Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Trojaner Verdacht, Win10 64bit

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 08.09.2017, 22:17   #1
Gewin
 
Trojaner Verdacht, Win10 64bit - Standard

Trojaner Verdacht, Win10 64bit



Hallo zusammen,

seit einiger Zeit taucht beim starten ein Dos (Windows\System32\cmd.exe)Fenster. G-Data Internet Security findet nicht´s.

Könnst Ihr bitte die LogDateien anschauen?

Vielen Dank!

FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
durchgeführt von Gena_2 (ACHTUNG: der Benutzer ist kein Administrator) auf BIGCOM (08-09-2017 22:59:56)
Gestartet von C:\Users\Gena_2\Downloads
Geladene Profile: ************** & Gena_2 (Verfügbare Profile: ************** & Gena_2 & Lilia & Gast & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

konnte nicht auf den Prozess zugreifen -> smss.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> wininit.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> services.exe
konnte nicht auf den Prozess zugreifen -> lsass.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> winlogon.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> dwm.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> WUDFHost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> WUDFHost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> igfxCUIService.exe
konnte nicht auf den Prozess zugreifen -> NVDisplay.Container.exe
konnte nicht auf den Prozess zugreifen -> GDScan.exe
konnte nicht auf den Prozess zugreifen -> NVDisplay.Container.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> dasHost.exe
konnte nicht auf den Prozess zugreifen -> AVKWCtlx64.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> spoolsv.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> ibtsiva.exe
konnte nicht auf den Prozess zugreifen -> armsvc.exe
konnte nicht auf den Prozess zugreifen -> mDNSResponder.exe
konnte nicht auf den Prozess zugreifen -> dirmngr.exe
konnte nicht auf den Prozess zugreifen -> AdobeUpdateService.exe
konnte nicht auf den Prozess zugreifen -> avmike.exe
konnte nicht auf den Prozess zugreifen -> OfficeClickToRun.exe
konnte nicht auf den Prozess zugreifen -> iSCTAgent.exe
konnte nicht auf den Prozess zugreifen -> AVKProxy.exe
konnte nicht auf den Prozess zugreifen -> DACore.exe
konnte nicht auf den Prozess zugreifen -> AGSService.exe
konnte nicht auf den Prozess zugreifen -> app_updater.exe
konnte nicht auf den Prozess zugreifen -> certsrv.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> HeciServer.exe
konnte nicht auf den Prozess zugreifen -> ijplmsvc.exe
konnte nicht auf den Prozess zugreifen -> Lenovo.Modern.ImController.exe
konnte nicht auf den Prozess zugreifen -> NvTelemetryContainer.exe
konnte nicht auf den Prozess zugreifen -> nwtsrv.exe
konnte nicht auf den Prozess zugreifen -> MBAMService.exe
konnte nicht auf den Prozess zugreifen -> nutsrv4.exe
konnte nicht auf den Prozess zugreifen -> nvcontainer.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> Seagate.Dashboard.DASWindowsService.exe
konnte nicht auf den Prozess zugreifen -> MobileService.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> WDDriveService.exe
konnte nicht auf den Prozess zugreifen -> SurfEasyService.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> ss_conn_service.exe
konnte nicht auf den Prozess zugreifen -> BrcmSetSecurity.exe
konnte nicht auf den Prozess zugreifen -> ouc.exe
konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> WDBackupEngine.exe
konnte nicht auf den Prozess zugreifen -> GDFwSvcx64.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
konnte nicht auf den Prozess zugreifen -> PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
konnte nicht auf den Prozess zugreifen -> dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
() C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
konnte nicht auf den Prozess zugreifen -> fontdrvhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
konnte nicht auf den Prozess zugreifen -> SUService.exe
konnte nicht auf den Prozess zugreifen -> IAStorDataMgrSvc.exe
konnte nicht auf den Prozess zugreifen -> IntelMeFWService.exe
konnte nicht auf den Prozess zugreifen -> Jhi_service.exe
konnte nicht auf den Prozess zugreifen -> LMS.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
konnte nicht auf den Prozess zugreifen -> Lenovo.Modern.ImController.PluginHost.Device.exe
(Mozilla Corporation) C:\Users\genas_000\Desktop\Tor Browser\Browser\firefox.exe
() C:\Users\genas_000\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe
(Mozilla Corporation) C:\Users\genas_000\Desktop\Tor Browser\Browser\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-16] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2014-02-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [101360 2014-02-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM\...\Run: [USB Safely Remove] => "C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe" /startup
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-28] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [NuTCSetupEnviron] => C:\Program Files\PTC\MKS Toolkit\bin\ncoeenv.exe [37248 2012-10-12] (MKS Software Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-07-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-07-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-05-10] (Seagate Technology LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [442856 2017-06-08] (G DATA Software AG)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2352832 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe [763416 2017-07-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-05-10] (Seagate Technology LLC)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4295360 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Polar Sync] => *:\program files\polar\polar sync\********************************************************************************************************************************************************************** (Der Dateneintrag hat 59 mehr Zeichen).
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\MountPoints2: {be3b4032-83bd-11e6-bf7a-fcf8ae9ac78d} - "I:\start-win.exe" 
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-05-18] (Garmin Ltd. or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2014-02-11]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Motion Control.lnk [2014-02-11]
ShortcutTarget: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe ()
Startup: C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZenMate.bat [2017-08-13] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyServer: [S-1-5-21-4288807228-2172792055-1580508024-1003] => 84.112.117.174:8080
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2be6f6e2-00a5-4ce8-95ef-87a8efc7ebb5}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3a45b7cf-7020-4447-8c63-994d33d62839}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=625119&clcid=0x419
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
URLSearchHook: [S-1-5-21-4288807228-2172792055-1580508024-1002] ACHTUNG => Standard URLSearchHook fehlt
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> {26B3CAA3-DAC0-4C35-B5A8-06D7ABF7F9C4} URL = 
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-19] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-19] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-12-15] (DVDVideoSoft Ltd.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-07-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle Corporation)
BHO-x32: IE 4.x-6.x BHO for Download Master -> {9961627E-4059-41B4-8E0E-A7D6B3854ADF} -> C:\Program Files (x86)\Download Master\dmiehlp.dll [2014-12-29] (WestByte)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-07-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2016-01-19] (DVDVideoSoft Ltd.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Amolto Call Recorder for Skype\Skype4COM.dll [2014-06-20] (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Gena_2\AppData\Roaming\Mozilla\Firefox\Profiles\wjvpswac.default-1456673523050 [2017-09-08]
FF NetworkProxy: Mozilla\Firefox\Profiles\wjvpswac.default-1456673523050 -> type", 0
FF Extension: (Tails Download and Verify) - C:\Users\Gena_2\AppData\Roaming\Mozilla\Firefox\Profiles\wjvpswac.default-1456673523050\Extensions\dave@tails.boum.org.xpi [2017-08-12]
FF Extension: (HTTPS Everywhere) - C:\Users\Gena_2\AppData\Roaming\Mozilla\Firefox\Profiles\wjvpswac.default-1456673523050\Extensions\https-everywhere-eff@eff.org.xpi [2017-09-01]
FF Extension: (ProxTube - Gesperrte YouTube Videos entsperren) - C:\Users\Gena_2\AppData\Roaming\Mozilla\Firefox\Profiles\wjvpswac.default-1456673523050\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2017-08-12]
FF Extension: (Html Validator) - C:\Users\Gena_2\AppData\Roaming\Mozilla\Firefox\Profiles\wjvpswac.default-1456673523050\Extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} [2016-11-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-08-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-27] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-07-13] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-27] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\CanonBJ\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-04] (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-07-19] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-08-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-07-13] (Adobe Systems)
FF Plugin-x32: Sony Corporation/PMCADownloader -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\npPMCADownloader.dll [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderHelper -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\PMCADownloaderHelper.exe [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderLib -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\PMCADownloaderLib.dll [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Gena_2\AppData\Roaming\mozilla\plugins\npatgpc.dll [2014-08-02] (Cisco WebEx LLC)

Chrome: 
=======
CHR Profile: C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default [2017-08-13]
CHR Extension: (Google Präsentationen) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-03]
CHR Extension: (Скачать музыку с Вконтакте (vk.com)) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\afkpfjljjhhonjehpkmgonimjjgaheap [2016-09-03]
CHR Extension: (Google Docs) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-03]
CHR Extension: (Google Drive) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-03]
CHR Extension: (YouTube) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-03]
CHR Extension: (Google-Suche) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-03]
CHR Extension: (Adobe Acrobat) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-12-03]
CHR Extension: (Google Docs Offline) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-22]
CHR Extension: (OkTools) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jicldjademmddamblmdllfneeaeeclik [2016-09-03]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-22]
CHR Extension: (Google Mail) - C:\Users\Gena_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-07-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-07-13] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [5017224 2017-06-23] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [3328112 2017-06-08] (G Data Software AG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3705536 2017-07-03] (Microsoft Corporation)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [432528 2013-04-17] (Nuance Communications, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [437224 2016-10-27] (Digital Wave Ltd.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2017-07-06] () [Datei ist nicht signiert]
S3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1458368 2016-06-09] (Disc Soft Ltd)
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1093136 2017-05-18] (Garmin Ltd. or its subsidiaries)
S3 GDBackupSvc; C:\Program Files (x86)\G Data\InternetSecurity\AVKBackup\AVKBackupService.exe [3997160 2017-06-23] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3419552 2017-06-08] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [884328 2017-06-08] (G DATA Software AG)
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] ()
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-06-05] (Lenovo Group Limited)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-09] (Intel Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-08-16] () [Datei ist nicht signiert]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
R3 lmhosts; C:\WINDOWS\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 lmhosts; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NlaSvc; C:\WINDOWS\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 NlaSvc; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\WINDOWS\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 NuTCRACKERService; C:\WINDOWS\system32\nutsrv4.exe [574776 2012-10-12] (MKS Software Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16120 2017-05-10] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143560 2017-05-10] (Seagate Technology LLC)
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [35272 2016-05-04] (SHAREit Technologies Co.Ltd)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 SurfEasyVPN; C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe [1663368 2017-03-14] ()
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-06-09] ()
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-08-01] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 dcrypt; C:\WINDOWS\System32\drivers\dcrypt.sys [210632 2014-07-09] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-09-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-09-26] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] ()
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [109568 2013-01-25] (Huawei Technologies Co., Ltd.)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [200728 2017-08-13] (G Data Software AG)
R3 gddcd; C:\WINDOWS\System32\drivers\gddcd64.sys [79872 2015-03-23] (G Data Software AG)
R1 gddcv; C:\WINDOWS\System32\drivers\gddcv64.sys [59904 2015-03-23] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2017-02-20] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [46104 2017-08-13] (G Data Software AG)
R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [38984 2017-08-13] (G DATA Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [309784 2017-08-13] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [162328 2017-08-13] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [86584 2017-08-13] (G DATA Software AG)
S3 GRD; C:\WINDOWS\system32\drivers\GRD.sys [125640 2017-08-27] (G Data Software)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [157720 2017-08-13] (G Data Software AG)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [121728 2013-12-10] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\system32\DRIVERS\ew_wwanecm.sys [376704 2013-12-10] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-09-08] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-08] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-08] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-08] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-08] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.)
S3 MosIrUsb; C:\WINDOWS\System32\drivers\MosIrUsb.sys [27648 2007-10-11] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3776792 2015-06-22] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_e512e33140587627\nvlddmkm.sys [14841784 2017-04-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-05-03] (NVIDIA Corporation)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [759552 2015-09-21] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-16] (Realtek Semiconductor Corp.)
S3 SD11CL64; C:\WINDOWS\system32\DRIVERS\SD11CL64.sys [96512 2011-01-24] (SCM Microsystems Inc.)
S3 SDI01164; C:\WINDOWS\system32\DRIVERS\SDI01164.SYS [75904 2011-01-24] (SCM Microsystems Inc.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2017-03-21] (Anchorfree Inc.)
R0 TS4NT; C:\WINDOWS\System32\Drivers\TS4nt.sys [98760 2015-03-23] (G Data Software)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-09-08] ()
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-08 22:59 - 2017-09-08 23:00 - 000040463 _____ C:\Users\Gena_2\Downloads\FRST.txt
2017-09-08 22:59 - 2017-09-08 22:59 - 002395648 _____ (Farbar) C:\Users\Gena_2\Downloads\FRST64.exe
2017-09-08 22:11 - 2017-09-08 22:11 - 000001456 _____ C:\Users\Gena_2\Desktop\Start Tor Browser.lnk
2017-09-08 22:04 - 2017-09-08 22:37 - 000002827 _____ C:\Users\Gena_2\Desktop\mbam.txt
2017-09-08 22:04 - 2017-09-08 22:04 - 000000022 _____ C:\WINDOWS\S.dirmngr
2017-09-08 21:56 - 2017-09-08 22:04 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-08 21:56 - 2017-09-08 22:04 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-08 21:56 - 2017-09-08 22:04 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-08 21:56 - 2017-09-08 22:04 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-08 21:56 - 2017-09-08 21:56 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-08 21:56 - 2017-09-08 21:56 - 000001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-08 21:56 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-08 21:55 - 2017-09-08 21:55 - 066347240 _____ (Malwarebytes ) C:\Users\Gena_2\Downloads\mb3-setup-consumer-3.2.2.2018.exe
2017-09-08 21:33 - 2017-09-08 21:47 - 000079617 _____ C:\Users\genas_000\Downloads\Addition.txt
2017-09-08 21:32 - 2017-09-08 22:59 - 000000000 ____D C:\FRST
2017-09-08 21:32 - 2017-09-08 21:45 - 000100731 _____ C:\Users\genas_000\Downloads\FRST.txt
2017-09-08 21:29 - 2017-09-08 21:32 - 002395648 _____ (Farbar) C:\Users\genas_000\Downloads\FRST64.exe
2017-09-08 21:20 - 2017-09-08 21:20 - 007178424 _____ (VS Revo Group ) C:\Users\genas_000\Downloads\revosetup_v2.0.3.exe
2017-09-08 21:05 - 2017-09-08 21:05 - 000000970 _____ C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-09-08 21:05 - 2017-09-08 21:05 - 000000922 _____ C:\Users\genas_000\Desktop\Start Tor Browser.lnk
2017-09-08 21:04 - 2017-09-08 21:05 - 000000000 ____D C:\Users\genas_000\Desktop\Tor Browser
2017-09-08 19:04 - 2017-09-08 22:04 - 000094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-09-08 15:57 - 2017-09-08 15:57 - 000007290 _____ C:\Users\Gena_2\AppData\Local\recently-used.xbel
2017-09-08 15:57 - 2017-09-08 15:57 - 000000037 _____ C:\Users\Gena_2\.gtk-bookmarks
2017-09-07 19:59 - 2017-09-08 22:05 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2017-09-06 16:22 - 2017-09-06 20:25 - 001314861 _____ () C:\hoe.dll
2017-09-06 16:01 - 2017-09-06 16:01 - 000002447 _____ C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-04 20:54 - 2017-09-04 20:54 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign24b0aab944a0f2f8
2017-09-04 20:53 - 2017-09-04 20:53 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign7e4b5e0ba9a3c64c
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignfed5aacc0dc13da6
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign41a2d2e3a16ca90a
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign0ce8cd98bb0e703f
2017-09-03 19:24 - 2017-09-03 19:24 - 000184837 _____ C:\Users\Gena_2\Documents\Paracelsus-Versand.pdf
2017-09-02 23:31 - 2017-09-02 23:31 - 001781226 _____ C:\Users\Gena_2\Documents\Ahnenblatt-Handbuch.pdf
2017-09-02 20:38 - 2017-09-06 21:16 - 000000000 ____D C:\Users\Gena_2\Documents\Ahnenblatt
2017-09-02 20:38 - 2017-09-06 19:22 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 20:38 - 000000000 ____D C:\Users\genas_000\AppData\Roaming\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000001175 _____ C:\Users\Public\Desktop\Ahnenblatt.lnk
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\Users\genas_000\Documents\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\Program Files (x86)\Ahnenblatt
2017-09-02 16:59 - 2017-09-02 16:59 - 007164912 _____ (Dirk Böttcher ) C:\Users\Gena_2\Downloads\absetup.exe
2017-08-24 18:54 - 2017-08-24 18:54 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2017-08-24 18:54 - 2017-08-24 18:54 - 000002220 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2017-08-22 21:09 - 2017-09-08 22:04 - 000034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-08-19 13:15 - 2017-08-19 13:15 - 000000000 ____D C:\Users\genas_000\AppData\Local\keepassx
2017-08-19 13:14 - 2017-08-19 13:14 - 000000000 ____D C:\Users\Gena_2\Downloads\KeePassX-2.0.3
2017-08-19 13:12 - 2017-08-19 13:12 - 000000801 _____ C:\Users\Gena_2\Downloads\KeePassX-2.0.3.zip.sig
2017-08-19 11:38 - 2017-08-24 21:06 - 000000000 ____D C:\Users\Gena_2\Downloads\windows
2017-08-14 18:28 - 2017-08-14 18:28 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign1b4a29de636be42f
2017-08-14 18:23 - 2017-08-14 18:23 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignc0bab0ec0cf11e06
2017-08-14 18:17 - 2017-08-14 18:17 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign991be756ff36d9ed
2017-08-14 18:16 - 2017-08-14 18:16 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignad11cc61bf043d49
2017-08-14 18:16 - 2017-08-14 18:16 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsigna9351cf5d5af130d
2017-08-14 18:15 - 2017-08-14 18:15 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign880927f307097e96
2017-08-14 18:15 - 2017-08-14 18:15 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign68131fe99be3bf8d
2017-08-13 12:46 - 2017-08-13 12:46 - 001781359 _____ (pendrivelinux.com) C:\Users\Gena_2\Downloads\Universal-USB-Installer.exe
2017-08-13 12:17 - 2017-08-27 13:58 - 000125640 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2017-08-13 12:17 - 2017-08-13 12:17 - 000037544 _____ (G DATA Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000086584 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000046104 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBB64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000038984 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000002102 _____ C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2017-08-13 10:45 - 2017-08-13 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2017-08-13 10:43 - 2017-08-13 10:43 - 000309784 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000200728 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000162328 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000157720 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2017-08-13 10:35 - 2017-08-13 10:36 - 014890128 _____ (G DATA Software AG) C:\Users\Gena_2\Downloads\GDATA_INTERNETSECURITY_WEB_WEU.exe
2017-08-13 00:19 - 2017-08-13 00:19 - 001781359 _____ (pendrivelinux.com) C:\Users\genas_000\Downloads\Universal-USB-Installer.exe
2017-08-13 00:16 - 2017-08-13 00:16 - 000506984 _____ C:\Users\Gena_2\Documents\GDataSettings.gds
2017-08-12 23:22 - 2017-08-12 23:22 - 000459593 _____ C:\Users\Gena_2\Downloads\tails-signing.key
2017-08-12 22:30 - 2017-09-08 21:55 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\gnupg
2017-08-12 22:30 - 2017-08-12 22:33 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\.kde
2017-08-12 22:30 - 2017-08-12 22:30 - 000002063 _____ C:\Users\Public\Desktop\Kleopatra.lnk
2017-08-12 22:30 - 2017-08-12 22:30 - 000001203 _____ C:\Users\Public\Desktop\GPA.lnk
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\Users\Public\Desktop\Документация Gpg4win
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\Users\Gena_2\AppData\Local\GNU
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gpg4win
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\Users\genas_000\AppData\Roaming\gnupg
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\ProgramData\GNU
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\Program Files (x86)\GNU
2017-08-12 21:20 - 2017-08-12 21:20 - 054531880 _____ C:\Users\Gena_2\Downloads\torbrowser-install-7.0.4_ru.exe
2017-08-12 20:47 - 2017-08-12 20:47 - 018239617 _____ C:\Users\Gena_2\Downloads\i2pinstall_0.9.31_windows.exe
2017-08-12 20:07 - 2017-08-12 20:07 - 018583016 _____ (freenetproject.org ) C:\Users\Gena_2\Downloads\FreenetInstaller-1478.exe
2017-08-12 18:22 - 2017-08-12 18:22 - 033954414 _____ C:\Users\Gena_2\Downloads\Bitmessage_x64_0.6.2.exe
2017-08-12 18:12 - 2017-08-12 18:12 - 001468831 _____ C:\Users\Gena_2\Downloads\dcrypt_1.1.846.118_src.zip
2017-08-12 18:12 - 2017-08-12 18:12 - 001001880 _____ (hxxp://diskcryptor.net/ ) C:\Users\Gena_2\Downloads\dcrypt_setup.exe
2017-08-12 18:12 - 2017-08-12 18:12 - 000000836 _____ C:\Users\genas_000\Desktop\DiskCryptor.lnk
2017-08-12 18:12 - 2017-08-12 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCryptor
2017-08-12 18:12 - 2017-08-12 18:12 - 000000000 ____D C:\Program Files\dcrypt
2017-08-12 18:12 - 2014-07-09 10:42 - 000210632 _____ C:\WINDOWS\system32\Drivers\dcrypt.sys
2017-08-12 16:57 - 2017-08-13 01:11 - 000000000 ____D C:\Users\Gena_2\AppData\Local\ZenMate
2017-08-12 16:57 - 2017-08-13 00:53 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZenGuard GmbH
2017-08-12 16:57 - 2017-08-12 16:57 - 000000000 ____D C:\Users\Gena_2\AppData\Local\SquirrelTemp
2017-08-12 16:57 - 2017-08-12 16:57 - 000000000 ____D C:\Users\Gena_2\AppData\Local\IsolatedStorage
2017-08-12 16:47 - 2017-08-12 16:47 - 014932432 _____ (AnchorFree Inc.) C:\Users\Gena_2\Downloads\HotspotShield-6.9.2-9040555.exe
2017-08-12 15:25 - 2017-08-12 15:25 - 083516376 _____ (GitHub, Inc.) C:\Users\Gena_2\Downloads\GitHubDesktopSetup.exe
2017-08-12 14:34 - 2017-08-12 14:34 - 023584794 _____ (Tox) C:\Users\Gena_2\Downloads\setup-qtox64-1.11.0.exe
2017-08-11 23:06 - 2017-08-11 23:06 - 006492712 _____ C:\Users\Gena_2\Downloads\BleachBit-1.12-setup.exe
2017-08-11 21:34 - 2017-08-19 13:12 - 007941944 _____ C:\Users\Gena_2\Downloads\KeePassX-2.0.3.zip
2017-08-11 19:39 - 2017-08-12 18:09 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_setup.exe.asc
2017-08-11 19:39 - 2017-08-11 19:39 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_winpe.zip.asc
2017-08-11 19:39 - 2017-08-11 19:39 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_1.1.846.118_src.zip.asc
2017-08-11 19:09 - 2017-08-01 21:21 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-11 19:09 - 2017-08-01 21:20 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-08-11 19:09 - 2017-08-01 20:32 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-11 19:09 - 2017-08-01 20:27 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-08-11 19:09 - 2017-08-01 20:27 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-08-11 19:09 - 2017-08-01 19:20 - 002264344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-11 19:09 - 2017-08-01 19:20 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-08-11 19:09 - 2017-08-01 19:20 - 000781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-11 19:09 - 2017-08-01 19:20 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000577976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000339896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000266080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-11 19:09 - 2017-08-01 19:19 - 000120416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-11 19:09 - 2017-08-01 19:18 - 000139104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-11 19:09 - 2017-08-01 19:16 - 006665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-11 19:09 - 2017-08-01 19:16 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-08-11 19:09 - 2017-08-01 19:16 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-08-11 19:09 - 2017-08-01 19:10 - 000306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-08-11 19:09 - 2017-08-01 19:07 - 005686784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-11 19:09 - 2017-08-01 18:59 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-11 19:09 - 2017-08-01 18:58 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-08-11 19:09 - 2017-08-01 18:56 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-08-11 19:09 - 2017-08-01 18:56 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-08-11 19:09 - 2017-08-01 18:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-11 19:09 - 2017-08-01 18:54 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-08-11 19:09 - 2017-08-01 18:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-08-11 19:09 - 2017-08-01 18:54 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-11 19:09 - 2017-08-01 18:53 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-08-11 19:09 - 2017-08-01 18:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2017-08-11 19:09 - 2017-08-01 18:52 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-11 19:09 - 2017-08-01 18:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-11 19:09 - 2017-08-01 18:50 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-08-11 19:09 - 2017-08-01 18:49 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-11 19:09 - 2017-08-01 18:48 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-08-11 19:09 - 2017-08-01 18:48 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-08-11 19:09 - 2017-08-01 18:45 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-08-11 19:09 - 2017-08-01 18:45 - 001985536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certmgr.dll
2017-08-11 19:09 - 2017-08-01 18:41 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-08-11 19:09 - 2017-08-01 18:39 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-11 19:09 - 2017-08-01 18:39 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-11 19:09 - 2017-08-01 18:38 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-08-11 19:09 - 2017-08-01 18:37 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comuid.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-08-11 19:09 - 2017-08-01 18:36 - 007468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-08-11 19:09 - 2017-08-01 18:35 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-08-11 19:09 - 2017-08-01 18:33 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-08-11 19:09 - 2017-08-01 18:32 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-08-11 19:09 - 2017-08-01 18:32 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-08-11 19:09 - 2017-08-01 18:31 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 002997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-11 19:09 - 2017-08-01 18:30 - 002482688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-08-11 19:09 - 2017-08-01 18:29 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-08-11 19:09 - 2017-08-01 18:28 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-11 19:09 - 2017-07-12 08:17 - 000081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-08-11 19:09 - 2017-07-12 08:15 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-08-11 19:09 - 2017-07-12 08:12 - 001573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-08-11 19:09 - 2017-07-12 08:01 - 000715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-08-11 19:09 - 2017-07-12 08:00 - 000095584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2017-08-11 19:09 - 2017-07-12 07:56 - 000277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-11 19:09 - 2017-07-12 07:55 - 000607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-08-11 19:09 - 2017-07-12 07:55 - 000111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-08-11 19:09 - 2017-07-12 07:52 - 004312760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-08-11 19:09 - 2017-07-12 07:35 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dabapi.dll
2017-08-11 19:09 - 2017-07-12 07:32 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2017-08-11 19:09 - 2017-07-12 07:32 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\frprov.dll
2017-08-11 19:09 - 2017-07-12 07:31 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-11 19:09 - 2017-07-12 07:31 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2017-08-11 19:09 - 2017-07-12 07:30 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2017-08-11 19:09 - 2017-07-12 07:29 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-08-11 19:09 - 2017-07-12 07:29 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\httpapi.dll
2017-08-11 19:09 - 2017-07-12 07:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-08-11 19:09 - 2017-07-12 07:24 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys
2017-08-11 19:09 - 2017-07-12 07:23 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-11 19:09 - 2017-07-12 07:23 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-08-11 19:09 - 2017-07-12 07:21 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-11 19:09 - 2017-07-12 07:21 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2017-08-11 19:09 - 2017-07-12 07:19 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-08-11 19:09 - 2017-07-12 07:18 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-08-11 19:09 - 2017-07-12 07:15 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-11 19:09 - 2017-07-12 07:15 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsium.dll
2017-08-11 19:09 - 2017-07-12 07:14 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-11 19:09 - 2017-07-12 07:13 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-11 19:09 - 2017-07-12 07:12 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-08-11 19:09 - 2017-07-12 07:11 - 002154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-08-11 19:09 - 2017-07-12 07:10 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-11 19:09 - 2017-07-12 07:10 - 000546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-08-11 19:09 - 2017-07-12 07:09 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-08-11 19:09 - 2017-07-12 07:07 - 001572352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-08-11 19:09 - 2017-07-12 07:05 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-11 19:09 - 2017-07-12 04:49 - 000448629 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-08-11 19:09 - 2017-03-04 08:05 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-08-11 19:08 - 2017-08-01 21:32 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-08-11 19:08 - 2017-08-01 21:31 - 007780192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-11 19:08 - 2017-08-01 21:29 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-11 19:08 - 2017-08-01 21:27 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-11 19:08 - 2017-08-01 21:25 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-08-11 19:08 - 2017-08-01 21:22 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-08-11 19:08 - 2017-08-01 21:22 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 002759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-11 19:08 - 2017-08-01 21:21 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-08-11 19:08 - 2017-08-01 21:21 - 000295264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-08-11 19:08 - 2017-08-01 21:21 - 000124072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 000026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-08-11 19:08 - 2017-08-01 21:20 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000684344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000383776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000144736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-11 19:08 - 2017-08-01 21:20 - 000079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-11 19:08 - 2017-08-01 21:18 - 008169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 004260064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 022220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-08-11 19:08 - 2017-08-01 21:13 - 002532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-11 19:08 - 2017-08-01 21:13 - 001102176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-08-11 19:08 - 2017-08-01 21:13 - 000387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-11 19:08 - 2017-08-01 21:01 - 007218176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-11 19:08 - 2017-08-01 20:57 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-08-11 19:08 - 2017-08-01 20:54 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-11 19:08 - 2017-08-01 20:53 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 022569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-11 19:08 - 2017-08-01 20:51 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-11 19:08 - 2017-08-01 20:50 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-11 19:08 - 2017-08-01 20:48 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-08-11 19:08 - 2017-08-01 20:48 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-08-11 19:08 - 2017-08-01 20:48 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-11 19:08 - 2017-08-01 20:47 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-08-11 19:08 - 2017-08-01 20:46 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-11 19:08 - 2017-08-01 20:46 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-11 19:08 - 2017-08-01 20:45 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-11 19:08 - 2017-08-01 20:44 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-11 19:08 - 2017-08-01 20:44 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-11 19:08 - 2017-08-01 20:42 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-11 19:08 - 2017-08-01 20:42 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-11 19:08 - 2017-08-01 20:41 - 002222080 _____ (Microsoft Corporation) C:\WINDOWS\system32\certmgr.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 001281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-11 19:08 - 2017-08-01 20:38 - 013441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-08-11 19:08 - 2017-08-01 20:38 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-08-11 19:08 - 2017-08-01 20:37 - 013091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-11 19:08 - 2017-08-01 20:36 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-11 19:08 - 2017-08-01 20:36 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-08-11 19:08 - 2017-08-01 20:35 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-11 19:08 - 2017-08-01 20:34 - 001837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-08-11 19:08 - 2017-08-01 20:32 - 008114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-11 19:08 - 2017-08-01 20:32 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-08-11 19:08 - 2017-08-01 20:32 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 004743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-11 19:08 - 2017-08-01 20:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-08-11 19:08 - 2017-08-01 20:28 - 001490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 008076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-08-11 19:08 - 2017-08-01 20:26 - 001513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-11 19:08 - 2017-08-01 20:26 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-08-11 19:08 - 2017-08-01 20:25 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-08-11 19:08 - 2017-08-01 20:24 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-08-11 19:08 - 2017-08-01 20:23 - 003615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-11 19:08 - 2017-08-01 20:23 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-08-11 19:08 - 2017-08-01 18:51 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-11 19:08 - 2017-08-01 18:47 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-08-11 19:08 - 2017-08-01 18:47 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-11 19:08 - 2017-08-01 18:42 - 018364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-11 19:08 - 2017-08-01 18:40 - 019415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-11 19:08 - 2017-08-01 18:40 - 012187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-11 19:08 - 2017-08-01 18:37 - 012349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-08-11 19:08 - 2017-08-01 18:33 - 006031872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-11 19:08 - 2017-08-01 18:31 - 003664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-11 19:08 - 2017-07-12 08:16 - 000646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-08-11 19:08 - 2017-07-12 08:15 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-11 19:08 - 2017-07-12 08:15 - 000101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll
2017-08-11 19:08 - 2017-07-12 08:14 - 001886896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-08-11 19:08 - 2017-07-12 08:13 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-11 19:08 - 2017-07-12 08:12 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-11 19:08 - 2017-07-12 08:09 - 001181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-08-11 19:08 - 2017-07-12 08:02 - 002186592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-11 19:08 - 2017-07-12 08:02 - 000402776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-08-11 19:08 - 2017-07-12 08:01 - 000156000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2017-08-11 19:08 - 2017-07-12 08:00 - 000223072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-08-11 19:08 - 2017-07-12 08:00 - 000160608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2017-08-11 19:08 - 2017-07-12 07:59 - 001100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-08-11 19:08 - 2017-07-12 07:59 - 000989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-08-11 19:08 - 2017-07-12 07:59 - 000947040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-08-11 19:08 - 2017-07-12 07:59 - 000857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-08-11 19:08 - 2017-07-12 07:59 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-08-11 19:08 - 2017-07-12 07:55 - 004674872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-08-11 19:08 - 2017-07-12 07:25 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2017-08-11 19:08 - 2017-07-12 07:24 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2017-08-11 19:08 - 2017-07-12 07:24 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dabapi.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-08-11 19:08 - 2017-07-12 07:23 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-08-11 19:08 - 2017-07-12 07:23 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\frprov.dll
2017-08-11 19:08 - 2017-07-12 07:22 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2017-08-11 19:08 - 2017-07-12 07:20 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpapi.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-11 19:08 - 2017-07-12 07:17 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-08-11 19:08 - 2017-07-12 07:17 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-08-11 19:08 - 2017-07-12 07:16 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-08-11 19:08 - 2017-07-12 07:16 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-11 19:08 - 2017-07-12 07:15 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-08-11 19:08 - 2017-07-12 07:13 - 001478656 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-11 19:08 - 2017-07-12 07:12 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-11 19:08 - 2017-07-12 07:12 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-08-11 19:08 - 2017-07-12 07:12 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsium.dll
2017-08-11 19:08 - 2017-07-12 07:11 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-11 19:08 - 2017-07-12 07:10 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-11 19:08 - 2017-07-12 07:09 - 003291136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-08-11 19:08 - 2017-07-12 07:08 - 002861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-08-11 19:08 - 2017-07-12 07:07 - 000954880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-11 19:08 - 2017-07-12 07:07 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-08-11 19:08 - 2017-07-12 07:03 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-11 19:08 - 2017-07-12 07:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-11 19:08 - 2017-07-12 07:02 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-11 19:08 - 2017-07-12 07:01 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-11 19:08 - 2017-07-12 07:01 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-08-11 19:08 - 2017-07-12 07:00 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-08-11 19:08 - 2017-07-12 06:59 - 006664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-08-11 19:08 - 2017-07-12 06:59 - 002318336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-11 19:08 - 2017-07-12 06:59 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 001130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-11 19:08 - 2017-07-12 06:57 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-11 19:08 - 2017-07-12 06:56 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-08-11 19:08 - 2017-03-04 08:57 - 000372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-08-11 19:08 - 2017-03-04 08:16 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-08-11 19:08 - 2017-03-04 08:14 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-08-11 19:08 - 2017-03-04 08:07 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-08-11 19:08 - 2017-03-04 08:05 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-08-11 19:08 - 2016-08-02 10:13 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-11 19:01 - 2016-09-07 07:24 - 000057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-08-11 18:50 - 2017-09-08 21:04 - 054567688 _____ C:\Users\Gena_2\Downloads\torbrowser-install-7.0.4_de.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-08 22:36 - 2016-09-17 14:50 - 000000000 ____D C:\Users\Gena_2\Documents\Outlook-Dateien
2017-09-08 22:36 - 2014-07-22 18:47 - 000000000 ____D C:\Users\genas_000\Documents\Outlook-Dateien
2017-09-08 22:10 - 2016-11-16 19:56 - 000268715 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-09-08 22:09 - 2016-07-17 00:51 - 001568034 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-08 22:09 - 2016-07-17 00:51 - 001076530 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-08 22:09 - 2015-08-07 21:06 - 005777724 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-08 22:07 - 2016-09-13 21:35 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-08 22:05 - 2016-05-27 13:54 - 000000000 ___RD C:\Users\Gena_2\Creative Cloud Files
2017-09-08 22:05 - 2014-07-23 21:46 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Adobe
2017-09-08 22:05 - 2014-07-23 17:42 - 000000000 __SHD C:\Users\Gena_2\IntelGraphicsProfiles
2017-09-08 22:04 - 2016-09-13 21:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-08 22:04 - 2016-09-13 21:34 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-09-08 15:57 - 2016-09-13 21:36 - 000000000 ____D C:\Users\Gena_2
2017-09-08 15:57 - 2015-03-07 17:49 - 000000000 ____D C:\Users\Gena_2\AppData\Local\gtk-2.0
2017-09-06 20:59 - 2016-09-13 21:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-06 19:51 - 2016-12-20 23:21 - 000000000 ____D C:\Users\genas_000\AppData\LocalLow\Mozilla
2017-09-06 16:06 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-06 16:01 - 2014-07-23 17:23 - 000000000 __RDO C:\Users\genas_000\OneDrive
2017-09-06 15:59 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-06 15:54 - 2014-07-23 17:58 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\DAEMON Tools Lite
2017-09-06 15:50 - 2017-05-24 21:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-04 21:02 - 2016-09-25 23:00 - 000332800 ___SH C:\Users\Gena_2\Desktop\Thumbs.db
2017-09-01 23:29 - 2014-07-23 21:11 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-09-01 21:51 - 2014-07-22 16:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-01 21:43 - 2016-11-24 19:07 - 000000000 ____D C:\Users\Gena_2\AppData\LocalLow\Mozilla
2017-08-29 15:45 - 2015-12-03 11:46 - 000002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-29 15:45 - 2015-12-03 11:46 - 000002223 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-27 14:07 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-27 14:07 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-27 14:06 - 2014-08-24 11:17 - 000000000 ____D C:\Users\genas_000\AppData\Local\Adobe
2017-08-24 21:11 - 2014-07-22 13:17 - 000000000 ____D C:\Users\genas_000\AppData\Local\Packages
2017-08-24 18:54 - 2015-03-07 17:33 - 000000000 ____D C:\Program Files (x86)\Google
2017-08-23 17:40 - 2014-07-23 17:42 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Packages
2017-08-19 11:57 - 2016-04-09 13:41 - 000000000 ____D C:\Users\Gena_2\AppData\Local\CrashDumps
2017-08-15 21:10 - 2017-05-21 16:23 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Garmin
2017-08-13 10:48 - 2014-08-07 17:32 - 000000000 ____D C:\ProgramData\G Data
2017-08-13 10:42 - 2016-07-16 13:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-08-13 10:42 - 2014-08-07 17:33 - 000000000 ____D C:\Program Files (x86)\G Data
2017-08-13 00:24 - 2016-09-13 21:36 - 000000000 ____D C:\Users\genas_000
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2017-08-13 00:17 - 2014-04-30 17:43 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-12 23:54 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF
2017-08-12 15:55 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\rescache
2017-08-12 11:16 - 2016-11-06 19:08 - 000000000 ____D C:\Users\Lilia
2017-08-12 11:16 - 2016-09-13 21:36 - 000000000 ____D C:\Users\Gast
2017-08-12 11:15 - 2016-09-13 21:33 - 000341032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ___RD C:\Program Files\Windows Defender
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\Provisioning
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\bcastdvr
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-08-11 19:18 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-10 21:43 - 2016-05-30 16:55 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2017-08-10 21:43 - 2016-05-30 16:55 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2017-08-10 21:43 - 2016-05-30 16:55 - 000002097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2017-08-10 21:42 - 2014-07-22 16:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-10 21:35 - 2014-07-22 16:21 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-07-02 15:17 - 2016-07-02 15:17 - 000000000 ___RH () C:\Users\Gena_2\AppData\Roaming\82972e70eb62322fdec22be80f88c94e2
2016-05-15 17:25 - 2016-05-15 18:08 - 000000883 _____ () C:\Users\Gena_2\AppData\Roaming\AbsoluteReminder.xml
2015-03-23 15:43 - 2015-03-23 15:43 - 000000000 _____ () C:\Users\Gena_2\AppData\Roaming\gdfw.log
2015-03-23 15:43 - 2015-03-24 14:08 - 000001952 _____ () C:\Users\Gena_2\AppData\Roaming\gdscan.log
2015-05-07 21:24 - 2015-05-07 21:24 - 000004608 _____ () C:\Users\Gena_2\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-17 11:28 - 2016-07-17 11:28 - 000000094 _____ () C:\Users\Gena_2\AppData\Local\fusioncache.dat
2017-09-08 15:57 - 2017-09-08 15:57 - 000007290 _____ () C:\Users\Gena_2\AppData\Local\recently-used.xbel
2017-02-18 23:43 - 2017-02-18 23:43 - 000370070 _____ () C:\Users\Gena_2\AppData\Local\SquareClock.Production_Home_KQ_WebIcon.ico
2016-09-13 21:35 - 2016-09-13 21:35 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-07-17 21:11 - 2017-07-18 13:10 - 000006299 _____ () C:\ProgramData\hpzinstall.log
2016-04-09 11:39 - 2016-04-09 11:39 - 000000016 _____ () C:\ProgramData\mntemp
2013-03-19 12:32 - 2013-03-19 12:32 - 000010011 _____ () C:\ProgramData\regid.2012-01.com.intel.discover-at_512FCF1B-3685-45F2-A1E9-63AEF7F79B35.swidtag

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. der Benutzer ist kein Administrator

==================== Ende von FRST.txt ============================
         
Angehängte Dateien
Dateityp: txt mbam.txt (2,8 KB, 3x aufgerufen)

Alt 08.09.2017, 22:19   #2
Gewin
 
Trojaner Verdacht, Win10 64bit - Standard

Trojaner Verdacht, Win10 64bit



Addition

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017
durchgeführt von Gena_2 (08-09-2017 23:00:44)
Gestartet von C:\Users\Gena_2\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-13 19:51:32)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4288807228-2172792055-1580508024-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4288807228-2172792055-1580508024-1012 - Limited - Enabled)
DefaultAccount (S-1-5-21-4288807228-2172792055-1580508024-503 - Limited - Disabled)
Gast (S-1-5-21-4288807228-2172792055-1580508024-501 - Limited - Disabled) => C:\Users\Gast
************** (S-1-5-21-4288807228-2172792055-1580508024-1002 - Administrator - Enabled) => C:\Users\genas_000
Gena_2 (S-1-5-21-4288807228-2172792055-1580508024-1003 - Limited - Enabled) => C:\Users\Gena_2
HomeGroupUser$ (S-1-5-21-4288807228-2172792055-1580508024-1022 - Limited - Enabled)
Lilia (S-1-5-21-4288807228-2172792055-1580508024-1046 - Limited - Enabled) => C:\Users\Lilia

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G DATA INTERNET SECURITY (Enabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G DATA Personal Firewall (Enabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.0 - Absolute Software)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.22 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.8 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.10.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Ahnenblatt 2.97a (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.97.2.1 - Dirk Bцttcher)
Amolto Call Recorder Premium for Skype (HKLM-x32\...\{69F36B84-256D-47CA-A4AC-D04083709434}) (Version: 2.6.1 - Amolto)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 381.65 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (HKLM\...\{1B6B17C2-176C-433C-93F3-640D12825426}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
AusweisApp2 (HKLM-x32\...\{8BC126FD-2F56-4B56-9363-54C3D0027BC6}) (Version: 1.10.1 - Governikus GmbH & Co. KG)
Benutzerhandbuch (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo) Hidden
BlackVue HD (HKLM-x32\...\BlackVueHD) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (HKLM-x32\...\{3D73DC7A-2D1D-45CF-8A67-24873925C716}) (Version: 3.00.0000 - Hewlett-Packard) Hidden
Brief Vorlagen (HKLM-x32\...\Brief Vorlagen_is1) (Version:  - )
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version:  - )
Canon MX340 series - регистрация пользователя (HKLM-x32\...\Canon MX340 series - регистрация пользователя) (Version:  - )
Canon MX340 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
CrystalDiskMark 5.1.2 (HKLM\...\CrystalDiskMark5_is1) (Version: 5.1.2 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0191 - Disc Soft Ltd)
DIG-CAD 4.0 (HKLM-x32\...\DIG-CAD 4.0) (Version:  - )
DiskCryptor 1.1 (HKLM\...\DiskCryptor_is1) (Version: 1.1 - hxxp://diskcryptor.net/)
Download Master version 6.0.3.1433 (HKLM-x32\...\Download Master_is1) (Version: 6.0.3.1433 - WestByte)
Dragon Assistant Application de-DE Version 1.5.5 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.5 - Nuance Communications, Inc.)
Dragon Assistant Core Recognition Service Version 1.1.9 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.9 - Nuance Communications, Inc.)
Dragon Assistant Language Data de-DE Version 1.1.2 (HKLM-x32\...\{FB671668-9AAC-41DC-872B-627418FB62D5}_is1) (Version: 1.1.2 - Nuance Communications, Inc.)
Dragon Assistant Version 1.5.5 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.5 - Nuance Communications, Inc.)
Elevated Installer (HKLM-x32\...\{BA007E03-72AE-4D2D-8A73-FA4B935D4015}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo)
Exif-Viewer 2.51  (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
FLV and Media Player 4.2.1.1 (HKLM-x32\...\FLV and Media Player) (Version: 4.2.1.1 - Applian Technologies)
Free DVD Video Converter (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.65.823 - Digital Wave Ltd)
Free MP4 Video Converter version 5.0.54.1215 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.54.1215 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.54.1215 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.54.1215 - DVDVideoSoft Ltd.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.1.119 - DVDVideoSoft Ltd.)
FRITZ!Fernzugang (HKLM\...\{DD57CC22-8864-4CCA-94D4-600D024C1207}) (Version: 1.3.1 - AVM Berlin)
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.4.0.1 - G DATA Software AG)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{2f694ffe-66ec-4674-a32d-ec690281ca57}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{BCEE507D-8D49-40FF-B437-70E3B9C2D51C}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{198E262D-8C4F-4131-91C7-1F81FB8688F1}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Gpg4win (2.3.4) (HKLM-x32\...\GPG4Win) (Version: 2.3.4 - The Gpg4win Project)
Intel Anti-Theft Discovery App (HKLM-x32\...\{707248B9-2D34-4D77-A5C6-2A8A54848E5A}) (Version: 1.1.0.7 - Intel Corporation)
Intel Experience Center - Configuration (HKLM-x32\...\{C73A16B7-AC35-4262-9BAF-DA9B2039A563}) (Version: 1.9.0.8 - Intel) Hidden
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.91.55 - Huawei Technologies Co.,Ltd)
IsoBuster 3.9 (HKLM-x32\...\IsoBuster_is1) (Version: 3.9 - Smart Projects)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
KÜCHEN QUELLE 3D (HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\SquareClock_Production_Home_KQ_Web) (Version:  - 3DVIA SAS)
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version:  - )
L&H TTS3000 Espaсol (HKLM-x32\...\LHTTSSPE) (Version:  - )
L&H TTS3000 Franзais (HKLM-x32\...\LHTTSFRF) (Version:  - )
L&H TTS3000 Italiano (HKLM-x32\...\LHTTSITI) (Version:  - )
L&H TTS3000 Portuguкs (Brasil) (HKLM-x32\...\LHTTSPTB) (Version:  - )
L&H TTS3000 Russian (HKLM-x32\...\LHTTSRUR) (Version:  - )
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10233 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo System Interface Foundation Driver (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.078.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0059 - Lenovo)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version:  - )
Malwarebytes Version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7766.2099 - Microsoft Corporation)
Microsoft Office 365 ProPlus - ru-ru (HKLM\...\O365ProPlusRetail - ru-ru) (Version: 16.0.7766.2099 - Microsoft Corporation)
Microsoft Office Language Pack 2013  - Russian/русский (HKLM-x32\...\Office15.OMUI.ru-ru) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Outlook-Sicherung für Persönliche Ordner (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MKS Platform Components 9.x (HKLM\...\{30276636-0000-0905-9ABB-000BDB5CF35D}) (Version: 9.5.0000 - Mortice Kern Systems)
Motion Control (HKLM\...\Motion Control) (Version: 1.2.45.0 - Lenovo)
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Mp3tag v2.71 (HKLM-x32\...\Mp3tag) (Version: v2.71 - Florian Heidenreich)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
No23 Recorder (HKLM-x32\...\{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}) (Version: 2.1.0.3 - No23) Hidden
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.65 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0419-0000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PlayMemories Camera Apps Downloader (HKLM-x32\...\{5C42BF1B-4586-4711-81A7-8D0F890A6A31}) (Version: 1.2.0.13221 - Sony Corporation)
Polar ProTrainer (HKLM-x32\...\{DF7DBA84-0A55-11D6-A0A6-6A7573736972}) (Version: 5.40.170 - )
Polar WebLink 2.4.15 (HKLM-x32\...\{2734FEDB-7A24-4F15-AC5C-3EC00414D4CC}) (Version: 02.50.0006 - Polar Electro Oy)
QUIK (HKLM-x32\...\{519A413F-6A45-4A48-AC2E-4A9C94C8F98A}_is1) (Version:  - СМВБ-Информационные технологии)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21229 - Realtek Semiconductor Corp.)
REALTEK DTV USB DEVICE (HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Remote Camera Control (HKLM-x32\...\{A32B85B2-5731-41E9-B431-3F4F5D6E664F}) (Version: 3.7.00000 - Sony Corporation)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Portable SSD T3 (HKLM-x32\...\Samsung Portable SSD T3_is1) (Version: 1.3 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
SDI011 dual interface reader (HKLM-x32\...\{D0ED9100-DFFB-482C-8DB6-C626264757BD}) (Version: 1.01 - SCM Microsystems)
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.7.1.1 - Seagate)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0100-0419-0000-0000000FF1CE}_Office15.OMUI.ru-ru_{DFA82E00-94E0-456C-B143-A2E1A90B1950}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.5.0.1160 - Lenovo)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 7.0.0.0 - Stellar Information Technology Pvt Ltd.)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
SurfEasy VPN 3.9.542 (HKLM-x32\...\SurfEasy VPN) (Version: 3.9.542 - SurfEasy Inc)
Sweet Home 3D version 5.1.1 (HKLM\...\Sweet Home 3D_is1) (Version: 5.1.1 - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Update for Skype for Business 2015 (KB4011046) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0419-0000-0000000FF1CE}_Office15.OMUI.ru-ru_{4948A05E-E21F-4A6F-BF2A-7D106E339C9B}) (Version:  - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
Vibraimage8 Lite (HKLM-x32\...\{32B4ED86-7931-47CC-B62C-52C9CB739E6F}_is1) (Version:  - ELSYS Corp.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WD Quick View (HKLM-x32\...\{2CE08B2D-856C-47D9-9F6A-BC691911BCD9}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{B11B695F-B5BF-4667-8291-682B3A73B5F8}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Засоби перевірки правопису Microsoft Office 2013 – Українська версія (HKLM-x32\...\{90150000-001F-0422-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2013 — русский (HKLM-x32\...\{90150000-001F-0419-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Энциклопедия Фэн-Шуй (HKLM-x32\...\{2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F}) (Version: 1.00.0000 - Агенство Вызов)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2015-04-15] ()
ContextMenuHandlers1: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G Data\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\GNU\GnuPG\bin\gpgex.dll [2017-07-06] (g10 Code GmbH)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers1: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} =>  -> Keine Datei
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers3: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G Data\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\GNU\GnuPG\bin\gpgex.dll [2017-07-06] (g10 Code GmbH)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers4: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} =>  -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-04-01] (NVIDIA Corporation)
ContextMenuHandlers5: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} =>  -> Keine Datei
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G Data\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G Data\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => 

