|
Plagegeister aller Art und deren Bekämpfung: PC verhält sich seltsam, trotz negativen VirenscanWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
25.10.2017, 12:13 | #1 |
| PC verhält sich seltsam, trotz negativen Virenscan Hallo, ich hoffe auf Eure Hilfe. Seit 2 Tagen häufen sich plötzlich die Situationen, dass beim Aufrufen eines Links, sich auch noch ein weiterer öffnet. Außerdem lassen sich ebenso seit 2 Tagen irgndwelche Seiten nicht mehr öffnen; so zum Beispiel auch der Link von diesem Bord { hxxp://anleitung.trojaner-board.de/ } Das Ladekreisel läuft und läuft und läuft… wird aber nichts draus. Wisst Ihr mir vielleicht einen Rat ? Bin für jede Hilfe dankbar. |
25.10.2017, 12:41 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | PC verhält sich seltsam, trotz negativen Virenscan Scan mit Farbar's Recovery Scan Tool (FRST)
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
25.10.2017, 13:29 | #3 |
| Download-Problem Da ist es schon dieses Problem. Ich kann den Download nicht durchführen:
__________________hxxp://filepony.de/dl-aHR0cDovL2RsLmZpbGVwb255LmRlL0ZSU1Q2NC5leGU=-frst64-1438294709-10478711/ Der Kreisel dreht sich unentwegt weiter und kommt zu keinem Ende. Hast Du eine Idee, was ich tun kann ? Das Eigenartige ist, dieses Verhalten zeigt nicht nur der Chrome, sondern auch der Firefox und Edge. Nachtrag: Das geht so etwa 5 Minuten, dann wird angezeigt, dass die Seite sich nicht öffnen lässt. Geändert von Mütter (25.10.2017 um 13:45 Uhr) |
25.10.2017, 14:18 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | PC verhält sich seltsam, trotz negativen Virenscan Nun ohne Logs kommen wir hier nicht weiter. Notfalls musst du das Tool dann anders auf deinen Rechner laden. Netten Nachbarn fragen ob er dir das auf nen Stick packen kann oder so.
__________________ Logfiles bitte immer in CODE-Tags posten |
25.10.2017, 15:39 | #5 |
| PC verhält sich seltsam, trotz negativen VirenscanFRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-10-2017 01 durchgeführt von mir (Administrator) auf DESKTOP-S58JN56 (25-10-2017 16:27:58) Gestartet von J:\ Geladene Profile: mir (Verfügbare Profile: mir) Platform: Windows 10 Pro Version 1703 15063.674 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Ransomware Tool for Business 1.1\anti_ransom.exe () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Ransomware Tool for Business 1.1\anti_ransom_gui.exe (H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe (Uwe Sieber) C:\Program Files (x86)\BBar\BBar.exe (Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe (Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.26.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\cmd.exe (Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe (Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [588360 2017-06-22] () HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2017-08-24] (Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SystemExplorerAutoStart] => C:\Program Files (x86)\jv16 PowerTools X\StartupOptimizer.exe "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG HKU\S-1-5-21-713140132-2893023704-1334801391-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd) HKU\S-1-5-21-713140132-2893023704-1334801391-1001\...\Policies\Explorer: [NoAutorun] 1 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\p6_19_erinnerung.lnk [2017-10-23] ShortcutTarget: p6_19_erinnerung.lnk -> C:\Program Files (x86)\phase6\phase6_19\WinStart\p6erinnerung.exe (phase6) Startup: C:\Users\mir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ButtonBar.lnk [2017-10-18] ShortcutTarget: ButtonBar.lnk -> C:\Program Files (x86)\BBar\BBar.exe (Uwe Sieber) GroupPolicy: Beschränkung <==== ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 Tcpip\..\Interfaces\{47cccb0e-fe7d-494f-87b1-4a3bdaef81fd}: [DhcpNameServer] 10.0.0.138 Internet Explorer: ================== BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2009-03-13] (Siber Systems Inc.) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems Incorporated) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems Incorporated) BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2009-03-13] (Siber Systems Inc.) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-05] (Adobe Systems Incorporated) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-11-16] (Microsoft Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-05] (Adobe Systems Incorporated) Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2009-03-13] (Siber Systems Inc.) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-04-05] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2009-03-13] (Siber Systems Inc.) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-04-05] (Adobe Systems Incorporated) Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-11-16] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: ddi3xcqy.default FF ProfilePath: C:\Users\mir\AppData\Roaming\TomTom\HOME\Profiles\gh4sffgw.default [2017-09-04] FF ProfilePath: C:\Users\mir\AppData\Roaming\Mozilla\Firefox\Profiles\ddi3xcqy.default [2017-10-25] FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\mir\AppData\Roaming\Mozilla\Firefox\Profiles\ddi3xcqy.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-10-25] FF Extension: (uBlock Origin) - C:\Users\mir\AppData\Roaming\Mozilla\Firefox\Profiles\ddi3xcqy.default\Extensions\uBlock0@raymondhill.net.xpi [2017-10-25] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-12] (Adobe Systems) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-06-28] (Google Inc.) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-08-24] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-12] (Adobe Systems) Chrome: ======= CHR HomePage: Default -> hxxp://www.google.at/ CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3298566&SearchSource=48&CUI=UN39635859024109304&UM=2","hxxp://www.startfenster.de/","chrome://tabs/","hxxps://www.google.at/?gws_rd=ssl","hxxp://www.google.com/" CHR Profile: C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default [2017-10-25] CHR Extension: (ProxFlow) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2017-07-03] CHR Extension: (Google Übersetzer) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19] CHR Extension: (Präsentationen) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12] CHR Extension: (Docs) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12] CHR Extension: (Google Drive) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-28] CHR Extension: (YouTube) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-28] CHR Extension: (Adblock Plus) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-10-07] CHR Extension: (Notebook Web Clipper) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\cneaciknhhaahhdediboeafhdlbdoodg [2017-10-13] CHR Extension: (Adobe Acrobat) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-10-24] CHR Extension: (Tabellen) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12] CHR Extension: (Avira Browserschutz) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-10-04] CHR Extension: (Google Docs Offline) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-28] CHR Extension: (Avira SafeSearch Plus) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2017-07-03] CHR Extension: (Solitaire) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkbhppfbabandkdmgjmifahoabeodiep [2017-10-12] CHR Extension: (Video DownloadHelper) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2017-07-03] CHR Extension: (Google