisher  . . . . : Provadis GmbH                       
      Description  . . . : FITq Kursanzeige                    
      Version  . . . . . : 3.0.0.0
      LanguageID . . . . : 2057
      Fuzzy  . . . . . . : 23.0
         The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         
Sowie die Eset-Datei - das hat aber wirkluich lange gebraucht ))
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1a6f061f4584464984b37b70569f47a9
# end=init
# utc_time=2017-07-04 02:19:19
# local_time=2017-07-04 04:19:19 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 33943
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1a6f061f4584464984b37b70569f47a9
# end=updated
# utc_time=2017-07-04 02:22:41
# local_time=2017-07-04 04:22:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=1a6f061f4584464984b37b70569f47a9
# engine=33943
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-07-04 06:53:28
# local_time=2017-07-04 08:53:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Kaspersky Total Security'
# compatibility_mode=1312 67108861 100 100 18137 32128542 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 18111 9327404 0 0
# scanned=382191
# found=0
# cleaned=0
# scan_time=16247
         

Alt 05.07.2017, 13:01   #14
JoeS2013
 
Dummerweise auf einen Link geklickt in Mail - Standard

Dummerweise auf einen Link geklickt in Mail



Und hier die FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-07-2017
durchgeführt von **** ******* (Administrator) auf J*******-MOBIL (05-07-2017 07:28:39)
Gestartet von C:\Users\**** *******\Desktop\Troj
Geladene Profile: **** ******* & Arbeit & DefaultAppPool (Verfügbare Profile: **** ******* & Arbeit & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Pulse Secure, LLC) C:\Program Files (x86)\Pulse Secure\Common Files\dsNcService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
(ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(Lenovo Group Limited) C:\Program Files\lenovo\Communications Utility\CamMute.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Lenovo Group Limited) C:\Program Files\lenovo\Communications Utility\vcamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Lenovo Group Limited) C:\Program Files\lenovo\Communications Utility\TPKNRSVC.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AVM GmbH) C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
() C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo Group Limited) C:\Program Files\lenovo\Communications Utility\TpKnrres.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
() C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Users\**** *******\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
(Microsoft Corporation) C:\Users\**** *******\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401848 2017-06-12] ()
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [297008 2014-01-28] (Lenovo Group Limited)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-08-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10843120 2014-08-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [588424 2015-08-03] (ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-06-26] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23819304 2017-03-21] (Google)
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1623287776-416804053-2603140408-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ThinkPad OneLink Dock Management.lnk [2014-08-04]
ShortcutTarget: ThinkPad OneLink Dock Management.lnk -> C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe ()
Startup: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2016-12-13]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
Startup: C:\Users\**** *******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - .lnk [2016-12-13]
ShortcutTarget: Tintenwarnungen überwachen - .lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.176.1
Tcpip\..\Interfaces\{48848a52-8936-4984-aba3-4511c7c714c9}: [DhcpNameServer] 192.168.176.1
Tcpip\..\Interfaces\{49db7834-e303-4579-bd61-2e097c8da28e}: [DhcpNameServer] 192.168.176.1
Tcpip\..\Interfaces\{5fd2148b-391c-4bad-97c3-ac67867c9c14}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{61978f6b-de49-4064-a6c2-accb5c2cd825}: [DhcpNameServer] 10.8.108.1 10.8.108.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-1623287776-416804053-2603140408-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1623287776-416804053-2603140408-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1623287776-416804053-2603140408-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1623287776-416804053-2603140408-1000 -> {C0B3AF33-4238-4F73-BA03-8D4401835099} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-09] (AO Kaspersky Lab)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2017-04-11] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-27] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2017-03-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2017-03-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-27] (Oracle Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2016-12-09] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-27] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-09] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2016-12-09] (AO Kaspersky Lab)
DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: d27fells.default-1458306383649
FF ProfilePath: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1623287776-416804053-2603140408-1000\FireFox [nicht gefunden] <==== ACHTUNG
FF DefaultProfile: 8prope9g.default
FF ProfilePath: C:\Users\**** *******\AppData\Roaming\Mozilla\Firefox\Profiles\d27fells.default-1458306383649 [2017-07-05]
FF user.js: detected! => C:\Users\**** *******\AppData\Roaming\Mozilla\Firefox\Profiles\d27fells.default-1458306383649\user.js [2016-03-18]
FF Extension: (anonymoX) - C:\Users\**** *******\AppData\Roaming\Mozilla\Firefox\Profiles\d27fells.default-1458306383649\Extensions\client@anonymox.net.xpi [2017-06-21]
FF Extension: (Adblock Plus) - C:\Users\**** *******\AppData\Roaming\Mozilla\Firefox\Profiles\d27fells.default-1458306383649\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (BetterPrivacy) - C:\Users\**** *******\AppData\Roaming\Mozilla\Firefox\Profiles\d27fells.default-1458306383649\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2016-11-01]
FF ProfilePath: C:\Users\**** *******\AppData\Roaming\CLIQZ\Profiles\8prope9g.default [2016-03-19]
FF Extension: (Cliqz) - C:\Users\**** *******\AppData\Roaming\CLIQZ\Profiles\8prope9g.default\Extensions\cliqz@cliqz.com.xpi [2016-03-10] [ist nicht signiert]
FF SearchPlugin: C:\Users\**** *******\AppData\Roaming\CLIQZ\Profiles\8prope9g.default\searchplugins\google-images.xml [2016-03-08]
FF SearchPlugin: C:\Users\**** *******\AppData\Roaming\CLIQZ\Profiles\8prope9g.default\searchplugins\google-maps.xml [2016-03-08]
FF SearchPlugin: C:\Users\**** *******\AppData\Roaming\CLIQZ\Profiles\8prope9g.default\searchplugins\youtube.xml [2016-03-08]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-09]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_126.dll [2017-06-15] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-27] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_126.dll [2017-06-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-27] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\**** *******\AppData\Roaming\mozilla\plugins\npatgpc.dll [2016-04-22] (Cisco WebEx LLC)

Chrome: 
=======
CHR Profile: C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default [2017-07-04]
CHR Extension: (Google Präsentationen) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-28]
CHR Extension: (Google Docs) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-28]
CHR Extension: (Google Drive) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-28]
CHR Extension: (YouTube) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-28]
CHR Extension: (Google-Suche) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-28]
CHR Extension: (Google Tabellen) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-28]
CHR Extension: (Kaspersky Protection) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-01-28]
CHR Extension: (Google Docs Offline) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-29]
CHR Extension: (Save to Pocket) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2017-06-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Google Mail) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-28]
CHR Extension: (Chrome Media Router) - C:\Users\**** *******\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-30]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1623287776-416804053-2603140408-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

Opera: 
=======
OPR StartupUrls:  "hxxp://www.google.de/" 