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive для бизнеса.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype для бизнеса 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\QUIK БКС.lnk -> C:\BCS_Work\QUIK_BCS\info.exe (ARQA Technologies) <==== Cyrillic

ShortcutWithArgument: C:\Users\Public\Desktop\Аура VI+.lnk -> C:\ELSYS\Vibraimage8Lite\Vibraimage.exe (ELSYS Corp.) -> -type DZ <==== Cyrillic

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-07-12 16:27 - 2017-06-21 09:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-01 17:09 - 2016-11-02 00:05 - 000401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-07-18 00:50 - 2017-07-18 00:50 - 000492112 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 000222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-09-16 19:54 - 2016-09-07 06:56 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 20:20 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 20:20 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 20:20 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 20:20 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-08-11 19:08 - 2017-03-04 08:05 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-08-11 19:08 - 2017-08-01 20:26 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-08-11 19:08 - 2017-08-01 20:31 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-24 20:44 - 2017-08-24 20:44 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-04-07 09:41 - 2017-04-07 09:41 - 000054488 _____ () C:\Program Files\CCleaner\branding.dll
2017-06-30 13:22 - 2017-06-30 13:22 - 000069632 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-02-11 07:34 - 2014-02-11 07:34 - 000172552 _____ () C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
2000-01-01 02:00 - 2000-01-01 02:00 - 003282432 _____ () C:\Users\genas_000\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\127.0.0.1 -> hxxp://127.0.0.1
IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\sharepoint.com -> hxxps://htlsalzburg.sharepoint.com

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2017-08-24 21:11 - 000004317 _____ C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 ac3.msn.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads.msn.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 a-msedge.net
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 c.atdmt.com

Da befinden sich 77 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [UDP Query User{D5DDE90F-B890-499C-97BE-D240BF536F06}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{525C069A-4925-4CA0-B0E5-7CEADF154779}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{BE8D84D0-3369-47DE-B749-AAD23628B085}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DA8EBB94-A13D-427B-9C1E-E62823E17964}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D2DD5E8D-A22F-44FF-BA73-73D9EFC2B8DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{780E69FD-5D50-4A2A-819C-E2B45BA8A0F1}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{AC9B4F1C-3234-470E-9008-AC3A6977E938}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{2CE008AD-0902-4FD1-953A-64F9E981CED5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D7A8A6EE-2C58-4FF4-8333-F29F54047C68}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{60A8FBFC-A4F9-4ACF-879B-8B71A2F99FF0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{301BAC45-CBC7-4E83-A610-AF9A345328F9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B2C99D29-24A6-4D7E-93C7-48BB65ACEFE7}] => (Allow) LPort=8888
FirewallRules: [{B050B6DB-44A4-41A7-96A8-7CD4A20EEC39}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files (x86)\AusweisApp2 1.10.1\AusweisApp2.exe
FirewallRules: [{44A4D463-2386-4A06-B986-C805B9653687}] => (Allow) C:\Program Files\Swissquote Ltd MT5 Client Terminal\metatester64.exe
FirewallRules: [{18EA178A-2706-46B0-A5DF-9EA8F6C5A379}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5A874973-02D7-497B-8AEB-2B4C508816DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{6867CE08-BE12-4734-8E65-BDDBAC69D03B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{184D4004-B526-4305-ACB9-F90F4A4D1AA4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9B8728D3-C590-4B26-BA88-240EA494FAC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A4DA8839-462A-4F7A-9824-4C123EB59DEC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{72352756-D653-423A-833C-178972E9D8C3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{C3D370EE-3CF7-4DD3-ADBB-48A8B5FF74A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{33B2E5CB-5DD2-4C2F-A316-B1C814B7063C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{DE0CE2DB-4843-4250-A53B-A94718040FE9}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{64C1F78F-3159-4F6A-86B9-E8AB8D172EF9}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{71CE4922-4B75-4FF7-9386-9CEE9535F059}] => (Allow) C:\Users\genas_000\AppData\Local\Temp\7zS0CBD\setup\hpznui40.exe
FirewallRules: [{D1B3F7B8-03E6-44F4-A89D-59348D4F6F53}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{15125702-7408-4E8E-A327-DCC00EC41C82}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{557D9F0D-B68F-4AA5-99B6-D4E2E7B65275}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{A2C68E22-DAC7-423A-ACD0-49A6B4668CA6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{3F5C6BC9-CC3F-4D24-93F2-6A2AD63E5AD7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{E22B73BA-7459-4BDD-850E-0CF971BC241A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{CC918D2F-866A-41CF-80CF-9818F492D43A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{809AB22F-0ED4-48E6-8E1E-0BDCCE133952}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{10042CB0-C0C1-4492-B697-52544127F208}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{158653DB-4B7D-4AC8-AE0C-847F158C87F7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{41E89BDA-5104-440A-8200-8E2333410A06}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{001AEBEF-6ADF-4F05-826B-E25B7D860CCB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{B41CB8D8-987A-41BF-B501-F74961E4B840}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{E4F74B96-BD69-4D88-9099-BBA1F3A18419}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{13EC67D8-E8C7-4181-B3AA-C3B2EE470C46}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{8748E045-E98A-4457-894A-12894C16B23E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{F6EC5666-56C0-44D4-BFE4-85992EC9767B}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{B45A571A-4E8E-48D1-8991-EDB9E5A65380}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{C7446EB1-62CC-4032-BE86-A2BCF3603E52}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{EF35A8AD-2588-46A5-8813-BC49255461E0}] => (Allow) LPort=8888
FirewallRules: [{529CFD88-2099-48A0-9AB9-4719E28C5AAB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/08/2017 10:05:24 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (09/08/2017 10:05:09 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (09/08/2017 10:04:18 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/08/2017 09:56:54 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/08/2017 07:04:22 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (09/08/2017 07:04:22 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (09/07/2017 07:59:23 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (09/07/2017 07:59:22 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (09/07/2017 07:59:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname BigCom.local already in use; will try BigCom-2.local instead

Error: (09/07/2017 07:59:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 BigCom.local. Addr 192.168.178.25


Systemfehler:
=============
Error: (09/08/2017 10:58:31 PM) (Source: DCOM) (EventID: 10010) (User: BigCom)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/08/2017 10:42:01 PM) (Source: DCOM) (EventID: 10010) (User: BigCom)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/08/2017 10:12:11 PM) (Source: DCOM) (EventID: 10010) (User: BigCom)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/08/2017 10:11:19 PM) (Source: DCOM) (EventID: 10010) (User: BigCom)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/08/2017 10:05:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/08/2017 10:05:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/08/2017 10:05:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/08/2017 10:05:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/08/2017 10:04:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HWDeviceService64.exe" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/08/2017 10:04:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. RunOuc" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.


CodeIntegrity:
===================================
  Date: 2017-09-06 15:58:09.788
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltDll64.dll that did not meet the Store signing level requirements.

  Date: 2017-09-06 15:49:15.976
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltDll64.dll that did not meet the Store signing level requirements.

  Date: 2016-09-28 22:25:30.242
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.240
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.236
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.233
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.229
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.226
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.214
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.201
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 8104.27 MB
Verfügbarer physikalischer RAM: 4358.14 MB
Summe virtueller Speicher: 9384.27 MB
Verfügbarer virtueller Speicher: 4914.61 MB

==================== Laufwerke ================================

Drive c: (Windows8_OS) (Fixed) (Total:122.8 GB) (Free:21.45 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Zwieschenspeicher) (Fixed) (Total:25 GB) (Free:4.78 GB) NTFS
Drive g: (LENOVO_S) (Fixed) (Total:51.88 GB) (Free:1.32 GB) NTFS
Drive h: (Volume) (Fixed) (Total:23.17 GB) (Free:6.88 GB) NTFS

==================== MBR & Partitionstabelle ==================

==================== Ende von Addition.txt ============================
         
__________________


Alt 09.09.2017, 13:33   #3
M-K-D-B
/// TB-Ausbilder
 
Trojaner Verdacht, Win10 64bit - Standard

Trojaner Verdacht, Win10 64bit









Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.



Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
  1. Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.

  2. Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.

  3. Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!

  4. Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
    Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
    Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.


  5. Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!

  6. Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!

  7. Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

  8. Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
    Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.


  9. Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.

  10. In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
    Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.





Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!







Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)







Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________
__________________

Alt 09.09.2017, 20:52   #4
Gewin
 
Trojaner Verdacht, Win10 64bit - Standard

Trojaner Verdacht, Win10 64bit



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
durchgeführt von *************** (Administrator) auf BIGCOM (09-09-2017 21:46:49)
Gestartet von C:\Users\Gena_2\Downloads
Geladene Profile: *************** & Gena_2 (Verfügbare Profile: *************** & Gena_2 & Lilia & Gast & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(MKS Software Inc.) C:\Windows\System32\nutsrv4.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
() C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
() C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1301.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-16] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2014-02-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [101360 2014-02-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM\...\Run: [USB Safely Remove] => "C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe" /startup
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-28] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [NuTCSetupEnviron] => C:\Program Files\PTC\MKS Toolkit\bin\ncoeenv.exe [37248 2012-10-12] (MKS Software Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-07-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-07-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-05-10] (Seagate Technology LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [442856 2017-06-08] (G DATA Software AG)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4295360 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-05-18] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [SurfEasy] => C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyVPN.exe startup
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-05-10] (Seagate Technology LLC)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\MountPoints2: {50b30d4b-8405-11e6-bf7b-fcf8ae9ac78d} - "E:\run.exe" 
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\MountPoints2: {cba4bbd6-565a-11e6-bf56-fcf8ae9ac78d} - "J:\HPLauncher.exe" 
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2352832 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe [763416 2017-07-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-05-10] (Seagate Technology LLC)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4295360 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Polar Sync] => *:\program files\polar\polar sync\********************************************************************************************************************************************************************** (Der Dateneintrag hat 59 mehr Zeichen).
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\MountPoints2: {be3b4032-83bd-11e6-bf7a-fcf8ae9ac78d} - "I:\start-win.exe" 
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-05-18] (Garmin Ltd. or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2014-02-11]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Motion Control.lnk [2014-02-11]
ShortcutTarget: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe ()
Startup: C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZenMate.bat [2017-08-13] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

ProxyServer: [S-1-5-21-4288807228-2172792055-1580508024-1003] => 84.112.117.174:8080
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2be6f6e2-00a5-4ce8-95ef-87a8efc7ebb5}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3a45b7cf-7020-4447-8c63-994d33d62839}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=625119&clcid=0x419
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=625119&clcid=0x419
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U280DF&PC=U280&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> {26B3CAA3-DAC0-4C35-B5A8-06D7ABF7F9C4} URL = 
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> {26B3CAA3-DAC0-4C35-B5A8-06D7ABF7F9C4} URL = 
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-19] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-19] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-12-15] (DVDVideoSoft Ltd.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-07-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle Corporation)
BHO-x32: IE 4.x-6.x BHO for Download Master -> {9961627E-4059-41B4-8E0E-A7D6B3854ADF} -> C:\Program Files (x86)\Download Master\dmiehlp.dll [2014-12-29] (WestByte)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-07-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2016-01-19] (DVDVideoSoft Ltd.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-04-05] (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\genas_000\AppData\Roaming\Mozilla\Firefox\Profiles\30yofb6a.default-1460833065739 [2017-09-06]
FF Extension: (SaveFrom.net helper) - C:\Users\genas_000\AppData\Roaming\Mozilla\Firefox\Profiles\30yofb6a.default-1460833065739\Extensions\helper-sig@savefrom.net.xpi [2017-07-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-08-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-27] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-07-13] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-27] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\CanonBJ\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-04] (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-07-19] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-08-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-07-13] (Adobe Systems)
FF Plugin-x32: Sony Corporation/PMCADownloader -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\npPMCADownloader.dll [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderHelper -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\PMCADownloaderHelper.exe [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderLib -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\PMCADownloaderLib.dll [2012-10-17] (Sony Network Entertainment International LLC)

Chrome: 
=======
CHR HomePage: Default -> bing.com/?pc=__PARAM__
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default [2017-07-08]
CHR Extension: (Google Präsentationen) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-12]
CHR Extension: (Google Docs) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-12]
CHR Extension: (Google Drive) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-12]
CHR Extension: (YouTube) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-12]
CHR Extension: (Adobe Acrobat) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-12]
CHR Extension: (Google Tabellen) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-12]
CHR Extension: (Google Docs Offline) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-12]
CHR Extension: (Skype) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-01-12]
CHR Extension: (Bing) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfedoihopcjdfjihhhojdclnfdgomdho [2017-01-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-12]
CHR Extension: (PlayMemories Camera Apps Downloader) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlghnkgcadghcdodlcjfhogekonhdei [2017-01-12]
CHR Extension: (Google Mail) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-12]
CHR Extension: (Chrome Media Router) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-12]
CHR HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-07-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-07-13] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [5017224 2017-06-23] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [3328112 2017-06-08] (G Data Software AG)
S2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
S2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3705536 2017-07-03] (Microsoft Corporation)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [432528 2013-04-17] (Nuance Communications, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [437224 2016-10-27] (Digital Wave Ltd.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2017-07-06] () [Datei ist nicht signiert]
S3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1458368 2016-06-09] (Disc Soft Ltd)
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1093136 2017-05-18] (Garmin Ltd. or its subsidiaries)
S3 GDBackupSvc; C:\Program Files (x86)\G Data\InternetSecurity\AVKBackup\AVKBackupService.exe [3997160 2017-06-23] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3419552 2017-06-08] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [884328 2017-06-08] (G DATA Software AG)
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] ()
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-06-05] (Lenovo Group Limited)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-09] (Intel Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-08-16] () [Datei ist nicht signiert]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NuTCRACKERService; C:\WINDOWS\system32\nutsrv4.exe [574776 2012-10-12] (MKS Software Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16120 2017-05-10] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143560 2017-05-10] (Seagate Technology LLC)
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [35272 2016-05-04] (SHAREit Technologies Co.Ltd)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 SurfEasyVPN; C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe [1663368 2017-03-14] ()
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-06-09] ()
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-08-01] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 dcrypt; C:\WINDOWS\System32\drivers\dcrypt.sys [210632 2014-07-09] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-09-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-09-26] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] ()
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [109568 2013-01-25] (Huawei Technologies Co., Ltd.)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [200728 2017-08-13] (G Data Software AG)
R3 gddcd; C:\WINDOWS\System32\drivers\gddcd64.sys [79872 2015-03-23] (G Data Software AG)
R1 gddcv; C:\WINDOWS\System32\drivers\gddcv64.sys [59904 2015-03-23] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2017-02-20] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [46104 2017-08-13] (G Data Software AG)
R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [38984 2017-08-13] (G DATA Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [309784 2017-08-13] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [162328 2017-08-13] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [86584 2017-08-13] (G DATA Software AG)
S3 GRD; C:\WINDOWS\system32\drivers\GRD.sys [125640 2017-08-27] (G Data Software)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [157720 2017-08-13] (G Data Software AG)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [121728 2013-12-10] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\system32\DRIVERS\ew_wwanecm.sys [376704 2013-12-10] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-09-08] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-09] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-09] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-09] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-09] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.)
S3 MosIrUsb; C:\WINDOWS\System32\drivers\MosIrUsb.sys [27648 2007-10-11] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3776792 2015-06-22] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_e512e33140587627\nvlddmkm.sys [14841784 2017-04-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-05-03] (NVIDIA Corporation)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [759552 2015-09-21] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-16] (Realtek Semiconductor Corp.)
S3 SD11CL64; C:\WINDOWS\system32\DRIVERS\SD11CL64.sys [96512 2011-01-24] (SCM Microsystems Inc.)
S3 SDI01164; C:\WINDOWS\system32\DRIVERS\SDI01164.SYS [75904 2011-01-24] (SCM Microsystems Inc.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2017-03-21] (Anchorfree Inc.)
R0 TS4NT; C:\WINDOWS\System32\Drivers\TS4nt.sys [98760 2015-03-23] (G Data Software)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-09-09] ()
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-09 21:45 - 2017-09-09 21:46 - 000061049 _____ C:\Users\Gena_2\Downloads\Addition.txt
2017-09-09 21:45 - 2017-09-09 21:46 - 000041468 _____ C:\Users\Gena_2\Downloads\FRST.txt
2017-09-09 21:31 - 2017-09-09 21:31 - 000000022 _____ C:\WINDOWS\S.dirmngr
2017-09-09 14:54 - 2017-09-09 21:38 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2017-09-08 23:26 - 2017-09-08 23:26 - 000000000 ____D C:\Users\Gena_2\Desktop\txt
2017-09-08 22:59 - 2017-09-09 21:44 - 002395648 _____ (Farbar) C:\Users\Gena_2\Downloads\FRST64.exe
2017-09-08 22:11 - 2017-09-08 22:11 - 000001456 _____ C:\Users\Gena_2\Desktop\Start Tor Browser.lnk
2017-09-08 21:56 - 2017-09-09 21:39 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-08 21:56 - 2017-09-09 21:31 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-08 21:56 - 2017-09-09 21:31 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-08 21:56 - 2017-09-09 21:31 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-08 21:56 - 2017-09-08 21:56 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-08 21:56 - 2017-09-08 21:56 - 000001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-08 21:56 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-08 21:55 - 2017-09-08 21:55 - 066347240 _____ (Malwarebytes ) C:\Users\Gena_2\Downloads\mb3-setup-consumer-3.2.2.2018.exe
2017-09-08 21:33 - 2017-09-08 21:47 - 000079617 _____ C:\Users\genas_000\Downloads\Addition.txt
2017-09-08 21:32 - 2017-09-09 21:46 - 000000000 ____D C:\FRST
2017-09-08 21:32 - 2017-09-08 21:45 - 000100731 _____ C:\Users\genas_000\Downloads\FRST.txt
2017-09-08 21:29 - 2017-09-08 21:32 - 002395648 _____ (Farbar) C:\Users\genas_000\Downloads\FRST64.exe
2017-09-08 21:20 - 2017-09-08 21:20 - 007178424 _____ (VS Revo Group ) C:\Users\genas_000\Downloads\revosetup_v2.0.3.exe
2017-09-08 21:05 - 2017-09-08 21:05 - 000000970 _____ C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-09-08 21:05 - 2017-09-08 21:05 - 000000922 _____ C:\Users\genas_000\Desktop\Start Tor Browser.lnk
2017-09-08 21:04 - 2017-09-08 21:05 - 000000000 ____D C:\Users\genas_000\Desktop\Tor Browser
2017-09-08 19:04 - 2017-09-09 21:31 - 000094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-09-08 15:57 - 2017-09-08 15:57 - 000007290 _____ C:\Users\Gena_2\AppData\Local\recently-used.xbel
2017-09-08 15:57 - 2017-09-08 15:57 - 000000037 _____ C:\Users\Gena_2\.gtk-bookmarks
2017-09-07 19:59 - 2017-09-09 21:32 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2017-09-06 16:22 - 2017-09-06 20:25 - 001314861 _____ () C:\hoe.dll
2017-09-06 16:01 - 2017-09-06 16:01 - 000002447 _____ C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-04 20:54 - 2017-09-04 20:54 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign24b0aab944a0f2f8
2017-09-04 20:53 - 2017-09-04 20:53 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign7e4b5e0ba9a3c64c
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignfed5aacc0dc13da6
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign41a2d2e3a16ca90a
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign0ce8cd98bb0e703f
2017-09-03 19:24 - 2017-09-03 19:24 - 000184837 _____ C:\Users\Gena_2\Documents\Paracelsus-Versand.pdf
2017-09-02 23:31 - 2017-09-02 23:31 - 001781226 _____ C:\Users\Gena_2\Documents\Ahnenblatt-Handbuch.pdf
2017-09-02 20:38 - 2017-09-06 21:16 - 000000000 ____D C:\Users\Gena_2\Documents\Ahnenblatt
2017-09-02 20:38 - 2017-09-06 19:22 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 20:38 - 000000000 ____D C:\Users\genas_000\AppData\Roaming\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000001175 _____ C:\Users\Public\Desktop\Ahnenblatt.lnk
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\Users\genas_000\Documents\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\Program Files (x86)\Ahnenblatt
2017-09-02 16:59 - 2017-09-02 16:59 - 007164912 _____ (Dirk Böttcher ) C:\Users\Gena_2\Downloads\absetup.exe
2017-08-24 18:54 - 2017-08-24 18:54 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2017-08-24 18:54 - 2017-08-24 18:54 - 000002220 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2017-08-22 21:09 - 2017-09-09 21:31 - 000034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-08-19 13:15 - 2017-08-19 13:15 - 000000000 ____D C:\Users\genas_000\AppData\Local\keepassx
2017-08-19 13:14 - 2017-08-19 13:14 - 000000000 ____D C:\Users\Gena_2\Downloads\KeePassX-2.0.3
2017-08-19 13:12 - 2017-08-19 13:12 - 000000801 _____ C:\Users\Gena_2\Downloads\KeePassX-2.0.3.zip.sig
2017-08-19 11:38 - 2017-08-24 21:06 - 000000000 ____D C:\Users\Gena_2\Downloads\windows
2017-08-14 18:28 - 2017-08-14 18:28 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign1b4a29de636be42f
2017-08-14 18:23 - 2017-08-14 18:23 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignc0bab0ec0cf11e06
2017-08-14 18:17 - 2017-08-14 18:17 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign991be756ff36d9ed
2017-08-14 18:16 - 2017-08-14 18:16 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignad11cc61bf043d49
2017-08-14 18:16 - 2017-08-14 18:16 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsigna9351cf5d5af130d
2017-08-14 18:15 - 2017-08-14 18:15 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign880927f307097e96
2017-08-14 18:15 - 2017-08-14 18:15 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign68131fe99be3bf8d
2017-08-13 12:46 - 2017-08-13 12:46 - 001781359 _____ (pendrivelinux.com) C:\Users\Gena_2\Downloads\Universal-USB-Installer.exe
2017-08-13 12:17 - 2017-08-27 13:58 - 000125640 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2017-08-13 12:17 - 2017-08-13 12:17 - 000037544 _____ (G DATA Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000086584 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000046104 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBB64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000038984 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000002102 _____ C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2017-08-13 10:45 - 2017-08-13 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2017-08-13 10:43 - 2017-08-13 10:43 - 000309784 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000200728 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000162328 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000157720 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2017-08-13 10:35 - 2017-08-13 10:36 - 014890128 _____ (G DATA Software AG) C:\Users\Gena_2\Downloads\GDATA_INTERNETSECURITY_WEB_WEU.exe
2017-08-13 00:19 - 2017-08-13 00:19 - 001781359 _____ (pendrivelinux.com) C:\Users\genas_000\Downloads\Universal-USB-Installer.exe
2017-08-13 00:16 - 2017-08-13 00:16 - 000506984 _____ C:\Users\Gena_2\Documents\GDataSettings.gds
2017-08-12 23:22 - 2017-08-12 23:22 - 000459593 _____ C:\Users\Gena_2\Downloads\tails-signing.key
2017-08-12 22:30 - 2017-09-08 21:55 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\gnupg
2017-08-12 22:30 - 2017-08-12 22:33 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\.kde
2017-08-12 22:30 - 2017-08-12 22:30 - 000002063 _____ C:\Users\Public\Desktop\Kleopatra.lnk
2017-08-12 22:30 - 2017-08-12 22:30 - 000001203 _____ C:\Users\Public\Desktop\GPA.lnk
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\Users\Public\Desktop\Документация Gpg4win
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\Users\Gena_2\AppData\Local\GNU
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gpg4win
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\Users\genas_000\AppData\Roaming\gnupg
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\ProgramData\GNU
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\Program Files (x86)\GNU
2017-08-12 21:20 - 2017-08-12 21:20 - 054531880 _____ C:\Users\Gena_2\Downloads\torbrowser-install-7.0.4_ru.exe
2017-08-12 20:47 - 2017-08-12 20:47 - 018239617 _____ C:\Users\Gena_2\Downloads\i2pinstall_0.9.31_windows.exe
2017-08-12 20:07 - 2017-08-12 20:07 - 018583016 _____ (freenetproject.org ) C:\Users\Gena_2\Downloads\FreenetInstaller-1478.exe
2017-08-12 18:22 - 2017-08-12 18:22 - 033954414 _____ C:\Users\Gena_2\Downloads\Bitmessage_x64_0.6.2.exe
2017-08-12 18:12 - 2017-08-12 18:12 - 001468831 _____ C:\Users\Gena_2\Downloads\dcrypt_1.1.846.118_src.zip
2017-08-12 18:12 - 2017-08-12 18:12 - 001001880 _____ (hxxp://diskcryptor.net/ ) C:\Users\Gena_2\Downloads\dcrypt_setup.exe
2017-08-12 18:12 - 2017-08-12 18:12 - 000000836 _____ C:\Users\genas_000\Desktop\DiskCryptor.lnk
2017-08-12 18:12 - 2017-08-12 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCryptor
2017-08-12 18:12 - 2017-08-12 18:12 - 000000000 ____D C:\Program Files\dcrypt
2017-08-12 18:12 - 2014-07-09 10:42 - 000210632 _____ C:\WINDOWS\system32\Drivers\dcrypt.sys
2017-08-12 16:57 - 2017-08-13 01:11 - 000000000 ____D C:\Users\Gena_2\AppData\Local\ZenMate
2017-08-12 16:57 - 2017-08-13 00:53 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZenGuard GmbH
2017-08-12 16:57 - 2017-08-12 16:57 - 000000000 ____D C:\Users\Gena_2\AppData\Local\SquirrelTemp
2017-08-12 16:57 - 2017-08-12 16:57 - 000000000 ____D C:\Users\Gena_2\AppData\Local\IsolatedStorage
2017-08-12 16:47 - 2017-08-12 16:47 - 014932432 _____ (AnchorFree Inc.) C:\Users\Gena_2\Downloads\HotspotShield-6.9.2-9040555.exe
2017-08-12 15:25 - 2017-08-12 15:25 - 083516376 _____ (GitHub, Inc.) C:\Users\Gena_2\Downloads\GitHubDesktopSetup.exe
2017-08-12 14:34 - 2017-08-12 14:34 - 023584794 _____ (Tox) C:\Users\Gena_2\Downloads\setup-qtox64-1.11.0.exe
2017-08-11 23:06 - 2017-08-11 23:06 - 006492712 _____ C:\Users\Gena_2\Downloads\BleachBit-1.12-setup.exe
2017-08-11 21:34 - 2017-08-19 13:12 - 007941944 _____ C:\Users\Gena_2\Downloads\KeePassX-2.0.3.zip
2017-08-11 19:39 - 2017-08-12 18:09 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_setup.exe.asc
2017-08-11 19:39 - 2017-08-11 19:39 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_winpe.zip.asc
2017-08-11 19:39 - 2017-08-11 19:39 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_1.1.846.118_src.zip.asc
2017-08-11 19:09 - 2017-08-01 21:21 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-11 19:09 - 2017-08-01 21:20 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-08-11 19:09 - 2017-08-01 20:32 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-11 19:09 - 2017-08-01 20:27 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-08-11 19:09 - 2017-08-01 20:27 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-08-11 19:09 - 2017-08-01 19:20 - 002264344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-11 19:09 - 2017-08-01 19:20 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-08-11 19:09 - 2017-08-01 19:20 - 000781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-11 19:09 - 2017-08-01 19:20 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000577976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000339896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000266080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-11 19:09 - 2017-08-01 19:19 - 000120416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-11 19:09 - 2017-08-01 19:18 - 000139104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-11 19:09 - 2017-08-01 19:16 - 006665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-11 19:09 - 2017-08-01 19:16 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-08-11 19:09 - 2017-08-01 19:16 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-08-11 19:09 - 2017-08-01 19:10 - 000306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-08-11 19:09 - 2017-08-01 19:07 - 005686784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-11 19:09 - 2017-08-01 18:59 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-11 19:09 - 2017-08-01 18:58 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-08-11 19:09 - 2017-08-01 18:56 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-08-11 19:09 - 2017-08-01 18:56 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-08-11 19:09 - 2017-08-01 18:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-11 19:09 - 2017-08-01 18:54 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-08-11 19:09 - 2017-08-01 18:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-08-11 19:09 - 2017-08-01 18:54 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-11 19:09 - 2017-08-01 18:53 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-08-11 19:09 - 2017-08-01 18:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2017-08-11 19:09 - 2017-08-01 18:52 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-11 19:09 - 2017-08-01 18:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-11 19:09 - 2017-08-01 18:50 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-08-11 19:09 - 2017-08-01 18:49 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-11 19:09 - 2017-08-01 18:48 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-08-11 19:09 - 2017-08-01 18:48 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-08-11 19:09 - 2017-08-01 18:45 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-08-11 19:09 - 2017-08-01 18:45 - 001985536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certmgr.dll
2017-08-11 19:09 - 2017-08-01 18:41 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-08-11 19:09 - 2017-08-01 18:39 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-11 19:09 - 2017-08-01 18:39 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-11 19:09 - 2017-08-01 18:38 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-08-11 19:09 - 2017-08-01 18:37 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comuid.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-08-11 19:09 - 2017-08-01 18:36 - 007468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-08-11 19:09 - 2017-08-01 18:35 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-08-11 19:09 - 2017-08-01 18:33 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-08-11 19:09 - 2017-08-01 18:32 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-08-11 19:09 - 2017-08-01 18:32 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-08-11 19:09 - 2017-08-01 18:31 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 002997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-11 19:09 - 2017-08-01 18:30 - 002482688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-08-11 19:09 - 2017-08-01 18:29 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-08-11 19:09 - 2017-08-01 18:28 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-11 19:09 - 2017-07-12 08:17 - 000081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-08-11 19:09 - 2017-07-12 08:15 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-08-11 19:09 - 2017-07-12 08:12 - 001573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-08-11 19:09 - 2017-07-12 08:01 - 000715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-08-11 19:09 - 2017-07-12 08:00 - 000095584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2017-08-11 19:09 - 2017-07-12 07:56 - 000277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-11 19:09 - 2017-07-12 07:55 - 000607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-08-11 19:09 - 2017-07-12 07:55 - 000111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-08-11 19:09 - 2017-07-12 07:52 - 004312760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-08-11 19:09 - 2017-07-12 07:35 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dabapi.dll
2017-08-11 19:09 - 2017-07-12 07:32 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2017-08-11 19:09 - 2017-07-12 07:32 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\frprov.dll
2017-08-11 19:09 - 2017-07-12 07:31 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-11 19:09 - 2017-07-12 07:31 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2017-08-11 19:09 - 2017-07-12 07:30 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2017-08-11 19:09 - 2017-07-12 07:29 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-08-11 19:09 - 2017-07-12 07:29 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\httpapi.dll
2017-08-11 19:09 - 2017-07-12 07:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-08-11 19:09 - 2017-07-12 07:24 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys
2017-08-11 19:09 - 2017-07-12 07:23 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-11 19:09 - 2017-07-12 07:23 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-08-11 19:09 - 2017-07-12 07:21 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-11 19:09 - 2017-07-12 07:21 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2017-08-11 19:09 - 2017-07-12 07:19 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-08-11 19:09 - 2017-07-12 07:18 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-08-11 19:09 - 2017-07-12 07:15 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-11 19:09 - 2017-07-12 07:15 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsium.dll
2017-08-11 19:09 - 2017-07-12 07:14 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-11 19:09 - 2017-07-12 07:13 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-11 19:09 - 2017-07-12 07:12 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-08-11 19:09 - 2017-07-12 07:11 - 002154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-08-11 19:09 - 2017-07-12 07:10 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-11 19:09 - 2017-07-12 07:10 - 000546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-08-11 19:09 - 2017-07-12 07:09 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-08-11 19:09 - 2017-07-12 07:07 - 001572352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-08-11 19:09 - 2017-07-12 07:05 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-11 19:09 - 2017-07-12 04:49 - 000448629 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-08-11 19:09 - 2017-03-04 08:05 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-08-11 19:08 - 2017-08-01 21:32 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-08-11 19:08 - 2017-08-01 21:31 - 007780192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-11 19:08 - 2017-08-01 21:29 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-11 19:08 - 2017-08-01 21:27 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-11 19:08 - 2017-08-01 21:25 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-08-11 19:08 - 2017-08-01 21:22 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-08-11 19:08 - 2017-08-01 21:22 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 002759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-11 19:08 - 2017-08-01 21:21 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-08-11 19:08 - 2017-08-01 21:21 - 000295264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-08-11 19:08 - 2017-08-01 21:21 - 000124072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 000026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-08-11 19:08 - 2017-08-01 21:20 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000684344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000383776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000144736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-11 19:08 - 2017-08-01 21:20 - 000079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-11 19:08 - 2017-08-01 21:18 - 008169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 004260064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 022220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-08-11 19:08 - 2017-08-01 21:13 - 002532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-11 19:08 - 2017-08-01 21:13 - 001102176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-08-11 19:08 - 2017-08-01 21:13 - 000387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-11 19:08 - 2017-08-01 21:01 - 007218176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-11 19:08 - 2017-08-01 20:57 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-08-11 19:08 - 2017-08-01 20:54 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-11 19:08 - 2017-08-01 20:53 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 022569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-11 19:08 - 2017-08-01 20:51 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-11 19:08 - 2017-08-01 20:50 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-11 19:08 - 2017-08-01 20:48 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-08-11 19:08 - 2017-08-01 20:48 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-08-11 19:08 - 2017-08-01 20:48 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-11 19:08 - 2017-08-01 20:47 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-08-11 19:08 - 2017-08-01 20:46 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-11 19:08 - 2017-08-01 20:46 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-11 19:08 - 2017-08-01 20:45 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-11 19:08 - 2017-08-01 20:44 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-11 19:08 - 2017-08-01 20:44 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-11 19:08 - 2017-08-01 20:42 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-11 19:08 - 2017-08-01 20:42 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-11 19:08 - 2017-08-01 20:41 - 002222080 _____ (Microsoft Corporation) C:\WINDOWS\system32\certmgr.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 001281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-11 19:08 - 2017-08-01 20:38 - 013441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-08-11 19:08 - 2017-08-01 20:38 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-08-11 19:08 - 2017-08-01 20:37 - 013091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-11 19:08 - 2017-08-01 20:36 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-11 19:08 - 2017-08-01 20:36 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-08-11 19:08 - 2017-08-01 20:35 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-11 19:08 - 2017-08-01 20:34 - 001837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-08-11 19:08 - 2017-08-01 20:32 - 008114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-11 19:08 - 2017-08-01 20:32 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-08-11 19:08 - 2017-08-01 20:32 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 004743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-11 19:08 - 2017-08-01 20:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-08-11 19:08 - 2017-08-01 20:28 - 001490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 008076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-08-11 19:08 - 2017-08-01 20:26 - 001513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-11 19:08 - 2017-08-01 20:26 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-08-11 19:08 - 2017-08-01 20:25 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-08-11 19:08 - 2017-08-01 20:24 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-08-11 19:08 - 2017-08-01 20:23 - 003615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-11 19:08 - 2017-08-01 20:23 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-08-11 19:08 - 2017-08-01 18:51 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-11 19:08 - 2017-08-01 18:47 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-08-11 19:08 - 2017-08-01 18:47 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-11 19:08 - 2017-08-01 18:42 - 018364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-11 19:08 - 2017-08-01 18:40 - 019415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-11 19:08 - 2017-08-01 18:40 - 012187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-11 19:08 - 2017-08-01 18:37 - 012349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-08-11 19:08 - 2017-08-01 18:33 - 006031872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-11 19:08 - 2017-08-01 18:31 - 003664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-11 19:08 - 2017-07-12 08:16 - 000646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-08-11 19:08 - 2017-07-12 08:15 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-11 19:08 - 2017-07-12 08:15 - 000101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll
2017-08-11 19:08 - 2017-07-12 08:14 - 001886896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-08-11 19:08 - 2017-07-12 08:13 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-11 19:08 - 2017-07-12 08:12 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-11 19:08 - 2017-07-12 08:09 - 001181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-08-11 19:08 - 2017-07-12 08:02 - 002186592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-11 19:08 - 2017-07-12 08:02 - 000402776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-08-11 19:08 - 2017-07-12 08:01 - 000156000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2017-08-11 19:08 - 2017-07-12 08:00 - 000223072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-08-11 19:08 - 2017-07-12 08:00 - 000160608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2017-08-11 19:08 - 2017-07-12 07:59 - 001100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-08-11 19:08 - 2017-07-12 07:59 - 000989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-08-11 19:08 - 2017-07-12 07:59 - 000947040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-08-11 19:08 - 2017-07-12 07:59 - 000857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-08-11 19:08 - 2017-07-12 07:59 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-08-11 19:08 - 2017-07-12 07:55 - 004674872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-08-11 19:08 - 2017-07-12 07:25 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2017-08-11 19:08 - 2017-07-12 07:24 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2017-08-11 19:08 - 2017-07-12 07:24 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dabapi.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-08-11 19:08 - 2017-07-12 07:23 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-08-11 19:08 - 2017-07-12 07:23 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\frprov.dll
2017-08-11 19:08 - 2017-07-12 07:22 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2017-08-11 19:08 - 2017-07-12 07:20 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpapi.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-11 19:08 - 2017-07-12 07:17 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-08-11 19:08 - 2017-07-12 07:17 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-08-11 19:08 - 2017-07-12 07:16 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-08-11 19:08 - 2017-07-12 07:16 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-11 19:08 - 2017-07-12 07:15 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-08-11 19:08 - 2017-07-12 07:13 - 001478656 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-11 19:08 - 2017-07-12 07:12 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-11 19:08 - 2017-07-12 07:12 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-08-11 19:08 - 2017-07-12 07:12 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsium.dll
2017-08-11 19:08 - 2017-07-12 07:11 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-11 19:08 - 2017-07-12 07:10 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-11 19:08 - 2017-07-12 07:09 - 003291136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-08-11 19:08 - 2017-07-12 07:08 - 002861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-08-11 19:08 - 2017-07-12 07:07 - 000954880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-11 19:08 - 2017-07-12 07:07 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-08-11 19:08 - 2017-07-12 07:03 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-11 19:08 - 2017-07-12 07:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-11 19:08 - 2017-07-12 07:02 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-11 19:08 - 2017-07-12 07:01 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-11 19:08 - 2017-07-12 07:01 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-08-11 19:08 - 2017-07-12 07:00 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-08-11 19:08 - 2017-07-12 06:59 - 006664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-08-11 19:08 - 2017-07-12 06:59 - 002318336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-11 19:08 - 2017-07-12 06:59 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 001130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-11 19:08 - 2017-07-12 06:57 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-11 19:08 - 2017-07-12 06:56 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-08-11 19:08 - 2017-03-04 08:57 - 000372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-08-11 19:08 - 2017-03-04 08:16 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-08-11 19:08 - 2017-03-04 08:14 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-08-11 19:08 - 2017-03-04 08:07 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-08-11 19:08 - 2017-03-04 08:05 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-08-11 19:08 - 2016-08-02 10:13 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-11 19:01 - 2016-09-07 07:24 - 000057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-08-11 18:50 - 2017-09-08 21:04 - 054567688 _____ C:\Users\Gena_2\Downloads\torbrowser-install-7.0.4_de.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-09 21:37 - 2016-07-17 00:51 - 001576958 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-09 21:37 - 2016-07-17 00:51 - 001085070 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-09 21:37 - 2016-07-16 08:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-09-09 21:37 - 2015-08-07 21:06 - 005814092 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-09 21:36 - 2016-11-16 19:56 - 000270507 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-09-09 21:36 - 2016-09-13 21:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-09 21:34 - 2014-07-23 21:46 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Adobe
2017-09-09 21:33 - 2016-09-13 21:35 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-09 21:32 - 2016-09-17 14:50 - 000000000 ____D C:\Users\Gena_2\Documents\Outlook-Dateien
2017-09-09 21:32 - 2016-05-27 13:54 - 000000000 ___RD C:\Users\Gena_2\Creative Cloud Files
2017-09-09 21:32 - 2014-07-22 18:47 - 000000000 ____D C:\Users\genas_000\Documents\Outlook-Dateien
2017-09-09 21:31 - 2016-09-13 21:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-09 21:31 - 2016-09-13 21:34 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-09-09 21:31 - 2014-07-23 17:42 - 000000000 __SHD C:\Users\Gena_2\IntelGraphicsProfiles
2017-09-09 17:19 - 2016-07-16 08:04 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2017-09-08 15:57 - 2016-09-13 21:36 - 000000000 ____D C:\Users\Gena_2
2017-09-08 15:57 - 2015-03-07 17:49 - 000000000 ____D C:\Users\Gena_2\AppData\Local\gtk-2.0
2017-09-06 19:51 - 2016-12-20 23:21 - 000000000 ____D C:\Users\genas_000\AppData\LocalLow\Mozilla
2017-09-06 16:06 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-06 16:01 - 2017-07-23 12:18 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4288807228-2172792055-1580508024-1002
2017-09-06 16:01 - 2014-07-23 17:23 - 000000000 __RDO C:\Users\genas_000\OneDrive
2017-09-06 15:59 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-06 15:54 - 2014-07-23 17:58 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\DAEMON Tools Lite
2017-09-06 15:50 - 2017-05-24 21:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-04 21:02 - 2016-09-25 23:00 - 000332800 ___SH C:\Users\Gena_2\Desktop\Thumbs.db
2017-09-01 23:29 - 2014-07-23 21:11 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-09-01 21:51 - 2014-07-22 16:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-01 21:43 - 2016-11-24 19:07 - 000000000 ____D C:\Users\Gena_2\AppData\LocalLow\Mozilla
2017-08-29 15:45 - 2015-12-03 11:46 - 000002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-29 15:45 - 2015-12-03 11:46 - 000002223 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-27 14:07 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-27 14:07 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-27 14:06 - 2014-08-24 11:17 - 000000000 ____D C:\Users\genas_000\AppData\Local\Adobe
2017-08-24 21:11 - 2014-07-22 13:17 - 000000000 ____D C:\Users\genas_000\AppData\Local\Packages
2017-08-24 18:54 - 2015-03-07 17:33 - 000000000 ____D C:\Program Files (x86)\Google
2017-08-23 17:40 - 2014-07-23 17:42 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Packages
2017-08-19 11:57 - 2016-04-09 13:41 - 000000000 ____D C:\Users\Gena_2\AppData\Local\CrashDumps
2017-08-15 21:10 - 2017-05-21 16:23 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Garmin
2017-08-13 10:48 - 2014-08-07 17:32 - 000000000 ____D C:\ProgramData\G Data
2017-08-13 10:42 - 2016-07-16 13:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-08-13 10:42 - 2014-08-07 17:33 - 000000000 ____D C:\Program Files (x86)\G Data
2017-08-13 00:24 - 2016-09-13 21:36 - 000000000 ____D C:\Users\genas_000
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2017-08-13 00:17 - 2014-04-30 17:43 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-12 23:54 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF
2017-08-12 15:55 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\rescache
2017-08-12 11:16 - 2016-11-06 19:08 - 000000000 ____D C:\Users\Lilia
2017-08-12 11:16 - 2016-09-13 21:36 - 000000000 ____D C:\Users\Gast
2017-08-12 11:15 - 2016-09-13 21:33 - 000341032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ___RD C:\Program Files\Windows Defender
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\Provisioning
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\bcastdvr
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-08-11 19:18 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-10 21:43 - 2016-05-30 16:55 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2017-08-10 21:43 - 2016-05-30 16:55 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2017-08-10 21:43 - 2016-05-30 16:55 - 000002097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2017-08-10 21:42 - 2014-07-22 16:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-10 21:41 - 2016-09-13 21:44 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-08-10 21:35 - 2014-07-22 16:21 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-07-22 13:18 - 2014-07-23 16:52 - 000005244 _____ () C:\Users\genas_000\AppData\Roaming\AbsoluteReminder.xml
2014-08-07 17:33 - 2014-08-07 17:33 - 000000000 _____ () C:\Users\genas_000\AppData\Roaming\gdfw.log
2014-08-07 17:33 - 2017-08-13 10:43 - 000001558 _____ () C:\Users\genas_000\AppData\Roaming\gdscan.log
2006-12-11 19:13 - 2006-12-11 19:13 - 000097336 _____ (Un4seen Developments) C:\Users\genas_000\AppData\Local\bass.dll
2006-12-11 19:13 - 2006-12-11 19:13 - 000013872 _____ (Un4seen Developments) C:\Users\genas_000\AppData\Local\basscd.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 000102912 _____ (Albert L Faber) C:\Users\genas_000\AppData\Local\CDRip.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 000155136 _____ () C:\Users\genas_000\AppData\Local\lame_enc.dll
2007-01-18 21:09 - 2007-01-18 21:09 - 000623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\genas_000\AppData\Local\No23 Recorder.exe
2005-08-23 22:34 - 2005-08-23 22:34 - 000029184 _____ () C:\Users\genas_000\AppData\Local\no23xwrapper.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 000015872 _____ () C:\Users\genas_000\AppData\Local\ogg.dll
2014-10-08 15:02 - 2014-10-08 19:51 - 000001451 _____ () C:\Users\genas_000\AppData\Local\RecConfig.xml
2014-08-09 18:40 - 2016-09-17 16:47 - 000007598 _____ () C:\Users\genas_000\AppData\Local\Resmon.ResmonCfg
2006-10-26 01:06 - 2006-10-26 01:06 - 000143872 _____ () C:\Users\genas_000\AppData\Local\vorbis.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 000064000 _____ () C:\Users\genas_000\AppData\Local\vorbisenc.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 000019456 _____ () C:\Users\genas_000\AppData\Local\vorbisfile.dll
2016-09-13 21:35 - 2016-09-13 21:35 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-07-17 21:11 - 2017-07-18 13:10 - 000006299 _____ () C:\ProgramData\hpzinstall.log
2016-04-09 11:39 - 2016-04-09 11:39 - 000000016 _____ () C:\ProgramData\mntemp
2013-03-19 12:32 - 2013-03-19 12:32 - 000010011 _____ () C:\ProgramData\regid.2012-01.com.intel.discover-at_512FCF1B-3685-45F2-A1E9-63AEF7F79B35.swidtag