Mail-Checker) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-09-10] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22] CHR Extension: (Ausführliche Beschreibungen im Kontextmenü) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohbmencljkleiedahijfkagnmmhbilgp [2017-07-03] CHR Extension: (SpeakIt) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohpcoflekopkahpgomnabhkclbedepll [2017-10-20] CHR Extension: (Offline Solitaire) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojldfpglenpceffckkjhajofdbpkfgmn [2017-07-03] CHR Extension: (Mercury Reader) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi [2017-10-20] CHR Extension: (Google Mail) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-28] CHR Extension: (Chrome Media Router) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27] CHR Extension: (RoboForm Password Manager) - C:\Users\mir\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2017-08-23] CHR HKLM\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2017-07-03] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2017-07-03] ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1278720 2017-06-22] () R2 AdobeActiveFileMonitor14.0; C:\Program Files\Adobe\Elements 14 Organizer\PhotoshopElementsFileAgent.exe [226016 2015-12-07] (Adobe Systems Incorporated) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-12] (Adobe Systems Incorporated) R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6086232 2017-08-01] () R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated) R2 AntiRansom; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Ransomware Tool for Business 1.1\anti_ransom.exe [654976 2017-03-21] (AO Kaspersky Lab) R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-10-12] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-10-12] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-10-12] (Avira Operations GmbH & Co. KG) R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1525240 2017-10-12] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [408944 2017-10-16] (Avira Operations GmbH & Co. KG) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-09-14] (Intel Corporation) S2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4795288 2017-02-13] (Acronis International GmbH) S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [2908352 2017-01-06] (Acronis International GmbH) S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1617520 2017-06-22] () R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [498608 2017-06-12] (Sony Corporation) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [622872 2016-08-29] (CyberLink) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [198792 2017-06-05] (Sandboxie Holdings, LLC) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation) R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7014728 2017-03-07] () R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation) S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe [417792 2016-07-12] (Wondershare) [Datei ist nicht signiert] ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.) R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0317685.inf_amd64_f4ed8f05a31c5d2d\atikmdag.sys [38761496 2017-09-07] (Advanced Micro Devices, Inc.) R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0317685.inf_amd64_f4ed8f05a31c5d2d\atikmpag.sys [541720 2017-09-07] (Advanced Micro Devices, Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] () R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-04-26] (Advanced Micro Devices) R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-09-23] (Avira Operations GmbH & Co. KG) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [176224 2017-09-23] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-09-23] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-09-23] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-09-23] (Avira Operations GmbH & Co. KG) R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [38048 2017-09-23] (Avira Operations GmbH & Co. KG) R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [378712 2017-08-01] (Acronis International GmbH) R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554408 2016-10-01] (AO Kaspersky Lab) R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [191312 2016-06-26] (AO Kaspersky Lab) R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [413008 2016-06-28] (AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1012048 2016-06-26] (AO Kaspersky Lab) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-10-01] (AO Kaspersky Lab) R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [126864 2016-06-02] (AO Kaspersky Lab) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek ) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [207496 2017-06-05] (Sandboxie Holdings, LLC) S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] () R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1310552 2017-08-01] (Acronis International GmbH) R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [213336 2017-08-01] (Acronis International GmbH) S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [690520 2017-08-01] (Acronis International GmbH) R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102664 2014-12-19] () R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25992 2014-12-19] () R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [700680 2014-12-19] () R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [324952 2017-08-01] (Acronis International GmbH) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-10-25 16:27 - 2017-10-25 16:27 - 000000000 ____D C:\FRST 2017-10-25 16:22 - 2017-10-25 16:22 - 000000231 _____ C:\Users\mir\Desktop\FRST64.txt 2017-10-25 14:16 - 2017-10-25 14:16 - 000000000 ____D C:\Users\mir\Documents\FeedbackHub 2017-10-25 13:15 - 2017-10-25 13:15 - 000000125 _____ C:\Users\mir\Desktop\PC verhält sich seltsam, trotz negativen Virenscan.url 2017-10-25 12:46 - 2017-10-25 12:46 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe 2017-10-25 11:57 - 2017-10-25 12:01 - 000000000 ____D C:\Users\mir\AppData\Local\Mozilla 2017-10-25 10:19 - 2017-10-25 10:19 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsignf9a398c7fd9a4988 2017-10-25 10:19 - 2017-10-25 10:19 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign1e625809f0a61436 2017-10-25 10:19 - 2017-10-25 10:19 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign0e5ab73187e91b57 2017-10-24 23:32 - 2017-10-24 23:32 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2017-10-24 22:59 - 2017-10-24 22:59 - 000000069 _____ C:\Users\mir\Desktop\(1) Jennifer Rush - Destiny (Formel Eins 23.09.1985) - YouTube.url 2017-10-24 16:50 - 2017-10-24 16:50 - 000000000 ____D C:\WINDOWS\SysWOW64\%ProductFolder% 2017-10-24 15:47 - 2017-10-24 15:47 - 000000000 ____D C:\Users\mir\AppData\Roaming\19857 2017-10-24 14:50 - 2017-10-24 14:50 - 000000000 ____D C:\WINDOWS\SysWOW64\%PersonalRootCertificateFolder% 2017-10-24 14:18 - 2017-10-24 14:18 - 000000000 ____D C:\Users\Public\Documents\Avanquest Software 2017-10-24 14:10 - 2017-10-24 14:23 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2017-10-24 14:10 - 2017-10-24 14:10 - 000000040 ____H C:\E8EB8FC69139 2017-10-24 14:09 - 2017-10-24 14:23 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2017-10-24 14:09 - 2017-10-24 14:23 - 000002083 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk 2017-10-24 13:22 - 2017-10-24 13:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Ransomware Tool for Business 2017-10-24 13:22 - 2017-10-24 