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AVMPowerlineService; C:\Program Files (x86)\FRITZ!Powerline\PowerlineService.exe [139264 2014-05-21] (AVM GmbH) [Datei ist nicht signiert]
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042544 2017-03-14] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-24] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-06-26] (Dropbox, Inc.)
R2 dsNcService; C:\Program Files (x86)\Pulse Secure\Common Files\dsNcService.exe [690128 2016-08-26] (Pulse Secure, LLC)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373688 2017-06-12] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [198704 2014-01-28] (Lenovo Group Limited)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-08-04] (Lenovo(beijing) Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [116632 2012-07-17] ()
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-12-24] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R0 CSCrySec; C:\WINDOWS\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\WINDOWS\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
R3 dlcdcncm; C:\WINDOWS\System32\drivers\dlcdcncm62_x64.sys [92400 2017-05-29] (DisplayLink Corp.)
R3 dlusbaudio; C:\WINDOWS\system32\DRIVERS\dlusbaudio_x64.sys [238320 2017-05-29] (DisplayLink Corp.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-06-27] ()
R0 gfibto; C:\WINDOWS\System32\drivers\gfibto.sys [14456 2016-05-19] (GFI Software)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197336 2017-04-12] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [520176 2017-04-12] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [168736 2017-06-30] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1018592 2017-04-12] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2017-04-13] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-04-29] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-03-14] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251656 2017-04-29] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-04-29] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-04-29] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-15] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-03-15] (AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188352 2017-07-03] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [101784 2017-07-04] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-07-04] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-04] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-07-05] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [290520 2013-09-24] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek                                            )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-24] (Sonix Co. Ltd.)
R3 tvtvcamd; C:\WINDOWS\system32\DRIVERS\tvtvcamd.sys [27432 2013-09-26] (ThinkVantage Communications Utility)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\System32\DRIVERS\wsvd.sys [101840 2012-07-05] ("CyberLink)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-04 16:52 - 2017-07-04 16:57 - 06138396 _____ C:\Users\**** *******\Desktop\Repetitorium-3aufl-20170704c.pdf
2017-07-04 16:19 - 2017-07-04 16:19 - 00000000 ____D C:\Program Files (x86)\ESET
2017-07-04 16:18 - 2017-07-04 16:18 - 02870984 _____ (ESET) C:\Users\**** *******\Desktop\esetsmartinstaller_deu.exe
2017-07-04 15:51 - 2017-07-04 16:15 - 00000000 ____D C:\ProgramData\HitmanPro
2017-07-04 15:50 - 2017-07-04 15:50 - 11584088 _____ (SurfRight B.V.) C:\Users\**** *******\Desktop\HitmanPro_x64.exe
2017-07-04 14:14 - 2017-07-04 14:23 - 00000000 ____D C:\Users\**** *******\Desktop\Freigabedatei
2017-07-04 12:47 - 2017-07-04 12:52 - 07598223 _____ C:\Users\**** *******\Desktop\Repetitorium-3aufl-20170704.pdf
2017-07-04 09:03 - 2017-07-04 09:07 - 01637212 _____ C:\WINDOWS\Minidump\070417-32375-01.dmp
2017-07-04 08:25 - 2017-07-04 08:25 - 00000000 ____D C:\Users\**** *******\Desktop\zerspaner - geteilte PPT
2017-07-04 08:13 - 2017-07-04 08:13 - 00000000 ____D C:\Users\**** *******\Desktop\Planen
2017-07-04 08:10 - 2017-07-04 08:10 - 00000000 ____D C:\Users\**** *******\Desktop\Fatal Schwach - Friends Of Gas
2017-07-04 07:38 - 2017-07-04 07:38 - 00000000 ___HD C:\OneDriveTemp
2017-07-03 22:36 - 2017-07-03 22:36 - 00188352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-07-03 22:35 - 2017-07-05 04:52 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-07-03 22:35 - 2017-07-04 15:43 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-03 22:35 - 2017-07-04 15:43 - 00101784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-07-03 22:35 - 2017-07-04 15:43 - 00045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-07-03 22:35 - 2017-07-03 22:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-03 22:35 - 2017-07-03 22:35 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-03 22:35 - 2017-07-03 22:35 - 00000000 ____D C:\Program Files\Malwarebytes
2017-07-03 22:35 - 2017-06-27 12:06 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-03 13:49 - 2017-07-03 13:49 - 00655570 _____ C:\Users\**** *******\Desktop\Rock-den-Grill_2017_DL_Web.pdf
2017-07-03 09:10 - 2017-07-03 09:11 - 06900079 _____ C:\Users\**** *******\Desktop\20150424-091422Der-Lieserpfad-von-der-Quelle-bis-zur-Muendung-tour-de.pdf
2017-07-03 07:52 - 2017-07-05 07:28 - 00000000 ____D C:\Users\**** *******\Desktop\Troj
2017-07-01 17:09 - 2017-07-01 17:21 - 00304100 _____ C:\TDSSKiller.3.1.0.15_01.07.2017_17.09.32_log.txt
2017-06-30 11:09 - 2017-07-03 22:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-29 12:06 - 2017-06-29 12:06 - 01576226 _____ C:\Users\**** *******\Desktop\592fcecac2144_wdp-185-barrierefrei_urn.pdf
2017-06-28 15:07 - 2017-06-28 15:07 - 01574460 _____ C:\WINDOWS\Minidump\062817-30593-01.dmp
2017-06-28 12:12 - 2017-06-28 12:12 - 02951541 _____ C:\Users\**** *******\Desktop\Preparatory Programming - Turning_RJ 2017-02-07_070317_MZS.PDF
2017-06-28 12:11 - 2017-06-28 12:11 - 00729720 _____ C:\Users\**** *******\Desktop\Beispielfragen ELEK PV_Umsetzung in App.pdf
2017-06-28 07:29 - 2017-06-28 07:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-06-26 12:27 - 2017-06-26 12:27 - 00049992 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-06-26 12:27 - 2017-06-26 12:27 - 00045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-06-26 08:50 - 2017-07-05 07:28 - 00000000 ____D C:\FRST
2017-06-24 14:18 - 2017-06-24 14:21 - 26435280 _____ (Microsoft Corporation) C:\Users\**** *******\Downloads\OneDriveSetup.exe
2017-06-23 12:12 - 2017-06-23 12:12 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2017-06-20 22:02 - 2017-06-20 22:02 - 00000000 ____D C:\Users\**** *******\Desktop\Herole
2017-06-18 16:44 - 2017-06-18 16:44 - 00230567 _____ C:\Users\**** *******\Desktop\Wirtschaftspsychologie 12.06..pdf
2017-06-14 08:19 - 2017-06-03 12:09 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-06-14 08:19 - 2017-06-03 12:07 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 08:19 - 2017-06-03 12:00 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-06-14 08:19 - 2017-06-03 11:59 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-14 08:19 - 2017-06-03 11:59 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-14 08:19 - 2017-06-03 11:59 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-14 08:19 - 2017-06-03 11:59 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-06-14 08:19 - 2017-06-03 11:58 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-06-14 08:19 - 2017-06-03 11:55 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 08:19 - 2017-06-03 11:36 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-06-14 08:19 - 2017-06-03 11:35 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-14 08:19 - 2017-06-03 11:28 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 08:19 - 2017-06-03 11:26 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-06-14 08:19 - 2017-06-03 11:23 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-14 08:19 - 2017-06-03 11:23 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-06-14 08:19 - 2017-06-03 11:23 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-06-14 08:19 - 2017-06-03 11:21 - 01516448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-06-14 08:19 - 2017-06-03 11:20 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-14 08:19 - 2017-06-03 11:14 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-06-14 08:19 - 2017-06-03 11:12 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 08:19 - 2017-06-03 11:11 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-14 08:19 - 2017-06-03 11:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-14 08:19 - 2017-06-03 11:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 08:19 - 2017-06-03 11:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-14 08:19 - 2017-06-03 11:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 08:19 - 2017-06-03 11:10 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 08:19 - 2017-06-03 11:10 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 08:19 - 2017-06-03 11:09 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 08:19 - 2017-06-03 11:09 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-06-14 08:19 - 2017-06-03 11:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-14 08:19 - 2017-06-03 11:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 08:19 - 2017-06-03 11:07 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 08:19 - 2017-06-03 11:07 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-14 08:19 - 2017-06-03 11:05 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-14 08:19 - 2017-06-03 11:05 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-06-14 08:19 - 2017-06-03 11:05 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-06-14 08:19 - 2017-06-03 11:04 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 08:19 - 2017-06-03 11:03 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-14 08:19 - 2017-06-03 11:03 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-06-14 08:19 - 2017-06-03 11:02 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 08:19 - 2017-06-03 11:00 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 08:19 - 2017-06-03 11:00 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 08:19 - 2017-06-03 11:00 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-14 08:19 - 2017-06-03 10:59 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 08:19 - 2017-06-03 10:59 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-14 08:19 - 2017-06-03 10:59 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 08:19 - 2017-06-03 10:59 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 08:19 - 2017-06-03 10:59 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-06-14 08:19 - 2017-06-03 10:58 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 08:19 - 2017-06-03 10:58 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-06-14 08:19 - 2017-06-03 10:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-06-14 08:19 - 2017-06-03 10:58 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 08:19 - 2017-06-03 10:57 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-06-14 08:19 - 2017-06-03 10:57 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-06-14 08:19 - 2017-06-03 10:57 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-06-14 