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-09-08 20:21

==================== Ende von FRST.txt ============================
         

Alt 09.09.2017, 20:53   #5
Gewin
 
Trojaner Verdacht, Win10 64bit - Standard

Trojaner Verdacht, Win10 64bit



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-08-2017
durchgeführt von ************** (09-09-2017 21:47:29)
Gestartet von C:\Users\Gena_2\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-13 19:51:32)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4288807228-2172792055-1580508024-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4288807228-2172792055-1580508024-1012 - Limited - Enabled)
DefaultAccount (S-1-5-21-4288807228-2172792055-1580508024-503 - Limited - Disabled)
Gast (S-1-5-21-4288807228-2172792055-1580508024-501 - Limited - Disabled) => C:\Users\Gast
************** (S-1-5-21-4288807228-2172792055-1580508024-1002 - Administrator - Enabled) => C:\Users\genas_000
Gena_2 (S-1-5-21-4288807228-2172792055-1580508024-1003 - Limited - Enabled) => C:\Users\Gena_2
HomeGroupUser$ (S-1-5-21-4288807228-2172792055-1580508024-1022 - Limited - Enabled)
Lilia (S-1-5-21-4288807228-2172792055-1580508024-1046 - Limited - Enabled) => C:\Users\Lilia

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G DATA INTERNET SECURITY (Enabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.0 - Absolute Software)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.22 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.8 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.10.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Ahnenblatt 2.97a (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.97.2.1 - Dirk Bцttcher)
Amolto Call Recorder Premium for Skype (HKLM-x32\...\{69F36B84-256D-47CA-A4AC-D04083709434}) (Version: 2.6.1 - Amolto)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 381.65 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (HKLM\...\{1B6B17C2-176C-433C-93F3-640D12825426}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
AusweisApp2 (HKLM-x32\...\{8BC126FD-2F56-4B56-9363-54C3D0027BC6}) (Version: 1.10.1 - Governikus GmbH & Co. KG)
Benutzerhandbuch (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo) Hidden
BlackVue HD (HKLM-x32\...\BlackVueHD) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (HKLM-x32\...\{3D73DC7A-2D1D-45CF-8A67-24873925C716}) (Version: 3.00.0000 - Hewlett-Packard) Hidden
Brief Vorlagen (HKLM-x32\...\Brief Vorlagen_is1) (Version:  - )
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version:  - )
Canon MX340 series - регистрация пользователя (HKLM-x32\...\Canon MX340 series - регистрация пользователя) (Version:  - )
Canon MX340 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
CrystalDiskMark 5.1.2 (HKLM\...\CrystalDiskMark5_is1) (Version: 5.1.2 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0191 - Disc Soft Ltd)
DIG-CAD 4.0 (HKLM-x32\...\DIG-CAD 4.0) (Version:  - )
DiskCryptor 1.1 (HKLM\...\DiskCryptor_is1) (Version: 1.1 - hxxp://diskcryptor.net/)
Download Master version 6.0.3.1433 (HKLM-x32\...\Download Master_is1) (Version: 6.0.3.1433 - WestByte)
Dragon Assistant Application de-DE Version 1.5.5 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.5 - Nuance Communications, Inc.)
Dragon Assistant Core Recognition Service Version 1.1.9 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.9 - Nuance Communications, Inc.)
Dragon Assistant Language Data de-DE Version 1.1.2 (HKLM-x32\...\{FB671668-9AAC-41DC-872B-627418FB62D5}_is1) (Version: 1.1.2 - Nuance Communications, Inc.)
Dragon Assistant Version 1.5.5 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.5 - Nuance Communications, Inc.)
Elevated Installer (HKLM-x32\...\{BA007E03-72AE-4D2D-8A73-FA4B935D4015}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo)
Exif-Viewer 2.51  (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
FLV and Media Player 4.2.1.1 (HKLM-x32\...\FLV and Media Player) (Version: 4.2.1.1 - Applian Technologies)
Free DVD Video Converter (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.65.823 - Digital Wave Ltd)
Free MP4 Video Converter version 5.0.54.1215 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.54.1215 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.54.1215 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.54.1215 - DVDVideoSoft Ltd.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.1.119 - DVDVideoSoft Ltd.)
FRITZ!Fernzugang (HKLM\...\{DD57CC22-8864-4CCA-94D4-600D024C1207}) (Version: 1.3.1 - AVM Berlin)
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.4.0.1 - G DATA Software AG)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{2f694ffe-66ec-4674-a32d-ec690281ca57}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{BCEE507D-8D49-40FF-B437-70E3B9C2D51C}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{198E262D-8C4F-4131-91C7-1F81FB8688F1}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Gpg4win (2.3.4) (HKLM-x32\...\GPG4Win) (Version: 2.3.4 - The Gpg4win Project)
Intel Anti-Theft Discovery App (HKLM-x32\...\{707248B9-2D34-4D77-A5C6-2A8A54848E5A}) (Version: 1.1.0.7 - Intel Corporation)
Intel Experience Center - Configuration (HKLM-x32\...\{C73A16B7-AC35-4262-9BAF-DA9B2039A563}) (Version: 1.9.0.8 - Intel) Hidden
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.91.55 - Huawei Technologies Co.,Ltd)
IsoBuster 3.9 (HKLM-x32\...\IsoBuster_is1) (Version: 3.9 - Smart Projects)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
KÜCHEN QUELLE 3D (HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\SquareClock_Production_Home_KQ_Web) (Version:  - 3DVIA SAS)
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version:  - )
L&H TTS3000 Espaсol (HKLM-x32\...\LHTTSSPE) (Version:  - )
L&H TTS3000 Franзais (HKLM-x32\...\LHTTSFRF) (Version:  - )
L&H TTS3000 Italiano (HKLM-x32\...\LHTTSITI) (Version:  - )
L&H TTS3000 Portuguкs (Brasil) (HKLM-x32\...\LHTTSPTB) (Version:  - )
L&H TTS3000 Russian (HKLM-x32\...\LHTTSRUR) (Version:  - )
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10233 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo System Interface Foundation Driver (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.078.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0059 - Lenovo)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version:  - )
Malwarebytes Version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7766.2099 - Microsoft Corporation)
Microsoft Office 365 ProPlus - ru-ru (HKLM\...\O365ProPlusRetail - ru-ru) (Version: 16.0.7766.2099 - Microsoft Corporation)
Microsoft Office Language Pack 2013  - Russian/русский (HKLM-x32\...\Office15.OMUI.ru-ru) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation)
Microsoft Outlook-Sicherung für Persönliche Ordner (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MKS Platform Components 9.x (HKLM\...\{30276636-0000-0905-9ABB-000BDB5CF35D}) (Version: 9.5.0000 - Mortice Kern Systems)
Motion Control (HKLM\...\Motion Control) (Version: 1.2.45.0 - Lenovo)
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Mp3tag v2.71 (HKLM-x32\...\Mp3tag) (Version: v2.71 - Florian Heidenreich)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
No23 Recorder (HKLM-x32\...\{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}) (Version: 2.1.0.3 - No23) Hidden
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.65 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0419-0000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PlayMemories Camera Apps Downloader (HKLM-x32\...\{5C42BF1B-4586-4711-81A7-8D0F890A6A31}) (Version: 1.2.0.13221 - Sony Corporation)
Polar ProTrainer (HKLM-x32\...\{DF7DBA84-0A55-11D6-A0A6-6A7573736972}) (Version: 5.40.170 - )
Polar WebLink 2.4.15 (HKLM-x32\...\{2734FEDB-7A24-4F15-AC5C-3EC00414D4CC}) (Version: 02.50.0006 - Polar Electro Oy)
QUIK (HKLM-x32\...\{519A413F-6A45-4A48-AC2E-4A9C94C8F98A}_is1) (Version:  - СМВБ-Информационные технологии)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21229 - Realtek Semiconductor Corp.)
REALTEK DTV USB DEVICE (HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Remote Camera Control (HKLM-x32\...\{A32B85B2-5731-41E9-B431-3F4F5D6E664F}) (Version: 3.7.00000 - Sony Corporation)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Portable SSD T3 (HKLM-x32\...\Samsung Portable SSD T3_is1) (Version: 1.3 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
SDI011 dual interface reader (HKLM-x32\...\{D0ED9100-DFFB-482C-8DB6-C626264757BD}) (Version: 1.01 - SCM Microsystems)
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.7.1.1 - Seagate)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0100-0419-0000-0000000FF1CE}_Office15.OMUI.ru-ru_{DFA82E00-94E0-456C-B143-A2E1A90B1950}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.5.0.1160 - Lenovo)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 7.0.0.0 - Stellar Information Technology Pvt Ltd.)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
SurfEasy VPN 3.9.542 (HKLM-x32\...\SurfEasy VPN) (Version: 3.9.542 - SurfEasy Inc)
Sweet Home 3D version 5.1.1 (HKLM\...\Sweet Home 3D_is1) (Version: 5.1.1 - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Update for Skype for Business 2015 (KB4011046) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0419-0000-0000000FF1CE}_Office15.OMUI.ru-ru_{4948A05E-E21F-4A6F-BF2A-7D106E339C9B}) (Version:  - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
Vibraimage8 Lite (HKLM-x32\...\{32B4ED86-7931-47CC-B62C-52C9CB739E6F}_is1) (Version:  - ELSYS Corp.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WD Quick View (HKLM-x32\...\{2CE08B2D-856C-47D9-9F6A-BC691911BCD9}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{B11B695F-B5BF-4667-8291-682B3A73B5F8}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Засоби перевірки правопису Microsoft Office 2013 – Українська версія (HKLM-x32\...\{90150000-001F-0422-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2013 — русский (HKLM-x32\...\{90150000-001F-0419-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Энциклопедия Фэн-Шуй (HKLM-x32\...\{2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F}) (Version: 1.00.0000 - Агенство Вызов)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002_Classes\CLSID\{784D0A2D-A305-4E18-3208-A1915D75B970}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-6F9128BD414A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll => Keine Datei
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2015-04-15] ()
ContextMenuHandlers1: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G Data\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\GNU\GnuPG\bin\gpgex.dll [2017-07-06] (g10 Code GmbH)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers1: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} =>  -> Keine Datei
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers3: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G Data\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\GNU\GnuPG\bin\gpgex.dll [2017-07-06] (g10 Code GmbH)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers4: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} =>  -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-04-01] (NVIDIA Corporation)
ContextMenuHandlers5: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} =>  -> Keine Datei
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G Data\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G Data\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01267627-A5D2-44DE-B56B-A85703097784} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {039B2D62-D86C-4D71-A3E5-9E1EF9AE46C8} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {0A27731B-0644-4062-ADF0-0AFD83B598EA} - System32\Tasks\Gena_2 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {0BF03656-1B3D-4867-8112-51DBA6467FAD} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-06-09] ()
Task: {0FABADAA-5079-48C6-8A0A-0ABD016CC58F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {1395D612-2190-44B0-A672-C8420DF26B86} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {198E00EF-0EC1-4025-911B-5CE90632D071} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {1DC43BE4-327A-4520-B93B-8115D1E48DD5} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4c98bf0d-18a5-4624-b1f6-47e18eadd885 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {26022CA4-A54C-4B08-8BCB-416A4A669B2F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {2B2E2AD2-8AC9-4185-8305-4F24390A902B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-03] (Microsoft Corporation)
Task: {2F88D19A-556E-4BBC-905F-3FB0FDFEEC1C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-08-05] (Microsoft Corporation)
Task: {2FFF98D8-7ECF-4660-B437-0AE36010B04D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-03] (Google Inc.)
Task: {32A8A4BB-A436-4B23-8F55-0C8B032A1856} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-05-18] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3B8B8F6B-77BC-432C-B0FD-AFAD1F998184} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {3DDDA922-4DD7-4912-9AF7-455BDE6C560B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {4563D974-856B-42C7-A4A8-73967ABCD319} - System32\Tasks\AdobeAAMUpdater-1.0-BigCom-Gena_2 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {48E9D8C9-2761-4284-B55B-24C8EFCA456C} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe
Task: {4AF6F6B4-2BF2-4311-8579-9136AEE95063} - System32\Tasks\Gena_2 DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2017-05-10] (Seagate Technology LLC)
Task: {4C4B59C3-B8BC-43E6-9CB9-17EF37989396} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-08-10] (Microsoft Corporation)
Task: {52AA9BF9-EC9D-4F59-BF25-8F9F64E91635} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {547ECDD4-8BA2-4948-959A-2427DB30601C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {555A3E37-1F9D-4024-B22F-2DAA322FA09E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8a48051d-2b64-4a23-a89c-00bad163b00e => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {56A4F296-4DBB-4BA0-9DBF-31A9EDBF6FF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-03] (Google Inc.)
Task: {66BE7478-3082-4773-A506-64305CE3D70A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {70323029-858D-4ADD-90A8-2E72B7A2E07E} - System32\Tasks\Gena_22 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {73F37D5B-1887-430D-8AF3-4A8C48517A73} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {77973E8A-CCB9-466D-8AF3-B9E2F87DC3FC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {7A3C259E-E121-49E4-9755-A251DFE47278} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {835D682E-AF26-4F49-A80B-1F370544DDA3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {88FEE2BE-9F38-4350-8652-A605E311C0E7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {8E6988D4-EC82-402A-BF59-9C8F0B09B9B2} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-06-09] ()
Task: {90983A60-D055-4DEB-A400-D7A6127FE537} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {97E4A251-A276-4D50-9078-630F149BA7C5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {97ED358D-36C8-4036-A210-DBF1729CFEA2} - System32\Tasks\Gena_21 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {986DA129-70AE-4B81-A3A8-C2F4D410DF13} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {9BC2B296-270E-455D-8911-77C889224D35} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {9DC13746-7A1F-4F11-8EE1-6A96FCDEB4E8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {9ED4E3EA-4A16-4189-95B9-4D3F28867A03} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {AB54D929-72E4-4012-B905-9F022AAC3B22} - \Lenovo\Lenovo Service Bridge\S-1-5-21-4288807228-2172792055-1580508024-1002 -> Keine Datei <==== ACHTUNG
Task: {AC1E0504-321F-4E19-8A49-4C3D89897DA4} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-08-05] (Microsoft Corporation)
Task: {B0C360A4-A098-4E2E-ACB7-E1DDF62984E3} - System32\Tasks\************** => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {B41D011D-99EC-4190-B583-7927BAD275EB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2d938407-7221-45c0-8d00-dbeb970a6cad => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {C3A1E82E-B71D-4E9C-B517-FEE16711404B} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2017-05-10] (Seagate Technology LLC)
Task: {C9E08BBA-0F3F-406A-9442-C3A6A6D92266} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\33ae9e82-09dc-4688-b723-c1d0845bcf29 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {D40095DF-2C22-4518-A3C7-6F63CD89DC85} - System32\Tasks\************** DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2017-05-10] (Seagate Technology LLC)
Task: {D80986EA-20E0-4142-9888-6046758FDCCA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {DF1FACA5-2092-4B69-9F91-14BBA48448AF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-08-05] (Microsoft Corporation)
Task: {E6F85229-2129-4888-92D2-5E851347D80B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {EE06876A-F8FF-493F-9DBD-3B2C43B72CF0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {EF0B1B4C-C6E7-471A-9D7D-646B40C81902} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {F2F9BE46-A019-4347-A469-CECFC7E691EC} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {F64242DF-4744-4098-BF1E-6CD406336300} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {FE51E7E7-011F-47E8-BCF3-0595F5E3B458} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-03] (Microsoft Corporation)
Task: {FF1133FB-0247-4224-8FC2-0411588B726D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\Users\genas_000\Desktop\Поиграй!.lnk -> C:\Program Files (x86)\Download Master\games.url () <==== Cyrillic
Shortcut: C:\Users\genas_000\Desktop\Энциклопедия Фэн-Шуй.lnk -> C:\Users\genas_000\AppData\Roaming\Microsoft\Installer\{2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F}\_35987B591D36_44F6_A1C6_DD3345589997.exe () <==== Cyrillic
Shortcut: C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Энциклопедия Фэн-Шуй\Энциклопедия Фэн-Шуй.lnk -> C:\Users\genas_000\AppData\Roaming\Microsoft\Installer\{2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F}\_35987B591D36_44F6_A1C6_DD3345589997.exe () <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive для бизнеса.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype для бизнеса 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\QUIK БКС.lnk -> C:\BCS_Work\QUIK_BCS\info.exe (ARQA Technologies) <==== Cyrillic

ShortcutWithArgument: C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Энциклопедия Фэн-Шуй\Удаление.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F} <==== Cyrillic
ShortcutWithArgument: C:\Users\Public\Desktop\Аура VI+.lnk -> C:\ELSYS\Vibraimage8Lite\Vibraimage.exe (ELSYS Corp.) -> -type DZ <==== Cyrillic

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-07-12 16:27 - 2017-06-21 09:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2013-04-15 16:45 - 2013-04-15 16:45 - 000182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 16:45 - 2013-04-15 16:45 - 000060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2014-07-23 21:11 - 2009-09-08 14:12 - 000116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2017-07-06 14:46 - 2017-07-06 14:46 - 000216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2017-09-08 21:56 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-04-06 20:22 - 2017-05-03 22:21 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-14 21:39 - 2017-03-14 21:39 - 001663368 _____ () C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
2015-05-04 20:47 - 2013-08-16 08:53 - 000671744 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2017-06-08 05:54 - 2017-06-08 05:54 - 000554984 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2017-07-18 00:50 - 2017-07-18 00:50 - 000492112 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 000222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-03-01 17:09 - 2016-11-02 00:05 - 000401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-09-16 19:54 - 2016-09-07 06:56 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 20:20 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 20:20 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 20:20 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 20:20 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-08-11 19:08 - 2017-03-04 08:05 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-08-11 19:08 - 2017-08-01 20:26 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-08-11 19:08 - 2017-08-01 20:31 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-24 20:44 - 2017-08-24 20:44 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-04-07 09:41 - 2017-04-07 09:41 - 000054488 _____ () C:\Program Files\CCleaner\branding.dll
2017-06-30 13:22 - 2017-06-30 13:22 - 000069632 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-02-11 07:34 - 2014-02-11 07:34 - 000172552 _____ () C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
2017-07-11 19:38 - 2017-06-09 16:11 - 000023416 _____ () C:\Program Files (x86)\Lenovo\System Update\SUService.exe
2017-08-05 08:43 - 2017-08-05 08:43 - 000019968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-08-05 08:43 - 2017-08-05 08:43 - 028986880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-08-05 08:43 - 2017-08-05 08:43 - 000428032 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-08-05 08:43 - 2017-08-05 08:43 - 020510208 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-08-05 08:43 - 2017-08-05 08:43 - 002339328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-08-05 08:43 - 2017-08-05 08:43 - 003041792 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-06-08 15:34 - 2017-06-08 15:34 - 003139496 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-06-15 10:57 - 2017-06-15 10:58 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-08-05 08:43 - 2017-08-05 08:43 - 001361920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35063.13610.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-05-23 21:26 - 2017-05-23 21:26 - 003918848 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1705.1301.0_x64__8wekyb3d8bbwe\Calculator.exe
2014-02-11 07:31 - 2013-04-17 16:26 - 001165712 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_asr.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 000199056 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_base.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 000387984 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\fl_core.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 000035216 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_platform.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 000229264 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\sdxg.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 001132944 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_pron.dll
2014-02-11 07:31 - 2013-04-17 16:25 - 000027648 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\WASAPIResamplingStreamCOMServer.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2017-07-06 14:33 - 2017-07-06 14:33 - 000222720 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2017-07-06 14:21 - 2017-07-06 14:21 - 000050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2017-07-06 14:33 - 2017-07-06 14:33 - 000073728 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2017-07-06 14:36 - 2017-07-06 14:36 - 000890880 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2017-07-06 14:27 - 2017-07-06 14:27 - 000103424 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2017-05-10 15:50 - 2017-05-10 15:50 - 000729792 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\PocoNet.dll
2017-03-14 21:40 - 2017-03-14 21:40 - 000078216 _____ () C:\Program Files (x86)\SurfEasy VPN\client\ZLIB1.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 000011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 000043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 002417152 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 001148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2017-04-06 20:22 - 2017-05-03 22:21 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-04-23 13:32 - 2016-04-23 13:32 - 000131072 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_de\PDFMaker\PDFMOutlookAddin.DEU
2017-03-28 19:24 - 2017-03-28 19:24 - 003990136 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\PDFMaker\Common\AdobePDFMakerX.dll
2016-04-23 13:32 - 2016-04-23 13:32 - 001446912 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2014-02-11 07:34 - 2014-02-11 07:34 - 001623048 _____ () C:\Program Files (x86)\Lenovo\MotionControl\eyeKeys.dll
2014-02-11 07:34 - 2014-02-11 07:34 - 000030728 _____ () C:\Program Files (x86)\Lenovo\MotionControl\esmlib.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2017-06-22 18:56 - 2017-06-22 18:56 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-06-22 18:56 - 2017-06-22 18:56 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-06-22 18:55 - 2017-06-22 18:55 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-06-22 18:56 - 2017-06-22 18:56 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-07-13 10:12 - 2017-07-13 10:12 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-06-22 18:56 - 2017-06-22 18:56 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-05-19 23:50 - 2017-05-19 23:50 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-07-13 10:07 - 2017-07-13 10:07 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-05-19 23:49 - 2017-05-19 23:49 - 000098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2017-05-19 23:50 - 2017-05-19 23:50 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
2014-02-11 07:09 - 2013-05-09 14:23 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\sharepoint.com -> hxxps://htlsalzburg-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\127.0.0.1 -> hxxp://127.0.0.1
IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\sharepoint.com -> hxxps://htlsalzburg.sharepoint.com

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2017-08-24 21:11 - 000004317 _____ C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 ac3.msn.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads.msn.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 a-msedge.net
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 c.atdmt.com

Da befinden sich 77 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\genas_000\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img4.jpg
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [UDP Query User{D5DDE90F-B890-499C-97BE-D240BF536F06}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{525C069A-4925-4CA0-B0E5-7CEADF154779}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{BE8D84D0-3369-47DE-B749-AAD23628B085}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{DA8EBB94-A13D-427B-9C1E-E62823E17964}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D2DD5E8D-A22F-44FF-BA73-73D9EFC2B8DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{780E69FD-5D50-4A2A-819C-E2B45BA8A0F1}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{AC9B4F1C-3234-470E-9008-AC3A6977E938}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{2CE008AD-0902-4FD1-953A-64F9E981CED5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D7A8A6EE-2C58-4FF4-8333-F29F54047C68}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{60A8FBFC-A4F9-4ACF-879B-8B71A2F99FF0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{301BAC45-CBC7-4E83-A610-AF9A345328F9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B2C99D29-24A6-4D7E-93C7-48BB65ACEFE7}] => (Allow) LPort=8888
FirewallRules: [{B050B6DB-44A4-41A7-96A8-7CD4A20EEC39}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [AusweisApp2-Firewall-Rule] => (Allow) C:\Program Files (x86)\AusweisApp2 1.10.1\AusweisApp2.exe
FirewallRules: [{44A4D463-2386-4A06-B986-C805B9653687}] => (Allow) C:\Program Files\Swissquote Ltd MT5 Client Terminal\metatester64.exe
FirewallRules: [{18EA178A-2706-46B0-A5DF-9EA8F6C5A379}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5A874973-02D7-497B-8AEB-2B4C508816DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{6867CE08-BE12-4734-8E65-BDDBAC69D03B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{184D4004-B526-4305-ACB9-F90F4A4D1AA4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9B8728D3-C590-4B26-BA88-240EA494FAC4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A4DA8839-462A-4F7A-9824-4C123EB59DEC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{72352756-D653-423A-833C-178972E9D8C3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{C3D370EE-3CF7-4DD3-ADBB-48A8B5FF74A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{33B2E5CB-5DD2-4C2F-A316-B1C814B7063C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{DE0CE2DB-4843-4250-A53B-A94718040FE9}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{64C1F78F-3159-4F6A-86B9-E8AB8D172EF9}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{71CE4922-4B75-4FF7-9386-9CEE9535F059}] => (Allow) C:\Users\genas_000\AppData\Local\Temp\7zS0CBD\setup\hpznui40.exe
FirewallRules: [{D1B3F7B8-03E6-44F4-A89D-59348D4F6F53}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{15125702-7408-4E8E-A327-DCC00EC41C82}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{557D9F0D-B68F-4AA5-99B6-D4E2E7B65275}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{A2C68E22-DAC7-423A-ACD0-49A6B4668CA6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{3F5C6BC9-CC3F-4D24-93F2-6A2AD63E5AD7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{E22B73BA-7459-4BDD-850E-0CF971BC241A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{CC918D2F-866A-41CF-80CF-9818F492D43A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{809AB22F-0ED4-48E6-8E1E-0BDCCE133952}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{10042CB0-C0C1-4492-B697-52544127F208}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{158653DB-4B7D-4AC8-AE0C-847F158C87F7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{41E89BDA-5104-440A-8200-8E2333410A06}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{001AEBEF-6ADF-4F05-826B-E25B7D860CCB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{B41CB8D8-987A-41BF-B501-F74961E4B840}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{E4F74B96-BD69-4D88-9099-BBA1F3A18419}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{13EC67D8-E8C7-4181-B3AA-C3B2EE470C46}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{8748E045-E98A-4457-894A-12894C16B23E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{F6EC5666-56C0-44D4-BFE4-85992EC9767B}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{B45A571A-4E8E-48D1-8991-EDB9E5A65380}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{C7446EB1-62CC-4032-BE86-A2BCF3603E52}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{EF35A8AD-2588-46A5-8813-BC49255461E0}] => (Allow) LPort=8888
FirewallRules: [{529CFD88-2099-48A0-9AB9-4719E28C5AAB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/09/2017 09:31:56 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (09/09/2017 09:31:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BrcmSetSecurity.exe, Version: 1.0.0.1, Zeitstempel: 0x516df51d
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.1532, Zeitstempel: 0x5965abad
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002f7fb
ID des fehlerhaften Prozesses: 0x11dc
Startzeit der fehlerhaften Anwendung: 0x01d329a2403ddf07
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 57a2e20f-8e72-4661-8a08-769efc0676e9
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/08/2017 10:05:24 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (09/08/2017 10:05:09 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (09/08/2017 10:04:18 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/08/2017 09:56:54 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/08/2017 07:04:22 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (09/08/2017 07:04:22 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (09/07/2017 07:59:23 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (09/07/2017 07:59:22 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.


Systemfehler:
=============
Error: (09/09/2017 09:47:07 PM) (Source: DCOM) (EventID: 10010) (User: BigCom)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/09/2017 09:31:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HWDeviceService64.exe" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/09/2017 09:31:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BrcmSetSecurity" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/09/2017 09:31:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/09/2017 09:31:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/09/2017 09:31:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/09/2017 09:31:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/09/2017 09:31:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. RunOuc" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/09/2017 09:31:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. RunOuc erreicht.

Error: (09/09/2017 03:02:09 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2017-09-06 15:58:09.788
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltDll64.dll that did not meet the Store signing level requirements.

  Date: 2017-09-06 15:49:15.976
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltDll64.dll that did not meet the Store signing level requirements.

  Date: 2016-09-28 22:25:30.242
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.240
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.236
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.233
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.229
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.226
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.214
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.201
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Prozentuale Nutzung des RAM: 50%
Installierter physikalischer RAM: 8104.27 MB
Verfügbarer physikalischer RAM: 3992.03 MB
Summe virtueller Speicher: 9384.27 MB
Verfügbarer virtueller Speicher: 4941.29 MB

==================== Laufwerke ================================

Drive c: (Windows8_OS) (Fixed) (Total:122.8 GB) (Free:21.45 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Zwieschenspeicher) (Fixed) (Total:25 GB) (Free:4.78 GB) NTFS
Drive g: (LENOVO_S) (Fixed) (Total:51.88 GB) (Free:1.32 GB) NTFS
Drive h: (Volume) (Fixed) (Total:23.17 GB) (Free:6.88 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: BC09B5DB)

Partition: GPT.