13:22 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2017-10-24 13:22 - 2017-10-24 13:22 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2017-10-24 13:22 - 2016-06-28 12:28 - 000413008 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys 2017-10-24 13:22 - 2016-06-26 15:14 - 001012048 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys 2017-10-24 13:22 - 2016-06-26 15:14 - 000191312 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys 2017-10-23 20:59 - 2017-10-23 20:59 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsigne99473769b99de18 2017-10-23 20:59 - 2017-10-23 20:59 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign880db7b36afe2557 2017-10-23 20:59 - 2017-10-23 20:59 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign440a35a9260d3d57 2017-10-23 17:13 - 2017-10-25 11:10 - 000000000 ____D C:\Users\Public\Documents\phase6_19_Daten 2017-10-23 17:13 - 2017-10-23 17:13 - 000002036 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\phase6_19.lnk 2017-10-23 17:13 - 2017-10-23 17:13 - 000002020 _____ C:\Users\Public\Desktop\phase6_19.lnk 2017-10-23 17:13 - 2017-10-23 17:13 - 000000000 ____D C:\Program Files (x86)\phase6 2017-10-23 11:49 - 2017-10-23 11:49 - 001941936 _____ C:\Users\mir\Desktop\17_42_Cashkurs_Weekly.pdf 2017-10-22 17:06 - 2017-10-22 17:06 - 000001745 _____ C:\Users\mir\Desktop\identities.exe - Verknüpfung.lnk 2017-10-19 16:26 - 2017-10-24 08:37 - 000000000 ____D C:\Users\mir\Documents\Log Files 2017-10-19 16:26 - 2017-10-19 16:26 - 000000000 ____D C:\Users\mir\Documents\AnyMP4 Studio 2017-10-19 16:26 - 2017-10-19 16:26 - 000000000 ____D C:\Users\mir\AppData\Roaming\AMD 2017-10-19 16:24 - 2017-10-19 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyMP4 2017-10-19 16:24 - 2017-10-19 16:24 - 000000000 ____D C:\ProgramData\AnyMP4 Studio 2017-10-19 16:24 - 2017-10-19 16:24 - 000000000 ____D C:\Program Files (x86)\AnyMP4 Studio 2017-10-19 14:03 - 2017-10-25 07:05 - 000000000 ____D C:\Users\mir\Desktop\Smarthphone 2017-10-17 16:53 - 2017-10-25 12:38 - 000000000 ____D C:\Users\mir\AppData\Roaming\Vso 2017-10-17 16:53 - 2017-10-25 12:38 - 000000000 ____D C:\ProgramData\VSO 2017-10-17 16:53 - 2017-10-17 18:08 - 000007859 _____ C:\Users\mir\AppData\Roaming\pcouffin.cat 2017-10-17 16:53 - 2017-10-17 18:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO 2017-10-17 16:53 - 2017-10-17 18:08 - 000000000 ____D C:\Program Files (x86)\VSO 2017-10-17 16:42 - 2017-10-17 16:42 - 000000000 ____D C:\Users\mir\Documents\Ashampoo Burning Studio Business 2017-10-17 11:25 - 2017-10-17 11:25 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsignc5561d025daf4d8e 2017-10-17 11:25 - 2017-10-17 11:25 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign4ff384c010069f47 2017-10-17 11:25 - 2017-10-17 11:25 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign0da91d42303b3cfb 2017-10-15 12:28 - 2017-10-15 12:28 - 000001552 _____ C:\Users\mir\Desktop\Rechner.lnk 2017-10-14 10:49 - 2017-10-14 10:49 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsigne241005f2da4a548 2017-10-14 10:43 - 2017-10-14 10:43 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign69f8d60c8f7a3980 2017-10-14 10:43 - 2017-10-14 10:43 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign5301501e4c4c332b 2017-10-11 06:44 - 2017-09-30 07:51 - 000661224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2017-10-11 06:44 - 2017-09-30 07:49 - 001004136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll 2017-10-11 06:44 - 2017-09-30 07:49 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2017-10-11 06:44 - 2017-09-30 07:49 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys 2017-10-11 06:44 - 2017-09-30 07:48 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2017-10-11 06:44 - 2017-09-30 07:48 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2017-10-11 06:44 - 2017-09-30 07:48 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2017-10-11 06:44 - 2017-09-30 07:47 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll 2017-10-11 06:44 - 2017-09-30 07:47 - 001194792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2017-10-11 06:44 - 2017-09-30 07:45 - 000511896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2017-10-11 06:44 - 2017-09-30 07:44 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll 2017-10-11 06:44 - 2017-09-30 07:43 - 007318888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2017-10-11 06:44 - 2017-09-30 07:42 - 000820120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2017-10-11 06:44 - 2017-09-30 07:41 - 005304496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2017-10-11 06:44 - 2017-09-30 07:41 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2017-10-11 06:44 - 2017-09-30 07:41 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe 2017-10-11 06:44 - 2017-09-30 07:40 - 000724704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2017-10-11 06:44 - 2017-09-30 07:40 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe 2017-10-11 06:44 - 2017-09-30 07:40 - 000173976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys 2017-10-11 06:44 - 2017-09-30 07:38 - 007910072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2017-10-11 06:44 - 2017-09-30 07:38 - 002239136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2017-10-11 06:44 - 2017-09-30 07:37 - 002377112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll 2017-10-11 06:44 - 2017-09-30 07:36 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2017-10-11 06:44 - 2017-09-30 07:36 - 000057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe 2017-10-11 06:44 - 2017-09-30 04:29 - 001408536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2017-10-11 06:44 - 2017-09-30 04:29 - 000804784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2017-10-11 06:44 - 2017-09-30 04:26 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2017-10-11 06:44 - 2017-09-30 04:26 - 001292872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2017-10-11 06:44 - 2017-09-30 04:10 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2017-10-11 06:44 - 2017-09-30 04:10 - 001150776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll 2017-10-11 06:44 - 2017-09-30 04:10 - 000606072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2017-10-11 06:44 - 2017-09-30 04:10 - 000508344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll 2017-10-11 06:44 - 2017-09-30 04:10 - 000480920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2017-10-11 06:44 - 2017-09-30 04:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2017-10-11 06:44 - 2017-09-30 04:09 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2017-10-11 06:44 - 2017-09-30 04:06 - 004471368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2017-10-11 06:44 - 2017-09-30 04:05 - 005827744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2017-10-11 06:44 - 2017-09-30 04:05 - 002603744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll 2017-10-11 06:44 - 2017-09-30 04:05 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll 2017-10-11 06:44 - 2017-09-30 04:05 - 000750488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2017-10-11 06:44 - 2017-09-30 04:05 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2017-10-11 06:44 - 2017-09-30 04:04 - 004215184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2017-10-11 06:44 - 2017-09-30 04:04 - 000612120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2017-10-11 06:44 - 2017-09-30 04:04 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2017-10-11 