08:19 - 2017-06-03 10:57 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-14 08:19 - 2017-06-03 10:56 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-14 08:19 - 2017-06-03 10:55 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-14 08:19 - 2017-06-03 10:55 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-14 08:19 - 2017-06-03 10:55 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-14 08:19 - 2017-06-03 10:54 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-14 08:19 - 2017-06-03 10:54 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-06-14 08:19 - 2017-06-03 10:54 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-06-14 08:19 - 2017-06-03 10:53 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-06-14 08:19 - 2017-05-20 11:13 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-06-14 08:19 - 2017-05-20 10:55 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-06-14 08:19 - 2017-05-20 10:48 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-06-14 08:19 - 2017-05-20 10:47 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-06-14 08:19 - 2017-05-20 10:46 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-06-14 08:19 - 2017-05-20 10:46 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-06-14 08:19 - 2017-05-20 10:46 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-06-14 08:19 - 2017-05-20 10:45 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-14 08:19 - 2017-05-20 10:44 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-06-14 08:19 - 2017-05-20 10:44 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-06-14 08:19 - 2017-05-20 10:43 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-06-14 08:19 - 2017-05-20 10:29 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-06-14 08:19 - 2017-05-20 10:27 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-06-14 08:19 - 2017-05-20 10:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-06-14 08:19 - 2017-05-20 10:26 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-06-14 08:19 - 2017-05-20 10:26 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-06-14 08:19 - 2017-05-20 10:25 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-06-14 08:19 - 2017-05-20 10:25 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-06-14 08:19 - 2017-05-20 10:24 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-06-14 08:19 - 2017-05-20 10:23 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-06-14 08:19 - 2017-05-20 10:22 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-06-14 08:19 - 2017-05-20 10:22 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-06-14 08:19 - 2017-05-20 10:22 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-06-14 08:19 - 2017-05-20 10:21 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-06-14 08:19 - 2017-05-20 10:21 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-06-14 08:19 - 2017-05-20 10:21 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-06-14 08:19 - 2017-05-20 10:20 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-06-14 08:19 - 2017-05-20 10:20 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-06-14 08:19 - 2017-05-20 10:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-06-14 08:19 - 2017-05-20 10:20 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-06-14 08:19 - 2017-05-20 10:19 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-06-14 08:19 - 2017-05-20 10:18 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-06-14 08:19 - 2017-05-20 10:17 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-06-14 08:19 - 2017-05-20 10:17 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-06-14 08:19 - 2017-05-20 10:17 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-06-14 08:19 - 2017-05-20 10:17 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-06-14 08:19 - 2017-05-20 10:16 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-06-14 08:19 - 2017-05-20 10:16 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-06-14 08:19 - 2017-05-20 10:16 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-06-14 08:19 - 2017-05-20 10:16 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-06-14 08:19 - 2017-05-20 10:15 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-06-14 08:19 - 2017-05-20 10:14 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-06-14 08:19 - 2017-05-20 10:14 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-06-14 08:19 - 2017-05-20 10:14 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-06-14 08:19 - 2017-05-20 10:14 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-06-14 08:19 - 2017-05-20 10:14 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-06-14 08:19 - 2017-05-20 10:11 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-06-14 08:19 - 2017-05-20 10:10 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-06-14 08:19 - 2017-05-20 10:10 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-06-14 08:19 - 2017-05-20 10:10 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-06-14 08:19 - 2017-05-20 10:08 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-06-14 08:19 - 2017-05-20 09:07 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-14 08:19 - 2017-05-20 09:03 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-06-14 08:19 - 2017-05-20 08:58 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-14 08:19 - 2017-05-20 08:55 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-06-14 08:19 - 2017-05-20 08:55 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-06-14 08:19 - 2017-05-20 08:54 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-06-14 08:19 - 2017-05-20 08:54 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-14 08:19 - 2017-05-20 08:54 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-06-14 08:19 - 2017-05-20 08:53 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-06-14 08:19 - 2017-05-20 08:52 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-06-14 08:19 - 2017-05-20 08:52 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-06-14 08:19 - 2017-05-20 08:51 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-06-14 08:19 - 2017-05-20 08:51 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-06-14 08:19 - 2017-05-20 08:51 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-06-14 08:19 - 2017-05-20 08:51 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-06-14 08:19 - 2017-05-20 08:48 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-06-14 08:19 - 2017-05-20 08:10 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-06-14 08:19 - 2017-05-20 08:08 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-06-14 08:19 - 2017-05-20 08:07 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-06-14 08:19 - 2017-05-20 08:07 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-06-14 08:19 - 2017-05-20 08:07 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-06-14 08:19 - 2017-05-20 08:06 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-06-14 08:19 - 2017-05-20 08:03 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-06-14 08:19 - 2017-05-20 08:01 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-06-14 08:19 - 2017-05-20 08:00 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-06-14 08:19 - 2017-05-20 08:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-06-14 08:19 - 2017-05-20 07:59 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-06-14 08:19 - 2017-05-20 07:58 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-06-14 08:19 - 2017-05-20 07:58 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-06-14 08:19 - 2017-05-20 07:58 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-06-14 08:19 - 2017-05-20 07:58 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-06-14 08:19 - 2017-05-20 07:54 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-06-14 08:19 - 2017-05-20 07:54 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-06-14 08:19 - 2017-05-20 07:52 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-06-14 08:19 - 2017-05-20 07:52 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-06-14 08:19 - 2017-05-20 07:50 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-06-14 08:18 - 2017-06-03 12:15 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 08:18 - 2017-06-03 12:15 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 08:18 - 2017-06-03 12:15 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 08:18 - 2017-06-03 12:14 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-14 08:18 - 2017-06-03 12:14 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-14 08:18 - 2017-06-03 12:10 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 08:18 - 2017-06-03 12:09 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 08:18 - 2017-06-03 12:08 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-14 08:18 - 2017-06-03 12:07 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-14 08:18 - 2017-06-03 12:02 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 08:18 - 2017-06-03 12:01 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-06-14 08:18 - 2017-06-03 12:00 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-06-14 08:18 - 2017-06-03 12:00 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-06-14 08:18 - 2017-06-03 11:58 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 08:18 - 2017-06-03 11:58 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-06-14 08:18 - 2017-06-03 11:58 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-06-14 08:18 - 2017-06-03 11:57 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 02228120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 01693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 01458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 00848288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 00846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-06-14 08:18 - 2017-06-03 11:56 - 00844696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 00697760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 00672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-06-14 08:18 - 2017-06-03 11:56 - 00399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-06-14 08:18 - 2017-06-03 11:14 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 08:18 - 2017-06-03 11:14 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-06-14 08:18 - 2017-06-03 11:14 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-06-14 08:18 - 2017-06-03 11:14 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 08:18 - 2017-06-03 11:11 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-14 08:18 - 2017-06-03 11:10 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-06-14 08:18 - 2017-06-03 11:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-14 08:18 - 2017-06-03 11:07 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-06-14 08:18 - 2017-06-03 11:07 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-06-14 08:18 - 2017-06-03 11:06 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-06-14 08:18 - 2017-06-03 11:05 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 08:18 - 2017-06-03 11:05 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-06-14 08:18 - 2017-06-03 11:04 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 08:18 - 2017-06-03 11:04 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-06-14 08:18 - 2017-06-03 11:03 