==================== Ende von Addition.txt ============================
         


Alt 09.09.2017, 21:00   #6
Gewin
 
Trojaner Verdacht, Win10 64bit - Standard

Trojaner Verdacht, Win10 64bit



Code:
ATTFilter
21:57:24.0029 0x369c  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
21:57:24.0029 0x369c  UEFI system
21:57:30.0873 0x369c  ============================================================
21:57:30.0873 0x369c  Current date / time: 2017/09/09 21:57:30.0873
21:57:30.0873 0x369c  SystemInfo:
21:57:30.0873 0x369c  
21:57:30.0873 0x369c  OS Version: 10.0.14393 ServicePack: 0.0
21:57:30.0873 0x369c  Product type: Workstation
21:57:30.0873 0x369c  ComputerName: BIGCOM
21:57:30.0873 0x369c  UserName: Gena Winter
21:57:30.0873 0x369c  Windows directory: C:\WINDOWS
21:57:30.0873 0x369c  System windows directory: C:\WINDOWS
21:57:30.0873 0x369c  Running under WOW64
21:57:30.0873 0x369c  Processor architecture: Intel x64
21:57:30.0873 0x369c  Number of processors: 4
21:57:30.0873 0x369c  Page size: 0x1000
21:57:30.0873 0x369c  Boot type: Normal boot
21:57:30.0873 0x369c  CodeIntegrityOptions = 0x00000001
21:57:30.0873 0x369c  ============================================================
21:57:30.0920 0x369c  KLMD registered as C:\WINDOWS\system32\drivers\79994163.sys
21:57:30.0920 0x369c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1593, osProperties = 0x19
21:57:31.0185 0x369c  System UUID: {426221EF-B9C4-FCE7-B95E-7E51F9315B01}
21:57:31.0639 0x369c  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:57:31.0639 0x369c  ============================================================
21:57:31.0639 0x369c  \Device\Harddisk0\DR0:
21:57:31.0639 0x369c  GPT partitions:
21:57:31.0654 0x369c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {12471D5F-89E5-4C09-9EF4-22A839CFA08B}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
21:57:31.0654 0x369c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {727F8724-E71F-4FB6-AF9B-C0EA54D6FAA7}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
21:57:31.0654 0x369c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {AC13F19C-EB62-41F1-B5D7-09F1E9276A83}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
21:57:31.0654 0x369c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {127118D5-4B68-46B5-97FC-9761244A59FE}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
21:57:31.0654 0x369c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {323712EE-14CD-4FC0-B5DF-C96ED2DF2A76}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0xF59A800
21:57:31.0654 0x369c  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B4E5E56C-0D3F-4163-9CDE-BAAC3D1F3381}, Name: Basic data partition, StartLBA 0xFA45800, BlocksNum 0x67C1000
21:57:31.0654 0x369c  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {20C1D095-9215-4B42-90C4-6A70D9BAEFD5}, Name: Basic data partition, StartLBA 0x16206800, BlocksNum 0x2E55000
21:57:31.0654 0x369c  \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {AC6A2FB5-4DF3-4C79-ACAD-7BA28559F4B3}, Name: Basic data partition, StartLBA 0x1905B800, BlocksNum 0x3200000
21:57:31.0654 0x369c  \Device\Harddisk0\DR0\Partition9: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1000A890-627D-4E6B-B3A1-55ED1931D2E0}, Name: Basic data partition, StartLBA 0x1C25C000, BlocksNum 0x1A97000
21:57:31.0654 0x369c  MBR partitions:
21:57:31.0654 0x369c  ============================================================
21:57:31.0654 0x369c  C: <-> \Device\Harddisk0\DR0\Partition5
21:57:31.0654 0x369c  G: <-> \Device\Harddisk0\DR0\Partition6
21:57:31.0654 0x369c  H: <-> \Device\Harddisk0\DR0\Partition7
21:57:31.0654 0x369c  D: <-> \Device\Harddisk0\DR0\Partition8
21:57:31.0654 0x369c  ============================================================
21:57:31.0654 0x369c  Initialize success
21:57:31.0654 0x369c  ============================================================
21:58:34.0077 0x19e4  ============================================================
21:58:34.0077 0x19e4  Scan started
21:58:34.0077 0x19e4  Mode: Manual; SigCheck; TDLFS; 
21:58:34.0077 0x19e4  ============================================================
21:58:34.0077 0x19e4  KSN ping started
21:58:54.0280 0x19e4  KSN ping finished: true
21:58:54.0905 0x19e4  ================ Scan system memory ========================
21:58:54.0905 0x19e4  System memory - ok
21:58:54.0905 0x19e4  ================ Scan services =============================
21:58:54.0952 0x19e4  1394ohci - ok
21:58:54.0952 0x19e4  3ware - ok
21:58:54.0968 0x19e4  ACPI - ok
21:58:54.0968 0x19e4  AcpiDev - ok
21:58:54.0968 0x19e4  acpiex - ok
21:58:54.0983 0x19e4  acpipagr - ok
21:58:54.0983 0x19e4  AcpiPmi - ok
21:58:54.0983 0x19e4  acpitime - ok
21:58:54.0999 0x19e4  [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC         C:\WINDOWS\System32\drivers\AcpiVpc.sys
21:58:55.0077 0x19e4  ACPIVPC - ok
21:58:55.0093 0x19e4  [ 9B112FDA1D5FB7B75627461001AC692A, 2EDF7C8FD59CD5FCD19FA528F60CBD6DDB9A8076AE0280B11D8EA8EAF7D39958 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:58:55.0108 0x19e4  AdobeARMservice - ok
21:58:55.0124 0x19e4  [ AD0541B0ACCC3FAC2F9C8867F462DAC9, 9CE2BBE73AEAAA02B4E131E56F732DB93FA51BEC7F65FB46DFEF08A35C4AD583 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
21:58:55.0155 0x19e4  AdobeUpdateService - ok
21:58:55.0155 0x19e4  ADP80XX - ok
21:58:55.0186 0x19e4  [ 0D0E5281784C2C526BA43C2ECD374288, BE4B16E08A96A24BEB904A2216A538340FD91A11E0CAB43BF8788C35DAD2D2B5 ] Afc             C:\WINDOWS\syswow64\drivers\Afc.sys
21:58:55.0202 0x19e4  Afc - ok
21:58:55.0202 0x19e4  AFD - ok
21:58:55.0249 0x19e4  [ 078B785A7533B7059A236017B3B060A4, 43B3E716009136A5A5A86BF8546DE6C416CA3B7F8EEC242D9D44EF12111B7A6E ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
21:58:55.0311 0x19e4  AGSService - ok
21:58:55.0311 0x19e4  ahcache - ok
21:58:55.0311 0x19e4  AJRouter - ok
21:58:55.0327 0x19e4  ALG - ok
21:58:55.0327 0x19e4  AmdK8 - ok
21:58:55.0327 0x19e4  AmdPPM - ok
21:58:55.0327 0x19e4  amdsata - ok
21:58:55.0343 0x19e4  amdsbs - ok
21:58:55.0343 0x19e4  amdxata - ok
21:58:55.0343 0x19e4  [ 4DE4BE679205B3A712562507AEE75227, 1C40F14A2BFFFB8E9646B57419D9F810A86D0DCD94F9DE9D9851D498F86F343E ] AMPPAL          C:\WINDOWS\System32\drivers\AMPPAL.sys
21:58:55.0358 0x19e4  AMPPAL - ok
21:58:55.0358 0x19e4  [ 4DE4BE679205B3A712562507AEE75227, 1C40F14A2BFFFB8E9646B57419D9F810A86D0DCD94F9DE9D9851D498F86F343E ] AMPPALP         C:\WINDOWS\system32\DRIVERS\amppal.sys
21:58:55.0374 0x19e4  AMPPALP - ok
21:58:55.0390 0x19e4  AppHostSvc - ok
21:58:55.0390 0x19e4  AppID - ok
21:58:55.0390 0x19e4  AppIDSvc - ok
21:58:55.0390 0x19e4  Appinfo - ok
21:58:55.0390 0x19e4  applockerfltr - ok
21:58:55.0405 0x19e4  AppReadiness - ok
21:58:55.0405 0x19e4  AppXSvc - ok
21:58:55.0405 0x19e4  arcsas - ok
21:58:55.0421 0x19e4  aspnet_state - ok
21:58:55.0421 0x19e4  AsyncMac - ok
21:58:55.0436 0x19e4  atapi - ok
21:58:55.0436 0x19e4  AudioEndpointBuilder - ok
21:58:55.0436 0x19e4  Audiosrv - ok
21:58:55.0530 0x19e4  [ 401DE45B4A49F9B7C70BA8592DF7D8E9, 58CE96D1CF88D2E4BE31331B93750E56023C5078FAE295009FAC69D38A3E47AA ] AVKProxy        C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
21:58:55.0640 0x19e4  AVKProxy - ok
21:58:55.0718 0x19e4  [ 8A9F5A2458E8A0FB84853A5D4E8EDB33, D6F732C3C6AE0B7B6EE4ACFBA9C3832814991BDAC56A36E54ABDBF1AEA8690EB ] AVKWCtl         C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
21:58:55.0796 0x19e4  AVKWCtl - ok
21:58:55.0796 0x19e4  [ 81862C2A991036C85FDA23FFDC140F92, 32E6671729A9FFB4A187A4E22F69EB44BCF35AD4BBD5003E046914AACFD58557 ] avmike          C:\Program Files\FRITZ!Fernzugang\avmike.exe
21:58:55.0827 0x19e4  avmike - ok
21:58:55.0827 0x19e4  AxInstSV - ok
21:58:55.0827 0x19e4  b06bdrv - ok
21:58:55.0827 0x19e4  BasicDisplay - ok
21:58:55.0843 0x19e4  BasicRender - ok
21:58:55.0843 0x19e4  bcmfn - ok
21:58:55.0843 0x19e4  bcmfn2 - ok
21:58:55.0843 0x19e4  BDESVC - ok
21:58:55.0858 0x19e4  Beep - ok
21:58:55.0858 0x19e4  BFE - ok
21:58:55.0858 0x19e4  BITS - ok
21:58:55.0874 0x19e4  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:58:55.0890 0x19e4  Bonjour Service - ok
21:58:55.0890 0x19e4  bowser - ok
21:58:55.0890 0x19e4  [ BFBA5FAC5169821FC768E96443A8B8C1, 47DEE5A62BA802A58E06BA087756903839E3DFF1555F7506712C82E5ADD34AC1 ] BrcmSetSecurity C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
21:58:55.0905 0x19e4  BrcmSetSecurity - ok
21:58:55.0905 0x19e4  BrokerInfrastructure - ok
21:58:55.0921 0x19e4  Browser - ok
21:58:55.0921 0x19e4  BthAvrcpTg - ok
21:58:55.0921 0x19e4  BthEnum - ok
21:58:55.0921 0x19e4  BthHFEnum - ok
21:58:55.0937 0x19e4  bthhfhid - ok
21:58:55.0937 0x19e4  BthHFSrv - ok
21:58:55.0937 0x19e4  BthLEEnum - ok
21:58:55.0937 0x19e4  BTHMODEM - ok
21:58:55.0952 0x19e4  BthPan - ok
21:58:55.0952 0x19e4  BTHPORT - ok
21:58:55.0952 0x19e4  bthserv - ok
21:58:55.0952 0x19e4  BTHUSB - ok
21:58:55.0968 0x19e4  buttonconverter - ok
21:58:55.0968 0x19e4  CapImg - ok
21:58:55.0968 0x19e4  cdfs - ok
21:58:55.0968 0x19e4  CDPSvc - ok
21:58:55.0983 0x19e4  CDPUserSvc - ok
21:58:55.0983 0x19e4  cdrom - ok
21:58:55.0983 0x19e4  CertPropSvc - ok
21:58:55.0999 0x19e4  [ 75A561F505EA4D0A13EEFBB8CBDB1C35, C422F9E3D5122BA9E3BDB556A9DA1A357AB0CFBD84DC01A612B253D79EFA0DA6 ] certsrv         C:\Program Files\FRITZ!Fernzugang\certsrv.exe
21:58:56.0015 0x19e4  certsrv - ok
21:58:56.0015 0x19e4  cht4iscsi - ok
21:58:56.0015 0x19e4  cht4vbd - ok
21:58:56.0030 0x19e4  circlass - ok
21:58:56.0030 0x19e4  CLFS - ok
21:58:56.0108 0x19e4  [ D1A7480F3ECF74E6B8947CA99284471B, C66B14FE05BB7E110A61529ED32E75652243E6AFD67AFF2A1431E03AE470C9D0 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
21:58:56.0202 0x19e4  ClickToRunSvc - ok
21:58:56.0202 0x19e4  ClipSVC - ok
21:58:56.0202 0x19e4  clreg - ok
21:58:56.0218 0x19e4  CmBatt - ok
21:58:56.0218 0x19e4  CNG - ok
21:58:56.0233 0x19e4  cnghwassist - ok
21:58:56.0265 0x19e4  CompositeBus - ok
21:58:56.0265 0x19e4  COMSysApp - ok
21:58:56.0265 0x19e4  condrv - ok
21:58:56.0280 0x19e4  CoreMessagingRegistrar - ok
21:58:56.0312 0x19e4  [ 75C568E62A2BD89A869C34119A66D19B, 2954F25E511947728FE50AA76ACECE0B6952D1984301027F499E2F3DAAEB65D3 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
21:58:56.0343 0x19e4  cphs - ok
21:58:56.0343 0x19e4  CryptSvc - ok
21:58:56.0358 0x19e4  [ A5E1AF2677DA7BDCA1A5040FF0AD099C, 70AF315B72A092DEBF6BF998DF81C56051795B743D6C8CD05382E417E0474959 ] DACoreService   C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
21:58:56.0374 0x19e4  DACoreService - ok
21:58:56.0374 0x19e4  dam - ok
21:58:56.0374 0x19e4  DcomLaunch - ok
21:58:56.0390 0x19e4  DcpSvc - ok
21:58:56.0390 0x19e4  [ EDB72F4A46C39452D1A5414F7D26454A, 0B2F863F4119DC88A22CC97C0A136C88A0127CB026751303B045F7322A8972F6 ] dcrypt          C:\WINDOWS\system32\drivers\dcrypt.sys
21:58:56.0405 0x19e4  dcrypt - ok
21:58:56.0405 0x19e4  defragsvc - ok
21:58:56.0421 0x19e4  DeviceAssociationService - ok
21:58:56.0421 0x19e4  DeviceInstall - ok
21:58:56.0421 0x19e4  DevQueryBroker - ok
21:58:56.0421 0x19e4  Dfsc - ok
21:58:56.0437 0x19e4  [ 5F78930AAB3900102EA8ACDD38F97324, 49CAE29CC7B1B846BDE603B1A411833162ACC1A9D1608BFDF67C2EA3A0EE0F85 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
21:58:56.0452 0x19e4  dg_ssudbus - ok
21:58:56.0452 0x19e4  Dhcp - ok
21:58:56.0452 0x19e4  diagnosticshub.standardcollector.service - ok
21:58:56.0468 0x19e4  [ BEFAFF2DB70CD9E10E27C32E9C43B279, D89B43EBCD05662327D5851BDF1A8CB4C6E5FA7C6BD1241C230F50057BD35189 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
21:58:56.0483 0x19e4  DigitalWave.Update.Service - ok
21:58:56.0499 0x19e4  [ 196DC2853B3AFC0036C88D81121AD445, 4B9CEB424D2555F30D1669DD0BAB4D43B9D7885915EC76FAADABF245EA3DF7A0 ] DirMngr         C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
21:58:56.0515 0x19e4  DirMngr - detected UnsignedFile.Multi.Generic ( 1 )
21:58:57.0015 0x19e4  Detect skipped due to KSN trusted
21:58:57.0015 0x19e4  DirMngr - ok
21:58:57.0046 0x19e4  [ 634C8F78837D0C8365D4DD4E40777098, D14460017F5AD6DF6DE08D60A6F23AE72AACC0D4B7FFDB4FCEF14E908D87D5EC ] Disc Soft Lite Bus Service C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
21:58:57.0093 0x19e4  Disc Soft Lite Bus Service - ok
21:58:57.0108 0x19e4  disk - ok
21:58:57.0108 0x19e4  DmEnrollmentSvc - ok
21:58:57.0108 0x19e4  dmvsc - ok
21:58:57.0108 0x19e4  Dnscache - ok
21:58:57.0124 0x19e4  dot3svc - ok
21:58:57.0124 0x19e4  DPS - ok
21:58:57.0124 0x19e4  drmkaud - ok
21:58:57.0124 0x19e4  DsmSvc - ok
21:58:57.0140 0x19e4  DsSvc - ok
21:58:57.0140 0x19e4  [ 679FF716052109392D870F6A6C4A3535, BEF1784448CCA4AF1D67ED68BD0C7CFE01A7719E98CACF92C2DCBFAA916DC57E ] dtlitescsibus   C:\WINDOWS\System32\drivers\dtlitescsibus.sys
21:58:57.0155 0x19e4  dtlitescsibus - ok
21:58:57.0155 0x19e4  [ E23FDD696839A4790682CA66C48D3F2F, F5F0721BDA751968224E52E75D0C309A3E084C430CD98E85A55AF622D16B9A44 ] dtliteusbbus    C:\WINDOWS\System32\drivers\dtliteusbbus.sys
21:58:57.0171 0x19e4  dtliteusbbus - ok
21:58:57.0171 0x19e4  DXGKrnl - ok
21:58:57.0171 0x19e4  EapHost - ok
21:58:57.0171 0x19e4  ebdrv - ok
21:58:57.0187 0x19e4  EFS - ok
21:58:57.0187 0x19e4  EhStorClass - ok
21:58:57.0187 0x19e4  EhStorTcgDrv - ok
21:58:57.0187 0x19e4  embeddedmode - ok
21:58:57.0202 0x19e4  EntAppSvc - ok
21:58:57.0202 0x19e4  ErrDev - ok
21:58:57.0202 0x19e4  [ 11B9D886D7AE2F2F5C6BC03D7C52FD31, CA3EB6AB127A01311DA1C7CE3A2F4C2C3E3641F45718CFCA0F8AED7235BE910D ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
21:58:57.0218 0x19e4  ESProtectionDriver - ok
21:58:57.0233 0x19e4  EventSystem - ok
21:58:57.0233 0x19e4  [ 5222D99C7E3245882E864D2EA7011387, 184E36074C765243783F69B7073FB2FAFC53BB18209ECD5030514CC513A47C8B ] ew_usbenumfilter C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys
21:58:57.0249 0x19e4  ew_usbenumfilter - ok
21:58:57.0249 0x19e4  exfat - ok
21:58:57.0265 0x19e4  fastfat - ok
21:58:57.0265 0x19e4  Fax - ok
21:58:57.0265 0x19e4  fdc - ok
21:58:57.0265 0x19e4  fdPHost - ok
21:58:57.0265 0x19e4  FDResPub - ok
21:58:57.0280 0x19e4  fhsvc - ok
21:58:57.0280 0x19e4  FileCrypt - ok
21:58:57.0280 0x19e4  FileInfo - ok
21:58:57.0280 0x19e4  Filetrace - ok
21:58:57.0296 0x19e4  flpydisk - ok
21:58:57.0296 0x19e4  FltMgr - ok
21:58:57.0296 0x19e4  FontCache - ok
21:58:57.0296 0x19e4  FontCache3.0.0.0 - ok
21:58:57.0312 0x19e4  FrameServer - ok
21:58:57.0312 0x19e4  FsDepends - ok
21:58:57.0312 0x19e4  Fs_Rec - ok
21:58:57.0327 0x19e4  fvevol - ok
21:58:57.0343 0x19e4  [ 2C3D5F5B28164C3624012E55B8DED3ED, 9948E1C72561D93C4C2D98E84F16998739E25ED8E455EE61BAE52C95C96F2785 ] Garmin Device Interaction Service C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
21:58:57.0374 0x19e4  Garmin Device Interaction Service - ok
21:58:57.0468 0x19e4  [ 17595638D32C533C808F9045164366F0, A01A6960CD91A894C695602770164E24EA58D55DEFAD36976B152F57284598D6 ] GDBackupSvc     C:\Program Files (x86)\G Data\InternetSecurity\AVKBackup\AVKBackupService.exe
21:58:57.0562 0x19e4  GDBackupSvc - ok
21:58:57.0562 0x19e4  [ 5C9BB17C90FF7E41B37FF303E66E8B7E, 30DFE4E54F02265D1C88EE776B3D94DC6170C393C5A207F603CA4DAE3A062924 ] GDBehave        C:\WINDOWS\system32\drivers\GDBehave.sys
21:58:57.0577 0x19e4  GDBehave - ok
21:58:57.0593 0x19e4  [ 33ECB58FC1668E41B9724CFAC1898C3C, ADE4A01AF894FF95F339369D7A33684057C5F87454C356BB4DB29AC830964412 ] gddcd           C:\WINDOWS\system32\drivers\gddcd64.sys
21:58:57.0593 0x19e4  gddcd - ok
21:58:57.0608 0x19e4  [ 24638D40572A3C2E6750BF3D2FCF5D6C, 614E9C02999D5507CB050433F4F2D5FE70DEBAC04090681D5B9E153CB8F20525 ] gddcv           C:\WINDOWS\system32\drivers\gddcv64.sys
21:58:57.0608 0x19e4  gddcv - ok
21:58:57.0624 0x19e4  [ 1314062567B9ED86BFFDE5D8C48C52AE, 01DE02308E478F50DBFE4C6EAE9D0C052C1575283F2C182388E2028F3BF2E756 ] GDElam          C:\WINDOWS\system32\DRIVERS\GDElam.sys
21:58:57.0640 0x19e4  GDElam - ok
21:58:57.0702 0x19e4  [ 276D84DF732C3B621C18B2EF971784E5, 4FF3716256AADA8C42FE5B475736E6D3D8CEDD57A46105ED38201C810DD240C5 ] GDFwSvc         C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
21:58:57.0780 0x19e4  GDFwSvc - ok
21:58:57.0780 0x19e4  [ D48DAF24329226E8797CE4AF53D90FBC, 5F0B25F55CA27647FA24558B55DCD267889DCA29DC6F8857C820F45913F28D06 ] GDKBB           C:\WINDOWS\system32\drivers\GDKBB64.sys
21:58:57.0796 0x19e4  GDKBB - ok
21:58:57.0796 0x19e4  [ FC20CC3F6B87E9C26B01D8A6DDE6D847, C62B802E217160996073CDEBE7010C1C89FE26B89A09FF9F236642CDEDF2D19B ] GDKBFlt         C:\WINDOWS\system32\drivers\GDKBFlt64.sys
21:58:57.0812 0x19e4  GDKBFlt - ok
21:58:57.0827 0x19e4  [ 6AE13510BD818420767003E59A5CE7B9, C3B27A183BC02F9C2F1D0BE9DE0E187B0DAE3607954C9B4C7008B6EBF4902DDF ] GDMnIcpt        C:\WINDOWS\system32\drivers\MiniIcpt.sys
21:58:57.0843 0x19e4  GDMnIcpt - ok
21:58:57.0843 0x19e4  [ 13B5327BAF54153B7056E11DF5E63C79, 280A631BA2ABE2A1E7E49E10802C241FD987372E0A8E5C11037137EAA22E7019 ] GDPkIcpt        C:\WINDOWS\system32\drivers\PktIcpt.sys
21:58:57.0858 0x19e4  GDPkIcpt - ok
21:58:57.0890 0x19e4  [ 9BDF6478C4474BC571E1B94DCB77A157, 57C23520CF13A32200206B73EFAD82BE7C05E6F51BE443F84E7864FC7D73485C ] GDScan          C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
21:58:57.0905 0x19e4  GDScan - ok
21:58:57.0921 0x19e4  [ 7D9BBF500FE0C59434C73588A592BFA7, B9B7EB8B7BCB06188A7671574611247286E0EFBD620245EAD17D41DEA0CBC2DF ] gdwfpcd         C:\WINDOWS\system32\drivers\gdwfpcd64.sys
21:58:57.0921 0x19e4  gdwfpcd - ok
21:58:57.0937 0x19e4  gencounter - ok
21:58:57.0937 0x19e4  genericusbfn - ok
21:58:57.0937 0x19e4  GPIOClx0101 - ok
21:58:57.0937 0x19e4  gpsvc - ok
21:58:57.0952 0x19e4  GpuEnergyDrv - ok
21:58:57.0952 0x19e4  [ 7F2DEAC8C1F91EA86FD0E50A340C3348, 5FB43B9AEC482AF95E71E11E9A96E65BDE9D1A25F9B42EE7051866D2A3EF0098 ] GRD             C:\WINDOWS\system32\drivers\GRD.sys
21:58:57.0968 0x19e4  GRD - ok
21:58:57.0968 0x19e4  [ B9893A68032A6D9ADDB5B98287C630F7, F0280764D7B31F1EA634E91397229B1C064A7C1B3A77A6BBD123CEA74180789F ] grmnusb         C:\WINDOWS\system32\drivers\grmnusb.sys
21:58:57.0983 0x19e4  grmnusb - ok
21:58:57.0983 0x19e4  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:58:57.0999 0x19e4  gupdate - ok
21:58:57.0999 0x19e4  [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:58:58.0015 0x19e4  gupdatem - ok
21:58:58.0015 0x19e4  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:58:58.0030 0x19e4  gusvc - ok
21:58:58.0030 0x19e4  HdAudAddService - ok
21:58:58.0046 0x19e4  HDAudBus - ok
21:58:58.0046 0x19e4  HidBatt - ok
21:58:58.0046 0x19e4  HidBth - ok
21:58:58.0046 0x19e4  hidi2c - ok
21:58:58.0062 0x19e4  hidinterrupt - ok
21:58:58.0062 0x19e4  HidIr - ok
21:58:58.0062 0x19e4  hidserv - ok
21:58:58.0077 0x19e4  HidUsb - ok
21:58:58.0077 0x19e4  [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
21:58:58.0093 0x19e4  HipShieldK - ok
21:58:58.0093 0x19e4  HomeGroupListener - ok
21:58:58.0093 0x19e4  HomeGroupProvider - ok
21:58:58.0108 0x19e4  [ DCD75DED063C6625AAD5F28A7F86279F, A27C0E70577EA4FCD9CBB3DD63A280FA099AD3F367D7107385E38635F00C5BA3 ] HookCentre      C:\WINDOWS\system32\drivers\HookCentre.sys
21:58:58.0124 0x19e4  HookCentre - ok
21:58:58.0124 0x19e4  HpSAMD - ok
21:58:58.0124 0x19e4  HTTP - ok
21:58:58.0140 0x19e4  [ 5004E766075BADA25608489A7C649698, 685D6F5B99C06EF091BB126CA3FEADCA3ED3C05DD78B6709AF04A1DD0A030BAE ] huawei_cdcacm   C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys
21:58:58.0155 0x19e4  huawei_cdcacm - ok
21:58:58.0155 0x19e4  [ D49D4E7B70AD6B1D04771AC1F7DB79C7, 093D8343CF769FC805308ED357EEF30E3D78569B817A20FE9884863A1FDBC028 ] huawei_enumerator C:\WINDOWS\System32\drivers\ew_jubusenum.sys
21:58:58.0187 0x19e4  huawei_enumerator - ok
21:58:58.0187 0x19e4  HvHost - ok
21:58:58.0187 0x19e4  hvservice - ok
21:58:58.0202 0x19e4  [ BEF8FA61400A8BBD44DB075F52058DF3, D6631072B06DA60735CC4D7EA883496855A5B79D509D859B0570C88CA9A6F66C ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
21:58:58.0218 0x19e4  HWDeviceService64.exe - ok
21:58:58.0218 0x19e4  hwpolicy - ok
21:58:58.0233 0x19e4  [ F76D89C60AF419CC67AC1A1E589092B7, 9E878EE0517C1DBA726E6BCDB8EA3893007793B0036B28E13E75A9230B7CB754 ] hwusb_cdcacm    C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys
21:58:58.0249 0x19e4  hwusb_cdcacm - ok
21:58:58.0265 0x19e4  [ 82B1F9908C829ABA37997EEC919C01C6, 1CC511F8A32CDB4102ECD34A4057882031E216D8B3E68576B5E928B57479DF49 ] hwusb_wwanecm   C:\WINDOWS\system32\DRIVERS\ew_wwanecm.sys
21:58:58.0296 0x19e4  hwusb_wwanecm - ok
21:58:58.0296 0x19e4  hyperkbd - ok
21:58:58.0296 0x19e4  i8042prt - ok
21:58:58.0312 0x19e4  iagpio - ok
21:58:58.0312 0x19e4  iai2c - ok
21:58:58.0312 0x19e4  iaLPSS2i_GPIO2 - ok
21:58:58.0312 0x19e4  iaLPSS2i_I2C - ok
21:58:58.0327 0x19e4  iaLPSSi_GPIO - ok
21:58:58.0327 0x19e4  iaLPSSi_I2C - ok
21:58:58.0343 0x19e4  [ DD954B3DA679DD1CC22D7BE714BDCA97, 1D21DF77F635E43D800610B6B742AEFBE8CE5800BEE593A64CDF740DA9071426 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
21:58:58.0358 0x19e4  iaStorA - ok
21:58:58.0374 0x19e4  iaStorAV - ok
21:58:58.0374 0x19e4  [ D0BC37AD4F4AB21BE2322FD481247475, 88FAD5D7095DD15BAEBA74EF6DCDF9E00932BBF2C73963DF05687CFDF1984047 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:58:58.0390 0x19e4  IAStorDataMgrSvc - ok
21:58:58.0390 0x19e4  iaStorV - ok
21:58:58.0390 0x19e4  ibbus - ok
21:58:58.0390 0x19e4  ibtsiva - ok
21:58:58.0405 0x19e4  [ C5547F54E191D36AFD3A3654CBA65806, FC4EA1FFE2077FE17C536C0674CBC61EFDA138BC145346DA67742C15A93D9C1A ] ibtusb          C:\WINDOWS\system32\DRIVERS\ibtusb.sys
21:58:58.0421 0x19e4  ibtusb - ok
21:58:58.0421 0x19e4  icssvc - ok
21:58:58.0577 0x19e4  [ 658287D76E8D77C08AE98989F99B8948, DBA67B5772E1FE43ABDB3908A1CF86D76F2774BABC20359D2511F06A2A8CAC57 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
21:58:58.0749 0x19e4  igfx - ok
21:58:58.0780 0x19e4  [ A105AD05696D55E6E4F078ED850F6305, 8121A4226D2941EDD4809D516E7684E5C7164ADCF5AA4C8BC6620110625D3E8D ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
21:58:58.0796 0x19e4  igfxCUIService2.0.0.0 - ok
21:58:58.0796 0x19e4  [ C5B04409186A27409BD069580208A6D3, CAD4B07EB498BBDF730A8362BFDF02CF3A40B28001097CB8DBB5BE20D79581BA ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
21:58:58.0812 0x19e4  IJPLMSVC - ok
21:58:58.0812 0x19e4  [ E18725531054FE222115873AC1CCB02B, 0FC4B9D5DF77E19E4732759B848B4BCBBD44A124304FA8333BB3B7BC37E15FB8 ] ikbevent        C:\WINDOWS\system32\DRIVERS\ikbevent.sys
21:58:58.0827 0x19e4  ikbevent - ok
21:58:58.0827 0x19e4  IKEEXT - ok
21:58:58.0843 0x19e4  [ 8A268094274301F2673D0D656BF763E5, 7633741B393D4A3151425D4FBB0C0EB9D5E2B31A707710E23F4B749C08248C54 ] ImControllerService C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
21:58:58.0843 0x19e4  ImControllerService - ok
21:58:58.0858 0x19e4  [ 45060257BCA3D60204FEC29F6E6DE458, C9FB92FEEFC0DC5386B545A8E429D60B932360B9044A920F6F2EDD5CF3B7B5A0 ] imsevent        C:\WINDOWS\system32\DRIVERS\imsevent.sys
21:58:58.0858 0x19e4  imsevent - ok
21:58:58.0874 0x19e4  IndirectKmd - ok
21:58:58.0874 0x19e4  [ 5950F69F9B345952F3C2275C39EA393B, 382923DE0F5F25285F8C86BA628350DF1CFB6E63FF20736CF9285FB0F36A76DE ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
21:58:58.0890 0x19e4  intaud_WaveExtensible - ok
21:58:58.0968 0x19e4  [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
21:58:59.0062 0x19e4  IntcAzAudAddService - ok
21:58:59.0077 0x19e4  [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
21:58:59.0108 0x19e4  IntcDAud - ok
21:58:59.0124 0x19e4  [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:58:59.0155 0x19e4  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
21:58:59.0655 0x19e4  Detect skipped due to KSN trusted
21:58:59.0655 0x19e4  Intel(R) Capability Licensing Service Interface - ok
21:58:59.0687 0x19e4  [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:58:59.0718 0x19e4  Intel(R) Capability Licensing Service TCP IP Interface - ok
21:58:59.0718 0x19e4  [ 726BFAF3DC2071218F0AE53C919A4D3B, 7934BB42C16F1DAA80AB92FA4AF4BFDD2B8AF73EF55D95950E4A77DBB3DCBF4A ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
21:58:59.0733 0x19e4  Intel(R) ME Service - ok
21:58:59.0733 0x19e4  intelide - ok
21:58:59.0749 0x19e4  intelpep - ok
21:58:59.0749 0x19e4  intelppm - ok
21:58:59.0765 0x19e4  [ C5678CCEB3E9E03639C0A0E67B132E92, 3997C2F0410C7211C32730D3D80CDE18EABAAC9F244282008490351B9A4057EB ] Internet Manager. RunOuc C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe
21:58:59.0796 0x19e4  Internet Manager. RunOuc - detected UnsignedFile.Multi.Generic ( 1 )
21:59:00.0312 0x19e4  Detect skipped due to KSN trusted
21:59:00.0312 0x19e4  Internet Manager. RunOuc - ok
21:59:00.0312 0x19e4  iorate - ok
21:59:00.0312 0x19e4  IpFilterDriver - ok
21:59:00.0327 0x19e4  iphlpsvc - ok
21:59:00.0327 0x19e4  IPMIDRV - ok
21:59:00.0327 0x19e4  IPNAT - ok
21:59:00.0327 0x19e4  irda - ok
21:59:00.0343 0x19e4  IRENUM - ok
21:59:00.0343 0x19e4  irmon - ok
21:59:00.0343 0x19e4  isapnp - ok
21:59:00.0343 0x19e4  iScsiPrt - ok
21:59:00.0358 0x19e4  [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT            C:\WINDOWS\System32\drivers\ISCTD64.sys
21:59:00.0358 0x19e4  ISCT - ok
21:59:00.0374 0x19e4  [ 6E5767C95F746B6834F412CDBDCFEC48, DE4FC70159D0A4C0B15DE8F69554F8FF6EED9C6480C0CBE33BF74FCB0BD975FE ] ISCTAgent       C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
21:59:00.0390 0x19e4  ISCTAgent - ok
21:59:00.0390 0x19e4  [ 622BF9C46A47CF17608C501320E8EFBD, 059F99D4306216324E100FCDAF02093B2CD662F2C6BE8565A4281E7760F8B575 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
21:59:00.0405 0x19e4  iumsvc - ok
21:59:00.0421 0x19e4  [ F1D3A377ED9BA1CA449824C41CAF104C, EA0E90D5D827664CFDB644753C6DC134C3F8F852F24175EC8328A9FA925B25BF ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
21:59:00.0421 0x19e4  iwdbus - ok
21:59:00.0437 0x19e4  [ 1128B38EEC9DAF1B36373B65E87C00A3, 071E9454B9B442C2C3272FBC1AE5E92911A23CDB99F1C718C34067A70B99F910 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:59:00.0452 0x19e4  jhi_service - ok
21:59:00.0452 0x19e4  kbdclass - ok
21:59:00.0452 0x19e4  kbdhid - ok
21:59:00.0452 0x19e4  kdnic - ok
21:59:00.0468 0x19e4  KeyIso - ok
21:59:00.0468 0x19e4  KSecDD - ok
21:59:00.0468 0x19e4  KSecPkg - ok
21:59:00.0468 0x19e4  ksthunk - ok
21:59:00.0483 0x19e4  KtmRm - ok
21:59:00.0483 0x19e4  LanmanServer - ok
21:59:00.0483 0x19e4  LanmanWorkstation - ok
21:59:00.0499 0x19e4  lfsvc - ok
21:59:00.0499 0x19e4  [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr          C:\WINDOWS\system32\DRIVERS\LhdX64.sys
21:59:00.0515 0x19e4  LHDmgr - ok
21:59:00.0515 0x19e4  LicenseManager - ok
21:59:00.0515 0x19e4  lltdio - ok
21:59:00.0530 0x19e4  lltdsvc - ok
21:59:00.0530 0x19e4  lmhosts - ok
21:59:00.0546 0x19e4  [ 36DCEA3101D8CB56852EF5D7A4079164, 4E0CF63270B26049A8C76E5294EE9225D867F3D53A85A6D07486FDF87270E559 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:59:00.0562 0x19e4  LMS - ok
21:59:00.0562 0x19e4  LSI_SAS - ok
21:59:00.0562 0x19e4  LSI_SAS2i - ok
21:59:00.0577 0x19e4  LSI_SAS3i - ok
21:59:00.0577 0x19e4  LSI_SSS - ok
21:59:00.0577 0x19e4  LSM - ok
21:59:00.0577 0x19e4  luafv - ok
21:59:00.0593 0x19e4  MapsBroker - ok
21:59:00.0593 0x19e4  [ 25FAEF6CCFF6D9912A65641AE60711EB, AD83C6DE72D7C416EC7765DBA2EF41B32084980EE071A17CA2C360CDF91212AE ] MBAMChameleon   C:\WINDOWS\system32\drivers\MBAMChameleon.sys
21:59:00.0608 0x19e4  MBAMChameleon - ok
21:59:00.0624 0x19e4  [ 4988F9AEE3B9E4545975CAA9381DB0EF, DC6030468783BF02DAA6922A5469D73D56642963F7212398A959AD7915D9E76B ] MBAMFarflt      C:\WINDOWS\system32\DRIVERS\farflt.sys
21:59:00.0624 0x19e4  MBAMFarflt - ok
21:59:00.0640 0x19e4  [ 149E252142950594695178971748D056, 6F3EBAD6CB87A21B457AA09CA56EF01B48D4478CB94BD09834E72BE9A41265A4 ] MBAMProtection  C:\WINDOWS\system32\drivers\mbam.sys
21:59:00.0655 0x19e4  MBAMProtection - ok
21:59:00.0765 0x19e4  [ FEAF4E98C93BC3512B8108D2F534A3BA, 6D93EF21DB9BFFACC1241E823F9BB7719B9395D64BBF952874CFF015B7930D92 ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
21:59:00.0890 0x19e4  MBAMService - ok
21:59:00.0921 0x19e4  [ 94FCA94EE7937EA3ED75F39DE4C8E292, CD41ACBC70412B61C844ADC26413728A09D60983A464327A285C80E08D37F8B6 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
21:59:00.0937 0x19e4  MBAMSwissArmy - ok
21:59:00.0937 0x19e4  [ CC6522BC2BD971FEBADC5A794A908E4D, 388E612B4BC4E5A6E547D94D4C81D3301D664CDA77798FC0EFC0EF1F811E734C ] MBAMWebProtection C:\WINDOWS\system32\drivers\mwac.sys
21:59:00.0952 0x19e4  MBAMWebProtection - ok
21:59:00.0952 0x19e4  megasas - ok
21:59:00.0968 0x19e4  megasas2i - ok
21:59:00.0968 0x19e4  megasr - ok
21:59:00.0968 0x19e4  [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
21:59:00.0983 0x19e4  MEIx64 - ok
21:59:00.0999 0x19e4  MessagingService - ok
21:59:00.0999 0x19e4  [ CFFF5D9DD7C2B45801D71D13B3F372E0, 2C36A379AE107EEB28092399ED3152BAB0C3D5BC26B0591FA7962DED15F2A7F7 ] mfencrk         C:\WINDOWS\system32\DRIVERS\mfencrk.sys
21:59:01.0015 0x19e4  mfencrk - ok
21:59:01.0030 0x19e4  mlx4_bus - ok
21:59:01.0030 0x19e4  MMCSS - ok
21:59:01.0030 0x19e4  Modem - ok
21:59:01.0030 0x19e4  monitor - ok
21:59:01.0046 0x19e4  [ 54F44C3A4F6C1C4D00D4157FBD531EB1, B70861488C53F5399F2102E984220EC9578C5E21D48D280DF9F96CA0654A5923 ] MosIrUsb        C:\WINDOWS\System32\drivers\MosIrUsb.sys
21:59:01.0062 0x19e4  MosIrUsb - ok
21:59:01.0062 0x19e4  mouclass - ok
21:59:01.0077 0x19e4  mouhid - ok
21:59:01.0077 0x19e4  mountmgr - ok
21:59:01.0093 0x19e4  [ 0EACD4459D14FBB121A0F8202F170225, 6C63A3D69D6A44E6E03863D2256A5C6EF2DCA56B18DC90B8F3AE8C8DF5D303EF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:59:01.0108 0x19e4  MozillaMaintenance - ok
21:59:01.0108 0x19e4  mpsdrv - ok
21:59:01.0108 0x19e4  MpsSvc - ok
21:59:01.0124 0x19e4  MRxDAV - ok
21:59:01.0124 0x19e4  mrxsmb - ok
21:59:01.0124 0x19e4  mrxsmb10 - ok
21:59:01.0124 0x19e4  mrxsmb20 - ok
21:59:01.0140 0x19e4  MsBridge - ok
21:59:01.0140 0x19e4  MSDTC - ok
21:59:01.0140 0x19e4  Msfs - ok
21:59:01.0155 0x19e4  msgpiowin32 - ok
21:59:01.0155 0x19e4  mshidkmdf - ok
21:59:01.0155 0x19e4  mshidumdf - ok
21:59:01.0155 0x19e4  msisadrv - ok
21:59:01.0171 0x19e4  MSiSCSI - ok
21:59:01.0171 0x19e4  msiserver - ok
21:59:01.0171 0x19e4  MSKSSRV - ok
21:59:01.0171 0x19e4  MsLldp - ok
21:59:01.0187 0x19e4  MSPCLOCK - ok
21:59:01.0187 0x19e4  MSPQM - ok
21:59:01.0187 0x19e4  MsRPC - ok
21:59:01.0202 0x19e4  mssmbios - ok
21:59:01.0202 0x19e4  MSTEE - ok
21:59:01.0202 0x19e4  MTConfig - ok
21:59:01.0202 0x19e4  Mup - ok
21:59:01.0218 0x19e4  mvumis - ok
21:59:01.0218 0x19e4  NativeWifiP - ok
21:59:01.0218 0x19e4  NcaSvc - ok
21:59:01.0233 0x19e4  NcbService - ok
21:59:01.0233 0x19e4  NcdAutoSetup - ok
21:59:01.0233 0x19e4  ndfltr - ok
21:59:01.0233 0x19e4  NDIS - ok
21:59:01.0249 0x19e4  NdisCap - ok
21:59:01.0249 0x19e4  NdisImPlatform - ok
21:59:01.0249 0x19e4  NdisTapi - ok
21:59:01.0265 0x19e4  Ndisuio - ok
21:59:01.0265 0x19e4  NdisVirtualBus - ok
21:59:01.0265 0x19e4  NdisWan - ok
21:59:01.0265 0x19e4  ndiswanlegacy - ok
21:59:01.0280 0x19e4  ndproxy - ok
21:59:01.0280 0x19e4  Ndu - ok
21:59:01.0280 0x19e4  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
21:59:01.0296 0x19e4  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
21:59:01.0749 0x19e4  Detect skipped due to KSN trusted
21:59:01.0749 0x19e4  Net Driver HPZ12 - ok
21:59:01.0749 0x19e4  NetAdapterCx - ok
21:59:01.0765 0x19e4  NetBIOS - ok
21:59:01.0765 0x19e4  NetBT - ok
21:59:01.0765 0x19e4  Netlogon - ok
21:59:01.0780 0x19e4  Netman - ok
21:59:01.0780 0x19e4  netprofm - ok
21:59:01.0780 0x19e4  NetSetupSvc - ok
21:59:01.0796 0x19e4  NetTcpPortSharing - ok
21:59:01.0858 0x19e4  [ 387ADDE3084B0E98CD2943705377F9C8, CC29F396277518CED5453870E08653BE95BF0E0BD7DD94DF9E84A35FFE80CDAB ] NETwNb64        C:\WINDOWS\System32\drivers\Netwbw02.sys
21:59:01.0952 0x19e4  NETwNb64 - ok
21:59:01.0968 0x19e4  NgcCtnrSvc - ok
21:59:01.0968 0x19e4  NgcSvc - ok
21:59:01.0968 0x19e4  NlaSvc - ok
21:59:01.0983 0x19e4  Npfs - ok
21:59:01.0983 0x19e4  npsvctrig - ok
21:59:01.0983 0x19e4  nsi - ok
21:59:01.0983 0x19e4  nsiproxy - ok
21:59:01.0999 0x19e4  NTFS - ok
21:59:01.0999 0x19e4  Null - ok
21:59:02.0015 0x19e4  [ DA16D10F446F9F9CE3EDB395A34ED5EE, F2F7592BEDB2F5D9981C49695987C7767DA9995A5963B3483EFC7ADE6B39669D ] NuTCRACKERService C:\WINDOWS\system32\nutsrv4.exe
21:59:02.0046 0x19e4  NuTCRACKERService - ok
21:59:02.0062 0x19e4  [ 176372CCCD2A3B36224D0490A24FDCD5, 214C2BE782CF060069070C292CD18084DFFC26A2F26DB94847EFFFEC5B190905 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
21:59:02.0077 0x19e4  NvContainerLocalSystem - ok
21:59:02.0093 0x19e4  [ 176372CCCD2A3B36224D0490A24FDCD5, 214C2BE782CF060069070C292CD18084DFFC26A2F26DB94847EFFFEC5B190905 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
21:59:02.0108 0x19e4  NvContainerNetworkService - ok
21:59:02.0405 0x19e4  [ 90050A0469120BD8E0931267FFE31CFD, 0424DF3733EBF21B2500F7B94C40E0A8AD60005191E4FB0C2F6FFD8FC7844EEF ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_e512e33140587627\nvlddmkm.sys
21:59:02.0718 0x19e4  nvlddmkm - ok
21:59:02.0749 0x19e4  [ 48898B26FBE8185DE5625FA1D369DDDB, 5CF71E952D1E4E24BC2E3DB8A48D44DD4A132B940E6D883A3E37DDC65940DBA4 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
21:59:02.0765 0x19e4  nvpciflt - ok
21:59:02.0765 0x19e4  nvraid - ok
21:59:02.0765 0x19e4  nvstor - ok
21:59:02.0765 0x19e4  [ 4942EC595A4A10F94BB060CB2DFE83BD, 2FDBA6AFFCA0E85D840AFD149762CE82C95861C370469DF8A5C5B5F213CD9488 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
21:59:02.0780 0x19e4  NvStreamKms - ok
21:59:02.0796 0x19e4  [ 0CB5B4866F6A7EAE332E256D151C8190, 2A9CFFD46C2972DDC16C3C34DD3A17B47C6D4145485E4A28365AD3797576424C ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
21:59:02.0812 0x19e4  NvTelemetryContainer - ok
21:59:02.0812 0x19e4  [ F489CE4A8456F9EB0F0C5532E2FD7549, 145D8A8EBF5120C735FBCDCA6593AB29088E2AB77130749E3727CB1434C9ABEA ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
21:59:02.0827 0x19e4  nvvad_WaveExtensible - ok
21:59:02.0827 0x19e4  [ 0E624D8E9B6BFDA269FB1C4456E5DEBE, 9F4E5485B719547F12A27EAFFAB32819AE38086D0933EA1525B5B62684A07477 ] nvvhci          C:\WINDOWS\System32\drivers\nvvhci.sys
21:59:02.0843 0x19e4  nvvhci - ok
21:59:02.0858 0x19e4  [ 18D041C4E99653D5C782AD2B3E4AAE04, B991AF5CFCF9174E050D5034FAB044C0FB01CBC0C0FB01F0ACF2C52B227BF33D ] nwtsrv          C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
21:59:02.0874 0x19e4  nwtsrv - ok
21:59:02.0874 0x19e4  OneSyncSvc - ok
21:59:02.0890 0x19e4  [ 28EBB54D39A9BDC13516C2C0FF1EB95D, 5E4D9126772E43D689010C8FA1131296FAD9A8F92395E68F598CA8FBB18BFC71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:59:02.0905 0x19e4  ose - ok
21:59:02.0905 0x19e4  p2pimsvc - ok
21:59:02.0905 0x19e4  p2psvc - ok
21:59:02.0921 0x19e4  Parport - ok
21:59:02.0921 0x19e4  partmgr - ok
21:59:02.0921 0x19e4  PcaSvc - ok
21:59:02.0921 0x19e4  pci - ok
21:59:02.0937 0x19e4  pciide - ok
21:59:02.0937 0x19e4  pcmcia - ok
21:59:02.0937 0x19e4  pcw - ok
21:59:02.0952 0x19e4  pdc - ok
21:59:02.0952 0x19e4  PEAUTH - ok
21:59:02.0952 0x19e4  percsas2i - ok
21:59:02.0968 0x19e4  percsas3i - ok
21:59:02.0999 0x19e4  PerfHost - ok
21:59:02.0999 0x19e4  PhoneSvc - ok
21:59:03.0015 0x19e4  PimIndexMaintenanceSvc - ok
21:59:03.0015 0x19e4  pla - ok
21:59:03.0015 0x19e4  PlugPlay - ok
21:59:03.0030 0x19e4  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
21:59:03.0046 0x19e4  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
21:59:03.0499 0x19e4  Detect skipped due to KSN trusted
21:59:03.0499 0x19e4  Pml Driver HPZ12 - ok
21:59:03.0515 0x19e4  PNRPAutoReg - ok
21:59:03.0515 0x19e4  PNRPsvc - ok
21:59:03.0515 0x19e4  PolicyAgent - ok
21:59:03.0530 0x19e4  Power - ok
21:59:03.0530 0x19e4  PptpMiniport - ok
21:59:03.0593 0x19e4  [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:59:03.0718 0x19e4  PrintNotify - ok
21:59:03.0733 0x19e4  Processor - ok
21:59:03.0733 0x19e4  ProfSvc - ok
21:59:03.0733 0x19e4  Psched - ok
21:59:03.0733 0x19e4  QWAVE - ok
21:59:03.0749 0x19e4  QWAVEdrv - ok
21:59:03.0749 0x19e4  RasAcd - ok
21:59:03.0749 0x19e4  RasAgileVpn - ok
21:59:03.0765 0x19e4  RasAuto - ok
21:59:03.0765 0x19e4  Rasl2tp - ok
21:59:03.0765 0x19e4  RasMan - ok
21:59:03.0765 0x19e4  RasPppoe - ok
21:59:03.0780 0x19e4  RasSstp - ok
21:59:03.0780 0x19e4  rdbss - ok
21:59:03.0780 0x19e4  rdpbus - ok
21:59:03.0796 0x19e4  RDPDR - ok
21:59:03.0796 0x19e4  RdpVideoMiniport - ok
21:59:03.0812 0x19e4  rdyboost - ok
21:59:03.0812 0x19e4  ReFSv1 - ok
21:59:03.0812 0x19e4  RemoteAccess - ok
21:59:03.0812 0x19e4  RemoteRegistry - ok
21:59:03.0827 0x19e4  RetailDemo - ok
21:59:03.0827 0x19e4  RFCOMM - ok
21:59:03.0827 0x19e4  RmSvc - ok
21:59:03.0843 0x19e4  RpcEptMapper - ok
21:59:03.0843 0x19e4  RpcLocator - ok
21:59:03.0843 0x19e4  RpcSs - ok
21:59:03.0858 0x19e4  rspndr - ok
21:59:03.0858 0x19e4  rt640x64 - ok
21:59:03.0874 0x19e4  [ B88880586ACD3EDEFCD0F9C2A6C1EE27, 901EEA6C7CC4AA19C3D79E52D4892F9965B61D51DBE0855ACCB64BB6B2260353 ] RTL2832UBDA     C:\WINDOWS\system32\drivers\RTL2832UBDA.sys
21:59:03.0874 0x19e4  RTL2832UBDA - ok
21:59:03.0890 0x19e4  [ 4C04300EE6A5E780FD4E2F0806AECA0E, 85C01DDABEC393D85DD5F243EDF4792036209BCC01CE23296F0305AD1D2CFA71 ] RTL2832UUSB     C:\WINDOWS\System32\Drivers\RTL2832UUSB.sys
21:59:03.0890 0x19e4  RTL2832UUSB - ok
21:59:03.0905 0x19e4  [ C24DF587D59345FCA718FE550EB036D7, 50B3D26C0F633B90B399C2E466108CE0B6A592CBE969CEE4A44E5F4EC9F07258 ] RTL2832U_IRHID  C:\WINDOWS\System32\drivers\RTL2832U_IRHID.sys
21:59:03.0905 0x19e4  RTL2832U_IRHID - ok
21:59:03.0937 0x19e4  [ 0563EF3AFC4F0A3A10A850A2CC4C3121, B5A125883E826316F94DD5E941C59C1319409752070C6A5BE28FB5DA09845746 ] RTL8168         C:\WINDOWS\System32\drivers\Rt630x64.sys
21:59:03.0952 0x19e4  RTL8168 - ok
21:59:03.0983 0x19e4  [ 72194EB35B78757FBA9FCEC5C94AB53A, 3FCDF13C20D902A11A81EFAB3FD99D839EC6B39BB51FC3E1EE1138DBBF33AFF9 ] RTSPER          C:\WINDOWS\system32\DRIVERS\RtsPer.sys
21:59:03.0999 0x19e4  RTSPER - ok
21:59:04.0155 0x19e4  [ 40F7D0FC20448D8DDC56066565CE17E6, FCBA1A9D7666089AC2141ECC9403A62087875E585B1592F40E8B27B4DBD07767 ] rtsuvc          C:\WINDOWS\system32\DRIVERS\rtsuvc.sys
21:59:04.0327 0x19e4  rtsuvc - ok
21:59:04.0343 0x19e4  s3cap - ok
21:59:04.0343 0x19e4  SamSs - ok
21:59:04.0343 0x19e4  sbp2port - ok
21:59:04.0343 0x19e4  SCardSvr - ok
21:59:04.0358 0x19e4  ScDeviceEnum - ok
21:59:04.0358 0x19e4  scfilter - ok
21:59:04.0358 0x19e4  Schedule - ok
21:59:04.0374 0x19e4  scmbus - ok
21:59:04.0374 0x19e4  scmdisk0101 - ok
21:59:04.0374 0x19e4  SCPolicySvc - ok
21:59:04.0390 0x19e4  [ F7CB59B1758135DA71CDBDC478170C99, 72DD13DD3A5BEEB4444723A5E743D8AD31122211236EEBACE972AF7A2686A5CE ] SD11CL64        C:\WINDOWS\system32\DRIVERS\SD11CL64.sys
21:59:04.0405 0x19e4  SD11CL64 - ok
21:59:04.0405 0x19e4  sdbus - ok
21:59:04.0421 0x19e4  [ 316A555A88EE4B2A2B6064D7205CDACD, 9BE8E986C51CBC9B5F49B8D6DD79AAA3591469C1047AFA2762F717C0A72AE0FA ] SDI01164        C:\WINDOWS\system32\DRIVERS\SDI01164.SYS
21:59:04.0437 0x19e4  SDI01164 - ok
21:59:04.0437 0x19e4  SDRSVC - ok
21:59:04.0437 0x19e4  sdstor - ok
21:59:04.0452 0x19e4  [ AFC22441287207D38A6D0D8031E86BBA, 540F27632A883C29217E82DCEB887D0A5459FCD19AC7FED6B1F9F61DF3BF86E2 ] Seagate Dashboard Services C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
21:59:04.0468 0x19e4  Seagate Dashboard Services - ok
21:59:04.0468 0x19e4  [ D95BAFD391C781E55316E6F26831E45B, C6412A055661306D107C3C31AD49D58A3BE5B9154587B53610F1511E33D57BE0 ] Seagate MobileBackup Service C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
21:59:04.0483 0x19e4  Seagate MobileBackup Service - ok
21:59:04.0483 0x19e4  seclogon - ok
21:59:04.0499 0x19e4  SENS - ok
21:59:04.0499 0x19e4  SensorDataService - ok
21:59:04.0499 0x19e4  SensorService - ok
21:59:04.0515 0x19e4  SensrSvc - ok
21:59:04.0515 0x19e4  SerCx - ok
21:59:04.0515 0x19e4  SerCx2 - ok
21:59:04.0530 0x19e4  Serenum - ok
21:59:04.0530 0x19e4  Serial - ok
21:59:04.0546 0x19e4  sermouse - ok
21:59:04.0562 0x19e4  SessionEnv - ok
21:59:04.0562 0x19e4  sfloppy - ok
21:59:04.0562 0x19e4  SharedAccess - ok
21:59:04.0577 0x19e4  [ E829D42DD6C64DFE2587FD9B9F598693, 78C387F7F049BD436E69CB5366BCA08B0B9BE7D7A468B843A18E24E7DB2624FA ] ShareItSvc      C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe
21:59:04.0593 0x19e4  ShareItSvc - ok
21:59:04.0593 0x19e4  ShellHWDetection - ok
21:59:04.0593 0x19e4  shpamsvc - ok
21:59:04.0608 0x19e4  SiSRaid2 - ok
21:59:04.0608 0x19e4  SiSRaid4 - ok
21:59:04.0624 0x19e4  [ E6DA1192D36D2D29FF8387917C2D70A6, 6F6AB7A2E45D7E05F5ED0B08B1ED9FFA03BDBFAF5E80F8B9E2C4D6CF6F74B851 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:59:04.0655 0x19e4  SkypeUpdate - ok
21:59:04.0655 0x19e4  [ 8A6571231D93C08434A56E19E33A35CB, 78A12B58D129D5B2017C9A94734656B9F1ED41345DF1D01F82702D4D95C1BE3F ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
21:59:04.0671 0x19e4  SmbDrvI - ok
21:59:04.0671 0x19e4  smphost - ok
21:59:04.0687 0x19e4  SmsRouter - ok
21:59:04.0702 0x19e4  SNMPTRAP - ok
21:59:04.0702 0x19e4  spaceport - ok
21:59:04.0702 0x19e4  SpbCx - ok
21:59:04.0718 0x19e4  Spooler - ok
21:59:04.0718 0x19e4  sppsvc - ok
21:59:04.0733 0x19e4  srv - ok
21:59:04.0733 0x19e4  srv2 - ok
21:59:04.0733 0x19e4  srvnet - ok
21:59:04.0749 0x19e4  SSDPSRV - ok
21:59:04.0749 0x19e4  SstpSvc - ok
21:59:04.0765 0x19e4  [ F0B59ADCD06BCEB9D47311B7041CA2C9, 6299AB514CBE153C875F083ED789F6205C1781C0178759521F5A6D8007F5257C ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
21:59:04.0780 0x19e4  ssudmdm - ok
21:59:04.0796 0x19e4  [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
21:59:04.0827 0x19e4  ss_conn_service - ok
21:59:04.0827 0x19e4  StateRepository - ok
21:59:04.0827 0x19e4  stexstor - ok
21:59:04.0843 0x19e4  stisvc - ok
21:59:04.0843 0x19e4  storahci - ok
21:59:04.0843 0x19e4  storflt - ok
21:59:04.0858 0x19e4  stornvme - ok
21:59:04.0858 0x19e4  storqosflt - ok
21:59:04.0858 0x19e4  StorSvc - ok
21:59:04.0874 0x19e4  storufs - ok
21:59:04.0874 0x19e4  storvsc - ok
21:59:04.0905 0x19e4  [ 6BB595EDC1C53A06E07B737C27CE000D, 0141C0CDA1C0D080A4A0A43B919A6EC76661A913C1E4036E1A61E0F80D014C64 ] SurfEasyVPN     C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
21:59:04.0952 0x19e4  SurfEasyVPN - ok
21:59:04.0968 0x19e4  [ EB207D539911B512726C4A6B8A2ED78C, 9662B0BDFA1420399B48B892C9B3C47FDFE966F32405FC3A4B22F2DE2A0FA614 ] SUService       C:\Program Files (x86)\Lenovo\System Update\SUService.exe
21:59:04.0968 0x19e4  SUService - ok
21:59:04.0983 0x19e4  svsvc - ok
21:59:04.0983 0x19e4  swenum - ok
21:59:04.0983 0x19e4  swprv - ok
21:59:04.0999 0x19e4  Synth3dVsc - ok
21:59:05.0015 0x19e4  [ 7DC2B34FB6F1798F2D13453E0321D025, 60EF12A8824384DD88D9C5D188E8FB137F0F85A63C06AAF720CB2D616EB847F4 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
21:59:05.0030 0x19e4  SynTP - ok
21:59:05.0030 0x19e4  SysMain - ok
21:59:05.0046 0x19e4  SystemEventsBroker - ok
21:59:05.0046 0x19e4  TabletInputService - ok
21:59:05.0046 0x19e4  [ D765F43CBEA72D14C04AF3D2B9C8E54B, 89C5CA1440DF186497CE158EB71C0C6BF570A75B6BC1880EAC7C87A0250201C0 ] tap0901         C:\WINDOWS\System32\drivers\tap0901.sys
21:59:05.0062 0x19e4  tap0901 - ok
21:59:05.0077 0x19e4  [ E790E904BB06081F5A3DAFE87F20D06B, F09F574A134E87B9578B914ACD028AF49031CDC788989A073197774A49FFFD17 ] taphss6         C:\WINDOWS\System32\drivers\taphss6.sys
21:59:05.0077 0x19e4  taphss6 - ok
21:59:05.0093 0x19e4  TapiSrv - ok
21:59:05.0093 0x19e4  Tcpip - ok
21:59:05.0093 0x19e4  Tcpip6 - ok
21:59:05.0108 0x19e4  tcpipreg - ok
21:59:05.0108 0x19e4  tdx - ok
21:59:05.0124 0x19e4  terminpt - ok
21:59:05.0124 0x19e4  TermService - ok
21:59:05.0124 0x19e4  Themes - ok
21:59:05.0140 0x19e4  TieringEngineService - ok
21:59:05.0140 0x19e4  tiledatamodelsvc - ok
21:59:05.0140 0x19e4  TimeBrokerSvc - ok
21:59:05.0140 0x19e4  TPM - ok
21:59:05.0155 0x19e4  TrkWks - ok
21:59:05.0155 0x19e4  TrustedInstaller - ok
21:59:05.0171 0x19e4  [ 59BD43714E1034A913F019413905D387, 1F16B042F5C7880C94AC368FA88E05CA2031F7BE56CEBB8188746E5C2B27A2FB ] TS4NT           C:\WINDOWS\system32\Drivers\TS4nt.sys
21:59:05.0171 0x19e4  TS4NT - ok
21:59:05.0187 0x19e4  tsusbflt - ok
21:59:05.0187 0x19e4  TsUsbGD - ok
21:59:05.0202 0x19e4  tunnel - ok
21:59:05.0202 0x19e4  tzautoupdate - ok
21:59:05.0202 0x19e4  UASPStor - ok
21:59:05.0218 0x19e4  UcmCx0101 - ok
21:59:05.0218 0x19e4  UcmTcpciCx0101 - ok
21:59:05.0233 0x19e4  UcmUcsi - ok
21:59:05.0233 0x19e4  Ucx01000 - ok
21:59:05.0249 0x19e4  UdeCx - ok
21:59:05.0249 0x19e4  udfs - ok
21:59:05.0249 0x19e4  UEFI - ok
21:59:05.0265 0x19e4  Ufx01000 - ok
21:59:05.0265 0x19e4  UfxChipidea - ok
21:59:05.0265 0x19e4  ufxsynopsys - ok
21:59:05.0280 0x19e4  UI0Detect - ok
21:59:05.0296 0x19e4  umbus - ok
21:59:05.0296 0x19e4  UmPass - ok
21:59:05.0312 0x19e4  UmRdpService - ok
21:59:05.0327 0x19e4  UnistoreSvc - ok
21:59:05.0343 0x19e4  upnphost - ok
21:59:05.0343 0x19e4  UrsChipidea - ok
21:59:05.0343 0x19e4  UrsCx01000 - ok
21:59:05.0358 0x19e4  UrsSynopsys - ok
21:59:05.0374 0x19e4  [ 75F8A310533E15D27115CDE2A881126F, 19678B5362D3FF318E5D4D4D2E8F5435C05C508737772D35EABC6E9642473566 ] usb3Hub         C:\WINDOWS\System32\drivers\usb3Hub.sys
21:59:05.0390 0x19e4  usb3Hub - ok
21:59:05.0405 0x19e4  usbccgp - ok
21:59:05.0421 0x19e4  usbcir - ok
21:59:05.0437 0x19e4  usbehci - ok
21:59:05.0437 0x19e4  usbhub - ok
21:59:05.0452 0x19e4  USBHUB3 - ok
21:59:05.0452 0x19e4  usbohci - ok
21:59:05.0468 0x19e4  usbprint - ok
21:59:05.0468 0x19e4  usbser - ok
21:59:05.0468 0x19e4  USBSTOR - ok
21:59:05.0483 0x19e4  usbuhci - ok
21:59:05.0483 0x19e4  USBXHCI - ok
21:59:05.0499 0x19e4  UserDataSvc - ok
21:59:05.0499 0x19e4  UserManager - ok
21:59:05.0515 0x19e4  UsoSvc - ok
21:59:05.0515 0x19e4  VaultSvc - ok
21:59:05.0515 0x19e4  vdrvroot - ok
21:59:05.0530 0x19e4  vds - ok
21:59:05.0530 0x19e4  VerifierExt - ok
21:59:05.0530 0x19e4  vhdmp - ok
21:59:05.0546 0x19e4  vhf - ok
21:59:05.0546 0x19e4  vmbus - ok
21:59:05.0546 0x19e4  VMBusHID - ok
21:59:05.0562 0x19e4  vmgid - ok
21:59:05.0562 0x19e4  vmicguestinterface - ok
21:59:05.0562 0x19e4  vmicheartbeat - ok
21:59:05.0577 0x19e4  vmickvpexchange - ok
21:59:05.0577 0x19e4  vmicrdv - ok
21:59:05.0593 0x19e4  vmicshutdown - ok
21:59:05.0593 0x19e4  vmictimesync - ok
21:59:05.0608 0x19e4  vmicvmsession - ok
21:59:05.0608 0x19e4  vmicvss - ok
21:59:05.0624 0x19e4  volmgr - ok
21:59:05.0624 0x19e4  volmgrx - ok
21:59:05.0640 0x19e4  volsnap - ok
21:59:05.0640 0x19e4  volume - ok
21:59:05.0640 0x19e4  vpci - ok
21:59:05.0655 0x19e4  vsmraid - ok
21:59:05.0655 0x19e4  VSS - ok
21:59:05.0655 0x19e4  VSTXRAID - ok
21:59:05.0671 0x19e4  vwifibus - ok
21:59:05.0671 0x19e4  vwififlt - ok
21:59:05.0671 0x19e4  vwifimp - ok
21:59:05.0687 0x19e4  W32Time - ok
21:59:05.0687 0x19e4  w3logsvc - ok
21:59:05.0687 0x19e4  W3SVC - ok
21:59:05.0702 0x19e4  WacomPen - ok
21:59:05.0702 0x19e4  WalletService - ok
21:59:05.0702 0x19e4  wanarp - ok
21:59:05.0718 0x19e4  wanarpv6 - ok
21:59:05.0718 0x19e4  WAS - ok
21:59:05.0718 0x19e4  wbengine - ok
21:59:05.0733 0x19e4  WbioSrvc - ok
21:59:05.0733 0x19e4  wcifs - ok
21:59:05.0733 0x19e4  Wcmsvc - ok
21:59:05.0749 0x19e4  wcncsvc - ok
21:59:05.0749 0x19e4  wcnfs - ok
21:59:05.0780 0x19e4  [ C1324C0096AB72FA335A60F2212EF729, 287A546CA931491674701A1E0EC650337BCD844674FE2B97DEAA9D5DB102E43A ] WDBackup        C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
21:59:05.0812 0x19e4  WDBackup - ok
21:59:05.0827 0x19e4  WdBoot - ok
21:59:05.0827 0x19e4  [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
21:59:05.0843 0x19e4  WDC_SAM - ok
21:59:05.0858 0x19e4  [ A9579584C5111D9AD1DE374DA0C7D3EC, 5ED0DE615F9FF6EB0CE903D60F16502897FAB79C5B006CEF3266DD0A7E5E4E37 ] WDDriveService  C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
21:59:05.0874 0x19e4  WDDriveService - ok
21:59:05.0874 0x19e4  Wdf01000 - ok
21:59:05.0890 0x19e4  WdFilter - ok
21:59:05.0890 0x19e4  WdiServiceHost - ok
21:59:05.0890 0x19e4  WdiSystemHost - ok
21:59:05.0905 0x19e4  wdiwifi - ok
21:59:05.0905 0x19e4  WdNisDrv - ok
21:59:05.0921 0x19e4  WdNisSvc - ok
21:59:05.0921 0x19e4  WebClient - ok
21:59:05.0937 0x19e4  Wecsvc - ok
21:59:05.0937 0x19e4  WEPHOSTSVC - ok
21:59:05.0937 0x19e4  wercplsupport - ok
21:59:05.0952 0x19e4  WerSvc - ok
21:59:05.0952 0x19e4  WFPLWFS - ok
21:59:05.0968 0x19e4  WiaRpc - ok
21:59:05.0968 0x19e4  WIMMount - ok
21:59:05.0968 0x19e4  WinDefend - ok
21:59:05.0983 0x19e4  WindowsTrustedRT - ok
21:59:05.0999 0x19e4  WindowsTrustedRTProxy - ok
21:59:05.0999 0x19e4  WinHttpAutoProxySvc - ok
21:59:05.0999 0x19e4  WinMad - ok
21:59:06.0015 0x19e4  Winmgmt - ok
21:59:06.0015 0x19e4  WinRM - ok
21:59:06.0030 0x19e4  WINUSB - ok
21:59:06.0030 0x19e4  WinVerbs - ok
21:59:06.0030 0x19e4  wisvc - ok
21:59:06.0046 0x19e4  WlanSvc - ok
21:59:06.0046 0x19e4  wlidsvc - ok
21:59:06.0046 0x19e4  WmiAcpi - ok
21:59:06.0062 0x19e4  wmiApSrv - ok
21:59:06.0062 0x19e4  WMPNetworkSvc - ok
21:59:06.0062 0x19e4  Wof - ok
21:59:06.0077 0x19e4  workfolderssvc - ok
21:59:06.0077 0x19e4  WPDBusEnum - ok
21:59:06.0077 0x19e4  WpdUpFltr - ok
21:59:06.0093 0x19e4  WpnService - ok
21:59:06.0093 0x19e4  WpnUserService - ok
21:59:06.0109 0x19e4  [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001    C:\WINDOWS\system32\drivers\WPRO_41_2001.sys
21:59:06.0109 0x19e4  WPRO_41_2001 - ok
21:59:06.0124 0x19e4  ws2ifsl - ok
21:59:06.0124 0x19e4  wscsvc - ok
21:59:06.0124 0x19e4  WSDPrintDevice - ok
21:59:06.0140 0x19e4  WSDScan - ok
21:59:06.0140 0x19e4  WSearch - ok
21:59:06.0155 0x19e4  [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd            C:\WINDOWS\system32\DRIVERS\wsvd.sys
21:59:06.0155 0x19e4  wsvd - ok
21:59:06.0171 0x19e4  wuauserv - ok
21:59:06.0171 0x19e4  WudfPf - ok
21:59:06.0171 0x19e4  WUDFRd - ok
21:59:06.0187 0x19e4  wudfsvc - ok
21:59:06.0187 0x19e4  WUDFWpdFs - ok
21:59:06.0187 0x19e4  WUDFWpdMtp - ok
21:59:06.0202 0x19e4  WwanSvc - ok
21:59:06.0202 0x19e4  XblAuthManager - ok
21:59:06.0202 0x19e4  XblGameSave - ok
21:59:06.0218 0x19e4  xboxgip - ok
21:59:06.0218 0x19e4  XboxNetApiSvc - ok
21:59:06.0218 0x19e4  xinputhid - ok
21:59:06.0233 0x19e4  ================ Scan global ===============================
21:59:06.0249 0x19e4  [ Global ] - ok
21:59:06.0249 0x19e4  ================ Scan MBR ==================================
21:59:06.0249 0x19e4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:59:06.0265 0x19e4  \Device\Harddisk0\DR0 - ok
21:59:06.0265 0x19e4  ================ Scan VBR ==================================
21:59:06.0265 0x19e4  [ A766BF229472CA05938B4E833FAD0EB5 ] \Device\Harddisk0\DR0\Partition1
21:59:06.0265 0x19e4  \Device\Harddisk0\DR0\Partition1 - ok
21:59:06.0265 0x19e4  [ F7878AFC1827089A47DB327AFEDF292A ] \Device\Harddisk0\DR0\Partition2
21:59:06.0265 0x19e4  \Device\Harddisk0\DR0\Partition2 - ok
21:59:06.0280 0x19e4  [ AEB711D503036FC10F489B0376F8D95F ] \Device\Harddisk0\DR0\Partition3
21:59:06.0280 0x19e4  \Device\Harddisk0\DR0\Partition3 - ok
21:59:06.0280 0x19e4  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition4
21:59:06.0280 0x19e4  \Device\Harddisk0\DR0\Partition4 - ok
21:59:06.0280 0x19e4  [ 95F5E9D723589F83D3F3D1C0F23BA072 ] \Device\Harddisk0\DR0\Partition5
21:59:06.0280 0x19e4  \Device\Harddisk0\DR0\Partition5 - ok
21:59:06.0280 0x19e4  [ A9BE15C77DAD78EAF915AF27C88338D0 ] \Device\Harddisk0\DR0\Partition6
21:59:06.0280 0x19e4  \Device\Harddisk0\DR0\Partition6 - ok
21:59:06.0280 0x19e4  [ 08050F2299B1C587400C1F22E027E8AC ] \Device\Harddisk0\DR0\Partition7
21:59:06.0280 0x19e4  \Device\Harddisk0\DR0\Partition7 - ok
21:59:06.0296 0x19e4  [ 89AC7C7FD73749D637850B725BBCAAF1 ] \Device\Harddisk0\DR0\Partition8
21:59:06.0296 0x19e4  \Device\Harddisk0\DR0\Partition8 - ok
21:59:06.0296 0x19e4  [ 451071B73B5836A964BCE74670215245 ] \Device\Harddisk0\DR0\Partition9
21:59:06.0296 0x19e4  \Device\Harddisk0\DR0\Partition9 - ok
21:59:06.0296 0x19e4  ================ Scan generic autorun ======================
21:59:06.0530 0x19e4  [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:59:06.0843 0x19e4  RtHDVCpl - ok
21:59:06.0874 0x19e4  [ 31821EC63BDEDE18E64C11F7248B32AB, 6982AE866F8EC7943FDB3E4B77B03542A2E3E07F080B8D806C4ED903DE3368CE ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
21:59:06.0921 0x19e4  RtHDVBg_Dolby - ok
21:59:06.0937 0x19e4  [ 31821EC63BDEDE18E64C11F7248B32AB, 6982AE866F8EC7943FDB3E4B77B03542A2E3E07F080B8D806C4ED903DE3368CE ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
21:59:06.0984 0x19e4  RtHDVBg_LENOVO_DOLBYDRAGON - ok
21:59:07.0015 0x19e4  [ 31821EC63BDEDE18E64C11F7248B32AB, 6982AE866F8EC7943FDB3E4B77B03542A2E3E07F080B8D806C4ED903DE3368CE ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
21:59:07.0046 0x19e4  RtHDVBg_LENOVO_MICPKEY - ok
21:59:07.0171 0x19e4  [ 8FC50E52DE82C5D9931FAF10BA53995B, B7D94D34A56A23E98507C8C5D98D003778906BAA100EEA9323529FD8658E3C94 ] C:\WINDOWS\RTFTrack.exe
21:59:07.0327 0x19e4  RtsFT - ok
21:59:07.0609 0x19e4  [ 948DD38ED5A7A047CB17F5C3D9274C15, C6B6AA1719CB30598B2B55665045598D6F2FD51A47F230F6588729DDB2F5C5D0 ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
21:59:07.0937 0x19e4  Energy Manager - ok
21:59:07.0952 0x19e4  [ 6EEC94872D8AFBC403EC93CD6ADC1C0F, BEB304BCD689D48E2EC180545AD3139E2AE8BBBAC74FB2C8520A72445778283A ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
21:59:07.0968 0x19e4  Lenovo Utility - ok
21:59:08.0015 0x19e4  [ E9D228970356F01DB68E531A0F173FB8, B23032DFEA446CF4D5E75D6CC3F049314EC9EB2D4E9BEB1883D4AC4BC2631A6B ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
21:59:08.0077 0x19e4  CanonMyPrinter - ok
21:59:08.0093 0x19e4  [ 48515EEA1608ECD83FE26C7490460F59, C7C552D13ED12B4165FDE45F69E170D4F18B746D84B3B08E7254AAF8D9671D0C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
21:59:08.0124 0x19e4  AdobeAAMUpdater-1.0 - ok
21:59:08.0124 0x19e4  SynTPEnh - ok
21:59:08.0124 0x19e4  USB Safely Remove - ok
21:59:08.0124 0x19e4  ShadowPlay - ok
21:59:08.0140 0x19e4  [ E9566B95DEF8DFE53E1BDEE3FB723BA1, F6D645138CB76F8B0DFC2B0E427A401DBA21B4ED5B0676861B988128FC8088C0 ] C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
21:59:08.0171 0x19e4  LenovoUtility - ok
21:59:08.0187 0x19e4  [ C2513AEB3F326B8811E2A37C9A7F930B, E3D9C0BB1A31367E7E3E0ED71F04068DF09F57CA293293B24D841331A1F9ADCB ] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
21:59:08.0202 0x19e4  YouCam Tray - ok
21:59:08.0202 0x19e4  [ BB73B4A6D4A9F1410563D1BA4D53E7CA, 38641DF5215C770B30FEC045D930835CF8DC72F2F6CA30A85AD08B5D6B26AD33 ] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
21:59:08.0218 0x19e4  IJNetworkScanUtility - ok
21:59:08.0218 0x19e4  [ 2199723879C9F75A709680E2935C052F, DDD5B5CC86463284D9137372CB8541D1258AC020EA811F1AD3735809F314B086 ] C:\Program Files (x86)\PDF24\pdf24.exe
21:59:08.0234 0x19e4  PDFPrint - ok
21:59:08.0249 0x19e4  [ 5033035D383051EE779349B65806D74D, B6E0A732736733F03B170EF7E33DD4941F1597BEC9A7324E52676A31117AD2DC ] C:\PROGRA~1\PTC\MKSTOO~1\bin\ncoeenv.exe
21:59:08.0249 0x19e4  NuTCSetupEnviron - ok
21:59:08.0312 0x19e4  [ 18236595E10FDB9A19117C3A1DB7F284, BCFD229FACBAB56C2475B36DC6462F5A88FB607B786C932A7973B68AE301248F ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
21:59:08.0374 0x19e4  Adobe Creative Cloud - ok
21:59:08.0437 0x19e4  [ 7F4D9442912DDFAD8F272EE4DFA7B5A1, 616D7A54ACDF6A70BE91F2A6282C526C6CBE186A410C18B0181260E715C6468A ] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe
21:59:08.0530 0x19e4  Acrobat Assistant 8.0 - ok
21:59:08.0624 0x19e4  [ 51A27200FDE64CB50C24BA53025EC344, 3D09E71953FAC133B1EFA1E103CD5B2DB4912474D19E8467EF379999206E913B ] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
21:59:08.0749 0x19e4  WD Quick View - ok
21:59:08.0796 0x19e4  [ 3614B98D721F9F9760F5A7E549281B74, 595BFD4625EF81E77B376AD6719BD783268B0B8875877EBA72773B5E3B81FFF8 ] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
21:59:08.0827 0x19e4  DBAgent - ok
21:59:08.0843 0x19e4  [ A443A7C05ABF0FCD16E89593F63B633B, 3F579132A39AEC2513CD286AB9A43534DC05F9502FD1A369126236F69EF76282 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
21:59:08.0859 0x19e4  SunJavaUpdateSched - ok
21:59:08.0874 0x19e4  [ 844AAB9272D48C99289D8C035234A4BC, DA5B21337E19F9F82F0F645AF741C89F32148B9D1AC574C72667F892BAA0561D ] C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe
21:59:08.0890 0x19e4  G Data ASM - ok
21:59:08.0921 0x19e4  OneDriveSetup - ok
21:59:08.0921 0x19e4  OneDriveSetup - ok
21:59:08.0952 0x19e4  [ 49CB055A98FDEDE685350C988D349B8B, 5AF539D8D8E88A17E9AFDC5DF2FE8F84F3E4638FF8D8C1DEBB7D44666418B33A ] C:\Users\genas_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:59:08.0999 0x19e4  OneDrive - ok
21:59:09.0077 0x19e4  [ 0AE5A2A270E6FA15175023FBCAB09C62, 6FC98E0D307E202D019EF72999AEC6104182014BF655265D0702630988EF4C81 ] C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe
21:59:09.0187 0x19e4  DAEMON Tools Lite Automount - ok
21:59:09.0218 0x19e4  [ 72BC198F29E8E32DD4BD2B32625683AB, 6BE16DBD9FE94CED59F902D135013201E8AD74516C1DA3323F0F981198AD7E76 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
21:59:09.0249 0x19e4  GarminExpressTrayApp - ok
21:59:09.0249 0x19e4  SurfEasy - ok
21:59:09.0437 0x19e4  [ 24AFAD9B4B24FD1D4BF7127A2DC78D92, 86F801B1EA39CEE3A1A1969A02D32477040982339F837AE8FAAFF68F46D78822 ] C:\Program Files\CCleaner\CCleaner64.exe
21:59:09.0655 0x19e4  CCleaner Monitoring - ok
21:59:09.0671 0x19e4  [ 20971425677FC30022125A8A820BCAF3, 32040C041378F3CA059F9A680DDB63567A2463075A18DCDC5E5FE289D115B8C3 ] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
21:59:09.0687 0x19e4  Uploader - ok
21:59:09.0734 0x19e4  [ 1B74C83AAA208FFF207540AAFD921F32, 4ECA20299E65B0250CEDB59A1A0476B08F6896B2D830A8CA0123B5B557720B99 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
21:59:09.0796 0x19e4  DAEMON Tools Lite - ok
21:59:09.0796 0x19e4  KiesPDLR.exe - ok
21:59:09.0812 0x19e4  [ 14ED0C491AAE03DFB9C471BBF36D95DE, 80599C95A022C6E341243C07A717319B5EDA2DBBFBEBB99FDC5A3C499F5C7CCC ] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe
21:59:09.0843 0x19e4  Adobe Acrobat Synchronizer - ok
21:59:09.0843 0x19e4  [ 20971425677FC30022125A8A820BCAF3, 32040C041378F3CA059F9A680DDB63567A2463075A18DCDC5E5FE289D115B8C3 ] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
21:59:09.0859 0x19e4  Uploader - ok
21:59:09.0937 0x19e4  [ 0AE5A2A270E6FA15175023FBCAB09C62, 6FC98E0D307E202D019EF72999AEC6104182014BF655265D0702630988EF4C81 ] C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe
21:59:10.0046 0x19e4  DAEMON Tools Lite Automount - ok
21:59:10.0218 0x19e4  [ 24AFAD9B4B24FD1D4BF7127A2DC78D92, 86F801B1EA39CEE3A1A1969A02D32477040982339F837AE8FAAFF68F46D78822 ] C:\Program Files\CCleaner\CCleaner64.exe
21:59:10.0405 0x19e4  CCleaner Monitoring - ok
21:59:10.0437 0x19e4  [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\Lilia\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:59:10.0640 0x19e4  OneDrive - ok
21:59:10.0640 0x19e4  OneDriveSetup - ok
21:59:10.0640 0x19e4  WAB Migrate - ok
21:59:10.0640 0x19e4  OneDriveSetup - ok
21:59:10.0640 0x19e4  Waiting for KSN requests completion. In queue: 151
21:59:11.0202 0x1c20  Object required for P2P: [ 24AFAD9B4B24FD1D4BF7127A2DC78D92 ] C:\Program Files\CCleaner\CCleaner64.exe
21:59:11.0624 0x1c20  Object send P2P result: true
21:59:11.0624 0x1c20  Object required for P2P: [ 24AFAD9B4B24FD1D4BF7127A2DC78D92 ] C:\Program Files\CCleaner\CCleaner64.exe
21:59:11.0655 0x19e4  Waiting for KSN requests completion. In queue: 6
21:59:12.0030 0x1c20  Object send P2P result: true
21:59:12.0687 0x19e4  AV detected via SS2: G DATA INTERNET SECURITY, C:\Program Files (x86)\G Data\InternetSecurity\AVK\avkwscpe.exe ( 25.1.0.0 ), 0x41000 ( enabled : updated )
21:59:12.0687 0x19e4  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x60100 ( disabled : updated )
21:59:12.0687 0x19e4  AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x61000 ( enabled : updated )
21:59:12.0687 0x19e4  FW detected via SS2: G*DATA Personal Firewall, C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe ( 22.0.0.1 ), 0x41010 ( enabled )
21:59:12.0952 0x19e4  ============================================================
21:59:12.0952 0x19e4  Scan finished
21:59:12.0952 0x19e4  ============================================================
21:59:12.0952 0x3410  Detected object count: 0
21:59:12.0952 0x3410  Actual detected object count: 0
         