06:44 - 2017-09-30 04:04 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll 2017-10-11 06:44 - 2017-09-30 04:04 - 000347544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2017-10-11 06:44 - 2017-09-30 04:04 - 000182680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2017-10-11 06:44 - 2017-09-30 04:03 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2017-10-11 06:44 - 2017-09-30 04:03 - 006768288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2017-10-11 06:44 - 2017-09-30 04:03 - 001439032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2017-10-11 06:44 - 2017-09-30 04:02 - 001624096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.AppAgent.dll 2017-10-11 06:44 - 2017-09-30 04:02 - 001517464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll 2017-10-11 06:44 - 2017-09-30 04:02 - 000175512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll 2017-10-11 06:44 - 2017-09-30 04:01 - 000124544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll 2017-10-11 06:44 - 2017-09-29 09:46 - 023678976 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2017-10-11 06:44 - 2017-09-29 09:45 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2017-10-11 06:44 - 2017-09-29 09:44 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2017-10-11 06:44 - 2017-09-29 09:43 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll 2017-10-11 06:44 - 2017-09-29 09:43 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll 2017-10-11 06:44 - 2017-09-29 09:43 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll 2017-10-11 06:44 - 2017-09-29 09:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll 2017-10-11 06:44 - 2017-09-29 09:41 - 013844992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2017-10-11 06:44 - 2017-09-29 09:41 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll 2017-10-11 06:44 - 2017-09-29 09:40 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2017-10-11 06:44 - 2017-09-29 09:40 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll 2017-10-11 06:44 - 2017-09-29 09:40 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll 2017-10-11 06:44 - 2017-09-29 09:39 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2017-10-11 06:44 - 2017-09-29 09:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2017-10-11 06:44 - 2017-09-29 09:39 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2017-10-11 06:44 - 2017-09-29 09:38 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2017-10-11 06:44 - 2017-09-29 09:38 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2017-10-11 06:44 - 2017-09-29 09:38 - 001135616 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll 2017-10-11 06:44 - 2017-09-29 09:38 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Uev.Office2013CustomActions.dll 2017-10-11 06:44 - 2017-09-29 09:38 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll 2017-10-11 06:44 - 2017-09-29 09:38 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll 2017-10-11 06:44 - 2017-09-29 09:38 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2017-10-11 06:44 - 2017-09-29 09:38 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll 2017-10-11 06:44 - 2017-09-29 09:38 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll 2017-10-11 06:44 - 2017-09-29 09:37 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll 2017-10-11 06:44 - 2017-09-29 09:37 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll 2017-10-11 06:44 - 2017-09-29 09:36 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2017-10-11 06:44 - 2017-09-29 09:36 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll 2017-10-11 06:44 - 2017-09-29 09:35 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2017-10-11 06:44 - 2017-09-29 09:34 - 017370624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2017-10-11 06:44 - 2017-09-29 09:34 - 006255616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2017-10-11 06:44 - 2017-09-29 09:34 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2017-10-11 06:44 - 2017-09-29 09:34 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2017-10-11 06:44 - 2017-09-29 09:34 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2017-10-11 06:44 - 2017-09-29 09:34 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll 2017-10-11 06:44 - 2017-09-29 09:33 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2017-10-11 06:44 - 2017-09-29 09:33 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll 2017-10-11 06:44 - 2017-09-29 09:33 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2017-10-11 06:44 - 2017-09-29 09:33 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2017-10-11 06:44 - 2017-09-29 09:32 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2017-10-11 06:44 - 2017-09-29 09:32 - 002340864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2017-10-11 06:44 - 2017-09-29 09:32 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2017-10-11 06:44 - 2017-09-29 09:32 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll 2017-10-11 06:44 - 2017-09-29 09:32 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2017-10-11 06:44 - 2017-09-29 09:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2017-10-11 06:44 - 2017-09-29 09:32 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2017-10-11 06:44 - 2017-09-29 09:32 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll 2017-10-11 06:44 - 2017-09-29 09:32 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll 2017-10-11 06:44 - 2017-09-29 09:31 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2017-10-11 06:44 - 2017-09-29 09:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2017-10-11 06:44 - 2017-09-29 09:31 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2017-10-11 06:44 - 2017-09-29 09:31 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll 2017-10-11 06:44 - 2017-09-29 09:30 - 023686144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2017-10-11 06:44 - 2017-09-29 09:29 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2017-10-11 06:44 - 2017-09-29 09:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll 2017-10-11 06:44 - 2017-09-29 09:29 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll 2017-10-11 06:44 - 2017-09-29 09:29 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2017-10-11 06:44 - 2017-09-29 09:29 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll 2017-10-11 06:44 - 2017-09-29 09:29 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll 2017-10-11 06:44 - 2017-09-29 09:29 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll 2017-10-11 06:44 - 2017-09-29 09:28 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2017-10-11 06:44 - 2017-09-29 09:28 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll 2017-10-11 06:44 - 2017-09-29 09:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll 2017-10-11 06:44 - 2017-09-29 09:28 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll 2017-10-11 06:44 - 2017-09-29 09:28 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe 2017-10-11 06:44 - 2017-09-29 09:28 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2017-10-11 06:44 - 2017-09-29 09:28 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe 2017-10-11 06:44 - 2017-09-29 09:28 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cipher.exe 2017-10-11 06:44 - 2017-09-29 09:27 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2017-10-11 06:44 - 2017-09-29 09:27 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll 2017-10-11 06:44 - 2017-09-29 09:27 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll 2017-10-11 