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-06-14 08:18 - 2017-06-03 11:01 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-06-14 08:18 - 2017-06-03 11:01 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-06-14 08:18 - 2017-06-03 10:59 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-14 08:18 - 2017-06-03 10:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 08:18 - 2017-06-03 10:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-14 08:18 - 2017-06-03 10:59 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 08:18 - 2017-06-03 10:58 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-06-14 08:18 - 2017-06-03 10:58 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 08:18 - 2017-06-03 10:57 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-14 08:18 - 2017-06-03 10:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-06-14 08:18 - 2017-06-03 10:57 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 08:18 - 2017-06-03 10:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-06-14 08:18 - 2017-05-20 10:29 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-06-14 08:18 - 2017-05-20 09:08 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-06-14 08:18 - 2017-05-20 09:08 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-14 08:18 - 2017-05-20 08:59 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-06-14 08:18 - 2017-05-20 08:56 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-06-14 08:18 - 2017-05-20 08:56 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-06-14 08:18 - 2017-05-20 08:56 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-06-14 08:18 - 2017-05-20 08:55 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-06-14 08:18 - 2017-05-20 08:55 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-06-14 08:18 - 2017-05-20 08:55 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-14 08:18 - 2017-05-20 08:55 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-06-14 08:18 - 2017-05-20 08:53 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-06-14 08:18 - 2017-05-20 08:53 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-14 08:18 - 2017-05-20 08:53 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-06-14 08:18 - 2017-05-20 08:53 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-06-14 08:18 - 2017-05-20 08:51 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-06-14 08:18 - 2017-05-20 08:10 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-06-14 08:18 - 2017-05-20 08:10 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-06-14 08:18 - 2017-05-20 08:10 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-06-14 08:18 - 2017-05-20 08:10 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-06-14 08:18 - 2017-05-20 08:09 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-06-14 08:18 - 2017-05-20 08:09 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-06-14 08:18 - 2017-05-20 08:09 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-06-14 08:18 - 2017-05-20 08:08 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-06-14 08:18 - 2017-05-20 08:08 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-06-14 08:18 - 2017-05-20 08:06 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-06-14 08:18 - 2017-05-20 08:06 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-06-14 08:18 - 2017-05-20 08:05 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-06-14 08:18 - 2017-05-20 08:05 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-06-14 08:18 - 2017-05-20 08:03 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-06-14 08:18 - 2017-05-20 08:03 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-06-14 08:18 - 2017-05-20 08:03 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-06-14 08:18 - 2017-05-20 08:03 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-06-14 08:18 - 2017-05-20 08:03 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-06-14 08:18 - 2017-05-20 08:02 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-06-14 08:18 - 2017-05-20 08:02 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-06-14 08:18 - 2017-05-20 08:01 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-06-14 08:18 - 2017-05-20 08:00 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-06-14 08:18 - 2017-05-20 08:00 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-06-14 08:18 - 2017-05-20 08:00 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-06-14 08:18 - 2017-05-20 07:59 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-06-14 08:18 - 2017-05-20 07:58 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-06-14 08:18 - 2017-05-20 07:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-06-14 08:18 - 2017-05-20 07:57 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-06-14 08:18 - 2017-05-20 07:56 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-06-14 08:18 - 2017-05-20 07:56 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-06-14 08:18 - 2017-05-20 07:55 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-06-14 08:18 - 2017-05-20 07:55 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-06-14 08:18 - 2017-05-20 07:55 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-06-14 08:18 - 2017-05-20 07:55 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-06-14 08:18 - 2017-05-20 07:54 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-06-14 08:18 - 2017-05-20 07:54 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-06-14 08:18 - 2017-05-20 07:54 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-06-14 08:18 - 2017-05-20 07:52 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-06-14 08:18 - 2017-05-20 07:52 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-06-14 08:18 - 2017-05-20 07:51 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-06-14 08:18 - 2017-05-20 07:51 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-06-14 08:18 - 2017-05-20 07:50 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-06-14 08:18 - 2017-05-20 07:48 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-06-14 08:18 - 2017-05-20 07:48 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-06-14 08:18 - 2017-05-20 07:47 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-06-14 08:18 - 2017-05-20 07:47 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 39860744 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 38903336 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 34823400 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 33470408 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 29101512 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 19861456 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 15477928 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 13483144 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 11748304 _____ (Intel Corporation) C:\WINDOWS\system32\ig75icd64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 08734672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig75icd32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 05683664 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 05262800 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 04931024 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 04368848 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 04268480 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 04240160 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 03972048 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 02393112 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01858584 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01816664 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01814008 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01590736 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01178576 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 01023928 _____ C:\WINDOWS\system32\igfxSDK.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00968112 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00964528 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00704976 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00466872 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00448952 _____ (Intel Corporation) C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00438736 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00416208 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00401848 _____ C:\WINDOWS\system32\igfxTray.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00389584 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00388560 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00354232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00318416 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00312248 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00301496 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00297112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00273360 _____ C:\WINDOWS\system32\igfxCPL.cpl
2017-06-12 01:56 - 2017-06-12 01:56 - 00268216 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00266192 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00242104 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00236472 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00232376 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00231864 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00225232 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00222680 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00220112 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4642.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00205304 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00192976 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00183928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00182904 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00181784 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00175032 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2017-06-12 01:56 - 2017-06-12 01:56 - 00173520 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00160216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00160208 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00111568 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00103888 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00103376 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00100816 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00099792 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00095184 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00084944 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00052688 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00029136 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00029136 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00027600 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00027600 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00022480 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2017-06-12 01:56 - 2017-06-12 01:56 - 00022480 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2017-06-11 22:49 - 2017-06-11 22:49 - 00004862 _____ C:\WINDOWS\system32\iglhxs64.vp
2017-06-06 10:30 - 2017-07-04 09:00 - 00000000 ____D C:\Users\**** *******\Desktop\EcADEMY