Alt 10.09.2017, 10:15   #7
M-K-D-B
/// TB-Ausbilder
 
Trojaner Verdacht, Win10 64bit - Standard

Trojaner Verdacht, Win10 64bit



Servus,





Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Image File Execution Options Schlüssel
    • Tracing Schlüssel
    • Prefetch Dateien
    • Proxy
    • Winsock
    • Firewall
    • IE Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist. Am Ende des Suchlaufs öffnet sich automatisch eine Logdatei. Schließe diese.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Klicke am Ende der Bereinigung auf Jetzt neu starten. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.





Schritt 3
  • Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die zwei neuen Logdateien von FRST.
__________________
Gruß
M-K-D-B



Das Trojaner-Board unterstützen

Alt 10.09.2017, 13:43   #8
Gewin
 
Trojaner Verdacht, Win10 64bit - Standard

Trojaner Verdacht, Win10 64bit



Servus,

AdwCleaner

Code:
ATTFilter
# AdwCleaner 7.0.2.1 - Logfile created on Sun Sep 10 12:37:25 2017
# Updated on 2017/29/08 by Malwarebytes 
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Program Files (x86)\yuna software
Deleted: C:\Users\genas_000\AppData\Roaming\FLV and Media Player
Deleted: C:\Users\Gena_2\AppData\Roaming\FLV and Media Player
Deleted: C:\Users\genas_000\AppData\Roaming\RHEng


***** [ Files ] *****

Deleted: C:\Users\All Users\Desktop\FLV and Media Player.lnk
Deleted: C:\Users\Public\Desktop\FLV and Media Player.lnk


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV and Media Player
Deleted: [Key] - HKLM\SOFTWARE\yuna software
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Image File Execution Options%s keys deleted
::Prefetch files deleted
::Proxy settings cleared
::Firewall rules cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1543 B] - [2017/9/10 12:36:21]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
         

Alt 10.09.2017, 14:01   #9
Gewin
 
Trojaner Verdacht, Win10 64bit - Standard

Trojaner Verdacht, Win10 64bit



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-09-2017
durchgeführt von *************** (Administrator) auf BIGCOM (10-09-2017 14:59:36)
Gestartet von C:\Users\Gena_2\Downloads
Geladene Profile: *************** & Gena_2 (Verfügbare Profile: *************** & Gena_2 & Lilia & Gast & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(MKS Software Inc.) C:\Windows\System32\nutsrv4.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
() C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
() C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-16] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2014-02-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [101360 2014-02-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM\...\Run: [USB Safely Remove] => "C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe" /startup
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-28] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [NuTCSetupEnviron] => C:\Program Files\PTC\MKS Toolkit\bin\ncoeenv.exe [37248 2012-10-12] (MKS Software Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-07-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-07-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-05-10] (Seagate Technology LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [442856 2017-06-08] (G DATA Software AG)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4295360 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-05-18] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [SurfEasy] => C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyVPN.exe startup
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-05-10] (Seagate Technology LLC)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[C0].tx
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\MountPoints2: {50b30d4b-8405-11e6-bf7b-fcf8ae9ac78d} - "E:\run.exe" 
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\MountPoints2: {cba4bbd6-565a-11e6-bf56-fcf8ae9ac78d} - "J:\HPLauncher.exe" 
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2352832 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe [763416 2017-07-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-05-10] (Seagate Technology LLC)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4295360 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Polar Sync] => *:\program files\polar\polar sync\********************************************************************************************************************************************************************** (Der Dateneintrag hat 59 mehr Zeichen).
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\MountPoints2: {be3b4032-83bd-11e6-bf7a-fcf8ae9ac78d} - "I:\start-win.exe" 
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-05-18] (Garmin Ltd. or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2014-02-11]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Motion Control.lnk [2014-02-11]
ShortcutTarget: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe ()
Startup: C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZenMate.bat [2017-08-13] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2be6f6e2-00a5-4ce8-95ef-87a8efc7ebb5}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3a45b7cf-7020-4447-8c63-994d33d62839}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=625119&clcid=0x419
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=625119&clcid=0x419
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U280DF&PC=U280&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> {26B3CAA3-DAC0-4C35-B5A8-06D7ABF7F9C4} URL = 
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> {26B3CAA3-DAC0-4C35-B5A8-06D7ABF7F9C4} URL = 
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-19] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-19] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-12-15] (DVDVideoSoft Ltd.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-07-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle Corporation)
BHO-x32: IE 4.x-6.x BHO for Download Master -> {9961627E-4059-41B4-8E0E-A7D6B3854ADF} -> C:\Program Files (x86)\Download Master\dmiehlp.dll [2014-12-29] (WestByte)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-07-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2016-01-19] (DVDVideoSoft Ltd.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-04-05] (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\genas_000\AppData\Roaming\Mozilla\Firefox\Profiles\30yofb6a.default-1460833065739 [2017-09-06]
FF Extension: (SaveFrom.net helper) - C:\Users\genas_000\AppData\Roaming\Mozilla\Firefox\Profiles\30yofb6a.default-1460833065739\Extensions\helper-sig@savefrom.net.xpi [2017-07-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-08-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-27] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-07-13] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-27] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\CanonBJ\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-04] (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-07-19] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-08-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-07-13] (Adobe Systems)
FF Plugin-x32: Sony Corporation/PMCADownloader -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\npPMCADownloader.dll [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderHelper -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\PMCADownloaderHelper.exe [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderLib -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\PMCADownloaderLib.dll [2012-10-17] (Sony Network Entertainment International LLC)

Chrome: 
=======
CHR HomePage: Default -> bing.com/?pc=__PARAM__
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default [2017-09-10]
CHR Extension: (Google Präsentationen) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-12]
CHR Extension: (Google Docs) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-12]
CHR Extension: (Google Drive) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-12]
CHR Extension: (YouTube) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-12]
CHR Extension: (Adobe Acrobat) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-12]
CHR Extension: (Google Tabellen) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-12]
CHR Extension: (Google Docs Offline) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-12]
CHR Extension: (Skype) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-01-12]
CHR Extension: (Bing) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfedoihopcjdfjihhhojdclnfdgomdho [2017-01-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-12]
CHR Extension: (PlayMemories Camera Apps Downloader) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlghnkgcadghcdodlcjfhogekonhdei [2017-01-12]
CHR Extension: (Google Mail) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-12]
CHR Extension: (Chrome Media Router) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-12]
CHR HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-07-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-07-13] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [5017224 2017-06-23] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [3328112 2017-06-08] (G Data Software AG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3705536 2017-07-03] (Microsoft Corporation)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [432528 2013-04-17] (Nuance Communications, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [437224 2016-10-27] (Digital Wave Ltd.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2017-07-06] () [Datei ist nicht signiert]
S3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1458368 2016-06-09] (Disc Soft Ltd)
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1093136 2017-05-18] (Garmin Ltd. or its subsidiaries)
S3 GDBackupSvc; C:\Program Files (x86)\G Data\InternetSecurity\AVKBackup\AVKBackupService.exe [3997160 2017-06-23] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3419552 2017-06-08] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [884328 2017-06-08] (G DATA Software AG)
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] ()
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-06-05] (Lenovo Group Limited)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-09] (Intel Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-08-16] () [Datei ist nicht signiert]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NuTCRACKERService; C:\WINDOWS\system32\nutsrv4.exe [574776 2012-10-12] (MKS Software Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16120 2017-05-10] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143560 2017-05-10] (Seagate Technology LLC)
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [35272 2016-05-04] (SHAREit Technologies Co.Ltd)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 SurfEasyVPN; C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe [1663368 2017-03-14] ()
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-06-09] ()
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-08-01] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 dcrypt; C:\WINDOWS\System32\drivers\dcrypt.sys [210632 2014-07-09] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-09-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-09-26] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] ()
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [109568 2013-01-25] (Huawei Technologies Co., Ltd.)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [200728 2017-08-13] (G Data Software AG)
R3 gddcd; C:\WINDOWS\System32\drivers\gddcd64.sys [79872 2015-03-23] (G Data Software AG)
R1 gddcv; C:\WINDOWS\System32\drivers\gddcv64.sys [59904 2015-03-23] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2017-02-20] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [46104 2017-08-13] (G Data Software AG)
R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [38984 2017-08-13] (G DATA Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [309784 2017-08-13] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [162328 2017-08-13] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [86584 2017-08-13] (G DATA Software AG)
S3 GRD; C:\WINDOWS\system32\drivers\GRD.sys [125640 2017-09-10] (G Data Software)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [157720 2017-08-13] (G Data Software AG)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [121728 2013-12-10] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\system32\DRIVERS\ew_wwanecm.sys [376704 2013-12-10] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-09-08] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-10] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-10] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-10] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.)
S3 MosIrUsb; C:\WINDOWS\System32\drivers\MosIrUsb.sys [27648 2007-10-11] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3776792 2015-06-22] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_e512e33140587627\nvlddmkm.sys [14841784 2017-04-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-05-03] (NVIDIA Corporation)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [759552 2015-09-21] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-16] (Realtek Semiconductor Corp.)
S3 SD11CL64; C:\WINDOWS\system32\DRIVERS\SD11CL64.sys [96512 2011-01-24] (SCM Microsystems Inc.)
S3 SDI01164; C:\WINDOWS\system32\DRIVERS\SDI01164.SYS [75904 2011-01-24] (SCM Microsystems Inc.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2017-03-21] (Anchorfree Inc.)
R0 TS4NT; C:\WINDOWS\System32\Drivers\TS4nt.sys [98760 2015-03-23] (G Data Software)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-09-10] ()
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
U3 dmwappushsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-10 14:58 - 2017-09-10 14:58 - 002396160 _____ (Farbar) C:\Users\Gena_2\Downloads\FRST64.exe
2017-09-10 14:58 - 2017-09-10 14:58 - 000000000 ____D C:\Users\Gena_2\Downloads\FRST-OlderVersion
2017-09-10 14:55 - 2017-09-10 14:55 - 000001436 _____ C:\Users\Gena_2\Desktop\mbam.txt
2017-09-10 14:51 - 2017-09-10 14:51 - 000000022 _____ C:\WINDOWS\S.dirmngr
2017-09-10 14:49 - 2017-09-10 14:49 - 000001436 _____ C:\Users\Gena_2\Desktop\mb.txt
2017-09-10 14:32 - 2017-09-10 14:37 - 000000000 ____D C:\AdwCleaner
2017-09-10 14:29 - 2017-09-10 14:32 - 008182736 _____ (Malwarebytes) C:\Users\Gena_2\Desktop\adwcleaner_7.0.2.1.exe
2017-09-09 23:01 - 2017-09-09 23:04 - 390343134 _____ C:\Users\Gena_2\Downloads\2012_[www.youryoga.org].AVI
2017-09-09 22:53 - 2017-09-09 22:59 - 829020160 _____ C:\Users\Gena_2\Downloads\4-vid_[www.youryoga.org].avi
2017-09-09 21:57 - 2017-09-09 22:03 - 000130884 _____ C:\TDSSKiller.3.1.0.15_09.09.2017_21.57.24_log.txt
2017-09-09 21:54 - 2017-09-09 21:57 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Gena_2\Downloads\tdsskiller.exe
2017-09-09 21:45 - 2017-09-10 14:59 - 000041036 _____ C:\Users\Gena_2\Downloads\FRST.txt
2017-09-09 21:45 - 2017-09-09 21:51 - 000080254 _____ C:\Users\Gena_2\Downloads\Addition.txt
2017-09-08 23:26 - 2017-09-08 23:26 - 000000000 ____D C:\Users\Gena_2\Desktop\txt
2017-09-08 22:11 - 2017-09-08 22:11 - 000001456 _____ C:\Users\Gena_2\Desktop\Start Tor Browser.lnk
2017-09-08 21:56 - 2017-09-10 14:51 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-08 21:56 - 2017-09-10 14:51 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-08 21:56 - 2017-09-10 14:51 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-08 21:56 - 2017-09-10 14:51 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-08 21:56 - 2017-09-08 21:56 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-08 21:56 - 2017-09-08 21:56 - 000001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-08 21:56 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-08 21:55 - 2017-09-08 21:55 - 066347240 _____ (Malwarebytes ) C:\Users\Gena_2\Downloads\mb3-setup-consumer-3.2.2.2018.exe
2017-09-08 21:33 - 2017-09-08 21:47 - 000079617 _____ C:\Users\genas_000\Downloads\Addition.txt
2017-09-08 21:32 - 2017-09-10 14:59 - 000000000 ____D C:\FRST
2017-09-08 21:32 - 2017-09-08 21:45 - 000100731 _____ C:\Users\genas_000\Downloads\FRST.txt
2017-09-08 21:29 - 2017-09-08 21:32 - 002395648 _____ (Farbar) C:\Users\genas_000\Downloads\FRST64.exe
2017-09-08 21:20 - 2017-09-08 21:20 - 007178424 _____ (VS Revo Group ) C:\Users\genas_000\Downloads\revosetup_v2.0.3.exe
2017-09-08 21:05 - 2017-09-08 21:05 - 000000970 _____ C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-09-08 21:05 - 2017-09-08 21:05 - 000000922 _____ C:\Users\genas_000\Desktop\Start Tor Browser.lnk
2017-09-08 21:04 - 2017-09-08 21:05 - 000000000 ____D C:\Users\genas_000\Desktop\Tor Browser
2017-09-08 19:04 - 2017-09-10 14:51 - 000094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-09-08 15:57 - 2017-09-08 15:57 - 000007290 _____ C:\Users\Gena_2\AppData\Local\recently-used.xbel
2017-09-08 15:57 - 2017-09-08 15:57 - 000000037 _____ C:\Users\Gena_2\.gtk-bookmarks
2017-09-07 19:59 - 2017-09-10 14:53 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2017-09-06 16:22 - 2017-09-06 20:25 - 001314861 _____ () C:\hoe.dll
2017-09-06 16:01 - 2017-09-06 16:01 - 000002447 _____ C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-04 20:54 - 2017-09-04 20:54 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign24b0aab944a0f2f8
2017-09-04 20:53 - 2017-09-04 20:53 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign7e4b5e0ba9a3c64c
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignfed5aacc0dc13da6
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign41a2d2e3a16ca90a
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign0ce8cd98bb0e703f
2017-09-03 19:24 - 2017-09-03 19:24 - 000184837 _____ C:\Users\Gena_2\Documents\Paracelsus-Versand.pdf
2017-09-02 23:31 - 2017-09-02 23:31 - 001781226 _____ C:\Users\Gena_2\Documents\Ahnenblatt-Handbuch.pdf
2017-09-02 20:38 - 2017-09-06 21:16 - 000000000 ____D C:\Users\Gena_2\Documents\Ahnenblatt
2017-09-02 20:38 - 2017-09-06 19:22 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 20:38 - 000000000 ____D C:\Users\genas_000\AppData\Roaming\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000001175 _____ C:\Users\Public\Desktop\Ahnenblatt.lnk
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\Users\genas_000\Documents\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\Program Files (x86)\Ahnenblatt
2017-09-02 16:59 - 2017-09-02 16:59 - 007164912 _____ (Dirk Böttcher ) C:\Users\Gena_2\Downloads\absetup.exe
2017-08-24 18:54 - 2017-08-24 18:54 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2017-08-24 18:54 - 2017-08-24 18:54 - 000002220 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2017-08-22 21:09 - 2017-09-10 14:51 - 000034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-08-19 13:15 - 2017-08-19 13:15 - 000000000 ____D C:\Users\genas_000\AppData\Local\keepassx
2017-08-19 13:14 - 2017-08-19 13:14 - 000000000 ____D C:\Users\Gena_2\Downloads\KeePassX-2.0.3
2017-08-19 13:12 - 2017-08-19 13:12 - 000000801 _____ C:\Users\Gena_2\Downloads\KeePassX-2.0.3.zip.sig
2017-08-19 11:38 - 2017-08-24 21:06 - 000000000 ____D C:\Users\Gena_2\Downloads\windows
2017-08-14 18:28 - 2017-08-14 18:28 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign1b4a29de636be42f
2017-08-14 18:23 - 2017-08-14 18:23 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignc0bab0ec0cf11e06
2017-08-14 18:17 - 2017-08-14 18:17 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign991be756ff36d9ed
2017-08-14 18:16 - 2017-08-14 18:16 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignad11cc61bf043d49
2017-08-14 18:16 - 2017-08-14 18:16 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsigna9351cf5d5af130d
2017-08-14 18:15 - 2017-08-14 18:15 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign880927f307097e96
2017-08-14 18:15 - 2017-08-14 18:15 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign68131fe99be3bf8d
2017-08-13 12:46 - 2017-08-13 12:46 - 001781359 _____ (pendrivelinux.com) C:\Users\Gena_2\Downloads\Universal-USB-Installer.exe
2017-08-13 12:17 - 2017-09-10 14:46 - 000125640 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2017-08-13 12:17 - 2017-08-13 12:17 - 000037544 _____ (G DATA Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000086584 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000046104 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBB64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000038984 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000002102 _____ C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2017-08-13 10:45 - 2017-08-13 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2017-08-13 10:43 - 2017-08-13 10:43 - 000309784 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000200728 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000162328 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000157720 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2017-08-13 10:35 - 2017-08-13 10:36 - 014890128 _____ (G DATA Software AG) C:\Users\Gena_2\Downloads\GDATA_INTERNETSECURITY_WEB_WEU.exe
2017-08-13 00:19 - 2017-08-13 00:19 - 001781359 _____ (pendrivelinux.com) C:\Users\genas_000\Downloads\Universal-USB-Installer.exe
2017-08-13 00:16 - 2017-08-13 00:16 - 000506984 _____ C:\Users\Gena_2\Documents\GDataSettings.gds
2017-08-12 23:22 - 2017-08-12 23:22 - 000459593 _____ C:\Users\Gena_2\Downloads\tails-signing.key
2017-08-12 22:30 - 2017-09-08 21:55 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\gnupg
2017-08-12 22:30 - 2017-08-12 22:33 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\.kde
2017-08-12 22:30 - 2017-08-12 22:30 - 000002063 _____ C:\Users\Public\Desktop\Kleopatra.lnk
2017-08-12 22:30 - 2017-08-12 22:30 - 000001203 _____ C:\Users\Public\Desktop\GPA.lnk
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\Users\Public\Desktop\Документация Gpg4win
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\Users\Gena_2\AppData\Local\GNU
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gpg4win
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\Users\genas_000\AppData\Roaming\gnupg
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\ProgramData\GNU
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\Program Files (x86)\GNU
2017-08-12 21:20 - 2017-08-12 21:20 - 054531880 _____ C:\Users\Gena_2\Downloads\torbrowser-install-7.0.4_ru.exe
2017-08-12 20:47 - 2017-08-12 20:47 - 018239617 _____ C:\Users\Gena_2\Downloads\i2pinstall_0.9.31_windows.exe
2017-08-12 20:07 - 2017-08-12 20:07 - 018583016 _____ (freenetproject.org ) C:\Users\Gena_2\Downloads\FreenetInstaller-1478.exe
2017-08-12 18:22 - 2017-08-12 18:22 - 033954414 _____ C:\Users\Gena_2\Downloads\Bitmessage_x64_0.6.2.exe
2017-08-12 18:12 - 2017-08-12 18:12 - 001468831 _____ C:\Users\Gena_2\Downloads\dcrypt_1.1.846.118_src.zip
2017-08-12 18:12 - 2017-08-12 18:12 - 001001880 _____ (hxxp://diskcryptor.net/ ) C:\Users\Gena_2\Downloads\dcrypt_setup.exe
2017-08-12 18:12 - 2017-08-12 18:12 - 000000836 _____ C:\Users\genas_000\Desktop\DiskCryptor.lnk
2017-08-12 18:12 - 2017-08-12 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCryptor
2017-08-12 18:12 - 2017-08-12 18:12 - 000000000 ____D C:\Program Files\dcrypt
2017-08-12 18:12 - 2014-07-09 10:42 - 000210632 _____ C:\WINDOWS\system32\Drivers\dcrypt.sys
2017-08-12 16:57 - 2017-08-13 01:11 - 000000000 ____D C:\Users\Gena_2\AppData\Local\ZenMate
2017-08-12 16:57 - 2017-08-13 00:53 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZenGuard GmbH
2017-08-12 16:57 - 2017-08-12 16:57 - 000000000 ____D C:\Users\Gena_2\AppData\Local\SquirrelTemp
2017-08-12 16:57 - 2017-08-12 16:57 - 000000000 ____D C:\Users\Gena_2\AppData\Local\IsolatedStorage
2017-08-12 16:47 - 2017-08-12 16:47 - 014932432 _____ (AnchorFree Inc.) C:\Users\Gena_2\Downloads\HotspotShield-6.9.2-9040555.exe
2017-08-12 15:25 - 2017-08-12 15:25 - 083516376 _____ (GitHub, Inc.) C:\Users\Gena_2\Downloads\GitHubDesktopSetup.exe
2017-08-12 14:34 - 2017-08-12 14:34 - 023584794 _____ (Tox) C:\Users\Gena_2\Downloads\setup-qtox64-1.11.0.exe
2017-08-11 23:06 - 2017-08-11 23:06 - 006492712 _____ C:\Users\Gena_2\Downloads\BleachBit-1.12-setup.exe
2017-08-11 21:34 - 2017-08-19 13:12 - 007941944 _____ C:\Users\Gena_2\Downloads\KeePassX-2.0.3.zip
2017-08-11 19:39 - 2017-08-12 18:09 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_setup.exe.asc
2017-08-11 19:39 - 2017-08-11 19:39 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_winpe.zip.asc
2017-08-11 19:39 - 2017-08-11 19:39 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_1.1.846.118_src.zip.asc
2017-08-11 19:09 - 2017-08-01 21:21 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-11 19:09 - 2017-08-01 21:20 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-08-11 19:09 - 2017-08-01 20:32 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-11 19:09 - 2017-08-01 20:27 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-08-11 19:09 - 2017-08-01 20:27 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-08-11 19:09 - 2017-08-01 19:20 - 002264344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-11 19:09 - 2017-08-01 19:20 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-08-11 19:09 - 2017-08-01 19:20 - 000781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-11 19:09 - 2017-08-01 19:20 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000577976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000339896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000266080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-11 19:09 - 2017-08-01 19:19 - 000120416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-11 19:09 - 2017-08-01 19:18 - 000139104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-11 19:09 - 2017-08-01 19:16 - 006665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-11 19:09 - 2017-08-01 19:16 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-08-11 19:09 - 2017-08-01 19:16 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-08-11 19:09 - 2017-08-01 19:10 - 000306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-08-11 19:09 - 2017-08-01 19:07 - 005686784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-11 19:09 - 2017-08-01 18:59 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-11 19:09 - 2017-08-01 18:58 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-08-11 19:09 - 2017-08-01 18:56 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-08-11 19:09 - 2017-08-01 18:56 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-08-11 19:09 - 2017-08-01 18:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-11 19:09 - 2017-08-01 18:54 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-08-11 19:09 - 2017-08-01 18:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-08-11 19:09 - 2017-08-01 18:54 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-11 19:09 - 2017-08-01 18:53 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-08-11 19:09 - 2017-08-01 18:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2017-08-11 19:09 - 2017-08-01 18:52 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-11 19:09 - 2017-08-01 18:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-11 19:09 - 2017-08-01 18:50 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-08-11 19:09 - 2017-08-01 18:49 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-11 19:09 - 2017-08-01 18:48 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-08-11 19:09 - 2017-08-01 18:48 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-08-11 19:09 - 2017-08-01 18:45 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-08-11 19:09 - 2017-08-01 18:45 - 001985536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certmgr.dll
2017-08-11 19:09 - 2017-08-01 18:41 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-08-11 19:09 - 2017-08-01 18:39 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-11 19:09 - 2017-08-01 18:39 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-11 19:09 - 2017-08-01 18:38 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-08-11 19:09 - 2017-08-01 18:37 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comuid.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-08-11 19:09 - 2017-08-01 18:36 - 007468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-08-11 19:09 - 2017-08-01 18:35 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-08-11 19:09 - 2017-08-01 18:33 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-08-11 19:09 - 2017-08-01 18:32 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-08-11 19:09 - 2017-08-01 18:32 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-08-11 19:09 - 2017-08-01 18:31 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 002997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-11 19:09 - 2017-08-01 18:30 - 002482688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-08-11 19:09 - 2017-08-01 18:29 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-08-11 19:09 - 2017-08-01 18:28 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-11 19:09 - 2017-07-12 08:17 - 000081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-08-11 19:09 - 2017-07-12 08:15 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-08-11 19:09 - 2017-07-12 08:12 - 001573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-08-11 19:09 - 2017-07-12 08:01 - 000715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-08-11 19:09 - 2017-07-12 08:00 - 000095584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2017-08-11 19:09 - 2017-07-12 07:56 - 000277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-11 19:09 - 2017-07-12 07:55 - 000607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-08-11 19:09 - 2017-07-12 07:55 - 000111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-08-11 19:09 - 2017-07-12 07:52 - 004312760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-08-11 19:09 - 2017-07-12 07:35 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dabapi.dll
2017-08-11 19:09 - 2017-07-12 07:32 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2017-08-11 19:09 - 2017-07-12 07:32 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\frprov.dll
2017-08-11 19:09 - 2017-07-12 07:31 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-11 19:09 - 2017-07-12 07:31 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2017-08-11 19:09 - 2017-07-12 07:30 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2017-08-11 19:09 - 2017-07-12 07:29 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-08-11 19:09 - 2017-07-12 07:29 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\httpapi.dll
2017-08-11 19:09 - 2017-07-12 07:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-08-11 19:09 - 2017-07-12 07:24 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys
2017-08-11 19:09 - 2017-07-12 07:23 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-11 19:09 - 2017-07-12 07:23 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-08-11 19:09 - 2017-07-12 07:21 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-11 19:09 - 2017-07-12 07:21 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2017-08-11 19:09 - 2017-07-12 07:19 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-08-11 19:09 - 2017-07-12 07:18 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-08-11 19:09 - 2017-07-12 07:15 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-11 19:09 - 2017-07-12 07:15 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsium.dll
2017-08-11 19:09 - 2017-07-12 07:14 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-11 19:09 - 2017-07-12 07:13 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-11 19:09 - 2017-07-12 07:12 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-08-11 19:09 - 2017-07-12 07:11 - 002154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-08-11 19:09 - 2017-07-12 07:10 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-11 19:09 - 2017-07-12 07:10 - 000546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-08-11 19:09 - 2017-07-12 07:09 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-08-11 19:09 - 2017-07-12 07:07 - 001572352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-08-11 19:09 - 2017-07-12 07:05 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-11 19:09 - 2017-07-12 04:49 - 000448629 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-08-11 19:09 - 2017-03-04 08:05 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-08-11 19:08 - 2017-08-01 21:32 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-08-11 19:08 - 2017-08-01 21:31 - 007780192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-11 19:08 - 2017-08-01 21:29 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-11 19:08 - 2017-08-01 21:27 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-11 19:08 - 2017-08-01 21:25 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-08-11 19:08 - 2017-08-01 21:22 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-08-11 19:08 - 2017-08-01 21:22 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 002759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-11 19:08 - 2017-08-01 21:21 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-08-11 19:08 - 2017-08-01 21:21 - 000295264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-08-11 19:08 - 2017-08-01 21:21 - 000124072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 000026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-08-11 19:08 - 2017-08-01 21:20 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000684344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000383776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000144736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-11 19:08 - 2017-08-01 21:20 - 000079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-11 19:08 - 2017-08-01 21:18 - 008169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 004260064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 022220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-08-11 19:08 - 2017-08-01 21:13 - 002532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-11 19:08 - 2017-08-01 21:13 - 001102176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-08-11 19:08 - 2017-08-01 21:13 - 000387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-11 19:08 - 2017-08-01 21:01 - 007218176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-11 19:08 - 2017-08-01 20:57 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-08-11 19:08 - 2017-08-01 20:54 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-11 19:08 - 2017-08-01 20:53 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 022569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-11 19:08 - 2017-08-01 20:51 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-11 19:08 - 2017-08-01 20:50 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-11 19:08 - 2017-08-01 20:48 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-08-11 19:08 - 2017-08-01 20:48 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-08-11 19:08 - 2017-08-01 20:48 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-11 19:08 - 2017-08-01 20:47 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-08-11 19:08 - 2017-08-01 20:46 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-11 19:08 - 2017-08-01 20:46 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-11 19:08 - 2017-08-01 20:45 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-11 19:08 - 2017-08-01 20:44 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-11 19:08 - 2017-08-01 20:44 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-11 19:08 - 2017-08-01 20:42 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-11 19:08 - 2017-08-01 20:42 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-11 19:08 - 2017-08-01 20:41 - 002222080 _____ (Microsoft Corporation) C:\WINDOWS\system32\certmgr.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 001281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-11 19:08 - 2017-08-01 20:38 - 013441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-08-11 19:08 - 2017-08-01 20:38 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-08-11 19:08 - 2017-08-01 20:37 - 013091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-11 19:08 - 2017-08-01 20:36 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-11 19:08 - 2017-08-01 20:36 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-08-11 19:08 - 2017-08-01 20:35 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-11 19:08 - 2017-08-01 20:34 - 001837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-08-11 19:08 - 2017-08-01 20:32 - 008114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-11 19:08 - 2017-08-01 20:32 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-08-11 19:08 - 2017-08-01 20:32 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 004743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-11 19:08 - 2017-08-01 20:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-08-11 19:08 - 2017-08-01 20:28 - 001490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 008076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-08-11 19:08 - 2017-08-01 20:26 - 001513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-11 19:08 - 2017-08-01 20:26 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-08-11 19:08 - 2017-08-01 20:25 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-08-11 19:08 - 2017-08-01 20:24 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-08-11 19:08 - 2017-08-01 20:23 - 003615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-11 19:08 - 2017-08-01 20:23 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-08-11 19:08 - 2017-08-01 18:51 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-11 19:08 - 2017-08-01 18:47 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-08-11 19:08 - 2017-08-01 18:47 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-11 19:08 - 2017-08-01 18:42 - 018364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-11 19:08 - 2017-08-01 18:40 - 019415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-11 19:08 - 2017-08-01 18:40 - 012187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-11 19:08 - 2017-08-01 18:37 - 012349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-08-11 19:08 - 2017-08-01 18:33 - 006031872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-11 19:08 - 2017-08-01 18:31 - 003664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-11 19:08 - 2017-07-12 08:16 - 000646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-08-11 19:08 - 2017-07-12 08:15 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-11 19:08 - 2017-07-12 08:15 - 000101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll
2017-08-11 19:08 - 2017-07-12 08:14 - 001886896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-08-11 19:08 - 2017-07-12 08:13 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-11 19:08 - 2017-07-12 08:12 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-11 19:08 - 2017-07-12 08:09 - 001181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-08-11 19:08 - 2017-07-12 08:02 - 002186592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-11 19:08 - 2017-07-12 08:02 - 000402776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-08-11 19:08 - 2017-07-12 08:01 - 000156000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2017-08-11 19:08 - 2017-07-12 08:00 - 000223072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-08-11 19:08 - 2017-07-12 08:00 - 000160608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2017-08-11 19:08 - 2017-07-12 07:59 - 001100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-08-11 19:08 - 2017-07-12 07:59 - 000989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-08-11 19:08 - 2017-07-12 07:59 - 000947040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-08-11 19:08 - 2017-07-12 07:59 - 000857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-08-11 19:08 - 2017-07-12 07:59 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-08-11 19:08 - 2017-07-12 07:55 - 004674872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-08-11 19:08 - 2017-07-12 07:25 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2017-08-11 19:08 - 2017-07-12 07:24 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2017-08-11 19:08 - 2017-07-12 07:24 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dabapi.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-08-11 19:08 - 2017-07-12 07:23 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-08-11 19:08 - 2017-07-12 07:23 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\frprov.dll
2017-08-11 19:08 - 2017-07-12 07:22 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2017-08-11 19:08 - 2017-07-12 07:20 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpapi.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-11 19:08 - 2017-07-12 07:17 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-08-11 19:08 - 2017-07-12 07:17 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-08-11 19:08 - 2017-07-12 07:16 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-08-11 19:08 - 2017-07-12 07:16 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-11 19:08 - 2017-07-12 07:15 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-08-11 19:08 - 2017-07-12 07:13 - 001478656 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-11 19:08 - 2017-07-12 07:12 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-11 19:08 - 2017-07-12 07:12 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-08-11 19:08 - 2017-07-12 07:12 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsium.dll
2017-08-11 19:08 - 2017-07-12 07:11 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-11 19:08 - 2017-07-12 07:10 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-11 19:08 - 2017-07-12 07:09 - 003291136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-08-11 19:08 - 2017-07-12 07:08 - 002861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-08-11 19:08 - 2017-07-12 07:07 - 000954880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-11 19:08 - 2017-07-12 07:07 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-08-11 19:08 - 2017-07-12 07:03 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-11 19:08 - 2017-07-12 07:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-11 19:08 - 2017-07-12 07:02 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-11 19:08 - 2017-07-12 07:01 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-11 19:08 - 2017-07-12 07:01 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-08-11 19:08 - 2017-07-12 07:00 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-08-11 19:08 - 2017-07-12 06:59 - 006664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-08-11 19:08 - 2017-07-12 06:59 - 002318336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-11 19:08 - 2017-07-12 06:59 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 001130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-11 19:08 - 2017-07-12 06:57 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-11 19:08 - 2017-07-12 06:56 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-08-11 19:08 - 2017-03-04 08:57 - 000372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-08-11 19:08 - 2017-03-04 08:16 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-08-11 19:08 - 2017-03-04 08:14 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-08-11 19:08 - 2017-03-04 08:07 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-08-11 19:08 - 2017-03-04 08:05 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-08-11 19:08 - 2016-08-02 10:13 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-11 19:01 - 2016-09-07 07:24 - 000057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-08-11 18:50 - 2017-09-08 21:04 - 054567688 _____ C:\Users\Gena_2\Downloads\torbrowser-install-7.0.4_de.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-10 14:58 - 2016-11-16 19:56 - 000273195 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-09-10 14:58 - 2016-07-17 00:51 - 001590344 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-10 14:58 - 2016-07-17 00:51 - 001097880 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-10 14:58 - 2015-08-07 21:06 - 005868644 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-10 14:55 - 2016-09-17 14:50 - 000000000 ____D C:\Users\Gena_2\Documents\Outlook-Dateien
2017-09-10 14:55 - 2016-09-13 21:35 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-10 14:55 - 2014-07-22 18:47 - 000000000 ____D C:\Users\genas_000\Documents\Outlook-Dateien
2017-09-10 14:53 - 2016-09-13 21:34 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-09-10 14:53 - 2016-05-27 13:54 - 000000000 ___RD C:\Users\Gena_2\Creative Cloud Files
2017-09-10 14:53 - 2014-07-23 21:46 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Adobe
2017-09-10 14:53 - 2014-07-23 17:42 - 000000000 __SHD C:\Users\Gena_2\IntelGraphicsProfiles
2017-09-10 14:51 - 2016-09-13 21:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-10 14:50 - 2016-07-16 08:04 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2017-09-10 14:44 - 2016-07-16 08:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-09-09 23:54 - 2016-09-13 21:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-08 15:57 - 2016-09-13 21:36 - 000000000 ____D C:\Users\Gena_2
2017-09-08 15:57 - 2015-03-07 17:49 - 000000000 ____D C:\Users\Gena_2\AppData\Local\gtk-2.0
2017-09-06 19:51 - 2016-12-20 23:21 - 000000000 ____D C:\Users\genas_000\AppData\LocalLow\Mozilla
2017-09-06 16:06 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-06 16:01 - 2017-07-23 12:18 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4288807228-2172792055-1580508024-1002
2017-09-06 16:01 - 2014-07-23 17:23 - 000000000 __RDO C:\Users\genas_000\OneDrive
2017-09-06 15:59 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-06 15:54 - 2014-07-23 17:58 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\DAEMON Tools Lite
2017-09-06 15:50 - 2017-05-24 21:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-04 21:02 - 2016-09-25 23:00 - 000332800 ___SH C:\Users\Gena_2\Desktop\Thumbs.db
2017-09-01 23:29 - 2014-07-23 21:11 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-09-01 21:51 - 2014-07-22 16:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-01 21:43 - 2016-11-24 19:07 - 000000000 ____D C:\Users\Gena_2\AppData\LocalLow\Mozilla
2017-08-29 15:45 - 2015-12-03 11:46 - 000002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-29 15:45 - 2015-12-03 11:46 - 000002223 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-27 14:07 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-27 14:07 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-27 14:06 - 2014-08-24 11:17 - 000000000 ____D C:\Users\genas_000\AppData\Local\Adobe
2017-08-24 21:11 - 2014-07-22 13:17 - 000000000 ____D C:\Users\genas_000\AppData\Local\Packages
2017-08-24 18:54 - 2015-03-07 17:33 - 000000000 ____D C:\Program Files (x86)\Google
2017-08-23 17:40 - 2014-07-23 17:42 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Packages
2017-08-19 11:57 - 2016-04-09 13:41 - 000000000 ____D C:\Users\Gena_2\AppData\Local\CrashDumps
2017-08-15 21:10 - 2017-05-21 16:23 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Garmin
2017-08-13 10:48 - 2014-08-07 17:32 - 000000000 ____D C:\ProgramData\G Data
2017-08-13 10:42 - 2016-07-16 13:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-08-13 10:42 - 2014-08-07 17:33 - 000000000 ____D C:\Program Files (x86)\G Data
2017-08-13 00:24 - 2016-09-13 21:36 - 000000000 ____D C:\Users\genas_000
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2017-08-13 00:17 - 2014-04-30 17:43 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-12 23:54 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF
2017-08-12 15:55 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\rescache
2017-08-12 11:16 - 2016-11-06 19:08 - 000000000 ____D C:\Users\Lilia
2017-08-12 11:16 - 2016-09-13 21:36 - 000000000 ____D C:\Users\Gast
2017-08-12 11:15 - 2016-09-13 21:33 - 000341032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ___RD C:\Program Files\Windows Defender
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\Provisioning
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\bcastdvr
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-08-11 19:18 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-07-22 13:18 - 2014-07-23 16:52 - 000005244 _____ () C:\Users\genas_000\AppData\Roaming\AbsoluteReminder.xml
2014-08-07 17:33 - 2014-08-07 17:33 - 000000000 _____ () C:\Users\genas_000\AppData\Roaming\gdfw.log
2014-08-07 17:33 - 2017-08-13 10:43 - 000001558 _____ () C:\Users\genas_000\AppData\Roaming\gdscan.log
2006-12-11 19:13 - 2006-12-11 19:13 - 000097336 _____ (Un4seen Developments) C:\Users\genas_000\AppData\Local\bass.dll
2006-12-11 19:13 - 2006-12-11 19:13 - 000013872 _____ (Un4seen Developments) C:\Users\genas_000\AppData\Local\basscd.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 000102912 _____ (Albert L Faber) C:\Users\genas_000\AppData\Local\CDRip.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 000155136 _____ () C:\Users\genas_000\AppData\Local\lame_enc.dll
2007-01-18 21:09 - 2007-01-18 21:09 - 000623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\genas_000\AppData\Local\No23 Recorder.exe
2005-08-23 22:34 - 2005-08-23 22:34 - 000029184 _____ () C:\Users\genas_000\AppData\Local\no23xwrapper.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 000015872 _____ () C:\Users\genas_000\AppData\Local\ogg.dll
2014-10-08 15:02 - 2014-10-08 19:51 - 000001451 _____ () C:\Users\genas_000\AppData\Local\RecConfig.xml
2014-08-09 18:40 - 2016-09-17 16:47 - 000007598 _____ () C:\Users\genas_000\AppData\Local\Resmon.ResmonCfg
2006-10-26 01:06 - 2006-10-26 01:06 - 000143872 _____ () C:\Users\genas_000\AppData\Local\vorbis.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 000064000 _____ () C:\Users\genas_000\AppData\Local\vorbisenc.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 000019456 _____ () C:\Users\genas_000\AppData\Local\vorbisfile.dll
2016-09-13 21:35 - 2016-09-13 21:35 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-07-17 21:11 - 2017-07-18 13:10 - 000006299 _____ () C:\ProgramData\hpzinstall.log
2016-04-09 11:39 - 2016-04-09 11:39 - 000000016 _____ () C:\ProgramData\mntemp
2013-03-19 12:32 - 2013-03-19 12:32 - 000010011 _____ () C:\ProgramData\regid.2012-01.com.intel.discover-at_512FCF1B-3685-45F2-A1E9-63AEF7F79B35.swidtag