06:44 - 2017-09-29 09:27 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll 2017-10-11 06:44 - 2017-09-29 09:27 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll 2017-10-11 06:44 - 2017-09-29 09:26 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2017-10-11 06:44 - 2017-09-29 09:26 - 001197568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll 2017-10-11 06:44 - 2017-09-29 09:26 - 001141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe 2017-10-11 06:44 - 2017-09-29 09:26 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll 2017-10-11 06:44 - 2017-09-29 09:25 - 008199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2017-10-11 06:44 - 2017-09-29 09:25 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll 2017-10-11 06:44 - 2017-09-29 09:25 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll 2017-10-11 06:44 - 2017-09-29 09:25 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2017-10-11 06:44 - 2017-09-29 09:24 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2017-10-11 06:44 - 2017-09-29 09:24 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll 2017-10-11 06:44 - 2017-09-29 09:24 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2017-10-11 06:44 - 2017-09-29 09:24 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2017-10-11 06:44 - 2017-09-29 09:24 - 001201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AgentService.exe 2017-10-11 06:44 - 2017-09-29 09:24 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll 2017-10-11 06:44 - 2017-09-29 09:23 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll 2017-10-11 06:44 - 2017-09-29 09:23 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2017-10-11 06:44 - 2017-09-29 09:23 - 003140096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2017-10-11 06:44 - 2017-09-29 09:23 - 002195968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll 2017-10-11 06:44 - 2017-09-29 09:23 - 001887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2017-10-11 06:44 - 2017-09-29 09:23 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2017-10-11 06:44 - 2017-09-29 09:23 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2017-10-11 06:44 - 2017-09-29 09:23 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2017-10-11 06:44 - 2017-09-29 09:23 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2017-10-11 06:44 - 2017-09-29 09:22 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2017-10-11 06:44 - 2017-09-29 09:21 - 003304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2017-10-11 06:44 - 2017-09-29 09:21 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2017-10-11 06:44 - 2017-09-29 09:21 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2017-10-11 06:44 - 2017-09-29 09:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2017-10-11 06:44 - 2017-09-29 09:21 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2017-10-11 06:44 - 2017-09-29 09:20 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2017-10-11 06:44 - 2017-09-29 09:20 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2017-10-11 06:44 - 2017-09-29 09:20 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2017-10-11 06:44 - 2017-09-29 09:20 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll 2017-10-11 06:44 - 2017-09-29 09:19 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll 2017-10-11 06:44 - 2017-09-29 09:19 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll 2017-10-11 06:44 - 2017-09-29 09:19 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2017-10-11 06:44 - 2017-09-29 09:18 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe 2017-10-11 06:44 - 2017-09-29 09:18 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe 2017-10-11 06:44 - 2017-09-29 09:18 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe 2017-10-11 06:44 - 2017-09-29 07:40 - 000804312 _____ C:\WINDOWS\SysWOW64\locale.nls 2017-10-11 06:44 - 2017-09-29 07:40 - 000804312 _____ C:\WINDOWS\system32\locale.nls 2017-10-11 06:44 - 2017-09-20 17:08 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll 2017-10-11 06:44 - 2017-09-20 17:08 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2017-10-11 06:44 - 2017-09-20 17:08 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll 2017-10-11 06:44 - 2017-09-19 01:20 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2017-10-11 06:44 - 2017-09-19 01:20 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2017-10-11 06:44 - 2017-09-19 01:17 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2017-10-11 06:44 - 2017-09-19 01:17 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2017-10-11 06:44 - 2017-09-19 01:09 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2017-10-11 06:44 - 2017-09-19 00:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll 2017-10-11 06:44 - 2017-09-19 00:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2017-10-11 06:44 - 2017-09-19 00:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll 2017-10-11 06:44 - 2017-09-19 00:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2017-10-11 06:43 - 2017-09-30 07:52 - 001595152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2017-10-11 06:43 - 2017-09-30 07:51 - 001458320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2017-10-11 06:43 - 2017-09-30 07:51 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2017-10-11 06:43 - 2017-09-30 07:50 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2017-10-11 06:43 - 2017-09-30 07:50 - 001068208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2017-10-11 06:43 - 2017-09-30 07:50 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2017-10-11 06:43 - 2017-09-30 07:48 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2017-10-11 06:43 - 2017-09-30 07:44 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2017-10-11 06:43 - 2017-09-30 07:43 - 002442136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2017-10-11 06:43 - 2017-09-30 07:42 - 004848952 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2017-10-11 06:43 - 2017-09-30 07:42 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2017-10-11 06:43 - 2017-09-30 07:41 - 005477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll 2017-10-11 06:43 - 2017-09-30 07:41 - 002086808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll 2017-10-11 06:43 - 2017-09-30 07:41 - 000961944 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll 2017-10-11 06:43 - 2017-09-30 07:41 - 000651672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2017-10-11 06:43 - 2017-09-30 07:41 - 000257432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2017-10-11 06:43 - 2017-09-30 07:41 - 000228248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2017-10-11 06:43 - 2017-09-30 07:40 - 000849816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe 2017-10-11 06:43 - 2017-09-30 07:40 - 000701336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll 2017-10-11 06:43 - 2017-09-30 07:40 - 000642680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2017-10-11 06:43 - 2017-09-30 07:40 - 000558912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll 2017-10-11 06:43 - 2017-09-30 07:40 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2017-10-11 06:43 - 2017-09-30 07:40 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2017-10-11 06:43 - 2017-09-30 07:40 - 000072944 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe 2017-10-11 06:43 - 2017-09-30 07:39 - 021351760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2017-10-11 06:43 - 2017-09-30 07:39 - 001694104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll 2017-10-11 06:43 - 2017-09-30 07:39 - 000203672 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll 2017-10-11 06:43 - 2017-09-30 07:38 - 001854872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll 2017-10-11 06:43 - 2017-09-30 07:37 - 002229144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll 2017-10-11 06:43 - 2017-09-30 07:37 - 001464728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll 2017-10-11 06:43 - 2017-09-30 07:36 - 000855960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll 2017-10-11 06:43 - 2017-09-30 07:36 - 000675224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll 2017-10-11 06:43 - 2017-09-29 09:34 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2017-10-11 06:43 - 2017-09-29 09:33 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2017-10-11 06:43 - 2017-09-29 09:32 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll 2017-10-11 06:43 - 2017-09-29 09:32 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll 2017-10-11 06:43 - 2017-09-29 09:32 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll 2017-10-11 06:43 - 2017-09-29 09:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll 2017-10-11 06:43 - 2017-09-29 09:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll 2017-10-11 06:43 - 2017-09-29 09:30 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2017-10-11 06:43 - 2017-09-29 09:30 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll 2017-10-11 06:43 - 2017-09-29 09:30 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll 2017-10-11 06:43 - 2017-09-29 09:30 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2017-10-11 06:43 - 2017-09-29 09:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll 2017-10-11 06:43 - 2017-09-29 09:29 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2017-10-11 06:43 - 2017-09-29 09:29 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2017-10-11 06:43 - 2017-09-29 09:29 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll 2017-10-11 06:43 - 2017-09-29 09:29 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll 2017-10-11 06:43 - 2017-09-29 09:29 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe 2017-10-11 06:43 - 2017-09-29 09:28 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll 2017-10-11 06:43 - 2017-09-29 09:28 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll 2017-10-11 06:43 - 2017-09-29 09:28 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll 2017-10-11 06:43 - 2017-09-29 09:27 - 001321984 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll 2017-10-11 06:43 - 2017-09-29 09:27 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll 2017-10-11 06:43 - 2017-09-29 09:27 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2017-10-11 06:43 - 2017-09-29 09:27 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll 2017-10-11 06:43 - 2017-09-29 09:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2017-10-11 06:43 - 2017-09-29 09:26 - 001468928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2017-10-11 06:43 - 2017-09-29 09:26 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2017-10-11 06:43 - 2017-09-29 09:26 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll 2017-10-11 06:43 - 2017-09-29 09:26 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2017-10-11 06:43 - 2017-09-29 09:24 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2017-10-11 06:43 - 2017-09-29 09:24 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2017-10-11 06:43 - 2017-09-29 09:23 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe 2017-10-11 06:43 - 2017-09-29 09:23 - 002446336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2017-10-11 06:43 - 2017-09-29 09:23 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2017-10-11 06:43 - 2017-09-29 09:23 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2017-10-11 06:43 - 2017-09-29 09:23 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2017-10-11 06:43 - 2017-09-29 09:23 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2017-10-11 06:43 - 2017-09-29 09:23 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2017-10-11 06:43 - 2017-09-29 09:23 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2017-10-11 06:43 - 2017-09-29 09:23 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll 2017-10-11 06:43 - 2017-09-29 09:22 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2017-10-11 06:43 - 2017-09-29 09:22 - 001438208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll 2017-10-11 06:43 - 2017-09-29 09:22 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2017-10-11 06:43 - 2017-09-29 09:21 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2017-10-11 06:43 - 2017-09-29 09:21 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll 2017-10-11 06:43 - 2017-09-29 09:21 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll 2017-10-11 06:43 - 2017-09-29 09:20 - 001811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll 2017-10-11 06:43 - 2017-09-29 09:20 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll 2017-10-11 06:43 - 2017-09-29 09:19 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll 2017-10-11 06:43 - 2017-09-29 09:18 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll 2017-10-11 06:43 - 2017-09-29 09:18 - 001527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2017-10-11 06:43 - 2017-09-29 09:18 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll 2017-10-11 06:43 - 2017-09-29 09:18 - 000603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll 2017-10-11 06:43 - 2017-09-29 09:18 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe 2017-10-11 06:43 - 2017-09-29 09:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe 2017-10-11 06:43 - 2017-09-29 09:18 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\cipher.exe 2017-10-11 06:43 - 2017-09-19 01:18 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi 2017-10-11 06:43 - 2017-09-19 01:17 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe 2017-10-11 06:43 - 2017-09-19 01:11 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2017-10-11 06:43 - 2017-09-19 00:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll 2017-10-11 06:43 - 2017-09-19 00:23 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2017-10-10 09:10 - 2017-10-10 09:10 - 000063819 _____ C:\Users\mir\Desktop\A1-Rechnung-20171010.pdf 2017-10-09 11:26 - 2017-10-09 11:26 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign1b4e01e070dfea2c 2017-10-09 11:22 - 2017-10-09 11:22 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsignf6ac4d3808c9676e 2017-10-09 11:22 - 2017-10-09 11:22 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsigne71401f880a9af5c 2017-10-08 10:42 - 2017-10-08 10:42 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsigne57b8712286a682d 2017-10-08 10:41 - 2017-10-08 10:41 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign931fb89e9e7063ba 2017-10-08 10:41 - 2017-10-08 10:41 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign8d93b7eb09dd2492 2017-10-08 10:33 - 2017-10-08 10:33 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign419fd4695820be63 2017-10-08 10:33 - 2017-10-08 10:33 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign2c8fafa5a24a594b 2017-10-08 10:33 - 2017-10-08 10:33 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign0c787b51f79c7607 2017-10-06 13:52 - 2017-10-06 13:57 - 000000000 ____D C:\Program Files (x86)\PDF to Word Converter_Aiseesoft 2017-10-06 12:55 - 2017-10-06 12:55 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsignd47ec8053caef994 