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-05 07:25 - 2017-04-13 09:48 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-05 06:36 - 2015-02-14 17:23 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-07-04 15:49 - 2016-11-20 16:25 - 00000000 ____D C:\Users\**** *******\AppData\LocalLow\Mozilla
2017-07-04 15:47 - 2017-04-13 09:54 - 02452624 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-04 15:47 - 2017-03-20 06:41 - 01085186 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-04 15:47 - 2017-03-20 06:41 - 00252752 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-04 15:47 - 2015-02-14 15:53 - 00000000 ___RD C:\Users\**** *******\Google Drive
2017-07-04 15:46 - 2016-07-30 11:27 - 00000000 ___RD C:\Users\**** *******\OneDrive
2017-07-04 15:44 - 2017-04-13 09:53 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-07-04 15:43 - 2015-11-30 10:17 - 00000000 ____D C:\Temp
2017-07-04 15:42 - 2017-04-13 10:26 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-04 15:40 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-07-04 15:38 - 2017-04-13 09:55 - 00000000 ____D C:\Users\**** *******
2017-07-04 15:38 - 2015-05-11 08:40 - 00000000 ____D C:\Users\**** *******\AppData\LocalLow\Temp
2017-07-04 15:21 - 2017-04-13 10:55 - 00000000 ____D C:\Users\**** *******\AppData\Local\Deployment
2017-07-04 13:49 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-04 13:49 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-04 09:19 - 2017-04-13 09:55 - 00000000 ____D C:\Users\DefaultAppPool
2017-07-04 09:19 - 2017-04-13 09:55 - 00000000 ____D C:\Users\Arbeit
2017-07-04 09:03 - 2017-05-11 19:20 - 919534112 _____ C:\WINDOWS\MEMORY.DMP
2017-07-04 09:03 - 2017-05-11 19:20 - 00000000 ____D C:\WINDOWS\Minidump
2017-07-04 08:57 - 2015-02-02 14:41 - 00000000 ____D C:\Users\**** *******\AppData\Local\Packages
2017-07-04 07:41 - 2015-02-02 14:43 - 00000000 ____D C:\ProgramData\Energy Manager
2017-07-03 22:15 - 2015-03-18 22:10 - 00000000 ____D C:\AdwCleaner
2017-07-03 22:11 - 2015-02-13 18:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-03 11:45 - 2015-02-14 00:02 - 00000000 ____D C:\Users\**** *******\Pictures\Documents\Steuerfälle
2017-06-29 13:52 - 2016-10-23 17:35 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-29 08:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-28 16:04 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-28 15:10 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-06-28 07:30 - 2015-09-14 17:49 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-06-27 15:28 - 2016-11-22 15:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-06-27 14:51 - 2017-04-13 09:53 - 00000000 ____D C:\Program Files\DisplayLink Core Software
2017-06-23 17:54 - 2016-08-23 18:06 - 00000000 ___RD C:\Users\**** *******\Dropbox
2017-06-23 16:08 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-06-23 16:07 - 2015-02-13 17:54 - 00000000 ____D C:\Program Files\Microsoft Office 15
2017-06-21 11:31 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-06-20 11:59 - 2017-04-13 09:53 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-06-18 10:47 - 2015-02-02 14:51 - 00000000 ____D C:\Users\**** *******\AppData\Local\Adobe
2017-06-18 09:04 - 2017-04-13 10:25 - 00004654 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-06-18 09:03 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-18 09:03 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-15 18:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-06-14 19:12 - 2016-07-30 10:53 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-14 19:07 - 2017-04-13 09:48 - 00339512 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-14 19:06 - 2015-02-02 18:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-14 19:06 - 2015-02-02 18:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-06-14 17:30 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-06-14 16:48 - 2015-02-02 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-14 16:45 - 2015-02-02 17:42 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 16:36 - 2015-02-02 17:42 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 16:12 - 2016-07-30 11:15 - 00000000 __SHD C:\Users\**** *******\IntelGraphicsProfiles
2017-06-13 20:36 - 2015-06-17 13:08 - 00000000 ____D C:\Users\**** *******\AppData\Local\Dropbox
2017-06-12 01:56 - 2017-04-13 09:53 - 00099792 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-06-12 01:56 - 2017-03-20 06:43 - 00103888 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2017-06-12 01:56 - 2016-11-02 00:06 - 13071112 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2017-06-12 01:56 - 2016-11-02 00:06 - 06693096 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2017-06-12 01:56 - 2016-11-02 00:06 - 05137760 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2017-06-12 01:56 - 2016-11-02 00:06 - 00055192 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2017-06-12 01:56 - 2016-11-02 00:05 - 16456200 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2017-06-12 01:56 - 2016-11-02 00:05 - 07970232 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2017-06-12 01:56 - 2016-11-02 00:05 - 02141648 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2017-06-12 01:56 - 2016-11-02 00:05 - 00755152 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2017-06-12 01:56 - 2016-11-02 00:05 - 00398288 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2017-06-12 01:56 - 2016-11-02 00:05 - 00373688 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2017-06-12 01:56 - 2016-11-02 00:05 - 00254928 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-01-24 18:25 - 2017-01-30 15:11 - 0002325 _____ () C:\Users\**** *******\AppData\Roaming\com.living-e.timeEdition.plist
2015-07-15 18:11 - 2015-07-15 18:11 - 0000151 _____ () C:\Users\**** *******\AppData\Roaming\dllreg.bat
2015-11-21 17:26 - 2015-11-21 17:27 - 0598586 _____ () C:\Users\**** *******\AppData\Roaming\Scorch_Install.log
2015-04-02 22:28 - 2017-05-19 17:14 - 0005120 _____ () C:\Users\**** *******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-06 12:44 - 2015-12-06 12:44 - 0001525 _____ () C:\Users\**** *******\AppData\Local\recently-used.xbel
2015-02-14 09:11 - 2015-02-14 09:11 - 0000057 _____ () C:\ProgramData\Ament.ini
2017-04-13 09:51 - 2017-04-13 09:51 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-06-26 14:14