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-09-08 20:21

==================== Ende von FRST.txt ============================
         
Angehängte Dateien
Dateityp: txt mbam.txt (1,4 KB, 3x aufgerufen)

Alt 10.09.2017, 14:04   #10
Gewin
 
Trojaner Verdacht, Win10 64bit - Standard

Trojaner Verdacht, Win10 64bit



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-09-2017
durchgeführt von *************** (10-09-2017 15:00:31)
Gestartet von C:\Users\Gena_2\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-13 19:51:32)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4288807228-2172792055-1580508024-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4288807228-2172792055-1580508024-1012 - Limited - Enabled)
DefaultAccount (S-1-5-21-4288807228-2172792055-1580508024-503 - Limited - Disabled)
Gast (S-1-5-21-4288807228-2172792055-1580508024-501 - Limited - Disabled) => C:\Users\Gast
*************** (S-1-5-21-4288807228-2172792055-1580508024-1002 - Administrator - Enabled) => C:\Users\genas_000
Gena_2 (S-1-5-21-4288807228-2172792055-1580508024-1003 - Limited - Enabled) => C:\Users\Gena_2
HomeGroupUser$ (S-1-5-21-4288807228-2172792055-1580508024-1022 - Limited - Enabled)
Lilia (S-1-5-21-4288807228-2172792055-1580508024-1046 - Limited - Enabled) => C:\Users\Lilia

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G DATA INTERNET SECURITY (Enabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.0 - Absolute Software)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.22 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.8 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.10.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Ahnenblatt 2.97a (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.97.2.1 - Dirk Bцttcher)
Amolto Call Recorder Premium for Skype (HKLM-x32\...\{69F36B84-256D-47CA-A4AC-D04083709434}) (Version: 2.6.1 - Amolto)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 381.65 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (HKLM\...\{1B6B17C2-176C-433C-93F3-640D12825426}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
AusweisApp2 (HKLM-x32\...\{8BC126FD-2F56-4B56-9363-54C3D0027BC6}) (Version: 1.10.1 - Governikus GmbH & Co. KG)
Benutzerhandbuch (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo) Hidden
BlackVue HD (HKLM-x32\...\BlackVueHD) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (HKLM-x32\...\{3D73DC7A-2D1D-45CF-8A67-24873925C716}) (Version: 3.00.0000 - Hewlett-Packard) Hidden
Brief Vorlagen (HKLM-x32\...\Brief Vorlagen_is1) (Version:  - )
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version:  - )
Canon MX340 series - регистрация пользователя (HKLM-x32\...\Canon MX340 series - регистрация пользователя) (Version:  - )
Canon MX340 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
CrystalDiskMark 5.1.2 (HKLM\...\CrystalDiskMark5_is1) (Version: 5.1.2 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0191 - Disc Soft Ltd)
DIG-CAD 4.0 (HKLM-x32\...\DIG-CAD 4.0) (Version:  - )
DiskCryptor 1.1 (HKLM\...\DiskCryptor_is1) (Version: 1.1 - hxxp://diskcryptor.net/)
Download Master version 6.0.3.1433 (HKLM-x32\...\Download Master_is1) (Version: 6.0.3.1433 - WestByte)
Dragon Assistant Application de-DE Version 1.5.5 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.5 - Nuance Communications, Inc.)
Dragon Assistant Core Recognition Service Version 1.1.9 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.9 - Nuance Communications, Inc.)
Dragon Assistant Language Data de-DE Version 1.1.2 (HKLM-x32\...\{FB671668-9AAC-41DC-872B-627418FB62D5}_is1) (Version: 1.1.2 - Nuance Communications, Inc.)
Dragon Assistant Version 1.5.5 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.5 - Nuance Communications, Inc.)
Elevated Installer (HKLM-x32\...\{BA007E03-72AE-4D2D-8A73-FA4B935D4015}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo)
Exif-Viewer 2.51  (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
Free DVD Video Converter (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.65.823 - Digital Wave Ltd)
Free MP4 Video Converter version 5.0.54.1215 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.54.1215 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.54.1215 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.54.1215 - DVDVideoSoft Ltd.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.1.119 - DVDVideoSoft Ltd.)
FRITZ!Fernzugang (HKLM\...\{DD57CC22-8864-4CCA-94D4-600D024C1207}) (Version: 1.3.1 - AVM Berlin)
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.4.0.1 - G DATA Software AG)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{2f694ffe-66ec-4674-a32d-ec690281ca57}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{BCEE507D-8D49-40FF-B437-70E3B9C2D51C}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{198E262D-8C4F-4131-91C7-1F81FB8688F1}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Gpg4win (2.3.4) (HKLM-x32\...\GPG4Win) (Version: 2.3.4 - The Gpg4win Project)
Intel Anti-Theft Discovery App (HKLM-x32\...\{707248B9-2D34-4D77-A5C6-2A8A54848E5A}) (Version: 1.1.0.7 - Intel Corporation)
Intel Experience Center - Configuration (HKLM-x32\...\{C73A16B7-AC35-4262-9BAF-DA9B2039A563}) (Version: 1.9.0.8 - Intel) Hidden
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.91.55 - Huawei Technologies Co.,Ltd)
IsoBuster 3.9 (HKLM-x32\...\IsoBuster_is1) (Version: 3.9 - Smart Projects)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
KÜCHEN QUELLE 3D (HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\SquareClock_Production_Home_KQ_Web) (Version:  - 3DVIA SAS)
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version:  - )
L&H TTS3000 Espaсol (HKLM-x32\...\LHTTSSPE) (Version:  - )
L&H TTS3000 Franзais (HKLM-x32\...\LHTTSFRF) (Version:  - )
L&H TTS3000 Italiano (HKLM-x32\...\LHTTSITI) (Version:  - )
L&H TTS3000 Portuguкs (Brasil) (HKLM-x32\...\LHTTSPTB) (Version:  - )
L&H TTS3000 Russian (HKLM-x32\...\LHTTSRUR) (Version:  - )
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10233 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo System Interface Foundation Driver (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.078.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0059 - Lenovo)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version:  - )
Malwarebytes Version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7766.2099 - Microsoft Corporation)
Microsoft Office 365 ProPlus - ru-ru (HKLM\...\O365ProPlusRetail - ru-ru) (Version: 16.0.7766.2099 - Microsoft Corporation)
Microsoft Office Language Pack 2013  - Russian/русский (HKLM-x32\...\Office15.OMUI.ru-ru) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation)
Microsoft Outlook-Sicherung für Persönliche Ordner (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MKS Platform Components 9.x (HKLM\...\{30276636-0000-0905-9ABB-000BDB5CF35D}) (Version: 9.5.0000 - Mortice Kern Systems)
Motion Control (HKLM\...\Motion Control) (Version: 1.2.45.0 - Lenovo)
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Mp3tag v2.71 (HKLM-x32\...\Mp3tag) (Version: v2.71 - Florian Heidenreich)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
No23 Recorder (HKLM-x32\...\{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}) (Version: 2.1.0.3 - No23) Hidden
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.65 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0419-0000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PlayMemories Camera Apps Downloader (HKLM-x32\...\{5C42BF1B-4586-4711-81A7-8D0F890A6A31}) (Version: 1.2.0.13221 - Sony Corporation)
Polar ProTrainer (HKLM-x32\...\{DF7DBA84-0A55-11D6-A0A6-6A7573736972}) (Version: 5.40.170 - )
Polar WebLink 2.4.15 (HKLM-x32\...\{2734FEDB-7A24-4F15-AC5C-3EC00414D4CC}) (Version: 02.50.0006 - Polar Electro Oy)
QUIK (HKLM-x32\...\{519A413F-6A45-4A48-AC2E-4A9C94C8F98A}_is1) (Version:  - СМВБ-Информационные технологии)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21229 - Realtek Semiconductor Corp.)
REALTEK DTV USB DEVICE (HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Remote Camera Control (HKLM-x32\...\{A32B85B2-5731-41E9-B431-3F4F5D6E664F}) (Version: 3.7.00000 - Sony Corporation)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Portable SSD T3 (HKLM-x32\...\Samsung Portable SSD T3_is1) (Version: 1.3 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
SDI011 dual interface reader (HKLM-x32\...\{D0ED9100-DFFB-482C-8DB6-C626264757BD}) (Version: 1.01 - SCM Microsystems)
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.7.1.1 - Seagate)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0100-0419-0000-0000000FF1CE}_Office15.OMUI.ru-ru_{DFA82E00-94E0-456C-B143-A2E1A90B1950}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.5.0.1160 - Lenovo)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 7.0.0.0 - Stellar Information Technology Pvt Ltd.)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
SurfEasy VPN 3.9.542 (HKLM-x32\...\SurfEasy VPN) (Version: 3.9.542 - SurfEasy Inc)
Sweet Home 3D version 5.1.1 (HKLM\...\Sweet Home 3D_is1) (Version: 5.1.1 - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Update for Skype for Business 2015 (KB4011046) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0419-0000-0000000FF1CE}_Office15.OMUI.ru-ru_{4948A05E-E21F-4A6F-BF2A-7D106E339C9B}) (Version:  - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
Vibraimage8 Lite (HKLM-x32\...\{32B4ED86-7931-47CC-B62C-52C9CB739E6F}_is1) (Version:  - ELSYS Corp.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WD Quick View (HKLM-x32\...\{2CE08B2D-856C-47D9-9F6A-BC691911BCD9}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{B11B695F-B5BF-4667-8291-682B3A73B5F8}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Засоби перевірки правопису Microsoft Office 2013 – Українська версія (HKLM-x32\...\{90150000-001F-0422-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2013 — русский (HKLM-x32\...\{90150000-001F-0419-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Энциклопедия Фэн-Шуй (HKLM-x32\...\{2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F}) (Version: 1.00.0000 - Агенство Вызов)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002_Classes\CLSID\{784D0A2D-A305-4E18-3208-A1915D75B970}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-6F9128BD414A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll => Keine Datei
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2015-04-15] ()
ContextMenuHandlers1: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G Data\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\GNU\GnuPG\bin\gpgex.dll [2017-07-06] (g10 Code GmbH)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers1: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} =>  -> Keine Datei
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers3: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G Data\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\GNU\GnuPG\bin\gpgex.dll [2017-07-06] (g10 Code GmbH)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers4: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} =>  -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-04-01] (NVIDIA Corporation)
ContextMenuHandlers5: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} =>  -> Keine Datei
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G Data\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G Data\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {01267627-A5D2-44DE-B56B-A85703097784} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {039B2D62-D86C-4D71-A3E5-9E1EF9AE46C8} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {0A27731B-0644-4062-ADF0-0AFD83B598EA} - System32\Tasks\Gena_2 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {0BF03656-1B3D-4867-8112-51DBA6467FAD} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-06-09] ()
Task: {0E01EF6C-B37D-4D42-8031-7A7BFD8B7B2E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\00252f5e-3e31-405a-ad65-baba05f70c1c => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {0FABADAA-5079-48C6-8A0A-0ABD016CC58F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {1395D612-2190-44B0-A672-C8420DF26B86} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {198E00EF-0EC1-4025-911B-5CE90632D071} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {26022CA4-A54C-4B08-8BCB-416A4A669B2F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {2B2E2AD2-8AC9-4185-8305-4F24390A902B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-03] (Microsoft Corporation)
Task: {2F88D19A-556E-4BBC-905F-3FB0FDFEEC1C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-08-05] (Microsoft Corporation)
Task: {2FFF98D8-7ECF-4660-B437-0AE36010B04D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-03] (Google Inc.)
Task: {3280604A-AF2C-45F7-81D3-A9EED583F736} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4b6b0c0d-1ea0-412e-ac1c-c580671bc486 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {32A8A4BB-A436-4B23-8F55-0C8B032A1856} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-05-18] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3B8B8F6B-77BC-432C-B0FD-AFAD1F998184} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {3DDDA922-4DD7-4912-9AF7-455BDE6C560B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {4563D974-856B-42C7-A4A8-73967ABCD319} - System32\Tasks\AdobeAAMUpdater-1.0-BigCom-Gena_2 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {48E9D8C9-2761-4284-B55B-24C8EFCA456C} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe
Task: {4AF6F6B4-2BF2-4311-8579-9136AEE95063} - System32\Tasks\Gena_2 DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2017-05-10] (Seagate Technology LLC)
Task: {4C4B59C3-B8BC-43E6-9CB9-17EF37989396} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-08-10] (Microsoft Corporation)
Task: {52AA9BF9-EC9D-4F59-BF25-8F9F64E91635} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {547ECDD4-8BA2-4948-959A-2427DB30601C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {56A4F296-4DBB-4BA0-9DBF-31A9EDBF6FF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-03] (Google Inc.)
Task: {66BE7478-3082-4773-A506-64305CE3D70A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {70323029-858D-4ADD-90A8-2E72B7A2E07E} - System32\Tasks\Gena_22 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {73F37D5B-1887-430D-8AF3-4A8C48517A73} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {77973E8A-CCB9-466D-8AF3-B9E2F87DC3FC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {7A3C259E-E121-49E4-9755-A251DFE47278} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {835D682E-AF26-4F49-A80B-1F370544DDA3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {88FEE2BE-9F38-4350-8652-A605E311C0E7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {8E6988D4-EC82-402A-BF59-9C8F0B09B9B2} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-06-09] ()
Task: {90983A60-D055-4DEB-A400-D7A6127FE537} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {97E4A251-A276-4D50-9078-630F149BA7C5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {97ED358D-36C8-4036-A210-DBF1729CFEA2} - System32\Tasks\Gena_21 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {986DA129-70AE-4B81-A3A8-C2F4D410DF13} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {9BC2B296-270E-455D-8911-77C889224D35} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {9DC13746-7A1F-4F11-8EE1-6A96FCDEB4E8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {9ED4E3EA-4A16-4189-95B9-4D3F28867A03} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {AB54D929-72E4-4012-B905-9F022AAC3B22} - \Lenovo\Lenovo Service Bridge\S-1-5-21-4288807228-2172792055-1580508024-1002 -> Keine Datei <==== ACHTUNG
Task: {AC1E0504-321F-4E19-8A49-4C3D89897DA4} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-08-05] (Microsoft Corporation)
Task: {B0C360A4-A098-4E2E-ACB7-E1DDF62984E3} - System32\Tasks\*************** => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {BC2C2903-41C9-447B-B05C-6FFAD8A5596D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5ae460d9-a7d4-48fc-b990-d9445da2dae2 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {C3A1E82E-B71D-4E9C-B517-FEE16711404B} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2017-05-10] (Seagate Technology LLC)
Task: {D40095DF-2C22-4518-A3C7-6F63CD89DC85} - System32\Tasks\*************** DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2017-05-10] (Seagate Technology LLC)
Task: {D80986EA-20E0-4142-9888-6046758FDCCA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {DF1FACA5-2092-4B69-9F91-14BBA48448AF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-08-05] (Microsoft Corporation)
Task: {E6F85229-2129-4888-92D2-5E851347D80B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {EE06876A-F8FF-493F-9DBD-3B2C43B72CF0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {EF0B1B4C-C6E7-471A-9D7D-646B40C81902} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {F2F9BE46-A019-4347-A469-CECFC7E691EC} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {F64242DF-4744-4098-BF1E-6CD406336300} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {F8AE1AFB-2665-42A4-88A8-4B29D5730079} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\794a89dd-51f0-40c3-b656-8862d79f99e7 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {FE51E7E7-011F-47E8-BCF3-0595F5E3B458} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-03] (Microsoft Corporation)
Task: {FF1133FB-0247-4224-8FC2-0411588B726D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\Users\genas_000\Desktop\Поиграй!.lnk -> C:\Program Files (x86)\Download Master\games.url () <==== Cyrillic
Shortcut: C:\Users\genas_000\Desktop\Энциклопедия Фэн-Шуй.lnk -> C:\Users\genas_000\AppData\Roaming\Microsoft\Installer\{2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F}\_35987B591D36_44F6_A1C6_DD3345589997.exe () <==== Cyrillic
Shortcut: C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Энциклопедия Фэн-Шуй\Энциклопедия Фэн-Шуй.lnk -> C:\Users\genas_000\AppData\Roaming\Microsoft\Installer\{2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F}\_35987B591D36_44F6_A1C6_DD3345589997.exe () <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive для бизнеса.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype для бизнеса 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\QUIK БКС.lnk -> C:\BCS_Work\QUIK_BCS\info.exe (ARQA Technologies) <==== Cyrillic

ShortcutWithArgument: C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Энциклопедия Фэн-Шуй\Удаление.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F} <==== Cyrillic
ShortcutWithArgument: C:\Users\Public\Desktop\Аура VI+.lnk -> C:\ELSYS\Vibraimage8Lite\Vibraimage.exe (ELSYS Corp.) -> -type DZ <==== Cyrillic

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-07-12 16:27 - 2017-06-21 09:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-06 14:46 - 2017-07-06 14:46 - 000216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2014-07-23 21:11 - 2009-09-08 14:12 - 000116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-04-15 16:45 - 2013-04-15 16:45 - 000182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 16:45 - 2013-04-15 16:45 - 000060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2017-09-08 21:56 - 2017-08-24 11:27 - 002264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-04-06 20:22 - 2017-05-03 22:21 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-14 21:39 - 2017-03-14 21:39 - 001663368 _____ () C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
2015-05-04 20:47 - 2013-08-16 08:53 - 000671744 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2017-06-08 05:54 - 2017-06-08 05:54 - 000554984 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2017-07-18 00:50 - 2017-07-18 00:50 - 000492112 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 000222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-09-16 19:54 - 2016-09-07 06:56 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 20:20 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 20:20 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 20:20 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 20:20 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-08-11 19:08 - 2017-03-04 08:05 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-08-11 19:08 - 2017-08-01 20:26 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-08-11 19:08 - 2017-08-01 20:31 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-03-01 17:09 - 2016-11-02 00:05 - 000401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-08-24 20:44 - 2017-08-24 20:44 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-24 20:44 - 2017-08-24 20:44 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-04-07 09:41 - 2017-04-07 09:41 - 000054488 _____ () C:\Program Files\CCleaner\branding.dll
2017-06-30 13:22 - 2017-06-30 13:22 - 000069632 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-02-11 07:34 - 2014-02-11 07:34 - 000172552 _____ () C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
2014-02-11 07:31 - 2013-04-17 16:26 - 000387984 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\fl_core.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 001165712 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_asr.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 000199056 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_base.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 001132944 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_pron.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 000035216 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_platform.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 000229264 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\sdxg.dll
2014-02-11 07:31 - 2013-04-17 16:25 - 000027648 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\WASAPIResamplingStreamCOMServer.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2017-07-06 14:33 - 2017-07-06 14:33 - 000222720 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2017-07-06 14:21 - 2017-07-06 14:21 - 000050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2017-07-06 14:33 - 2017-07-06 14:33 - 000073728 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2017-07-06 14:36 - 2017-07-06 14:36 - 000890880 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2017-07-06 14:27 - 2017-07-06 14:27 - 000103424 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2017-05-10 15:50 - 2017-05-10 15:50 - 000729792 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\PocoNet.dll
2017-03-14 21:40 - 2017-03-14 21:40 - 000078216 _____ () C:\Program Files (x86)\SurfEasy VPN\client\ZLIB1.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 000011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 000043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 002417152 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 001148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2017-04-06 20:22 - 2017-05-03 22:21 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2014-02-11 07:09 - 2013-05-09 14:23 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-02-11 07:34 - 2014-02-11 07:34 - 001623048 _____ () C:\Program Files (x86)\Lenovo\MotionControl\eyeKeys.dll
2014-02-11 07:34 - 2014-02-11 07:34 - 000030728 _____ () C:\Program Files (x86)\Lenovo\MotionControl\esmlib.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2017-06-22 18:56 - 2017-06-22 18:56 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-06-22 18:56 - 2017-06-22 18:56 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-06-22 18:55 - 2017-06-22 18:55 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-06-22 18:56 - 2017-06-22 18:56 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-07-13 10:12 - 2017-07-13 10:12 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-06-22 18:56 - 2017-06-22 18:56 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-05-19 23:50 - 2017-05-19 23:50 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-07-13 10:07 - 2017-07-13 10:07 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-05-19 23:49 - 2017-05-19 23:49 - 000098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2017-05-19 23:50 - 2017-05-19 23:50 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-04-23 13:32 - 2016-04-23 13:32 - 000131072 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_de\PDFMaker\PDFMOutlookAddin.DEU
2017-03-28 19:24 - 2017-03-28 19:24 - 003990136 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\PDFMaker\Common\AdobePDFMakerX.dll
2016-04-23 13:32 - 2016-04-23 13:32 - 001446912 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\sharepoint.com -> hxxps://htlsalzburg-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\127.0.0.1 -> hxxp://127.0.0.1
IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\sharepoint.com -> hxxps://htlsalzburg.sharepoint.com

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2017-08-24 21:11 - 000004317 _____ C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 ac3.msn.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads.msn.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 a-msedge.net
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 c.atdmt.com

Da befinden sich 77 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\genas_000\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img4.jpg
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{7DCA83E0-AED3-4A40-A274-EC1D2CCFB027}] => (Allow) LPort=8888

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/10/2017 02:51:24 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (09/10/2017 02:38:24 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (09/10/2017 02:37:20 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (09/09/2017 10:11:50 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (09/09/2017 09:31:56 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (09/09/2017 09:31:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BrcmSetSecurity.exe, Version: 1.0.0.1, Zeitstempel: 0x516df51d
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.1532, Zeitstempel: 0x5965abad
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002f7fb
ID des fehlerhaften Prozesses: 0x11dc
Startzeit der fehlerhaften Anwendung: 0x01d329a2403ddf07
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 57a2e20f-8e72-4661-8a08-769efc0676e9
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/08/2017 10:05:24 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (09/08/2017 10:05:09 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (09/08/2017 10:04:18 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (09/08/2017 09:56:54 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" in Zeile  1.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


Systemfehler:
=============
Error: (09/10/2017 02:59:51 PM) (Source: DCOM) (EventID: 10010) (User: BigCom)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/10/2017 02:58:47 PM) (Source: DCOM) (EventID: 10010) (User: BigCom)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/10/2017 02:53:09 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/10/2017 02:53:09 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/10/2017 02:53:09 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/10/2017 02:53:09 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/10/2017 02:51:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HWDeviceService64.exe" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/10/2017 02:51:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. RunOuc" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/10/2017 02:51:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. RunOuc erreicht.

Error: (09/10/2017 02:50:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2017-09-06 15:58:09.788
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltDll64.dll that did not meet the Store signing level requirements.

  Date: 2017-09-06 15:49:15.976
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltDll64.dll that did not meet the Store signing level requirements.

  Date: 2016-09-28 22:25:30.242
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.240
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.236
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.233
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.229
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.226
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.214
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.201
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 8104.27 MB
Verfügbarer physikalischer RAM: 4278.46 MB
Summe virtueller Speicher: 9384.27 MB
Verfügbarer virtueller Speicher: 5101.08 MB

==================== Laufwerke ================================

Drive c: (Windows8_OS) (Fixed) (Total:122.8 GB) (Free:20.3 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Zwieschenspeicher) (Fixed) (Total:25 GB) (Free:4.78 GB) NTFS
Drive g: (LENOVO_S) (Fixed) (Total:51.88 GB) (Free:1.32 GB) NTFS
Drive h: (Volume) (Fixed) (Total:23.17 GB) (Free:6.88 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: BC09B5DB)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 10.09.2017, 20:00   #11
M-K-D-B
/// TB-Ausbilder
 
Trojaner Verdacht, Win10 64bit - Standard

Trojaner Verdacht, Win10 64bit



Servus,





Schritt 1
  • Kopiere den Inhalt der folgenden Code-Box:
    Code:
    ATTFilter
    Start::
    CloseProcesses:
    HKLM-x32\...\Run: [] => [X]
    Task: {01267627-A5D2-44DE-B56B-A85703097784} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
    Task: {1395D612-2190-44B0-A672-C8420DF26B86} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
    Task: {26022CA4-A54C-4B08-8BCB-416A4A669B2F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
    Task: {52AA9BF9-EC9D-4F59-BF25-8F9F64E91635} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
    Task: {73F37D5B-1887-430D-8AF3-4A8C48517A73} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
    Task: {835D682E-AF26-4F49-A80B-1F370544DDA3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
    Task: {88FEE2BE-9F38-4350-8652-A605E311C0E7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
    Task: {90983A60-D055-4DEB-A400-D7A6127FE537} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
    Task: {9DC13746-7A1F-4F11-8EE1-6A96FCDEB4E8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
    Task: {AB54D929-72E4-4012-B905-9F022AAC3B22} - \Lenovo\Lenovo Service Bridge\S-1-5-21-4288807228-2172792055-1580508024-1002 -> Keine Datei <==== ACHTUNG
    Task: {EE06876A-F8FF-493F-9DBD-3B2C43B72CF0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
    Task: {F2F9BE46-A019-4347-A469-CECFC7E691EC} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
    Task: {F64242DF-4744-4098-BF1E-6CD406336300} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
    RemoveProxy:
    CMD: ipconfig /flushdns
    CMD: netsh winsock reset
    EmptyTemp:
    End::
             
  • Starte nun FRST und klicke den Entfernen Button.
  • Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
  • Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
  • Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.





Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    ATTFilter
    :filefind
    *yuna software*
    *FLV and Media Player*
    
    :folderfind
    *yuna software*
    *FLV and Media Player*
    
    :regfind
    yuna software
    FLV and Media Player
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.







Schritt 3
  • Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von SystemLook,
  • die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).
__________________
Gruß
M-K-D-B



Das Trojaner-Board unterstützen

Alt 10.09.2017, 21:16   #12
Gewin
 
Trojaner Verdacht, Win10 64bit - Standard

Trojaner Verdacht, Win10 64bit



Code:
ATTFilter
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
Task: {01267627-A5D2-44DE-B56B-A85703097784} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {1395D612-2190-44B0-A672-C8420DF26B86} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {26022CA4-A54C-4B08-8BCB-416A4A669B2F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {52AA9BF9-EC9D-4F59-BF25-8F9F64E91635} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {73F37D5B-1887-430D-8AF3-4A8C48517A73} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {835D682E-AF26-4F49-A80B-1F370544DDA3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {88FEE2BE-9F38-4350-8652-A605E311C0E7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {90983A60-D055-4DEB-A400-D7A6127FE537} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {9DC13746-7A1F-4F11-8EE1-6A96FCDEB4E8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {AB54D929-72E4-4012-B905-9F022AAC3B22} - \Lenovo\Lenovo Service Bridge\S-1-5-21-4288807228-2172792055-1580508024-1002 -> Keine Datei <==== ACHTUNG
Task: {EE06876A-F8FF-493F-9DBD-3B2C43B72CF0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {F2F9BE46-A019-4347-A469-CECFC7E691EC} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {F64242DF-4744-4098-BF1E-6CD406336300} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
         
Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 10-09-2017
durchgeführt von **************** (10-09-2017 21:54:03) Run:1
Gestartet von C:\Users\Gena_2\Downloads
Geladene Profile: **************** & Gena_2 (Verfügbare Profile: **************** & Gena_2 & Lilia & Gast & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
Task: {01267627-A5D2-44DE-B56B-A85703097784} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {1395D612-2190-44B0-A672-C8420DF26B86} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {26022CA4-A54C-4B08-8BCB-416A4A669B2F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {52AA9BF9-EC9D-4F59-BF25-8F9F64E91635} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {73F37D5B-1887-430D-8AF3-4A8C48517A73} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {835D682E-AF26-4F49-A80B-1F370544DDA3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {88FEE2BE-9F38-4350-8652-A605E311C0E7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {90983A60-D055-4DEB-A400-D7A6127FE537} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {9DC13746-7A1F-4F11-8EE1-6A96FCDEB4E8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {AB54D929-72E4-4012-B905-9F022AAC3B22} - \Lenovo\Lenovo Service Bridge\S-1-5-21-4288807228-2172792055-1580508024-1002 -> Keine Datei <==== ACHTUNG
Task: {EE06876A-F8FF-493F-9DBD-3B2C43B72CF0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {F2F9BE46-A019-4347-A469-CECFC7E691EC} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {F64242DF-4744-4098-BF1E-6CD406336300} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:

*****************

Prozesse erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{01267627-A5D2-44DE-B56B-A85703097784} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01267627-A5D2-44DE-B56B-A85703097784} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1395D612-2190-44B0-A672-C8420DF26B86} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1395D612-2190-44B0-A672-C8420DF26B86} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26022CA4-A54C-4B08-8BCB-416A4A669B2F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26022CA4-A54C-4B08-8BCB-416A4A669B2F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{52AA9BF9-EC9D-4F59-BF25-8F9F64E91635} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52AA9BF9-EC9D-4F59-BF25-8F9F64E91635} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{73F37D5B-1887-430D-8AF3-4A8C48517A73} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{73F37D5B-1887-430D-8AF3-4A8C48517A73} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{835D682E-AF26-4F49-A80B-1F370544DDA3} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{835D682E-AF26-4F49-A80B-1F370544DDA3} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88FEE2BE-9F38-4350-8652-A605E311C0E7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88FEE2BE-9F38-4350-8652-A605E311C0E7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90983A60-D055-4DEB-A400-D7A6127FE537} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90983A60-D055-4DEB-A400-D7A6127FE537} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9DC13746-7A1F-4F11-8EE1-6A96FCDEB4E8} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DC13746-7A1F-4F11-8EE1-6A96FCDEB4E8} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AB54D929-72E4-4012-B905-9F022AAC3B22} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB54D929-72E4-4012-B905-9F022AAC3B22} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Service Bridge\S-1-5-21-4288807228-2172792055-1580508024-1002 => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EE06876A-F8FF-493F-9DBD-3B2C43B72CF0} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EE06876A-F8FF-493F-9DBD-3B2C43B72CF0} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F2F9BE46-A019-4347-A469-CECFC7E691EC} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2F9BE46-A019-4347-A469-CECFC7E691EC} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F64242DF-4744-4098-BF1E-6CD406336300} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F64242DF-4744-4098-BF1E-6CD406336300} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => Schlüssel erfolgreich entfernt

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Auflosungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zuruckgesetzt.
Sie mussen den Computer neu starten, um den Vorgang abzuschlie?en.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 3007608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11573966 B
Java, Flash, Steam htmlcache => 717 B
         
Teil 1

Code:
ATTFilter
SystemLook 30.07.11 by jpshortstuff
Log created at 21:59 on 10/09/2017 by ***************
Administrator - Elevation successful

========== filefind ==========

Searching for "*yuna software*"
No files found.

Searching for "*FLV and Media Player*"
C:\AdwCleaner\Quarantine\x3CF3EDNhm\FLV and Media Player.lnk	--a---- 1356 bytes	[12:37 10/09/2017]	[10:45 25/01/2015] 8CB838E47772092383CEEF12C3ADCEE3
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies\FLV and Media Player Uninstall.lnk	--a---- 1167 bytes	[10:45 25/01/2015]	[10:45 25/01/2015] 43E5A37F356CE5D90F0C84485F04A2B3
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies\FLV and Media Player.lnk	--a---- 1374 bytes	[10:45 25/01/2015]	[10:45 25/01/2015] 2B5538F9E6CDAAA972FDC8EE5DD4F9CA
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Applian Technologies\FLV and Media Player Uninstall.lnk	--a---- 1167 bytes	[10:45 25/01/2015]	[10:45 25/01/2015] 43E5A37F356CE5D90F0C84485F04A2B3
C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Applian Technologies\FLV and Media Player.lnk	--a---- 1374 bytes	[10:45 25/01/2015]	[10:45 25/01/2015] 2B5538F9E6CDAAA972FDC8EE5DD4F9CA

========== folderfind ==========

Searching for "*yuna software*"
No folders found.