2017-10-06 12:55 - 2017-10-06 12:55 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsigncc0e5379401adc1f 2017-10-06 12:55 - 2017-10-06 12:55 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign2f8f0c6a49da07c3 2017-10-04 20:54 - 2017-10-04 20:54 - 000066058 _____ C:\Users\mir\Desktop\George.pdf 2017-10-04 15:50 - 2017-10-04 15:50 - 000003374 _____ C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray 2017-10-04 15:50 - 2017-09-23 10:36 - 000176224 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2017-10-04 15:50 - 2017-09-23 10:36 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2017-10-04 15:50 - 2017-09-23 10:36 - 000088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2017-10-04 15:50 - 2017-09-23 10:36 - 000060920 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys 2017-10-04 15:50 - 2017-09-23 10:36 - 000044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys 2017-10-04 15:50 - 2017-09-23 10:36 - 000038048 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys 2017-10-04 15:42 - 2017-10-14 20:38 - 000000000 ____D C:\Program Files (x86)\Avira 2017-10-04 15:42 - 2017-10-04 15:42 - 000003208 _____ C:\WINDOWS\System32\Tasks\Avira SystrayStartTrigger 2017-10-03 16:57 - 2017-10-03 16:57 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign873e75747000b0df 2017-10-03 16:55 - 2017-10-03 16:55 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign8df93b6c180cad46 2017-10-03 16:55 - 2017-10-03 16:55 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign607b0af454ab4e2d 2017-10-03 16:52 - 2017-10-03 16:52 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign9fd07413ce44489e 2017-10-03 16:51 - 2017-10-03 16:51 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsignfdd63517848ab1da 2017-10-03 16:51 - 2017-10-03 16:51 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign444141381fdfae2a 2017-10-03 14:54 - 2017-10-04 14:43 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation 2017-10-03 13:23 - 2017-10-03 13:23 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsignb80e8fd2dfb4ea39 2017-10-03 13:23 - 2017-10-03 13:23 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign3420f62b093e9feb 2017-10-03 13:23 - 2017-10-03 13:23 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign0f1becb896b6a20a 2017-10-02 22:51 - 2017-10-02 22:51 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsignee63e3d7835cd52b 2017-10-02 22:51 - 2017-10-02 22:51 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign81a2b841e87a9524 2017-10-02 22:51 - 2017-10-02 22:51 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign13baedb6400894fb 2017-10-02 22:49 - 2017-10-02 22:49 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign5272dc90d9162849 2017-10-02 22:44 - 2017-10-02 22:44 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign44d104bcecae207a 2017-10-02 22:44 - 2017-10-02 22:44 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign0a5043ca4e5b399c 2017-09-29 20:09 - 2017-09-29 20:09 - 000239943 _____ C:\Users\mir\Desktop\WESTbahn-Ticket-46737646232-44245118339.pdf 2017-09-29 13:06 - 2017-09-29 13:06 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsigndd2cc3b1fd955ffe 2017-09-29 13:04 - 2017-09-29 13:04 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsignfb227dd273cd2a2a 2017-09-29 13:02 - 2017-09-29 13:02 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsigncb74655d9d543090 2017-09-29 13:01 - 2017-09-29 13:01 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign6ace6e94f4049e47 2017-09-29 13:00 - 2017-09-29 13:00 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign9f6f86ac2c7457a0 2017-09-29 12:57 - 2017-09-29 12:57 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign9b03ec3d6241f815 2017-09-29 12:57 - 2017-09-29 12:57 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign315c265608d5755d 2017-09-29 12:57 - 2017-09-29 12:57 - 000000000 ____D C:\Users\mir\AppData\Local\Tempzxpsign302faeb12b4dd47a 2017-09-29 01:11 - 2017-09-29 01:11 - 000000000 ____D C:\Users\mir\Documents\My Games 2017-09-29 01:11 - 2017-09-29 01:11 - 000000000 ____D C:\Users\mir\AppData\LocalLow\ActaLogic 2017-09-27 19:08 - 2017-09-27 19:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spionage-Stopper 2017-09-27 19:08 - 2017-09-27 19:08 - 000000000 ____D C:\Program Files (x86)\COMPUTER BILD Spionage-Stopper 2017 für Windows 10 2017-09-26 21:36 - 2017-09-26 21:36 - 000002085 _____ C:\Users\mir\Desktop\VirusTotal Uploader 2.0.lnk 2017-09-26 21:36 - 2017-09-26 21:36 - 000000000 ____D C:\Program Files (x86)\VirusTotalUploader2 2017-09-26 21:35 - 2017-09-26 21:35 - 000142981 _____ C:\Users\mir\Downloads\vtuploader2.0.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-10-25 16:19 - 2017-07-03 09:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-10-25 15:40 - 2017-07-04 14:45 - 000000000 ____D C:\Users\mir\AppData\Roaming\TVgenial 2017-10-25 14:46 - 2017-06-28 20:53 - 000000000 ____D C:\Users\mir\AppData\LocalLow\Mozilla 2017-10-25 14:15 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\NDF 2017-10-25 13:15 - 2017-09-20 10:05 - 000000000 ____D C:\Users\mir\AppData\Local\CrashDumps 2017-10-25 12:46 - 2017-07-03 20:52 - 000000000 ____D C:\DOWNLOAD 2017-10-25 12:46 - 2017-07-03 07:18 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2017-10-25 12:37 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF 2017-10-25 12:11 - 2017-06-28 22:12 - 000000000 ____D C:\Program Files (x86)\jv16 PowerTools X 2017-10-25 11:56 - 2017-06-28 20:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-10-25 11:10 - 2017-06-28 18:53 - 004501054 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-10-25 11:10 - 2017-03-20 06:41 - 002226528 _____ C:\WINDOWS\system32\perfh007.dat 2017-10-25 11:10 - 2017-03-20 06:41 - 000572428 _____ C:\WINDOWS\system32\perfc007.dat 2017-10-25 11:06 - 2017-07-03 09:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-10-25 10:35 - 2017-07-03 09:45 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2017-10-25 10:35 - 2017-03-18 13:40 - 001310720 _____ C:\WINDOWS\system32\config\BBI 2017-10-25 10:15 - 2017-07-22 16:08 - 000000000 ____D C:\TEMP 2017-10-25 06:32 - 2017-07-13 17:33 - 000000000 ____D C:\Users\mir\AppData\Local\Adobe 2017-10-25 06:32 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-10-24 22:20 - 2017-07-03 12:34 - 000000000 ____D C:\Users\mir\AppData\Roaming\vlc 2017-10-24 21:28 - 2017-07-15 13:30 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel 2017-10-24 18:53 - 2017-07-23 20:03 - 000000000 ____D C:\Users\mir\Documents\Calibre-Bibliothek 2017-10-24 14:50 - 2017-07-03 09:45 - 000584424 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-10-24 14:18 - 2017-06-28 20:43 - 000000000 ____D C:\Users\mir\AppData\Roaming\Expert PDF 9 2017-10-24 14:16 - 2017-07-15 09:11 - 000000000 ____D C:\Users\mir\AppData\LocalLow\Adobe 2017-10-24 14:16 - 2017-07-13 17:33 - 000000000 ____D C:\ProgramData\Adobe 2017-10-24 14:16 - 2017-06-28 18:49 - 000000000 ____D C:\Users\mir\AppData\Roaming\Adobe 2017-10-24 14:10 - 2017-07-13 17:38 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2017-10-24 14:08 - 2017-07-13 17:33 - 000000000 ____D C:\Program Files (x86)\Adobe 2017-10-24 13:33 - 2017-07-03 15:33 - 000000000 ____D C:\Users\mir\AppData\Local\QuickPar 2017-10-23 21:10 - 2017-07-15 09:20 - 000001456 _____ C:\Users\mir\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2017-10-20 23:07 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2017-10-20 15:43 - 2017-07-16 19:46 - 000000000 ____D C:\ProgramData\Wondershare Video