==================== Ende von FRST.txt ============================
         

Alt 05.07.2017, 13:02   #15
JoeS2013
 
Dummerweise auf einen Link geklickt in Mail - Standard

Dummerweise auf einen Link geklickt in Mail



Und die Addition - jetzt bin ich aber gespannt, wie es weitergeht...
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-07-2017
durchgeführt von **** ******* (05-07-2017 07:30:56)
Gestartet von C:\Users\**** *******\Desktop\Troj
Windows 10 Pro Version 1703 (X64) (2017-04-13 08:44:09)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1623287776-416804053-2603140408-500 - Administrator - Disabled)
Arbeit (S-1-5-21-1623287776-416804053-2603140408-1001 - Administrator - Enabled) => C:\Users\Arbeit
DefaultAccount (S-1-5-21-1623287776-416804053-2603140408-503 - Limited - Disabled)
Gast (S-1-5-21-1623287776-416804053-2603140408-501 - Limited - Disabled)
**** ******* (S-1-5-21-1623287776-416804053-2603140408-1000 - Administrator - Enabled) => C:\Users\**** *******

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.118 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.126 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\Amazon Amazon Music) (Version: 3.11.1.1040 - Amazon Services LLC)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Ashampoo Cover Studio 1.01 (HKLM-x32\...\Ashampoo Cover Studio_is1) (Version: 1.0.1 - ashampoo GmbH & Co. KG)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
BRAINYOO (HKLM-x32\...\BRAINYOO) (Version:  - BRAINYOO Ltd.)
BurnAware Free 10.2 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
Cisco WebEx Meetings (HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
ClipGrab 3.6.5 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version:  - Philipp Schmieder Medien)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
DisplayLink Core Software (HKLM\...\{22822919-96E0-46E0-9CCC-1318A8ED0081}) (Version: 7.9.1589.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{F8D0059A-CC6D-414F-A36F-FEDAE2588000}) (Version: 7.4.51587.0 - DisplayLink Corp.)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 29.4.20 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Duden Korrektor (Release) (HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\{70600aec-2896-4c78-b615-936b3e3226fa}) (Version: 12.0.27 - EPC Consulting und Software GmbH)
Duden Korrektor für Microsoft Office (HKLM-x32\...\{69E3E8AE-4520-4647-A97E-2062537CDE03}) (Version: 12.0.27 - EPC Consulting und Software GmbH) Hidden
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.0.20150211 - Landesfinanzdirektion Thüringen)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.18 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.18 - Lenovo)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FRITZ!Powerline (HKLM-x32\...\{F9C9378B-78D5-4CC0-8683-B7915DFEA9C5}) (Version: 01.00.65 - AVM Berlin)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Earth Pro (HKLM-x32\...\{6D5E5B27-D872-4A5F-A1D9-CE681DB7B96A}) (Version: 7.1.7.2606 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{FDE820DD-CC88-4395-AD5C-801365B8F316}) (Version: 28.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.4.40 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Kaspersky Secure Connection (HKLM-x32\...\{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Total Security (HKLM-x32\...\{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Lenovo Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.1.9.0 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1323.0_WHQL - Sonix)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6806.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6806.52 - CyberLink Corp.)
Lenovo Settings (HKLM-x32\...\{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Ihr Firmenname) Hidden
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Ihr Firmenname)
LibreOffice 4.3 Help Pack (German) (HKLM-x32\...\{25104DB0-0C1F-4038-BC99-26082D13602B}) (Version: 4.3.6.2 - The Document Foundation)
LibreOffice 5.2.7.2 (HKLM-x32\...\{C89BB248-1889-4D6B-B310-A744A0545123}) (Version: 5.2.7.2 - The Document Foundation)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4937.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1623287776-416804053-2603140408-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.2.28 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{2AADC4EE-94C8-422B-977B-547774C4A463}) (Version: 1.0.40 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 5.9.0 (HKLM\...\{4E7CCB76-687B-4C53-9A5E-08780AF3A551}) (Version: 5.9.0 - Motorola Inc.) Hidden
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Mozilla Thunderbird 52.2.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 52.2.1 (x86 de)) (Version: 52.2.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MusicBee 3.0 (HKLM-x32\...\MusicBee) (Version: 3.0 - Steven Mayall)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4937.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4937.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0407-0000-0000000FF1CE}) (Version: 15.0.4937.1000 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCE}) (Version: 4.0.12 - dotPDN LLC)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10614 - CyberLink Corp.)
Pulse Secure Network Connect 8.0 (HKLM-x32\...\Pulse Secure Network Connect 8.0) (Version: 8.0.13.38659 - Pulse Secure, LLC)
Pulse Secure Network Connect 8.2 (HKLM-x32\...\Pulse Secure Network Connect 8.2) (Version: 8.2.5.49363 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\Juniper_Setup_Client) (Version: 8.0.13.61239 - Pulse Secure, LLC)
Pulse Secure Setup Client (HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\Pulse_Setup_Client) (Version: 8.2.5.869 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Pulse_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Pulse Secure Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Pulse Secure Setup Client Activex Control (HKLM-x32\...\Pulse_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.29071 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.78.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
Steuer-Ratgeber 2016-2017 (HKLM-x32\...\{2D99CB45-87EE-4834-BB15-5DD59A024E4C}) (Version: 16.11.6 - Wolters Kluwer Deutschland GmbH)
SteuerSparErklärung 2015 (HKLM-x32\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.42.175 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2016 (HKLM-x32\...\{D331D50C-C578-423B-8BC7-94D3133CE315}) (Version: 21.37.107 - Akademische Arbeitsgemeinschaft)
SteuerSparErklärung 2017  (HKLM-x32\...\{45815686-22F8-4D24-872D-E481A654B230}) (Version: 22.31.75 - Wolters Kluwer Deutschland GmbH)
Studie zur Verbesserung von HP Officejet Pro 8600 Produkten (HKLM\...\{B9824225-2055-4700-BCD4-64B25EC88264}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
ThinkPad OneLink Dock (HKLM-x32\...\{8E1CACF5-2493-4950-9AD5-189903FE57E7}) (Version: 1.08.26 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.5.1 - VideoLAN)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17384 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (09/24/2013 11.19.0.845) (HKLM\...\BD8A640DD72A18DFC3CEF8418113F7170A6CB417) (Version: 09/24/2013 11.19.0.845 - Lenovo)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-03-21] (Google)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers01: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers01: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll -> Keine Datei
ContextMenuHandlers01: [ASZip] -> {d03d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} =>  -> Keine Datei
ContextMenuHandlers01: [ASZip64] -> {d03d3e78-0f44-3d45-b15f-bcfd8a8b4c7e} =>  -> Keine Datei
ContextMenuHandlers01: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers01: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google)
ContextMenuHandlers01: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers01: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\WINDOWS\system32\mscoree.dll [2017-03-18] (Microsoft Corporation)
ContextMenuHandlers02: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers04: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} =>  -> Keine Datei
ContextMenuHandlers04: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll -> Keine Datei
ContextMenuHandlers04: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers04: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-03-21] (Google)
ContextMenuHandlers04: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers05: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers05: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Keine Datei
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-06-12] (Intel Corporation)
ContextMenuHandlers06: [ASZip] -> {d03d3e68-0f44-3d45-b15f-bcfd8a8b4c7e} =>  -> Keine Datei
ContextMenuHandlers06: [ASZip64] -> {d03d3e78-0f44-3d45-b15f-bcfd8a8b4c7e} =>  -> Keine Datei
ContextMenuHandlers06: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\shellex.dll [2017-03-15] (AO Kaspersky Lab)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0583BD80-8B4B-4717-9C68-C1AD0D7EE162} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {07503EE7-1CFA-4D6A-98E1-8A08806070B7} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {07AA1D0E-BA89-414D-B885-FB4FB77F9557} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {11F2DEB2-D99A-4B68-B2FF-84A7C143F40A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {14AB2298-1620-4479-9A14-FE2E0B6646AE} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] ()
Task: {1AFEC9DE-A96A-40B6-8DB5-C1B8F03FF1BC} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B8B7EF2-7051-4E74-9959-CDFB0E676863} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Keine Datei <==== ACHTUNG
Task: {268EB81C-418C-47DD-A100-ABA799C4F9B0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {2FAB4AF3-DD0F-41BA-A029-BC21922B559F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {3DE77B65-97D4-424C-9CEB-FE57664CCDA7} - System32\Tasks\{71BA29AA-C47B-4B8A-836A-76CED96A31C9} => pcalua.exe -a "C:\Users\**** *******\Downloads\Plattenkiste257_1_PHBW.exe" -d "C:\Users\**** *******\Downloads"
Task: {3E4B47C2-38B4-40C6-87ED-238A0F1D7FA2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3EBF690D-B35F-4EBD-B0C0-E3FCC345477F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {4AAA2335-0EE4-4296-936F-542F0BC8EBE3} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {4CBBF093-5095-4A96-89F4-FC033FB5E91B} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {4EB70EDC-4411-41B8-9B60-9C77131F228F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {51C36AF0-7A39-46E4-BA53-5F1BB2E50254} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {51D1F21F-05EE-4BEB-8D01-42B03B1729A1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {5436ADC2-8B82-4998-AA43-DB70CC76DB9D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {559F9F55-1F82-4A09-9133-EB899B070280} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {64D307F4-C5B5-4272-8C06-20ACA1D69DBC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6FECC40E-273A-4558-8C0F-798CBCB87863} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {702C19E0-E049-4526-81B6-0CE13F619057} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {70591BC0-7B8B-4791-BC28-76294078F326} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {751F2FD3-B289-474B-A1F2-0DD0226B60DA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {774D8D60-E937-49C1-AE9F-2A15FC38E01B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {77576AA6-0743-47C6-A890-F86E17073CA1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {78DE1DBE-4307-4E27-B377-9D3ABA07EF80} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {7B3790BC-B4B8-43C1-9146-846C23642F17} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {80F888D1-E9CE-40C6-881D-4424458A013F} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {815A8BA9-0622-49A0-AEEE-3879FEFC37AA} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8565DE5B-A508-4AB2-97CF-8A09F3CEF4E4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8FD18F73-7B10-4539-BACC-5F1BC531B2B9} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9526D466-51D3-4771-B05B-207B16821A5F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {9AC7906F-F43C-4127-B9F4-D2AAF90E53F8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9C9E80CD-67E1-422D-811B-59093C67F981} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-24] (Dropbox, Inc.)