Searching for "*FLV and Media Player*"
C:\Program Files (x86)\Applian Technologies\FLV and Media Player	d-a----	[10:45 25/01/2015]

========== regfind ==========

Searching for "yuna software"
[HKEY_LOCAL_MACHINE\SOFTWARE\G Data\AVK_WaechterLog\NonApprovedModules]
"C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe"="05/01/16 12:47:20: <unsigned>"

Searching for "FLV and Media Player"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"26"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies\FLV and Media Player.lnk C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe -I skins2 --one-instance"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3g2]
@="FLV and Media Player media file (.3g2)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3g2\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3g2\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3g2\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3g2\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3g2\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3g2\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3ga]
@="FLV and Media Player media file (.3ga)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3ga\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3ga\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3ga\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3ga\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3ga\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3ga\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp]
@="FLV and Media Player media file (.3gp)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp2]
@="FLV and Media Player media file (.3gp2)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp2\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp2\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp2\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp2\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp2\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gp2\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gpp]
@="FLV and Media Player media file (.3gpp)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gpp\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gpp\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gpp\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gpp\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gpp\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.3gpp\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.669]
@="FLV and Media Player media file (.669)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.669\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.669\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.669\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.669\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.669\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.669\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.a52]
@="FLV and Media Player media file (.a52)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.a52\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.a52\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.a52\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.a52\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.a52\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.a52\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aac]
@="FLV and Media Player media file (.aac)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aac\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aac\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aac\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aac\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aac\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aac\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ac3]
@="FLV and Media Player media file (.ac3)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ac3\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ac3\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ac3\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ac3\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ac3\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ac3\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adt]
@="FLV and Media Player media file (.adt)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adt\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adt\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adt\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adt\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adt\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adt\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adts]
@="FLV and Media Player media file (.adts)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adts\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adts\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adts\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adts\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adts\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.adts\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aif]
@="FLV and Media Player media file (.aif)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aif\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aif\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aif\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aif\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aif\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aif\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aifc]
@="FLV and Media Player media file (.aifc)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aifc\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aifc\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aifc\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aifc\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aifc\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aifc\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aiff]
@="FLV and Media Player media file (.aiff)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aiff\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aiff\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aiff\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aiff\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aiff\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aiff\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amr]
@="FLV and Media Player media file (.amr)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amr\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amr\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amr\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amr\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amr\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amr\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amv]
@="FLV and Media Player media file (.amv)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amv\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amv\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amv\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amv\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amv\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.amv\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aob]
@="FLV and Media Player media file (.aob)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aob\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aob\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aob\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aob\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aob\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.aob\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ape]
@="FLV and Media Player media file (.ape)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ape\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ape\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ape\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ape\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ape\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ape\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asf]
@="FLV and Media Player media file (.asf)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asf\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asf\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asf\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asf\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asf\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asf\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asx]
@="FLV and Media Player media file (.asx)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asx\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asx\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asx\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asx\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asx\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.asx\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.au]
@="FLV and Media Player media file (.au)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.au\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.au\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.au\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.au\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.au\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.au\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.avi]
@="FLV and Media Player media file (.avi)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.avi\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.avi\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.avi\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.avi\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.avi\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.avi\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.b4s]
@="FLV and Media Player media file (.b4s)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.b4s\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.b4s\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.b4s\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.b4s\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.b4s\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.b4s\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.bin]
@="FLV and Media Player media file (.bin)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.bin\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.bin\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.bin\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.bin\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.bin\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.bin\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.caf]
@="FLV and Media Player media file (.caf)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.caf\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.caf\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.caf\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.caf\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.caf\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.caf\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cda]
@="FLV and Media Player media file (.cda)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cda\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cda\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cda\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cda\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cda\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cda\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.CDAudio\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.CDAudio\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file cdda:///%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cue]
@="FLV and Media Player media file (.cue)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cue\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cue\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cue\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cue\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cue\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.cue\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.divx]
@="FLV and Media Player media file (.divx)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.divx\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.divx\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.divx\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.divx\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.divx\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.divx\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.drc]
@="FLV and Media Player media file (.drc)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.drc\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.drc\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.drc\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.drc\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.drc\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.drc\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dts]
@="FLV and Media Player media file (.dts)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dts\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dts\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dts\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dts\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dts\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dts\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dv]
@="FLV and Media Player media file (.dv)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dv\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dv\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dv\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dv\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dv\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.dv\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.DVDMovie\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.DVDMovie\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file dvd:///%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.f4v]
@="FLV and Media Player media file (.f4v)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.f4v\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.f4v\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.f4v\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.f4v\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.f4v\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.f4v\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flac]
@="FLV and Media Player media file (.flac)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flac\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flac\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flac\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flac\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flac\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flac\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flv]
@="FLV and Media Player media file (.flv)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flv\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flv\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flv\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flv\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flv\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.flv\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gvi]
@="FLV and Media Player media file (.gvi)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gvi\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gvi\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gvi\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gvi\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gvi\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gvi\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gxf]
@="FLV and Media Player media file (.gxf)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gxf\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gxf\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gxf\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gxf\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gxf\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.gxf\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ifo]
@="FLV and Media Player media file (.ifo)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ifo\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ifo\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ifo\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ifo\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ifo\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ifo\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.it]
@="FLV and Media Player media file (.it)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.it\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.it\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.it\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.it\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.it\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.it\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m1v]
@="FLV and Media Player media file (.m1v)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m1v\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m1v\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m1v\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m1v\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m1v\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m1v\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2t]
@="FLV and Media Player media file (.m2t)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2t\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2t\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2t\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2t\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2t\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2t\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2ts]
@="FLV and Media Player media file (.m2ts)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2ts\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2ts\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2ts\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2ts\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2ts\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2ts\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2v]
@="FLV and Media Player media file (.m2v)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2v\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2v\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2v\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2v\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2v\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m2v\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u]
@="FLV and Media Player media file (.m3u)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u8]
@="FLV and Media Player media file (.m3u8)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u8\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u8\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u8\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u8\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u8\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m3u8\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4a]
@="FLV and Media Player media file (.m4a)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4a\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4a\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4a\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4a\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4a\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4a\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4p]
@="FLV and Media Player media file (.m4p)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4p\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4p\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4p\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4p\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4p\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4p\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4v]
@="FLV and Media Player media file (.m4v)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4v\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4v\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4v\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4v\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4v\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.m4v\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mid]
@="FLV and Media Player media file (.mid)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mid\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mid\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mid\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mid\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mid\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mid\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mka]
@="FLV and Media Player media file (.mka)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mka\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mka\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mka\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mka\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mka\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mka\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mkv]
@="FLV and Media Player media file (.mkv)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mkv\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mkv\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mkv\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mkv\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mkv\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mkv\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mlp]
@="FLV and Media Player media file (.mlp)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mlp\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mlp\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mlp\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mlp\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mlp\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mlp\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mod]
@="FLV and Media Player media file (.mod)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mod\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mod\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mod\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mod\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mod\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mod\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mov]
@="FLV and Media Player media file (.mov)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mov\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mov\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mov\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mov\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mov\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mov\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp1]
@="FLV and Media Player media file (.mp1)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp1\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp1\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp1\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp1\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp1\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp1\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2]
@="FLV and Media Player media file (.mp2)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2v]
@="FLV and Media Player media file (.mp2v)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2v\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2v\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2v\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2v\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2v\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp2v\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp3]
@="FLV and Media Player media file (.mp3)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp3\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp3\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp3\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp3\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp3\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp3\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4]
@="FLV and Media Player media file (.mp4)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4v]
@="FLV and Media Player media file (.mp4v)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4v\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4v\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4v\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4v\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4v\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mp4v\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpa]
@="FLV and Media Player media file (.mpa)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpa\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpa\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpa\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpa\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpa\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpa\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpc]
@="FLV and Media Player media file (.mpc)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpc\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpc\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpc\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpc\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpc\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpc\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpe]
@="FLV and Media Player media file (.mpe)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpe\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpe\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpe\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpe\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpe\shell\PlayWithVLC]
         

Alt 10.09.2017, 21:18   #13
Gewin
 
Trojaner Verdacht, Win10 64bit - Standard

Trojaner Verdacht, Win10 64bit



Teil 2

Code:
ATTFilter
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpe\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg]
@="FLV and Media Player media file (.mpeg)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg1]
@="FLV and Media Player media file (.mpeg1)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg1\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg1\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg1\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg1\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg1\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg1\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg2]
@="FLV and Media Player media file (.mpeg2)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg2\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg2\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg2\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg2\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg2\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg2\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg4]
@="FLV and Media Player media file (.mpeg4)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg4\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg4\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg4\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg4\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg4\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpeg4\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpg]
@="FLV and Media Player media file (.mpg)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpg\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpg\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpg\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpg\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpg\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpg\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpga]
@="FLV and Media Player media file (.mpga)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpga\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpga\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpga\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpga\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpga\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpga\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpv2]
@="FLV and Media Player media file (.mpv2)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpv2\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpv2\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpv2\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpv2\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpv2\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mpv2\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mts]
@="FLV and Media Player media file (.mts)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mts\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mts\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mts\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mts\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mts\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mts\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mtv]
@="FLV and Media Player media file (.mtv)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mtv\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mtv\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mtv\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mtv\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mtv\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mtv\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mxf]
@="FLV and Media Player media file (.mxf)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mxf\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mxf\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mxf\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mxf\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mxf\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.mxf\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nsv]
@="FLV and Media Player media file (.nsv)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nsv\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nsv\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nsv\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nsv\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nsv\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nsv\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nuv]
@="FLV and Media Player media file (.nuv)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nuv\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nuv\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nuv\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nuv\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nuv\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.nuv\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oga]
@="FLV and Media Player media file (.oga)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oga\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oga\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oga\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oga\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oga\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oga\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogg]
@="FLV and Media Player media file (.ogg)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogg\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogg\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogg\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogg\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogg\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogg\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogm]
@="FLV and Media Player media file (.ogm)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogm\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogm\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogm\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogm\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogm\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogm\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogv]
@="FLV and Media Player media file (.ogv)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogv\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogv\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogv\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogv\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogv\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogv\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogx]
@="FLV and Media Player media file (.ogx)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogx\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogx\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogx\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogx\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogx\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ogx\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oma]
@="FLV and Media Player media file (.oma)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oma\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oma\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oma\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oma\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oma\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.oma\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.OPENFolder\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.OPENFolder\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance %1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.opus]
@="FLV and Media Player media file (.opus)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.opus\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.opus\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.opus\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.opus\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.opus\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.opus\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.pls]
@="FLV and Media Player media file (.pls)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.pls\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.pls\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.pls\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.pls\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.pls\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.pls\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.qcp]
@="FLV and Media Player media file (.qcp)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.qcp\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.qcp\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.qcp\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.qcp\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.qcp\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.qcp\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ra]
@="FLV and Media Player media file (.ra)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ra\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ra\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ra\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ra\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ra\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ra\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ram]
@="FLV and Media Player media file (.ram)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ram\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ram\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ram\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ram\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ram\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ram\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rec]
@="FLV and Media Player media file (.rec)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rec\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rec\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rec\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rec\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rec\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rec\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rm]
@="FLV and Media Player media file (.rm)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rm\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rm\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rm\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rm\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rm\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rm\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmi]
@="FLV and Media Player media file (.rmi)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmi\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmi\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmi\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmi\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmi\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmi\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmvb]
@="FLV and Media Player media file (.rmvb)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmvb\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmvb\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmvb\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmvb\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmvb\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.rmvb\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.s3m]
@="FLV and Media Player media file (.s3m)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.s3m\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.s3m\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.s3m\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.s3m\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.s3m\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.s3m\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.sdp]
@="FLV and Media Player media file (.sdp)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.sdp\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.sdp\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.sdp\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.sdp\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.sdp\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.sdp\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.snd]
@="FLV and Media Player media file (.snd)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.snd\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.snd\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.snd\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.snd\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.snd\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.snd\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.spx]
@="FLV and Media Player media file (.spx)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.spx\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.spx\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.spx\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.spx\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.spx\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.spx\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.SVCDMovie\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.SVCDMovie\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file vcd:///%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tod]
@="FLV and Media Player media file (.tod)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tod\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tod\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tod\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tod\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tod\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tod\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ts]
@="FLV and Media Player media file (.ts)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ts\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ts\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ts\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ts\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ts\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.ts\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tta]
@="FLV and Media Player media file (.tta)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tta\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tta\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tta\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tta\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tta\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tta\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tts]
@="FLV and Media Player media file (.tts)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tts\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tts\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tts\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tts\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tts\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.tts\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.VCDMovie\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.VCDMovie\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file vcd:///%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vlc]
@="FLV and Media Player media file (.vlc)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vlc\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vlc\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vlc\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vlc\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vlc\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vlc\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vob]
@="FLV and Media Player media file (.vob)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vob\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vob\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vob\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vob\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vob\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vob\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.voc]
@="FLV and Media Player media file (.voc)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.voc\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.voc\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.voc\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.voc\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.voc\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.voc\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vqf]
@="FLV and Media Player media file (.vqf)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vqf\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vqf\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vqf\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vqf\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vqf\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vqf\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vro]
@="FLV and Media Player media file (.vro)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vro\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vro\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vro\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vro\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vro\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.vro\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.w64]
@="FLV and Media Player media file (.w64)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.w64\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.w64\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.w64\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.w64\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.w64\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.w64\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wav]
@="FLV and Media Player media file (.wav)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wav\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wav\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wav\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wav\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wav\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wav\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.webm]
@="FLV and Media Player media file (.webm)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.webm\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.webm\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.webm\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.webm\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.webm\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.webm\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wma]
@="FLV and Media Player media file (.wma)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wma\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wma\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wma\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wma\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wma\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wma\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wmv]
@="FLV and Media Player media file (.wmv)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wmv\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wmv\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wmv\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wmv\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wmv\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wmv\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wv]
@="FLV and Media Player media file (.wv)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wv\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wv\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wv\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wv\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wv\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wv\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wvx]
@="FLV and Media Player media file (.wvx)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wvx\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wvx\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wvx\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wvx\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wvx\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.wvx\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xa]
@="FLV and Media Player media file (.xa)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xa\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xa\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xa\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xa\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xa\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xa\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xesc]
@="FLV and Media Player media file (.xesc)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xesc\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xesc\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xesc\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xesc\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xesc\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xesc\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xm]
@="FLV and Media Player media file (.xm)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xm\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xm\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xm\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xm\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xm\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xm\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xspf]
@="FLV and Media Player media file (.xspf)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xspf\DefaultIcon]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xspf\shell\AddToPlaylistVLC]
@="Add to FLV and Media Player's Playlist"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xspf\shell\AddToPlaylistVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xspf\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xspf\shell\PlayWithVLC]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ApplianMP.xspf\shell\PlayWithVLC\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" --started-from-file --no-playlist-enqueue "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\amp.exe]
"FriendlyAppName"="FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\amp.exe\shell\Open]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Applications\amp.exe\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AudioCD\shell\PlayWithApplianMP]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AudioCD\shell\PlayWithApplianMP\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file cdda:///%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DVD\shell\PlayWithApplianMP]
@="Play with FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DVD\shell\PlayWithApplianMP\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file dvd:///%1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\ApplianMP]
@="FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\ApplianMP\Capabilities]
"ApplicationName"="FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\ApplianMP\Capabilities]
"ApplicationDescription"="FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\ApplianMP\InstallInfo]
"HideIconsCommand"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\spad-setup.exe" /HideIcons /S"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\ApplianMP\InstallInfo]
"ShowIconsCommand"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\spad-setup.exe" /ShowIcons /S"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Media\ApplianMP\InstallInfo]
"ReinstallCommand"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\spad-setup.exe" /Reinstall /S"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayCDAudioOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayCDAudioOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayDVDAudioOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayDVDAudioOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayDVDMovieOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayDVDMovieOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayMusicFilesOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayMusicFilesOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlaySVCDMovieOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlaySVCDMovieOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayVCDMovieOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayVCDMovieOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayVideoFilesOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayVideoFilesOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications]
"FLV and Media Player"="Software\Clients\Media\ApplianMP\Capabilities"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Applian Technologies\Applian FLV and Media Player]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Applian Technologies\Applian FLV and Media Player]
"InstallDir"="C:\Program Files (x86)\Applian Technologies\FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Applian Technologies\Applian FLV and Media Player]
@="C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Applian Technologies\FLV and Media Player]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Applian Technologies\FLV and Media Player]
"InstallDir"="C:\Program Files (x86)\Applian Technologies\FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Applian Technologies\FLV and Media Player]
@="C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayCDAudioOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayCDAudioOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayDVDAudioOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayDVDAudioOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayDVDMovieOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayDVDMovieOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayMusicFilesOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayMusicFilesOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlaySVCDMovieOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlaySVCDMovieOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayVCDMovieOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayVCDMovieOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayVideoFilesOnArrival]
"DefaultIcon"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe",0"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ApplianMPPlayVideoFilesOnArrival]
"Provider"="Applian Technologies FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Clients\Media\ApplianMP]
@="FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Clients\Media\ApplianMP\Capabilities]
"ApplicationName"="FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Clients\Media\ApplianMP\Capabilities]
"ApplicationDescription"="FLV and Media Player"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Clients\Media\ApplianMP\InstallInfo]
"HideIconsCommand"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\spad-setup.exe" /HideIcons /S"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Clients\Media\ApplianMP\InstallInfo]
"ShowIconsCommand"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\spad-setup.exe" /ShowIcons /S"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Clients\Media\ApplianMP\InstallInfo]
"ReinstallCommand"=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\spad-setup.exe" /Reinstall /S"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\RegisteredApplications]
"FLV and Media Player"="Software\Clients\Media\ApplianMP\Capabilities"
[HKEY_USERS\S-1-5-21-4288807228-2172792055-1580508024-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\UFH\SHC]
"26"="C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies\FLV and Media Player.lnk C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe -I skins2 --one-instance"
[HKEY_USERS\S-1-5-21-4288807228-2172792055-1580508024-1003\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\eb009fa6_0]
@="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0283&subsys_17aa4026&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume5\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-4288807228-2172792055-1580508024-1003\SOFTWARE\Classes\dat_auto_file\shell\Open]
@="Play with FLV and Media Player"
[HKEY_USERS\S-1-5-21-4288807228-2172792055-1580508024-1003\SOFTWARE\Classes\dat_auto_file\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_USERS\S-1-5-21-4288807228-2172792055-1580508024-1003\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe.FriendlyAppName"="FLV and Media Player"
[HKEY_USERS\S-1-5-21-4288807228-2172792055-1580508024-1003\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe.ApplicationCompany"="Applian Technologies Inc"
[HKEY_USERS\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\dat_auto_file\shell\Open]
@="Play with FLV and Media Player"
[HKEY_USERS\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\dat_auto_file\shell\Open\command]
@=""C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe" -I skins2 --one-instance --started-from-file "%1""
[HKEY_USERS\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe.FriendlyAppName"="FLV and Media Player"
[HKEY_USERS\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Program Files (x86)\Applian Technologies\FLV and Media Player\amp.exe.ApplicationCompany"="Applian Technologies Inc"

-= EOF =-
         

Alt 10.09.2017, 21:26   #14
Gewin
 
Trojaner Verdacht, Win10 64bit - Standard

Trojaner Verdacht, Win10 64bit



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 10-09-2017
durchgeführt von *************** (Administrator) auf BIGCOM (10-09-2017 22:23:51)
Gestartet von C:\Users\Gena_2\Downloads
Geladene Profile: *************** & Gena_2 (Verfügbare Profile: *************** & Gena_2 & Lilia & Gast & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(MKS Software Inc.) C:\Windows\System32\nutsrv4.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
() C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
() C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Seagate Technology LLC) C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DeviceAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6339656 2013-05-16] (Realtek semiconductor)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15792112 2014-02-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [101360 2014-02-11] (Lenovo(beijing) Limited)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated)
HKLM\...\Run: [USB Safely Remove] => "C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe" /startup
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2009-09-28] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
HKLM-x32\...\Run: [NuTCSetupEnviron] => C:\Program Files\PTC\MKS Toolkit\bin\ncoeenv.exe [37248 2012-10-12] (MKS Software Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-07-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-07-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [DBAgent] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [1562304 2017-05-10] (Seagate Technology LLC)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [442856 2017-06-08] (G DATA Software AG)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4295360 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-05-18] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [SurfEasy] => C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyVPN.exe startup
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-05-10] (Seagate Technology LLC)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[C0].tx
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\MountPoints2: {50b30d4b-8405-11e6-bf7b-fcf8ae9ac78d} - "E:\run.exe" 
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\MountPoints2: {cba4bbd6-565a-11e6-bf56-fcf8ae9ac78d} - "J:\HPLauncher.exe" 
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2352832 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\AdobeCollabSync.exe [763416 2017-07-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Uploader] => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe [142568 2017-05-10] (Seagate Technology LLC)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4295360 2016-06-09] (Disc Soft Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [Polar Sync] => *:\program files\polar\polar sync\********************************************************************************************************************************************************************** (Der Dateneintrag hat 59 mehr Zeichen).
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\MountPoints2: {be3b4032-83bd-11e6-bf7a-fcf8ae9ac78d} - "I:\start-win.exe" 
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-05-18] (Garmin Ltd. or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2014-02-11]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Motion Control.lnk [2014-02-11]
ShortcutTarget: Motion Control.lnk -> C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe ()
Startup: C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZenMate.bat [2017-08-13] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2be6f6e2-00a5-4ce8-95ef-87a8efc7ebb5}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{3a45b7cf-7020-4447-8c63-994d33d62839}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=625119&clcid=0x419
HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=625119&clcid=0x419
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=U280DF&PC=U280&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> {26B3CAA3-DAC0-4C35-B5A8-06D7ABF7F9C4} URL = 
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> DefaultScope {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> {26B3CAA3-DAC0-4C35-B5A8-06D7ABF7F9C4} URL = 
SearchScopes: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxps://yandex.ru/search/?text={searchTerms}&clid=2233627
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-19] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-19] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-12-15] (DVDVideoSoft Ltd.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-07-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-19] (Oracle Corporation)
BHO-x32: IE 4.x-6.x BHO for Download Master -> {9961627E-4059-41B4-8E0E-A7D6B3854ADF} -> C:\Program Files (x86)\Download Master\dmiehlp.dll [2014-12-29] (WestByte)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-07-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-19] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2016-01-19] (DVDVideoSoft Ltd.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2016-04-23] (Adobe Systems Incorporated)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-19] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-04-05] (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\genas_000\AppData\Roaming\Mozilla\Firefox\Profiles\30yofb6a.default-1460833065739 [2017-09-06]
FF Extension: (SaveFrom.net helper) - C:\Users\genas_000\AppData\Roaming\Mozilla\Firefox\Profiles\30yofb6a.default-1460833065739\Extensions\helper-sig@savefrom.net.xpi [2017-07-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2017-08-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-27] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-07-13] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-27] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\CanonBJ\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-04] (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-19] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-07-19] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-08-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-07-13] (Adobe Systems)
FF Plugin-x32: Sony Corporation/PMCADownloader -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\npPMCADownloader.dll [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderHelper -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\PMCADownloaderHelper.exe [2012-10-17] (Sony Network Entertainment International LLC)
FF Plugin-x32: Sony Corporation/PMCADownloaderLib -> C:\ProgramData\Sony Corporation\PMCADownloader\1.2.0.13221\PMCADownloaderLib.dll [2012-10-17] (Sony Network Entertainment International LLC)

Chrome: 
=======
CHR HomePage: Default -> bing.com/?pc=__PARAM__
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default [2017-09-10]
CHR Extension: (Google Präsentationen) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-12]
CHR Extension: (Google Docs) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-12]
CHR Extension: (Google Drive) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-12]
CHR Extension: (YouTube) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-12]
CHR Extension: (Adobe Acrobat) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-12]
CHR Extension: (Google Tabellen) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-12]
CHR Extension: (Google Docs Offline) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-12]
CHR Extension: (Skype) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-01-12]
CHR Extension: (Bing) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfedoihopcjdfjihhhojdclnfdgomdho [2017-01-12]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-12]
CHR Extension: (PlayMemories Camera Apps Downloader) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlghnkgcadghcdodlcjfhogekonhdei [2017-01-12]
CHR Extension: (Google Mail) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-12]
CHR Extension: (Chrome Media Router) - C:\Users\genas_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-12]
CHR HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-07-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [814688 2017-07-13] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [5017224 2017-06-23] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [3328112 2017-06-08] (G Data Software AG)
S2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
S2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-16] (Intel)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3705536 2017-07-03] (Microsoft Corporation)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [432528 2013-04-17] (Nuance Communications, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [437224 2016-10-27] (Digital Wave Ltd.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2017-07-06] () [Datei ist nicht signiert]
S3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1458368 2016-06-09] (Disc Soft Ltd)
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1093136 2017-05-18] (Garmin Ltd. or its subsidiaries)
S3 GDBackupSvc; C:\Program Files (x86)\G Data\InternetSecurity\AVKBackup\AVKBackupService.exe [3997160 2017-06-23] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3419552 2017-06-08] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [884328 2017-06-08] (G DATA Software AG)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-05-08] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] ()
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-06-05] (Lenovo Group Limited)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-09] (Intel Corporation)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-08-16] () [Datei ist nicht signiert]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-09] (Intel Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NuTCRACKERService; C:\WINDOWS\system32\nutsrv4.exe [574776 2012-10-12] (MKS Software Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-05-03] (NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Seagate Dashboard Services; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.DASWindowsService.exe [16120 2017-05-10] (Seagate Technology LLC)
R2 Seagate MobileBackup Service; C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\MobileService.exe [143560 2017-05-10] (Seagate Technology LLC)
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [35272 2016-05-04] (SHAREit Technologies Co.Ltd)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 SurfEasyVPN; C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe [1663368 2017-03-14] ()
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23416 2017-06-09] ()
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-08-01] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 dcrypt; C:\WINDOWS\System32\drivers\dcrypt.sys [210632 2014-07-09] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-09-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-09-26] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-08-24] ()
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [109568 2013-01-25] (Huawei Technologies Co., Ltd.)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [200728 2017-08-13] (G Data Software AG)
R3 gddcd; C:\WINDOWS\System32\drivers\gddcd64.sys [79872 2015-03-23] (G Data Software AG)
R1 gddcv; C:\WINDOWS\System32\drivers\gddcv64.sys [59904 2015-03-23] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2017-02-20] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [46104 2017-08-13] (G Data Software AG)
R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [38984 2017-08-13] (G DATA Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [309784 2017-08-13] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [162328 2017-08-13] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [86584 2017-08-13] (G DATA Software AG)
S3 GRD; C:\WINDOWS\system32\drivers\GRD.sys [125640 2017-09-10] (G Data Software)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [157720 2017-08-13] (G Data Software AG)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [121728 2013-12-10] (Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\system32\DRIVERS\ew_wwanecm.sys [376704 2013-12-10] (Huawei Technologies Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [192960 2017-09-08] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [101824 2017-09-10] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [45472 2017-09-10] (Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-10] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [94144 2017-09-10] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [96592 2014-06-18] (McAfee, Inc.)
S3 MosIrUsb; C:\WINDOWS\System32\drivers\MosIrUsb.sys [27648 2007-10-11] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3776792 2015-06-22] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_e512e33140587627\nvlddmkm.sys [14841784 2017-04-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-05-03] (NVIDIA Corporation)
S3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [759552 2015-09-21] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8243528 2013-05-16] (Realtek Semiconductor Corp.)
S3 SD11CL64; C:\WINDOWS\system32\DRIVERS\SD11CL64.sys [96512 2011-01-24] (SCM Microsystems Inc.)
S3 SDI01164; C:\WINDOWS\system32\DRIVERS\SDI01164.SYS [75904 2011-01-24] (SCM Microsystems Inc.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2017-03-21] (Anchorfree Inc.)
R0 TS4NT; C:\WINDOWS\System32\Drivers\TS4nt.sys [98760 2015-03-23] (G Data Software)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [207768 2013-04-16] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-09-10] ()
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
U3 dmwappushsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-10 22:21 - 2017-09-10 22:21 - 000000000 ____D C:\Users\Gena_2\Downloads\TB
2017-09-10 22:20 - 2017-09-10 22:20 - 000094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-09-10 21:54 - 2017-09-10 22:09 - 000009982 _____ C:\Users\Gena_2\Downloads\Fixlog.txt
2017-09-10 21:54 - 2017-09-10 21:54 - 000001801 _____ C:\Users\Gena_2\Downloads\fixlist.txt
2017-09-10 21:50 - 2017-09-10 22:20 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2017-09-10 15:38 - 2017-09-10 15:38 - 007091575 _____ C:\Users\Gena_2\Downloads\Локхарт Джош - Современный PHP.pdf
2017-09-10 15:37 - 2017-09-10 15:37 - 003311064 _____ (BitTorrent Inc.) C:\Users\Gena_2\Downloads\BitTorrent.exe
2017-09-10 15:30 - 2017-09-10 15:30 - 000000020 _____ C:\Users\Gena_2\Downloads\pass.txt
2017-09-10 15:16 - 2017-09-10 15:16 - 000277555 _____ C:\Users\Gena_2\Downloads\Specialist.ru_94_in_1.torrent
2017-09-10 15:15 - 2017-09-10 15:32 - 2097152000 _____ C:\Users\Gena_2\Downloads\Python_Jango.part2.rar
2017-09-10 15:15 - 2017-09-10 15:22 - 511922197 _____ C:\Users\Gena_2\Downloads\Python_Jango.part3.rar
2017-09-10 15:14 - 2017-09-10 15:30 - 2097152000 _____ C:\Users\Gena_2\Downloads\Python_Jango.part1.rar
2017-09-10 14:58 - 2017-09-10 21:52 - 002396672 _____ (Farbar) C:\Users\Gena_2\Downloads\FRST64.exe
2017-09-10 14:58 - 2017-09-10 21:52 - 000000000 ____D C:\Users\Gena_2\Downloads\FRST-OlderVersion
2017-09-10 14:51 - 2017-09-10 22:20 - 000000022 _____ C:\WINDOWS\S.dirmngr
2017-09-10 14:32 - 2017-09-10 14:37 - 000000000 ____D C:\AdwCleaner
2017-09-10 14:29 - 2017-09-10 14:32 - 008182736 _____ (Malwarebytes) C:\Users\Gena_2\Downloads\adwcleaner_7.0.2.1.exe
2017-09-09 23:01 - 2017-09-09 23:04 - 390343134 _____ C:\Users\Gena_2\Downloads\2012_[www.youryoga.org].AVI
2017-09-09 21:57 - 2017-09-09 22:03 - 000130884 _____ C:\TDSSKiller.3.1.0.15_09.09.2017_21.57.24_log.txt
2017-09-09 21:54 - 2017-09-09 21:57 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Gena_2\Downloads\tdsskiller.exe
2017-09-09 21:45 - 2017-09-10 22:23 - 000040786 _____ C:\Users\Gena_2\Downloads\FRST.txt
2017-09-09 21:45 - 2017-09-10 15:05 - 000072380 _____ C:\Users\Gena_2\Downloads\Addition.txt
2017-09-08 23:26 - 2017-09-08 23:26 - 000000000 ____D C:\Users\Gena_2\Desktop\txt
2017-09-08 22:11 - 2017-09-08 22:11 - 000001456 _____ C:\Users\Gena_2\Desktop\Start Tor Browser.lnk
2017-09-08 21:56 - 2017-09-10 21:55 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-08 21:56 - 2017-09-10 14:51 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-08 21:56 - 2017-09-10 14:51 - 000101824 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-09-08 21:56 - 2017-09-10 14:51 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-08 21:56 - 2017-09-08 21:56 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-08 21:56 - 2017-09-08 21:56 - 000001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-08 21:56 - 2017-09-08 21:56 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-08 21:56 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-08 21:55 - 2017-09-08 21:55 - 066347240 _____ (Malwarebytes ) C:\Users\Gena_2\Downloads\mb3-setup-consumer-3.2.2.2018.exe
2017-09-08 21:33 - 2017-09-08 21:47 - 000079617 _____ C:\Users\genas_000\Downloads\Addition.txt
2017-09-08 21:32 - 2017-09-10 22:23 - 000000000 ____D C:\FRST
2017-09-08 21:32 - 2017-09-08 21:45 - 000100731 _____ C:\Users\genas_000\Downloads\FRST.txt
2017-09-08 21:29 - 2017-09-08 21:32 - 002395648 _____ (Farbar) C:\Users\genas_000\Downloads\FRST64.exe
2017-09-08 21:20 - 2017-09-08 21:20 - 007178424 _____ (VS Revo Group ) C:\Users\genas_000\Downloads\revosetup_v2.0.3.exe
2017-09-08 21:05 - 2017-09-08 21:05 - 000000970 _____ C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2017-09-08 21:05 - 2017-09-08 21:05 - 000000922 _____ C:\Users\genas_000\Desktop\Start Tor Browser.lnk
2017-09-08 21:04 - 2017-09-08 21:05 - 000000000 ____D C:\Users\genas_000\Desktop\Tor Browser
2017-09-08 15:57 - 2017-09-08 15:57 - 000007290 _____ C:\Users\Gena_2\AppData\Local\recently-used.xbel
2017-09-08 15:57 - 2017-09-08 15:57 - 000000037 _____ C:\Users\Gena_2\.gtk-bookmarks
2017-09-07 19:59 - 2017-09-10 22:20 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2017-09-06 16:22 - 2017-09-06 20:25 - 001314861 _____ () C:\hoe.dll
2017-09-06 16:01 - 2017-09-06 16:01 - 000002447 _____ C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-04 20:54 - 2017-09-04 20:54 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign24b0aab944a0f2f8
2017-09-04 20:53 - 2017-09-04 20:53 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign7e4b5e0ba9a3c64c
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignfed5aacc0dc13da6
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign41a2d2e3a16ca90a
2017-09-04 20:52 - 2017-09-04 20:52 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign0ce8cd98bb0e703f
2017-09-03 19:24 - 2017-09-03 19:24 - 000184837 _____ C:\Users\Gena_2\Documents\Paracelsus-Versand.pdf
2017-09-02 23:31 - 2017-09-02 23:31 - 001781226 _____ C:\Users\Gena_2\Documents\Ahnenblatt-Handbuch.pdf
2017-09-02 20:38 - 2017-09-06 21:16 - 000000000 ____D C:\Users\Gena_2\Documents\Ahnenblatt
2017-09-02 20:38 - 2017-09-06 19:22 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 20:38 - 000000000 ____D C:\Users\genas_000\AppData\Roaming\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000001175 _____ C:\Users\Public\Desktop\Ahnenblatt.lnk
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\Users\genas_000\Documents\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ahnenblatt
2017-09-02 17:00 - 2017-09-02 17:00 - 000000000 ____D C:\Program Files (x86)\Ahnenblatt
2017-09-02 16:59 - 2017-09-02 16:59 - 007164912 _____ (Dirk Böttcher ) C:\Users\Gena_2\Downloads\absetup.exe
2017-08-24 18:54 - 2017-08-24 18:54 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2017-08-24 18:54 - 2017-08-24 18:54 - 000002220 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2017-08-22 21:09 - 2017-09-10 22:20 - 000034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-08-19 13:15 - 2017-08-19 13:15 - 000000000 ____D C:\Users\genas_000\AppData\Local\keepassx
2017-08-19 13:14 - 2017-08-19 13:14 - 000000000 ____D C:\Users\Gena_2\Downloads\KeePassX-2.0.3
2017-08-19 13:12 - 2017-08-19 13:12 - 000000801 _____ C:\Users\Gena_2\Downloads\KeePassX-2.0.3.zip.sig
2017-08-19 11:38 - 2017-08-24 21:06 - 000000000 ____D C:\Users\Gena_2\Downloads\windows
2017-08-14 18:28 - 2017-08-14 18:28 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign1b4a29de636be42f
2017-08-14 18:23 - 2017-08-14 18:23 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignc0bab0ec0cf11e06
2017-08-14 18:17 - 2017-08-14 18:17 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign991be756ff36d9ed
2017-08-14 18:16 - 2017-08-14 18:16 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsignad11cc61bf043d49
2017-08-14 18:16 - 2017-08-14 18:16 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsigna9351cf5d5af130d
2017-08-14 18:15 - 2017-08-14 18:15 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign880927f307097e96
2017-08-14 18:15 - 2017-08-14 18:15 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Tempzxpsign68131fe99be3bf8d
2017-08-13 12:46 - 2017-08-13 12:46 - 001781359 _____ (pendrivelinux.com) C:\Users\Gena_2\Downloads\Universal-USB-Installer.exe
2017-08-13 12:17 - 2017-09-10 14:46 - 000125640 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2017-08-13 12:17 - 2017-08-13 12:17 - 000037544 _____ (G DATA Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000086584 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000046104 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBB64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000038984 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2017-08-13 10:45 - 2017-08-13 10:45 - 000002102 _____ C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2017-08-13 10:45 - 2017-08-13 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2017-08-13 10:43 - 2017-08-13 10:43 - 000309784 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000200728 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000162328 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2017-08-13 10:43 - 2017-08-13 10:43 - 000157720 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2017-08-13 10:35 - 2017-08-13 10:36 - 014890128 _____ (G DATA Software AG) C:\Users\Gena_2\Downloads\GDATA_INTERNETSECURITY_WEB_WEU.exe
2017-08-13 00:19 - 2017-08-13 00:19 - 001781359 _____ (pendrivelinux.com) C:\Users\genas_000\Downloads\Universal-USB-Installer.exe
2017-08-13 00:16 - 2017-08-13 00:16 - 000506984 _____ C:\Users\Gena_2\Documents\GDataSettings.gds
2017-08-12 23:22 - 2017-08-12 23:22 - 000459593 _____ C:\Users\Gena_2\Downloads\tails-signing.key
2017-08-12 22:30 - 2017-09-08 21:55 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\gnupg
2017-08-12 22:30 - 2017-08-12 22:33 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\.kde
2017-08-12 22:30 - 2017-08-12 22:30 - 000002063 _____ C:\Users\Public\Desktop\Kleopatra.lnk
2017-08-12 22:30 - 2017-08-12 22:30 - 000001203 _____ C:\Users\Public\Desktop\GPA.lnk
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\Users\Public\Desktop\Документация Gpg4win
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\Users\Gena_2\AppData\Local\GNU
2017-08-12 22:30 - 2017-08-12 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gpg4win
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\Users\genas_000\AppData\Roaming\gnupg
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\ProgramData\GNU
2017-08-12 22:29 - 2017-08-12 22:29 - 000000000 ____D C:\Program Files (x86)\GNU
2017-08-12 21:20 - 2017-08-12 21:20 - 054531880 _____ C:\Users\Gena_2\Downloads\torbrowser-install-7.0.4_ru.exe
2017-08-12 20:47 - 2017-08-12 20:47 - 018239617 _____ C:\Users\Gena_2\Downloads\i2pinstall_0.9.31_windows.exe
2017-08-12 20:07 - 2017-08-12 20:07 - 018583016 _____ (freenetproject.org ) C:\Users\Gena_2\Downloads\FreenetInstaller-1478.exe
2017-08-12 18:22 - 2017-08-12 18:22 - 033954414 _____ C:\Users\Gena_2\Downloads\Bitmessage_x64_0.6.2.exe
2017-08-12 18:12 - 2017-08-12 18:12 - 001468831 _____ C:\Users\Gena_2\Downloads\dcrypt_1.1.846.118_src.zip
2017-08-12 18:12 - 2017-08-12 18:12 - 001001880 _____ (hxxp://diskcryptor.net/ ) C:\Users\Gena_2\Downloads\dcrypt_setup.exe
2017-08-12 18:12 - 2017-08-12 18:12 - 000000836 _____ C:\Users\genas_000\Desktop\DiskCryptor.lnk
2017-08-12 18:12 - 2017-08-12 18:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DiskCryptor
2017-08-12 18:12 - 2017-08-12 18:12 - 000000000 ____D C:\Program Files\dcrypt
2017-08-12 18:12 - 2014-07-09 10:42 - 000210632 _____ C:\WINDOWS\system32\Drivers\dcrypt.sys
2017-08-12 16:57 - 2017-08-13 01:11 - 000000000 ____D C:\Users\Gena_2\AppData\Local\ZenMate
2017-08-12 16:57 - 2017-08-13 00:53 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZenGuard GmbH
2017-08-12 16:57 - 2017-08-12 16:57 - 000000000 ____D C:\Users\Gena_2\AppData\Local\SquirrelTemp
2017-08-12 16:57 - 2017-08-12 16:57 - 000000000 ____D C:\Users\Gena_2\AppData\Local\IsolatedStorage
2017-08-12 16:47 - 2017-08-12 16:47 - 014932432 _____ (AnchorFree Inc.) C:\Users\Gena_2\Downloads\HotspotShield-6.9.2-9040555.exe
2017-08-12 15:25 - 2017-08-12 15:25 - 083516376 _____ (GitHub, Inc.) C:\Users\Gena_2\Downloads\GitHubDesktopSetup.exe
2017-08-12 14:34 - 2017-08-12 14:34 - 023584794 _____ (Tox) C:\Users\Gena_2\Downloads\setup-qtox64-1.11.0.exe
2017-08-11 23:06 - 2017-08-11 23:06 - 006492712 _____ C:\Users\Gena_2\Downloads\BleachBit-1.12-setup.exe
2017-08-11 21:34 - 2017-08-19 13:12 - 007941944 _____ C:\Users\Gena_2\Downloads\KeePassX-2.0.3.zip
2017-08-11 19:39 - 2017-08-12 18:09 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_setup.exe.asc
2017-08-11 19:39 - 2017-08-11 19:39 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_winpe.zip.asc
2017-08-11 19:39 - 2017-08-11 19:39 - 000000465 _____ C:\Users\Gena_2\Downloads\dcrypt_1.1.846.118_src.zip.asc
2017-08-11 19:09 - 2017-08-01 21:21 - 000857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-08-11 19:09 - 2017-08-01 21:20 - 000557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-08-11 19:09 - 2017-08-01 20:32 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-08-11 19:09 - 2017-08-01 20:27 - 002538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-08-11 19:09 - 2017-08-01 20:27 - 000903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-08-11 19:09 - 2017-08-01 19:20 - 002264344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-08-11 19:09 - 2017-08-01 19:20 - 001431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-08-11 19:09 - 2017-08-01 19:20 - 000781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-08-11 19:09 - 2017-08-01 19:20 - 000116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000577976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000339896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-08-11 19:09 - 2017-08-01 19:19 - 000266080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-08-11 19:09 - 2017-08-01 19:19 - 000120416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-08-11 19:09 - 2017-08-01 19:18 - 000139104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-08-11 19:09 - 2017-08-01 19:16 - 006665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-08-11 19:09 - 2017-08-01 19:16 - 004023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-08-11 19:09 - 2017-08-01 19:16 - 001845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 020967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 001360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-08-11 19:09 - 2017-08-01 19:15 - 000981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-08-11 19:09 - 2017-08-01 19:10 - 000306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-08-11 19:09 - 2017-08-01 19:07 - 005686784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-08-11 19:09 - 2017-08-01 18:59 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tokenbinding.dll
2017-08-11 19:09 - 2017-08-01 18:58 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-08-11 19:09 - 2017-08-01 18:56 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-08-11 19:09 - 2017-08-01 18:56 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-08-11 19:09 - 2017-08-01 18:55 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-11 19:09 - 2017-08-01 18:54 - 000505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-08-11 19:09 - 2017-08-01 18:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-08-11 19:09 - 2017-08-01 18:54 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-08-11 19:09 - 2017-08-01 18:53 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-08-11 19:09 - 2017-08-01 18:52 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2017-08-11 19:09 - 2017-08-01 18:52 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-08-11 19:09 - 2017-08-01 18:51 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-08-11 19:09 - 2017-08-01 18:51 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-08-11 19:09 - 2017-08-01 18:50 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-08-11 19:09 - 2017-08-01 18:50 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-08-11 19:09 - 2017-08-01 18:49 - 004615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-08-11 19:09 - 2017-08-01 18:48 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-08-11 19:09 - 2017-08-01 18:48 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000396288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-08-11 19:09 - 2017-08-01 18:47 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-08-11 19:09 - 2017-08-01 18:45 - 002333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-08-11 19:09 - 2017-08-01 18:45 - 001985536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certmgr.dll
2017-08-11 19:09 - 2017-08-01 18:41 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-08-11 19:09 - 2017-08-01 18:39 - 007626240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-08-11 19:09 - 2017-08-01 18:39 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-08-11 19:09 - 2017-08-01 18:38 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 003520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-08-11 19:09 - 2017-08-01 18:37 - 002641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comuid.dll
2017-08-11 19:09 - 2017-08-01 18:37 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-08-11 19:09 - 2017-08-01 18:36 - 007468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-08-11 19:09 - 2017-08-01 18:35 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 001170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-08-11 19:09 - 2017-08-01 18:34 - 000709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-08-11 19:09 - 2017-08-01 18:33 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-08-11 19:09 - 2017-08-01 18:32 - 002682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-08-11 19:09 - 2017-08-01 18:32 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 001988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-08-11 19:09 - 2017-08-01 18:31 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-08-11 19:09 - 2017-08-01 18:31 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 002997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-08-11 19:09 - 2017-08-01 18:30 - 002482688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 001013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 000751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-08-11 19:09 - 2017-08-01 18:30 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-08-11 19:09 - 2017-08-01 18:29 - 003106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-08-11 19:09 - 2017-08-01 18:28 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswdat10.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000641536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrepl40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000518144 _____ C:\WINDOWS\SysWOW64\msjetoledb40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjtes40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstext40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-08-11 19:09 - 2017-08-01 16:15 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter40.dll
2017-08-11 19:09 - 2017-07-12 08:17 - 000081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-08-11 19:09 - 2017-07-12 08:15 - 000496872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-08-11 19:09 - 2017-07-12 08:12 - 001573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-08-11 19:09 - 2017-07-12 08:01 - 000715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-08-11 19:09 - 2017-07-12 08:00 - 000095584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2017-08-11 19:09 - 2017-07-12 07:56 - 000277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2017-08-11 19:09 - 2017-07-12 07:55 - 000607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-08-11 19:09 - 2017-07-12 07:55 - 000111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-08-11 19:09 - 2017-07-12 07:52 - 004312760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-08-11 19:09 - 2017-07-12 07:35 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dabapi.dll
2017-08-11 19:09 - 2017-07-12 07:32 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2017-08-11 19:09 - 2017-07-12 07:32 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\frprov.dll
2017-08-11 19:09 - 2017-07-12 07:31 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdeploy.dll
2017-08-11 19:09 - 2017-07-12 07:31 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2017-08-11 19:09 - 2017-07-12 07:30 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2017-08-11 19:09 - 2017-07-12 07:29 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-08-11 19:09 - 2017-07-12 07:29 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\httpapi.dll
2017-08-11 19:09 - 2017-07-12 07:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-08-11 19:09 - 2017-07-12 07:24 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys
2017-08-11 19:09 - 2017-07-12 07:23 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-08-11 19:09 - 2017-07-12 07:23 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-08-11 19:09 - 2017-07-12 07:21 - 000711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-08-11 19:09 - 2017-07-12 07:21 - 000250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2017-08-11 19:09 - 2017-07-12 07:19 - 006474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-08-11 19:09 - 2017-07-12 07:18 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-08-11 19:09 - 2017-07-12 07:15 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-08-11 19:09 - 2017-07-12 07:15 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsium.dll
2017-08-11 19:09 - 2017-07-12 07:14 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-08-11 19:09 - 2017-07-12 07:13 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-08-11 19:09 - 2017-07-12 07:12 - 002750464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-08-11 19:09 - 2017-07-12 07:11 - 002154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-08-11 19:09 - 2017-07-12 07:10 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-08-11 19:09 - 2017-07-12 07:10 - 000546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-08-11 19:09 - 2017-07-12 07:09 - 000641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-08-11 19:09 - 2017-07-12 07:07 - 001572352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-08-11 19:09 - 2017-07-12 07:05 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-08-11 19:09 - 2017-07-12 04:49 - 000448629 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-08-11 19:09 - 2017-03-04 08:05 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-08-11 19:08 - 2017-08-01 21:32 - 000133984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-08-11 19:08 - 2017-08-01 21:31 - 007780192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-08-11 19:08 - 2017-08-01 21:29 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-08-11 19:08 - 2017-08-01 21:27 - 000118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-08-11 19:08 - 2017-08-01 21:25 - 000168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2017-08-11 19:08 - 2017-08-01 21:22 - 001860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-08-11 19:08 - 2017-08-01 21:22 - 000360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 002759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-08-11 19:08 - 2017-08-01 21:21 - 000624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-08-11 19:08 - 2017-08-01 21:21 - 000295264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 000146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-08-11 19:08 - 2017-08-01 21:21 - 000124072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-08-11 19:08 - 2017-08-01 21:21 - 000026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-08-11 19:08 - 2017-08-01 21:20 - 002446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000684344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000383776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-08-11 19:08 - 2017-08-01 21:20 - 000144736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-08-11 19:08 - 2017-08-01 21:20 - 000079712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-08-11 19:08 - 2017-08-01 21:18 - 008169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 004260064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 001983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-08-11 19:08 - 2017-08-01 21:18 - 000092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 022220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 001600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 001072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 000244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-08-11 19:08 - 2017-08-01 21:17 - 000241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-08-11 19:08 - 2017-08-01 21:13 - 002532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-08-11 19:08 - 2017-08-01 21:13 - 001102176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-08-11 19:08 - 2017-08-01 21:13 - 000387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-08-11 19:08 - 2017-08-01 21:01 - 007218176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-08-11 19:08 - 2017-08-01 20:57 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-08-11 19:08 - 2017-08-01 20:54 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tokenbinding.dll
2017-08-11 19:08 - 2017-08-01 20:53 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 022569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-08-11 19:08 - 2017-08-01 20:52 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-08-11 19:08 - 2017-08-01 20:51 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-08-11 19:08 - 2017-08-01 20:50 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-08-11 19:08 - 2017-08-01 20:48 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-08-11 19:08 - 2017-08-01 20:48 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-08-11 19:08 - 2017-08-01 20:48 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-08-11 19:08 - 2017-08-01 20:47 - 000748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-08-11 19:08 - 2017-08-01 20:47 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-08-11 19:08 - 2017-08-01 20:46 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-08-11 19:08 - 2017-08-01 20:46 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-08-11 19:08 - 2017-08-01 20:46 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-08-11 19:08 - 2017-08-01 20:45 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-08-11 19:08 - 2017-08-01 20:45 - 000171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-08-11 19:08 - 2017-08-01 20:44 - 001010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-08-11 19:08 - 2017-08-01 20:44 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-08-11 19:08 - 2017-08-01 20:43 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-08-11 19:08 - 2017-08-01 20:42 - 006288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-08-11 19:08 - 2017-08-01 20:42 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-08-11 19:08 - 2017-08-01 20:41 - 002222080 _____ (Microsoft Corporation) C:\WINDOWS\system32\certmgr.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 000945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-08-11 19:08 - 2017-08-01 20:40 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 009129984 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 001281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-08-11 19:08 - 2017-08-01 20:39 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2017-08-11 19:08 - 2017-08-01 20:38 - 013441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-08-11 19:08 - 2017-08-01 20:38 - 001589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-08-11 19:08 - 2017-08-01 20:37 - 013091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-08-11 19:08 - 2017-08-01 20:36 - 023677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-08-11 19:08 - 2017-08-01 20:36 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-08-11 19:08 - 2017-08-01 20:35 - 001908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-08-11 19:08 - 2017-08-01 20:34 - 001837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 004749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll
2017-08-11 19:08 - 2017-08-01 20:33 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-08-11 19:08 - 2017-08-01 20:32 - 008114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-08-11 19:08 - 2017-08-01 20:32 - 004596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-08-11 19:08 - 2017-08-01 20:32 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comuid.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 002916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 001643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 000913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-08-11 19:08 - 2017-08-01 20:30 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 004743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 002852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-08-11 19:08 - 2017-08-01 20:29 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-08-11 19:08 - 2017-08-01 20:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-08-11 19:08 - 2017-08-01 20:28 - 001490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 008076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 004149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 002695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 001984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-08-11 19:08 - 2017-08-01 20:27 - 000716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-08-11 19:08 - 2017-08-01 20:26 - 001513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-08-11 19:08 - 2017-08-01 20:26 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-08-11 19:08 - 2017-08-01 20:25 - 001726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 003299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-08-11 19:08 - 2017-08-01 20:24 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-08-11 19:08 - 2017-08-01 20:24 - 000924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-08-11 19:08 - 2017-08-01 20:23 - 003615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-08-11 19:08 - 2017-08-01 20:23 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-08-11 19:08 - 2017-08-01 18:51 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-08-11 19:08 - 2017-08-01 18:47 - 000846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-08-11 19:08 - 2017-08-01 18:47 - 000661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-08-11 19:08 - 2017-08-01 18:42 - 018364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-08-11 19:08 - 2017-08-01 18:40 - 019415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-08-11 19:08 - 2017-08-01 18:40 - 012187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-08-11 19:08 - 2017-08-01 18:37 - 012349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-08-11 19:08 - 2017-08-01 18:33 - 006031872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-08-11 19:08 - 2017-08-01 18:31 - 003664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-08-11 19:08 - 2017-07-12 08:16 - 000646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-08-11 19:08 - 2017-07-12 08:15 - 002213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-08-11 19:08 - 2017-07-12 08:15 - 000101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\apisetschema.dll
2017-08-11 19:08 - 2017-07-12 08:14 - 001886896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-08-11 19:08 - 2017-07-12 08:13 - 002253664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-08-11 19:08 - 2017-07-12 08:12 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-08-11 19:08 - 2017-07-12 08:09 - 001181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-08-11 19:08 - 2017-07-12 08:02 - 002186592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-08-11 19:08 - 2017-07-12 08:02 - 000402776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-08-11 19:08 - 2017-07-12 08:01 - 000156000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2017-08-11 19:08 - 2017-07-12 08:00 - 000223072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-08-11 19:08 - 2017-07-12 08:00 - 000160608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pacer.sys
2017-08-11 19:08 - 2017-07-12 07:59 - 001100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-08-11 19:08 - 2017-07-12 07:59 - 000989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-08-11 19:08 - 2017-07-12 07:59 - 000947040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-08-11 19:08 - 2017-07-12 07:59 - 000857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-08-11 19:08 - 2017-07-12 07:59 - 000148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-08-11 19:08 - 2017-07-12 07:55 - 004674872 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-08-11 19:08 - 2017-07-12 07:25 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2017-08-11 19:08 - 2017-07-12 07:24 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2017-08-11 19:08 - 2017-07-12 07:24 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\dabapi.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-08-11 19:08 - 2017-07-12 07:23 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2017-08-11 19:08 - 2017-07-12 07:23 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-08-11 19:08 - 2017-07-12 07:23 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\frprov.dll
2017-08-11 19:08 - 2017-07-12 07:22 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-08-11 19:08 - 2017-07-12 07:21 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2017-08-11 19:08 - 2017-07-12 07:20 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpapi.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-08-11 19:08 - 2017-07-12 07:19 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdeploy.dll
2017-08-11 19:08 - 2017-07-12 07:17 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-08-11 19:08 - 2017-07-12 07:17 - 000252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-08-11 19:08 - 2017-07-12 07:16 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-08-11 19:08 - 2017-07-12 07:16 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvcext.dll
2017-08-11 19:08 - 2017-07-12 07:15 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-08-11 19:08 - 2017-07-12 07:13 - 001478656 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-08-11 19:08 - 2017-07-12 07:12 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-08-11 19:08 - 2017-07-12 07:12 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-08-11 19:08 - 2017-07-12 07:12 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsium.dll
2017-08-11 19:08 - 2017-07-12 07:11 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-08-11 19:08 - 2017-07-12 07:10 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-08-11 19:08 - 2017-07-12 07:09 - 003291136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-08-11 19:08 - 2017-07-12 07:08 - 002861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-08-11 19:08 - 2017-07-12 07:07 - 000954880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-08-11 19:08 - 2017-07-12 07:07 - 000629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-08-11 19:08 - 2017-07-12 07:06 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-08-11 19:08 - 2017-07-12 07:03 - 001692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-08-11 19:08 - 2017-07-12 07:03 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-08-11 19:08 - 2017-07-12 07:02 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-08-11 19:08 - 2017-07-12 07:01 - 002279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-08-11 19:08 - 2017-07-12 07:01 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-08-11 19:08 - 2017-07-12 07:00 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-08-11 19:08 - 2017-07-12 06:59 - 006664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-08-11 19:08 - 2017-07-12 06:59 - 002318336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-08-11 19:08 - 2017-07-12 06:59 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 001231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 001130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-08-11 19:08 - 2017-07-12 06:58 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-08-11 19:08 - 2017-07-12 06:57 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-08-11 19:08 - 2017-07-12 06:56 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-08-11 19:08 - 2017-03-04 08:57 - 000372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-08-11 19:08 - 2017-03-04 08:16 - 000187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-08-11 19:08 - 2017-03-04 08:14 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-08-11 19:08 - 2017-03-04 08:07 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-08-11 19:08 - 2017-03-04 08:05 - 001328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-08-11 19:08 - 2016-08-02 10:13 - 001081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-08-11 19:01 - 2016-09-07 07:24 - 000057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-08-11 18:50 - 2017-09-08 21:04 - 054567688 _____ C:\Users\Gena_2\Downloads\torbrowser-install-7.0.4_de.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-10 22:22 - 2016-09-13 21:35 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-10 22:21 - 2016-09-17 14:50 - 000000000 ____D C:\Users\Gena_2\Documents\Outlook-Dateien
2017-09-10 22:21 - 2014-07-22 18:47 - 000000000 ____D C:\Users\genas_000\Documents\Outlook-Dateien
2017-09-10 22:20 - 2016-09-13 21:34 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-09-10 22:20 - 2016-07-17 00:51 - 001594806 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-10 22:20 - 2016-07-17 00:51 - 001102150 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-10 22:20 - 2016-05-27 13:54 - 000000000 ___RD C:\Users\Gena_2\Creative Cloud Files
2017-09-10 22:20 - 2015-08-07 21:06 - 005886828 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-10 22:20 - 2014-07-23 21:46 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Adobe
2017-09-10 22:20 - 2014-07-23 17:42 - 000000000 __SHD C:\Users\Gena_2\IntelGraphicsProfiles
2017-09-10 22:19 - 2016-09-13 21:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-10 22:19 - 2016-07-16 08:04 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2017-09-10 21:59 - 2016-11-16 19:56 - 000274091 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-09-10 21:54 - 2016-04-09 13:31 - 000000000 ____D C:\Users\genas_000\AppData\Local\CrashDumps
2017-09-10 21:52 - 2016-07-16 08:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-09-10 17:13 - 2016-09-13 21:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-08 15:57 - 2016-09-13 21:36 - 000000000 ____D C:\Users\Gena_2
2017-09-08 15:57 - 2015-03-07 17:49 - 000000000 ____D C:\Users\Gena_2\AppData\Local\gtk-2.0
2017-09-06 19:51 - 2016-12-20 23:21 - 000000000 ____D C:\Users\genas_000\AppData\LocalLow\Mozilla
2017-09-06 16:06 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-06 16:01 - 2017-07-23 12:18 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4288807228-2172792055-1580508024-1002
2017-09-06 16:01 - 2014-07-23 17:23 - 000000000 __RDO C:\Users\genas_000\OneDrive
2017-09-06 15:59 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-06 15:54 - 2014-07-23 17:58 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\DAEMON Tools Lite
2017-09-06 15:50 - 2017-05-24 21:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-06 15:50 - 2014-07-22 16:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-04 21:02 - 2016-09-25 23:00 - 000332800 ___SH C:\Users\Gena_2\Desktop\Thumbs.db
2017-09-01 23:29 - 2014-07-23 21:11 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-09-01 21:43 - 2016-11-24 19:07 - 000000000 ____D C:\Users\Gena_2\AppData\LocalLow\Mozilla
2017-08-29 15:45 - 2015-12-03 11:46 - 000002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-29 15:45 - 2015-12-03 11:46 - 000002223 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-27 14:07 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-08-27 14:07 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-08-27 14:06 - 2014-08-24 11:17 - 000000000 ____D C:\Users\genas_000\AppData\Local\Adobe
2017-08-24 21:11 - 2014-07-22 13:17 - 000000000 ____D C:\Users\genas_000\AppData\Local\Packages
2017-08-24 18:54 - 2015-03-07 17:33 - 000000000 ____D C:\Program Files (x86)\Google
2017-08-23 17:40 - 2014-07-23 17:42 - 000000000 ____D C:\Users\Gena_2\AppData\Local\Packages
2017-08-19 11:57 - 2016-04-09 13:41 - 000000000 ____D C:\Users\Gena_2\AppData\Local\CrashDumps
2017-08-15 21:10 - 2017-05-21 16:23 - 000000000 ____D C:\Users\Gena_2\AppData\Roaming\Garmin
2017-08-13 10:48 - 2014-08-07 17:32 - 000000000 ____D C:\ProgramData\G Data
2017-08-13 10:42 - 2016-07-16 13:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-08-13 10:42 - 2014-08-07 17:33 - 000000000 ____D C:\Program Files (x86)\G Data
2017-08-13 00:24 - 2016-09-13 21:36 - 000000000 ____D C:\Users\genas_000
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-08-13 00:21 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2017-08-13 00:17 - 2014-04-30 17:43 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-08-12 23:54 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF
2017-08-12 15:55 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\rescache
2017-08-12 11:16 - 2016-11-06 19:08 - 000000000 ____D C:\Users\Lilia
2017-08-12 11:16 - 2016-09-13 21:36 - 000000000 ____D C:\Users\Gast
2017-08-12 11:15 - 2016-09-13 21:33 - 000341032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ___RD C:\Program Files\Windows Defender
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\Provisioning
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\bcastdvr
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Common Files\System
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-11 23:20 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-08-11 19:18 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-07-22 13:18 - 2014-07-23 16:52 - 000005244 _____ () C:\Users\genas_000\AppData\Roaming\AbsoluteReminder.xml
2014-08-07 17:33 - 2014-08-07 17:33 - 000000000 _____ () C:\Users\genas_000\AppData\Roaming\gdfw.log
2014-08-07 17:33 - 2017-08-13 10:43 - 000001558 _____ () C:\Users\genas_000\AppData\Roaming\gdscan.log
2006-12-11 19:13 - 2006-12-11 19:13 - 000097336 _____ (Un4seen Developments) C:\Users\genas_000\AppData\Local\bass.dll
2006-12-11 19:13 - 2006-12-11 19:13 - 000013872 _____ (Un4seen Developments) C:\Users\genas_000\AppData\Local\basscd.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 000102912 _____ (Albert L Faber) C:\Users\genas_000\AppData\Local\CDRip.dll
2007-08-13 17:46 - 2007-08-13 17:46 - 000155136 _____ () C:\Users\genas_000\AppData\Local\lame_enc.dll
2007-01-18 21:09 - 2007-01-18 21:09 - 000623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\genas_000\AppData\Local\No23 Recorder.exe
2005-08-23 22:34 - 2005-08-23 22:34 - 000029184 _____ () C:\Users\genas_000\AppData\Local\no23xwrapper.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 000015872 _____ () C:\Users\genas_000\AppData\Local\ogg.dll
2014-10-08 15:02 - 2014-10-08 19:51 - 000001451 _____ () C:\Users\genas_000\AppData\Local\RecConfig.xml
2014-08-09 18:40 - 2016-09-17 16:47 - 000007598 _____ () C:\Users\genas_000\AppData\Local\Resmon.ResmonCfg
2006-10-26 01:06 - 2006-10-26 01:06 - 000143872 _____ () C:\Users\genas_000\AppData\Local\vorbis.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 000064000 _____ () C:\Users\genas_000\AppData\Local\vorbisenc.dll
2006-10-26 01:06 - 2006-10-26 01:06 - 000019456 _____ () C:\Users\genas_000\AppData\Local\vorbisfile.dll
2016-09-13 21:35 - 2016-09-13 21:35 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-07-17 21:11 - 2017-07-18 13:10 - 000006299 _____ () C:\ProgramData\hpzinstall.log
2016-04-09 11:39 - 2016-04-09 11:39 - 000000016 _____ () C:\ProgramData\mntemp
2013-03-19 12:32 - 2013-03-19 12:32 - 000010011 _____ () C:\ProgramData\regid.2012-01.com.intel.discover-at_512FCF1B-3685-45F2-A1E9-63AEF7F79B35.swidtag