Task: {9D02ACF5-BA85-4EA9-A598-EB9F2D478171} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {A585C283-6F1B-496B-9F3F-C7B03FD04D34} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {A7641E1D-7114-49D8-8CF6-ABBC5FE34366} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-14] (Google Inc.)
Task: {AA2DCA43-5DCC-4D37-8F5A-1E8C9FCF61CC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AA80116F-D9C0-4499-B299-AEC5E56C7624} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0578703-9EAF-4195-AB6D-304D027228E6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-14] (Google Inc.)
Task: {BAB48103-1974-4B65-8F7F-AEF12B42C2BB} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C0075C6C-CCB9-4314-9DB4-A71A640B33E8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-06-18] (Adobe Systems Incorporated)
Task: {C0F18505-B1C8-4817-AD7B-67B00FC7EA63} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] ()
Task: {C1C79CA9-4DC7-4F35-843A-36823EB6F269} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {C68B180D-626F-40C7-BBE8-B47283D7D6BE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C7A96E46-0EE0-442D-AA53-C0C6A9C95003} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {C9200B7B-727D-44D7-B220-930A1DD6D355} - System32\Tasks\{89060D6F-4F60-4A05-87AA-CFA3021FCF3C} => pcalua.exe -a C:\Windows\system32\pcwrun.exe -c "C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\SteuerSparErklaerung 2016\StartCenter.exe"
Task: {CAD382B2-BEE9-4AAC-AB19-A4514E879E0E} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-08] (CyberLink Corp.)
Task: {CFA54271-5AC5-4CB9-97EA-5447D2E3AFC2} - System32\Tasks\{6A9B8A68-7F55-45F0-B340-6F3B04710EE9} => pcalua.exe -a "C:\Users\**** *******\AppData\Local\Temp\Temp1_SteuerSparErklaerung_21.20.38.zip\SSEStandard_21.20.38.exe" <==== ACHTUNG
Task: {DF6F389D-E3CD-48F2-B83E-6B5B216BDFE3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {EB6BFC21-A6DF-47A8-83F7-E5928584F407} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FA298B14-0449-412E-9C61-62F61D9F6790} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FB60C248-ABA9-4C22-8C26-6B02DD5B61CF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {FBB83FA1-5815-4FEF-895F-57A7E10729A4} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-08-24] (Dropbox, Inc.)
Task: {FE0A3BA0-817C-4B76-959E-9D7D12A63AC1} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2008-10-24 17:35 - 2008-10-24 17:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2012-07-17 22:31 - 2012-07-17 22:31 - 00116632 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
2015-02-13 17:54 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2017-07-03 22:35 - 2017-06-27 12:06 - 02260432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2012-07-17 22:31 - 2012-07-17 22:31 - 00776088 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-06-21 08:08 - 2017-06-21 08:09 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-06-21 08:08 - 2017-06-21 08:09 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-21 08:08 - 2017-06-21 08:08 - 43454464 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-06-21 08:08 - 2017-06-21 08:09 - 02437120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\skypert.dll
2015-06-04 13:20 - 2015-06-04 13:20 - 00133184 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2014-03-26 12:50 - 2014-08-04 12:10 - 00058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2014-08-04 11:48 - 2013-11-13 17:48 - 00915968 ____N () C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\kpcengine.2.3.dll
2014-08-04 12:09 - 2011-08-02 20:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2014-08-04 12:09 - 2011-08-02 20:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2017-06-23 07:38 - 2017-06-23 07:38 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2017-06-28 07:29 - 2017-06-26 12:27 - 00801600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-06-28 07:29 - 2017-06-26 12:27 - 01787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-06-28 07:24 - 2017-06-26 12:26 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-06-28 07:24 - 2017-06-26 12:29 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-06-28 07:29 - 2017-06-26 12:28 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-06-28 07:29 - 2017-06-26 12:26 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-06-28 07:29 - 2017-06-26 12:26 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-06-28 07:29 - 2017-06-26 12:27 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-06-28 07:24 - 2017-06-26 12:26 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-06-28 07:29 - 2017-06-26 12:27 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-06-28 07:29 - 2017-06-26 12:26 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-06-28 07:24 - 2017-06-26 12:29 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-06-28 07:29 - 2017-06-26 12:28 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-06-28 07:29 - 2017-06-26 12:28 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-06-28 07:24 - 2017-06-26 12:26 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-06-28 07:24 - 2017-06-26 12:30 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-06-28 07:29 - 2017-06-26 12:27 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-06-28 07:29 - 2017-06-26 12:29 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-06-28 07:29 - 2017-06-26 12:27 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-06-28 07:29 - 2017-06-26 12:29 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-06-28 07:24 - 2017-06-26 12:30 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-06-28 07:29 - 2017-06-26 12:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-06-28 07:29 - 2017-06-26 12:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-06-28 07:24 - 2017-06-26 12:30 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-06-28 07:24 - 2017-06-26 12:29 - 00023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-06-28 07:29 - 2017-06-26 12:29 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00098816 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\win32api.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00110080 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\pywintypes27.dll
2017-07-04 15:45 - 2017-07-04 15:45 - 00364544 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\pythoncom27.dll
2017-07-04 15:45 - 2017-07-04 15:45 - 00320512 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\win32com.shell.shell.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00914432 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\_hashlib.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 01176576 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\wx._core_.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00806400 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\wx._gdi_.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00816128 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\wx._windows_.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 01067008 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\wx._controls_.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00733184 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\wx._misc_.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00682496 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\pysqlite2._sqlite.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00088064 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\_ctypes.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00686080 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\unicodedata.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00119808 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\win32file.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00108544 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\win32security.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00007168 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\hashobjs_ext.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00017920 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\thumbnails_ext.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00088064 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\usb_ext.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00012800 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\common.time34.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00018432 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\win32event.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00167936 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\win32gui.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00046080 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\_socket.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 01303552 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\_ssl.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00128512 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\_elementtree.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00127488 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\pyexpat.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00038912 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\win32inet.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00036864 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\_psutil_windows.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00524248 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\windows._lib_cacheinvalidation.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00011264 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\win32crypt.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00123392 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\wx._wizard.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00077312 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\wx._html2.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00027648 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\_multiprocessing.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00020480 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\_yappi.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00035840 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\win32process.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00078848 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\wx._animate.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00024064 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\win32pipe.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00010240 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\select.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00025600 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\win32pdh.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00017408 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\win32profile.pyd
2017-07-04 15:45 - 2017-07-04 15:45 - 00022528 ____R () C:\Users\**** *******\AppData\Local\Temp\_MEI104362\win32ts.pyd
2014-08-04 11:40 - 2013-12-03 13:35 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-04-05 02:38 - 2017-04-05 02:38 - 69743184 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\**** *******\Pictures\Documents\Antiquariat:com.dropbox.attributes [168]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2017-06-28 15:08 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1623287776-416804053-2603140408-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
HKU\S-1-5-21-1623287776-416804053-2603140408-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo_1\Lenovo_11.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.176.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: Amazon Music => "C:\Users\**** *******\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: BrainYoo2 => "C:\Program Files (x86)\BrainYoo2\BrainYoo2.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Power2GoExpress => NA
HKU\S-1-5-21-1623287776-416804053-2603140408-1000\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

20-06-2017 11:55:06 Windows Update
27-06-2017 14:49:44 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/05/2017 07:27:07 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (07/05/2017 07:25:57 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (07/05/2017 07:25:26 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (07/05/2017 04:32:47 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_108e4f62dfe5d999.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.0_none_583b8639f462029f.manifest.

Error: (07/04/2017 06:24:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: J*******-mobil)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/04/2017 06:14:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: J*******-mobil)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/04/2017 04:40:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm ShellExperienceHost.exe, Version 10.0.15063.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 83c

Startzeit: 01d2f4cba76da31d

Beendigungszeit: 4294967295

Anwendungspfad: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

Berichts-ID: 50c17736-3974-4134-85e5-9dc7c4c484a2

Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.ShellExperienceHost_10.0.15063.332_neutral_neutral_cw5n1h2txyewy

Auf das fehlerhafte Paket bezogene Anwendungs-ID: App

Error: (07/04/2017 04:29:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: J*******-mobil)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/04/2017 04:27:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Microsoft.Photos.exe, Version 1.0.1706.13001 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3334

Startzeit: 01d2f4d154bd09d9

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

Berichts-ID: 9d9a29b2-7a2d-4a68-ac8d-4f0d6780c8f0

Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe

Auf das fehlerhafte Paket bezogene Anwendungs-ID: App

Error: (07/04/2017 04:27:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: J*******-mobil)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (07/04/2017 06:24:55 PM) (Source: DCOM) (EventID: 10010) (User: J*******-mobil)
Description: Der Server "Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (07/04/2017 04:22:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/04/2017 04:22:30 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\JRGSCH~1\AppData\Local\Temp\ehdrv.sys

Error: (07/04/2017 04:22:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/04/2017 04:22:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\JRGSCH~1\AppData\Local\Temp\ehdrv.sys

Error: (07/04/2017 04:22:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/04/2017 04:22:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\JRGSCH~1\AppData\Local\Temp\ehdrv.sys

Error: (07/04/2017 04:20:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/04/2017 04:20:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\JRGSCH~1\AppData\Local\Temp\ehdrv.sys

Error: (07/04/2017 04:20:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.


CodeIntegrity:
===================================
  Date: 2017-06-15 19:40:20.548
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:20.514
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:20.476
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:20.373
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:20.333
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:20.299
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:18.632
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 19:40:18.360
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 18:26:59.025
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-06-15 18:26:58.802
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 8120.36 MB
Verfügbarer physikalischer RAM: 4249.09 MB
Summe virtueller Speicher: 16312.36 MB
Verfügbarer virtueller Speicher: 11861.1 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:894.54 GB) (Free:477.01 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Backup) (Fixed) (Total:25 GB) (Free:22.47 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8FF49E15)
Partition 1: (Not Active) - (Size=200 MB) - (Type=27)
Partition 2: (Active) - (Size=894.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=11.8 GB) - (Type=12)

==================== Ende von Addition.txt ============================
         

Antwort

Themen zu Dummerweise auf einen Link geklickt in Mail
abgebrochen, aufgepasst, beste, besten, geklickt, heute, liebe, link, link angeklickt, link geklickt, mail, morgen, nicht, sofort



Ähnliche Themen: Dummerweise auf einen Link geklickt in Mail


  1. Link auf Spam Mail geklickt
    Smartphone, Tablet & Handy Security - 28.02.2017 (0)
  2. Auf Link in Phishing-Mail geklickt
    Plagegeister aller Art und deren Bekämpfung - 01.02.2016 (10)
  3. Auf einen Link geklickt, .exe Datei gedownloaded ABER nicht ausgeführt
    Plagegeister aller Art und deren Bekämpfung - 04.10.2015 (6)
  4. Auf Link einer Spam-Mail geklickt
    Plagegeister aller Art und deren Bekämpfung - 20.09.2015 (8)
  5. Programm (DATEV) funktioniert nicht mehr nachdem ich auf einen Link in einer Mail geklickt habe
    Plagegeister aller Art und deren Bekämpfung - 25.08.2015 (15)
  6. Windows 7: Ich habe blöderweise auf einen Link in einer gefälschten DHL Mail geklickt und bin auf website umgeleitet worden...
    Plagegeister aller Art und deren Bekämpfung - 08.06.2015 (10)
  7. UPS Phishing Mail geöffnet uns auf Link geklickt
    Log-Analyse und Auswertung - 02.04.2015 (24)
  8. Phishing mail Link geklickt
    Log-Analyse und Auswertung - 22.03.2015 (9)
  9. DHL Mail bekommen, Link geklickt und jetzt
    Log-Analyse und Auswertung - 09.03.2015 (20)
  10. DHL Phishing mail - auf link geklickt (auch mit handy)
    Plagegeister aller Art und deren Bekämpfung - 06.03.2015 (11)
  11. Habe auf Link in Phishing Mail geklickt.
    Plagegeister aller Art und deren Bekämpfung - 29.09.2014 (7)
  12. SPAM Mail von Telekom und auf Link geklickt
    Log-Analyse und Auswertung - 17.06.2014 (3)
  13. Phishing-mail link geklickt
    Plagegeister aller Art und deren Bekämpfung - 14.04.2014 (13)
  14. Auf den Link in einer Phishing E-Mail geklickt - Was nun?
    Plagegeister aller Art und deren Bekämpfung - 20.09.2013 (5)
  15. Dummerweise auf MSN Link geklickt
    Plagegeister aller Art und deren Bekämpfung - 24.08.2009 (6)
  16. Auf einen Link geklickt ...
    Mülltonne - 06.07.2008 (0)
  17. Brauche Hilfe Habe auf einen Link in ICQ geklickt
    Log-Analyse und Auswertung - 27.02.2007 (2)

Zum Thema Dummerweise auf einen Link geklickt in Mail - Liebe alle, habe heute morgen nicht aufgepasst und auf einen Link in einem Mail geklickt. Habe dann zwar sofort abgebrochen, aber wer weiß? Was soll ich am besten tun? Liebe - Dummerweise auf einen Link geklickt in Mail...
Archiv
Du betrachtest: Dummerweise auf einen Link geklickt in Mail auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.