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-09-08 20:21

==================== Ende von FRST.txt ============================
         

Alt 10.09.2017, 21:32   #15
Gewin
 
Trojaner Verdacht, Win10 64bit - Standard

Trojaner Verdacht, Win10 64bit



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 10-09-2017
durchgeführt von *************** (10-09-2017 22:24:38)
Gestartet von C:\Users\Gena_2\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-13 19:51:32)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4288807228-2172792055-1580508024-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4288807228-2172792055-1580508024-1012 - Limited - Enabled)
DefaultAccount (S-1-5-21-4288807228-2172792055-1580508024-503 - Limited - Disabled)
Gast (S-1-5-21-4288807228-2172792055-1580508024-501 - Limited - Disabled) => C:\Users\Gast
*************** (S-1-5-21-4288807228-2172792055-1580508024-1002 - Administrator - Enabled) => C:\Users\genas_000
Gena_2 (S-1-5-21-4288807228-2172792055-1580508024-1003 - Limited - Enabled) => C:\Users\Gena_2
HomeGroupUser$ (S-1-5-21-4288807228-2172792055-1580508024-1022 - Limited - Enabled)
Lilia (S-1-5-21-4288807228-2172792055-1580508024-1046 - Limited - Enabled) => C:\Users\Lilia

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G DATA INTERNET SECURITY (Enabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.0 - Absolute Software)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.22 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.2.0.211 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.8 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.10.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_1_1) (Version: 18.1.1 - Adobe Systems Incorporated)
Ahnenblatt 2.97a (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.97.2.1 - Dirk Bцttcher)
Amolto Call Recorder Premium for Skype (HKLM-x32\...\{69F36B84-256D-47CA-A4AC-D04083709434}) (Version: 2.6.1 - Amolto)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 381.65 - NVIDIA Corporation) Hidden
ANT Drivers Installer x64 (HKLM\...\{1B6B17C2-176C-433C-93F3-640D12825426}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
AusweisApp2 (HKLM-x32\...\{8BC126FD-2F56-4B56-9363-54C3D0027BC6}) (Version: 1.10.1 - Governikus GmbH & Co. KG)
Benutzerhandbuch (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo) Hidden
BlackVue HD (HKLM-x32\...\BlackVueHD) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
bpd_scan (HKLM-x32\...\{3D73DC7A-2D1D-45CF-8A67-24873925C716}) (Version: 3.00.0000 - Hewlett-Packard) Hidden
Brief Vorlagen (HKLM-x32\...\Brief Vorlagen_is1) (Version:  - )
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version:  - )
Canon MX340 series - регистрация пользователя (HKLM-x32\...\Canon MX340 series - регистрация пользователя) (Version:  - )
Canon MX340 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
CrystalDiskMark 5.1.2 (HKLM\...\CrystalDiskMark5_is1) (Version: 5.1.2 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0191 - Disc Soft Ltd)
DIG-CAD 4.0 (HKLM-x32\...\DIG-CAD 4.0) (Version:  - )
DiskCryptor 1.1 (HKLM\...\DiskCryptor_is1) (Version: 1.1 - hxxp://diskcryptor.net/)
Download Master version 6.0.3.1433 (HKLM-x32\...\Download Master_is1) (Version: 6.0.3.1433 - WestByte)
Dragon Assistant Application de-DE Version 1.5.5 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.5 - Nuance Communications, Inc.)
Dragon Assistant Core Recognition Service Version 1.1.9 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.9 - Nuance Communications, Inc.)
Dragon Assistant Language Data de-DE Version 1.1.2 (HKLM-x32\...\{FB671668-9AAC-41DC-872B-627418FB62D5}_is1) (Version: 1.1.2 - Nuance Communications, Inc.)
Dragon Assistant Version 1.5.5 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.5 - Nuance Communications, Inc.)
Elevated Installer (HKLM-x32\...\{BA007E03-72AE-4D2D-8A73-FA4B935D4015}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.24 - Lenovo)
Exif-Viewer 2.51  (HKLM-x32\...\Exif-Viewer) (Version: 2.51 - Ralf Bibinger)
Free DVD Video Converter (HKLM-x32\...\Free DVD Video Converter_is1) (Version: 2.0.65.823 - Digital Wave Ltd)
Free MP4 Video Converter version 5.0.54.1215 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.54.1215 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.54.1215 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.54.1215 - DVDVideoSoft Ltd.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.1.119 - DVDVideoSoft Ltd.)
FRITZ!Fernzugang (HKLM\...\{DD57CC22-8864-4CCA-94D4-600D024C1207}) (Version: 1.3.1 - AVM Berlin)
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.4.0.1 - G DATA Software AG)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{2f694ffe-66ec-4674-a32d-ec690281ca57}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{BCEE507D-8D49-40FF-B437-70E3B9C2D51C}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{198E262D-8C4F-4131-91C7-1F81FB8688F1}) (Version: 5.4.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Gpg4win (2.3.4) (HKLM-x32\...\GPG4Win) (Version: 2.3.4 - The Gpg4win Project)
Intel Anti-Theft Discovery App (HKLM-x32\...\{707248B9-2D34-4D77-A5C6-2A8A54848E5A}) (Version: 1.1.0.7 - Intel Corporation)
Intel Experience Center - Configuration (HKLM-x32\...\{C73A16B7-AC35-4262-9BAF-DA9B2039A563}) (Version: 1.9.0.8 - Intel) Hidden
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{6555226B-7295-4CFD-9D5B-9C8F394BE03A}) (Version: 4.1.41.2234 - Intel)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C605440F-2748-435F-9F29-EB1C8134856F}) (Version: 4.1.17.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.91.55 - Huawei Technologies Co.,Ltd)
IsoBuster 3.9 (HKLM-x32\...\IsoBuster_is1) (Version: 3.9 - Smart Projects)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
KÜCHEN QUELLE 3D (HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\SquareClock_Production_Home_KQ_Web) (Version:  - 3DVIA SAS)
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version:  - )
L&H TTS3000 Espaсol (HKLM-x32\...\LHTTSSPE) (Version:  - )
L&H TTS3000 Franзais (HKLM-x32\...\LHTTSFRF) (Version:  - )
L&H TTS3000 Italiano (HKLM-x32\...\LHTTSITI) (Version:  - )
L&H TTS3000 Portuguкs (Brasil) (HKLM-x32\...\LHTTSPTB) (Version:  - )
L&H TTS3000 Russian (HKLM-x32\...\LHTTSRUR) (Version:  - )
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10233 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo System Interface Foundation Driver (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.078.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0059 - Lenovo)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version:  - )
Malwarebytes Version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7766.2099 - Microsoft Corporation)
Microsoft Office 365 ProPlus - ru-ru (HKLM\...\O365ProPlusRetail - ru-ru) (Version: 16.0.7766.2099 - Microsoft Corporation)
Microsoft Office Language Pack 2013  - Russian/русский (HKLM-x32\...\Office15.OMUI.ru-ru) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation)
Microsoft Outlook-Sicherung für Persönliche Ordner (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MKS Platform Components 9.x (HKLM\...\{30276636-0000-0905-9ABB-000BDB5CF35D}) (Version: 9.5.0000 - Mortice Kern Systems)
Motion Control (HKLM\...\Motion Control) (Version: 1.2.45.0 - Lenovo)
Mozilla Firefox 55.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Mp3tag v2.71 (HKLM-x32\...\Mp3tag) (Version: v2.71 - Florian Heidenreich)
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
No23 Recorder (HKLM-x32\...\{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}) (Version: 2.1.0.3 - No23) Hidden
No23 Recorder (HKLM-x32\...\No23 Recorder) (Version: 2.1.0.3 - No23)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Grafiktreiber 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.65 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2099 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0419-0000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PlayMemories Camera Apps Downloader (HKLM-x32\...\{5C42BF1B-4586-4711-81A7-8D0F890A6A31}) (Version: 1.2.0.13221 - Sony Corporation)
Polar ProTrainer (HKLM-x32\...\{DF7DBA84-0A55-11D6-A0A6-6A7573736972}) (Version: 5.40.170 - )
Polar WebLink 2.4.15 (HKLM-x32\...\{2734FEDB-7A24-4F15-AC5C-3EC00414D4CC}) (Version: 02.50.0006 - Polar Electro Oy)
QUIK (HKLM-x32\...\{519A413F-6A45-4A48-AC2E-4A9C94C8F98A}_is1) (Version:  - СМВБ-Информационные технологии)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.21229 - Realtek Semiconductor Corp.)
REALTEK DTV USB DEVICE (HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Remote Camera Control (HKLM-x32\...\{A32B85B2-5731-41E9-B431-3F4F5D6E664F}) (Version: 3.7.00000 - Sony Corporation)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Portable SSD T3 (HKLM-x32\...\Samsung Portable SSD T3_is1) (Version: 1.3 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
SDI011 dual interface reader (HKLM-x32\...\{D0ED9100-DFFB-482C-8DB6-C626264757BD}) (Version: 1.01 - SCM Microsystems)
Seagate Dashboard (HKLM-x32\...\{EA266F00-A8E7-43A0-8DED-FBFE3F076934}) (Version: 4.7.1.1 - Seagate)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0100-0419-0000-0000000FF1CE}_Office15.OMUI.ru-ru_{DFA82E00-94E0-456C-B143-A2E1A90B1950}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.5.0.1160 - Lenovo)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Stellar Phoenix Photo Recovery (HKLM-x32\...\Stellar Phoenix Photo Recovery_is1) (Version: 7.0.0.0 - Stellar Information Technology Pvt Ltd.)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
SurfEasy VPN 3.9.542 (HKLM-x32\...\SurfEasy VPN) (Version: 3.9.542 - SurfEasy Inc)
Sweet Home 3D version 5.1.1 (HKLM\...\Sweet Home 3D_is1) (Version: 5.1.1 - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Update for Skype for Business 2015 (KB4011046) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0419-0000-0000000FF1CE}_Office15.OMUI.ru-ru_{4948A05E-E21F-4A6F-BF2A-7D106E339C9B}) (Version:  - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
Vibraimage8 Lite (HKLM-x32\...\{32B4ED86-7931-47CC-B62C-52C9CB739E6F}_is1) (Version:  - ELSYS Corp.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WD Quick View (HKLM-x32\...\{2CE08B2D-856C-47D9-9F6A-BC691911BCD9}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{B11B695F-B5BF-4667-8291-682B3A73B5F8}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Засоби перевірки правопису Microsoft Office 2013 – Українська версія (HKLM-x32\...\{90150000-001F-0422-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2013 — русский (HKLM-x32\...\{90150000-001F-0419-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Энциклопедия Фэн-Шуй (HKLM-x32\...\{2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F}) (Version: 1.00.0000 - Агенство Вызов)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002_Classes\CLSID\{784D0A2D-A305-4E18-3208-A1915D75B970}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-6F9128BD414A}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6943.0625\amd64\FileSyncShell64.dll => Keine Datei
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2015-04-15] ()
ContextMenuHandlers1: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G Data\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\GNU\GnuPG\bin\gpgex.dll [2017-07-06] (g10 Code GmbH)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers1: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers1: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} =>  -> Keine Datei
ContextMenuHandlers1: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers2: [CWDDriveMenuHandler] -> {CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers3: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G Data\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => C:\Program Files (x86)\GNU\GnuPG\bin\gpgex.dll [2017-07-06] (g10 Code GmbH)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-12-13] (Florian Heidenreich)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers4: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} =>  -> Keine Datei
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-04-01] (NVIDIA Corporation)
ContextMenuHandlers5: [TR] -> {6A982F05-85C0-48c4-B17E-407176B160AD} =>  -> Keine Datei
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll [2017-07-18] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems Inc.)
ContextMenuHandlers6: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G Data\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-21] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G Data\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers6: [SugarSync] -> {305BC11B-5175-492B-B569-866547FCDA40} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ContextMenuHandlers6: [WDBackupMenuHandler] -> {C752BC82-C19A-4827-9C15-0996BA85C180} => C:\Program Files\Western Digital\WD SmartWare\\WDContextMenuHandler.dll [2016-04-19] (Western Digital Technologies, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {039B2D62-D86C-4D71-A3E5-9E1EF9AE46C8} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {0A27731B-0644-4062-ADF0-0AFD83B598EA} - System32\Tasks\Gena_2 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {0BF03656-1B3D-4867-8112-51DBA6467FAD} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-06-09] ()
Task: {0FABADAA-5079-48C6-8A0A-0ABD016CC58F} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {198E00EF-0EC1-4025-911B-5CE90632D071} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {2B2E2AD2-8AC9-4185-8305-4F24390A902B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-03] (Microsoft Corporation)
Task: {2F88D19A-556E-4BBC-905F-3FB0FDFEEC1C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-08-05] (Microsoft Corporation)
Task: {2FFF98D8-7ECF-4660-B437-0AE36010B04D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-03] (Google Inc.)
Task: {32A8A4BB-A436-4B23-8F55-0C8B032A1856} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-05-18] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3B8B8F6B-77BC-432C-B0FD-AFAD1F998184} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {3DDDA922-4DD7-4912-9AF7-455BDE6C560B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {3F6A34E4-8F62-4D86-A60B-03BD7575611D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e9420e5d-5bdd-4a24-a5a5-a9aa7ef83862 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {4563D974-856B-42C7-A4A8-73967ABCD319} - System32\Tasks\AdobeAAMUpdater-1.0-BigCom-Gena_2 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {48E9D8C9-2761-4284-B55B-24C8EFCA456C} - System32\Tasks\Samsung_PSSD_Registration => C:\ProgramData\Samsung Apps\Portable SSD\Samsung Portable SSD Daemon.exe
Task: {4AF6F6B4-2BF2-4311-8579-9136AEE95063} - System32\Tasks\Gena_2 DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2017-05-10] (Seagate Technology LLC)
Task: {4C4B59C3-B8BC-43E6-9CB9-17EF37989396} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-08-10] (Microsoft Corporation)
Task: {547ECDD4-8BA2-4948-959A-2427DB30601C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {56A4F296-4DBB-4BA0-9DBF-31A9EDBF6FF2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-03] (Google Inc.)
Task: {66BE7478-3082-4773-A506-64305CE3D70A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd)
Task: {70323029-858D-4ADD-90A8-2E72B7A2E07E} - System32\Tasks\Gena_22 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {77973E8A-CCB9-466D-8AF3-B9E2F87DC3FC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {7A3C259E-E121-49E4-9755-A251DFE47278} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {7BC249EA-4E18-47DB-B476-41EECC852802} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\025dd0d5-e4e2-4cfd-8202-bfe3010559ac => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {8E6988D4-EC82-402A-BF59-9C8F0B09B9B2} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-06-09] ()
Task: {97E4A251-A276-4D50-9078-630F149BA7C5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {97ED358D-36C8-4036-A210-DBF1729CFEA2} - System32\Tasks\Gena_21 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {986DA129-70AE-4B81-A3A8-C2F4D410DF13} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Gena_2\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {9BC2B296-270E-455D-8911-77C889224D35} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {9ED4E3EA-4A16-4189-95B9-4D3F28867A03} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {AC1E0504-321F-4E19-8A49-4C3D89897DA4} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-08-05] (Microsoft Corporation)
Task: {B01C72EC-F17E-4965-881F-3A5FDE96C3A7} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\acc6e65b-a614-4b95-a550-993bd2677a4a => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {B0C360A4-A098-4E2E-ACB7-E1DDF62984E3} - System32\Tasks\*************** => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe [2017-05-10] (Seagate Technology LLC)
Task: {C3A1E82E-B71D-4E9C-B517-FEE16711404B} - System32\Tasks\Seagate_Install_Launch => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe [2017-05-10] (Seagate Technology LLC)
Task: {D40095DF-2C22-4518-A3C7-6F63CD89DC85} - System32\Tasks\*************** DBAgent 2 0 => C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe [2017-05-10] (Seagate Technology LLC)
Task: {D80986EA-20E0-4142-9888-6046758FDCCA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {DF1FACA5-2092-4B69-9F91-14BBA48448AF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-08-05] (Microsoft Corporation)
Task: {E6F85229-2129-4888-92D2-5E851347D80B} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {EF0B1B4C-C6E7-471A-9D7D-646B40C81902} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {F03C4032-D500-4CDA-BD1D-B1D6EE650267} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8740b1f0-d4c2-4cf1-969b-e9df59ea92ba => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {FE51E7E7-011F-47E8-BCF3-0595F5E3B458} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-03] (Microsoft Corporation)
Task: {FF1133FB-0247-4224-8FC2-0411588B726D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


Shortcut: C:\Users\genas_000\Desktop\Поиграй!.lnk -> C:\Program Files (x86)\Download Master\games.url () <==== Cyrillic
Shortcut: C:\Users\genas_000\Desktop\Энциклопедия Фэн-Шуй.lnk -> C:\Users\genas_000\AppData\Roaming\Microsoft\Installer\{2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F}\_35987B591D36_44F6_A1C6_DD3345589997.exe () <==== Cyrillic
Shortcut: C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Энциклопедия Фэн-Шуй\Энциклопедия Фэн-Шуй.lnk -> C:\Users\genas_000\AppData\Roaming\Microsoft\Installer\{2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F}\_35987B591D36_44F6_A1C6_DD3345589997.exe () <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive для бизнеса.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVE.EXE (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype для бизнеса 2016.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\Users\Public\Desktop\QUIK БКС.lnk -> C:\BCS_Work\QUIK_BCS\info.exe (ARQA Technologies) <==== Cyrillic

ShortcutWithArgument: C:\Users\genas_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Энциклопедия Фэн-Шуй\Удаление.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {2694C6A0-A36A-4DCD-B43F-9CBFC9D7393F} <==== Cyrillic
ShortcutWithArgument: C:\Users\Public\Desktop\Аура VI+.lnk -> C:\ELSYS\Vibraimage8Lite\Vibraimage.exe (ELSYS Corp.) -> -type DZ <==== Cyrillic

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-07-12 16:27 - 2017-06-21 09:48 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-06 14:46 - 2017-07-06 14:46 - 000216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2013-10-28 04:02 - 2013-10-28 04:02 - 000351824 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-07-23 21:11 - 2009-09-08 14:12 - 000116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2013-04-15 16:45 - 2013-04-15 16:45 - 000182760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-04-15 16:45 - 2013-04-15 16:45 - 000060392 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2017-04-06 20:22 - 2017-05-03 22:21 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-14 21:39 - 2017-03-14 21:39 - 001663368 _____ () C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe
2015-05-04 20:47 - 2013-08-16 08:53 - 000671744 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2017-06-08 05:54 - 2017-06-08 05:54 - 000554984 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2016-03-01 17:09 - 2016-11-02 00:05 - 000401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-07-18 00:50 - 2017-07-18 00:50 - 000492112 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\CoreSyncExtension\CoreSync_x64.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 000222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-09-16 19:54 - 2016-09-07 06:56 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 20:20 - 2017-03-04 08:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 20:20 - 2017-03-04 08:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 20:20 - 2017-03-04 08:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 20:20 - 2017-03-04 08:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-08-11 19:08 - 2017-03-04 08:05 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-08-11 19:08 - 2017-08-01 20:26 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-08-11 19:08 - 2017-08-01 20:31 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-24 20:44 - 2017-08-24 20:44 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 036162048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-08-24 20:44 - 2017-08-24 20:44 - 002237952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\skypert.dll
2017-04-07 09:41 - 2017-04-07 09:41 - 000054488 _____ () C:\Program Files\CCleaner\branding.dll
2017-06-30 13:22 - 2017-06-30 13:22 - 000069632 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-02-11 07:34 - 2014-02-11 07:34 - 000172552 _____ () C:\Program Files (x86)\Lenovo\MotionControl\MotionControl.exe
2014-02-11 07:31 - 2013-04-17 16:26 - 000387984 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\fl_core.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 001165712 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_asr.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 000199056 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_base.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 001132944 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_pron.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 000035216 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_platform.dll
2014-02-11 07:31 - 2013-04-17 16:26 - 000229264 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\sdxg.dll
2014-02-11 07:31 - 2013-04-17 16:25 - 000027648 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\WASAPIResamplingStreamCOMServer.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-01-04 16:57 - 2016-10-27 13:18 - 000048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2017-07-06 14:33 - 2017-07-06 14:33 - 000222720 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2017-07-06 14:21 - 2017-07-06 14:21 - 000050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2017-07-06 14:33 - 2017-07-06 14:33 - 000073728 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2017-07-06 14:36 - 2017-07-06 14:36 - 000890880 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2017-07-06 14:27 - 2017-07-06 14:27 - 000103424 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2017-05-10 15:50 - 2017-05-10 15:50 - 000729792 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\PocoNet.dll
2017-03-14 21:40 - 2017-03-14 21:40 - 000078216 _____ () C:\Program Files (x86)\SurfEasy VPN\client\ZLIB1.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 000011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 000043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 002417152 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2015-05-04 20:47 - 2013-08-16 08:53 - 001148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2017-04-06 20:22 - 2017-05-03 22:21 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-08-10 11:14 - 2016-08-10 11:14 - 040523480 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll
2014-02-11 07:34 - 2014-02-11 07:34 - 001623048 _____ () C:\Program Files (x86)\Lenovo\MotionControl\eyeKeys.dll
2014-02-11 07:34 - 2014-02-11 07:34 - 000030728 _____ () C:\Program Files (x86)\Lenovo\MotionControl\esmlib.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2017-06-22 18:56 - 2017-06-22 18:56 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-06-22 18:56 - 2017-06-22 18:56 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-06-22 18:55 - 2017-06-22 18:55 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-06-22 18:56 - 2017-06-22 18:56 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-07-13 10:12 - 2017-07-13 10:12 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-06-22 18:56 - 2017-06-22 18:56 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2017-05-19 23:49 - 2017-05-19 23:49 - 000125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-05-19 23:50 - 2017-05-19 23:50 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-07-13 10:07 - 2017-07-13 10:07 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-05-19 23:49 - 2017-05-19 23:49 - 000098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2017-05-19 23:50 - 2017-05-19 23:50 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-04-23 13:32 - 2016-04-23 13:32 - 000131072 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_de\PDFMaker\PDFMOutlookAddin.DEU
2017-03-28 19:24 - 2017-03-28 19:24 - 003990136 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\PDFMaker\Common\AdobePDFMakerX.dll
2016-04-23 13:32 - 2016-04-23 13:32 - 001446912 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Locale\de_DE\PDFMaker\AdobePDFMakerX.DEU
2014-02-11 07:09 - 2013-05-09 14:23 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\...\sharepoint.com -> hxxps://htlsalzburg-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\127.0.0.1 -> hxxp://127.0.0.1
IE trusted site: HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\sharepoint.com -> hxxps://htlsalzburg.sharepoint.com

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2017-08-24 21:11 - 000004317 _____ C:\WINDOWS\system32\Drivers\etc\hosts

0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 ac3.msn.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads.msn.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 a-msedge.net
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 c.atdmt.com

Da befinden sich 77 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4288807228-2172792055-1580508024-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\genas_000\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img4.jpg
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Gena_2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-4288807228-2172792055-1580508024-1003\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{7DCA83E0-AED3-4A40-A274-EC1D2CCFB027}] => (Allow) LPort=8888
FirewallRules: [{03BA6C7E-FC46-4AB9-B460-028AC671B4C6}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{F71698B4-9CFE-4827-9E7E-2994F642D8DC}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/10/2017 10:20:22 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (09/10/2017 10:20:20 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (09/10/2017 10:20:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BrcmSetSecurity.exe, Version: 1.0.0.1, Zeitstempel: 0x516df51d
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.1532, Zeitstempel: 0x5965abad
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002f7fb
ID des fehlerhaften Prozesses: 0xf34
Startzeit der fehlerhaften Anwendung: 0x01d32a722e74b59d
Pfad der fehlerhaften Anwendung: C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: e45e2286-fae8-44ed-abca-8c79c0650020
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/10/2017 10:19:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: BigCom)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/10/2017 09:54:28 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - netDetect::AOACWLANProset::LocateAdapters   Net Detect:  Net Detect Supported Error Getting Adapter List Error=0x80040302\n

Error: (09/10/2017 09:54:14 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CWinPcapWrapper::InitializeDLL   You must be running with Free version of WinPcap!!!

Error: (09/10/2017 09:54:14 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: ISCT - CWinPcapWrapper::InitializeDLL   Error starting WinPcap Professional: Unable to copy the WinPcap Professional files. Administrative privileges are required for this operation.

Error: (09/10/2017 09:54:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FRST64.exe, Version: 10.9.2017.0, Zeitstempel: 0x59b57e97
Name des fehlerhaften Moduls: FRST64.exe, Version: 10.9.2017.0, Zeitstempel: 0x59b57e97
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000026519
ID des fehlerhaften Prozesses: 0x2988
Startzeit der fehlerhaften Anwendung: 0x01d32a6e71f7d903
Pfad der fehlerhaften Anwendung: C:\Users\Gena_2\Downloads\FRST64.exe
Pfad des fehlerhaften Moduls: C:\Users\Gena_2\Downloads\FRST64.exe
Berichtskennung: 20618a3c-d704-4d0f-9015-c84b5f14b58e
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/10/2017 09:53:10 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "K:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).

Error: (09/10/2017 09:50:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NVDisplay.Container.exe, Version: 1.2.0.0, Zeitstempel: 0x58df0aaf
Name des fehlerhaften Moduls: NvXDCore.dll_unloaded, Version: 8.17.13.8165, Zeitstempel: 0x58df0acc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000c1951
ID des fehlerhaften Prozesses: 0x578
Startzeit der fehlerhaften Anwendung: 0x01d32a337442f8a1
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
Pfad des fehlerhaften Moduls: NvXDCore.dll
Berichtskennung: 501960bf-df2b-4352-b1e5-d6d7850b3a4d
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (09/10/2017 10:23:21 PM) (Source: DCOM) (EventID: 10010) (User: BigCom)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/10/2017 10:21:49 PM) (Source: DCOM) (EventID: 10010) (User: BigCom)
Description: Der Server "{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/10/2017 10:20:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BrcmSetSecurity" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/10/2017 10:20:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/10/2017 10:20:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/10/2017 10:20:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/10/2017 10:20:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/10/2017 10:20:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. RunOuc" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (09/10/2017 10:20:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. RunOuc erreicht.

Error: (09/10/2017 10:19:37 PM) (Source: DCOM) (EventID: 10010) (User: BigCom)
Description: Der Server "App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


CodeIntegrity:
===================================
  Date: 2017-09-06 15:58:09.788
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltDll64.dll that did not meet the Store signing level requirements.

  Date: 2017-09-06 15:49:15.976
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltDll64.dll that did not meet the Store signing level requirements.

  Date: 2016-09-28 22:25:30.242
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.240
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.236
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.233
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.229
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.226
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.214
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-09-28 22:25:30.201
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 8104.27 MB
Verfügbarer physikalischer RAM: 4501.24 MB
Summe virtueller Speicher: 9384.27 MB
Verfügbarer virtueller Speicher: 5479.84 MB

==================== Laufwerke ================================

Drive c: (Windows8_OS) (Fixed) (Total:122.8 GB) (Free:15.93 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Zwieschenspeicher) (Fixed) (Total:25 GB) (Free:4.78 GB) NTFS
Drive g: (LENOVO_S) (Fixed) (Total:51.88 GB) (Free:1.32 GB) NTFS
Drive h: (Volume) (Fixed) (Total:23.17 GB) (Free:6.88 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: BC09B5DB)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
wenn Windows hochgefahren ist, wird folgender Ordner geöfnet: C:\WINDOWS\SysWOW64, jetzt neu

Antwort

Themen zu Trojaner Verdacht, Win10 64bit
.dll, administrator, beim starten, defender, desktop, explorer, firewall, g-data, gdata, home, internet, mozilla, nvidia, ordner, pdf, prozesse, realtek, registry, rundll, scan, security, software, starten, trojaner, usb



Ähnliche Themen: Trojaner Verdacht, Win10 64bit


  1. Win10: Trojaner? Uhrzeiten von Files teilweise in der Zukunft, TrustedInstaller
    Alles rund um Windows - 18.08.2017 (11)
  2. Win10 (64bit): Internet Browser Hijack, Phishingseiten als Startseite
    Log-Analyse und Auswertung - 23.05.2017 (15)
  3. Win10 64bit: Spam-Taps in Browsern (FRST-Log)
    Log-Analyse und Auswertung - 15.04.2017 (24)
  4. vorinstallierte Programme nach Win10 64bit Installation sowie sofortige Gruppeneinschränkungen
    Alles rund um Windows - 30.03.2017 (6)
  5. Windows Defender wird durch Gruppenrichtlinien blockiert + Adware gefunden (Win10 Home 64bit)
    Plagegeister aller Art und deren Bekämpfung - 09.03.2017 (13)
  6. WIN10 64bit - unbekannte Aktivität, schwarzer Bildschirm+herunterfahren
    Plagegeister aller Art und deren Bekämpfung - 07.01.2017 (17)
  7. WIN10 - Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 30.12.2016 (23)
  8. PC ist seit letztem Start extrem langsam win10 64bit
    Alles rund um Windows - 12.05.2016 (0)
  9. Win10 - evtl. Virus od. Trojaner - Kontextmenü schwarz, rote Schrift
    Log-Analyse und Auswertung - 20.04.2016 (7)
  10. Trojaner TR/Crypt.XPACK.Gen auf Win10 Neuinstallation
    Log-Analyse und Auswertung - 11.03.2016 (15)
  11. Verdacht auf "TR/Patched.Ren.Gen2" Win10
    Plagegeister aller Art und deren Bekämpfung - 01.02.2016 (18)
  12. Rootkit verdacht unter win7 64bit ultimate
    Log-Analyse und Auswertung - 30.11.2015 (35)
  13. Win10: 7Zip Chip Installer - McAfee entdeckte Trojaner
    Plagegeister aller Art und deren Bekämpfung - 26.11.2015 (18)
  14. WIN10 DNS Keeper lässt sich nicht entfernen/Verdacht auf andere Malware
    Log-Analyse und Auswertung - 07.09.2015 (4)
  15. Yahoo Account versendet Spam. Trojaner-Verdacht. Windows 7 64bit
    Log-Analyse und Auswertung - 24.06.2014 (15)
  16. Laptop Windows 7 Professional (SP1) 64bit Verdacht auf "eyestye"
    Log-Analyse und Auswertung - 20.11.2012 (11)
  17. Verdacht auf Rootkit-Verseuchung Windows 7 64bit
    Log-Analyse und Auswertung - 22.08.2011 (4)

Zum Thema Trojaner Verdacht, Win10 64bit - Hallo zusammen, seit einiger Zeit taucht beim starten ein Dos (Windows\System32\cmd.exe)Fenster. G-Data Internet Security findet nicht´s. Könnst Ihr bitte die LogDateien anschauen? Vielen Dank! FRST Code: Alles auswählen Aufklappen ATTFilter - Trojaner Verdacht, Win10 64bit...
Archiv
Du betrachtest: Trojaner Verdacht, Win10 64bit auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.