Converter Ultimate 2017-10-20 11:49 - 2017-07-16 20:51 - 000000000 ____D C:\Users\mir\AppData\Roaming\Wondershare Video Converter Ultimate 2017-10-19 20:45 - 2017-07-17 17:46 - 000000000 ____D C:\Users\mir\Documents\DVDFabCommon 2017-10-19 20:19 - 2017-07-03 09:45 - 000000000 ____D C:\ProgramData\Package Cache 2017-10-19 20:19 - 2017-07-03 07:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2017-10-19 16:26 - 2017-07-17 16:24 - 000000000 ____D C:\Users\mir\AppData\Local\AnyMP4 Studio 2017-10-19 16:05 - 2017-07-11 14:12 - 000000000 ____D C:\ProgramData\NCH Software 2017-10-19 16:04 - 2017-07-11 14:12 - 000000000 ____D C:\Users\mir\AppData\Roaming\NCH Software 2017-10-19 16:04 - 2017-07-11 14:12 - 000000000 ____D C:\Program Files (x86)\NCH Software 2017-10-19 16:02 - 2017-07-03 12:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2017-10-19 07:55 - 2017-07-03 11:13 - 000000000 ____D C:\My RoboForm Data 2017-10-18 18:20 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-10-16 15:29 - 2017-07-04 17:38 - 000004650 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-10-16 15:29 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2017-10-16 15:29 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-10-15 12:49 - 2017-08-17 11:23 - 000003135 _____ C:\Users\mir\Desktop\Suchfragen.txt 2017-10-15 12:39 - 2017-06-28 18:51 - 000000000 ____D C:\Users\mir\AppData\Roaming\Skype 2017-10-13 22:14 - 2017-08-29 17:59 - 000000650 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-713140132-2893023704-1334801391-1001.job 2017-10-13 22:14 - 2017-08-29 17:59 - 000000554 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-713140132-2893023704-1334801391-1001.job 2017-10-13 21:14 - 2017-07-08 16:20 - 000000000 ____D C:\Users\mir\AppData\Roaming\TakeOwnershipEx 2017-10-13 18:24 - 2017-08-29 17:59 - 000003814 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-713140132-2893023704-1334801391-1001 2017-10-13 18:24 - 2017-08-29 17:59 - 000003718 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-713140132-2893023704-1334801391-1001 2017-10-13 18:24 - 2017-08-29 17:59 - 000000000 ____D C:\Users\mir\AppData\Local\GoToMeeting 2017-10-13 08:47 - 2017-06-28 20:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2017-10-13 02:21 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2017-10-13 02:21 - 2017-03-18 23:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2017-10-12 13:11 - 2017-07-13 10:52 - 024944640 _____ C:\Users\mir\Desktop\Video.accdb 2017-10-11 10:39 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache 2017-10-11 09:40 - 2017-06-28 18:49 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-10-11 08:07 - 2017-03-18 23:03 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2017-10-11 08:07 - 2017-03-18 23:03 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2017-10-11 08:07 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences 2017-10-11 08:07 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Provisioning 2017-10-11 08:07 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2017-10-08 08:59 - 2017-07-16 22:02 - 000000000 ____D C:\Users\mir\AppData\Roaming\CyberLink 2017-10-06 13:53 - 2017-09-22 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft 2017-10-04 21:39 - 2017-06-28 21:05 - 000000000 ____D C:\SYMBOLLEISTE 2017-10-04 17:05 - 2017-09-19 21:54 - 000000000 ____D C:\ProgramData\Norton 2017-10-04 16:46 - 2017-09-19 21:56 - 000000000 ____D C:\ProgramData\NortonInstaller 2017-10-04 15:50 - 2017-07-03 07:25 - 000000000 ____D C:\ProgramData\Avira 2017-10-04 14:43 - 2017-03-18 23:03 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2017-10-04 14:43 - 2017-03-18 13:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2017-10-03 23:51 - 2017-07-03 09:46 - 000000000 ____D C:\Users\mir 2017-10-01 13:18 - 2017-08-10 13:57 - 000000000 ____D C:\Users\mir\Desktop\Für WEBSEITE 2017-09-30 19:31 - 2017-07-11 14:12 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software 2017-09-29 19:09 - 2017-06-28 18:49 - 000000000 ____D C:\Users\mir\AppData\Local\Packages 2017-09-29 19:09 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-09-27 14:19 - 2017-06-28 19:08 - 000002233 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-09-26 21:07 - 2017-07-03 15:30 - 000000000 ____D C:\Program Files\PowerISO ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2017-10-17 16:53 - 2017-10-17 18:08 - 000007859 _____ () C:\Users\mir\AppData\Roaming\pcouffin.cat 2017-10-17 16:53 - 2017-10-17 18:08 - 000001167 _____ () C:\Users\mir\AppData\Roaming\pcouffin.inf 2017-10-17 16:53 - 2017-10-17 18:08 - 000000055 _____ () C:\Users\mir\AppData\Roaming\pcouffin.log 2017-06-28 22:21 - 2017-06-28 22:21 - 000000020 ___SH () C:\Users\mir\AppData\Roaming\Sys11965 DataCollection.dat 2017-06-28 22:21 - 2017-06-28 22:21 - 000000020 ___SH () C:\Users\mir\AppData\Roaming\System413_DataDB.ind 2017-07-15 09:20 - 2017-10-23 21:10 - 000001456 _____ () C:\Users\mir\AppData\Local\Adobe Für Web speichern 13.0 Prefs 2017-07-03 09:45 - 2017-07-03 09:45 - 000000000 ____H () C:\ProgramData\DP45977C.lfl 2017-07-15 19:43 - 2017-07-15 19:43 - 000000016 _____ () C:\ProgramData\mntemp 2017-07-15 19:43 - 2017-07-15 19:43 - 000004972 _____ () C:\ProgramData\rxsmznjf.zcp 2017-08-23 09:03 - 2017-09-21 11:23 - 000000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-10-25 09:59 ==================== Ende von FRST.txt ============================ |
25.10.2017, 15:42 | #6 |
| PC verhält sich seltsam, trotz negativen Virenscan FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-10-2017 01 durchgeführt von mir (25-10-2017 16:28:26) Gestartet von J:\ Windows 10 Pro Version 1703 15063.674 (X64) (2017-07-03 07:54:48) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-713140132-2893023704-1334801391-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-713140132-2893023704-1334801391-503 - Limited - Disabled) Gast (S-1-5-21-713140132-2893023704-1334801391-501 - Limited - Disabled) mir (S-1-5-21-713140132-2893023704-1334801391-1001 - Administrator - Enabled) => C:\Users\mir ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) „Microsoft Office Proofing Tools 2016“ – lietuvių k. (HKLM\...\{90160000-001F-0427-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden 4K Video Downloader 4.1 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.1.1.2070 - Open Media LLC) Acronis True Image (HKLM-x32\...\{3FB8B185-7EBB-4E02-9038-DBF328954435}) (Version: 20.0.8058 - Acronis) Hidden Acronis True Image (HKLM-x32\...\{3FB8B185-7EBB-4E02-9038-DBF328954435}Visible) (Version: 20.0.8058 - Acronis) Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.0.327 - Adobe Systems Incorporated) Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated) Adobe Photoshop CC 2017 (HKLM-x32\...\PHSP_18_0) (Version: 18.0.0 - Adobe Systems Incorporated) Adobe Premiere Elements 14 (HKLM-x32\...\{18EF738B-56F0-4370-8FEA-93FC9EC51DFA}) (Version: 14.1 - Adobe Systems Incorporated) Aiseesoft PDF to Word Converter 3.3.26 (HKLM-x32\...\{3CF515C0-55D9-4591-824F-1934352AC10E}_is1) (Version: 3.3.26 - Aiseesoft Studio) Alati za jezičnu provjeru u sustavu Microsoft Office 2016 - hrvatski (HKLM\...\{90160000-001F-041A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) AnyMP4 Screen Recorder 1.1.8 (HKLM-x32\...\{BDB6239B-2754-49bc-98A7-B9C28D4D74F1}_is1) (Version: 1.1.8 - AnyMP4 Studio) Apple Application Support (32-Bit) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.) Ashampoo Burning Studio Business (HKLM-x32\...\{91B33C97-08EF-89A0-D7C4-B08F30BDEEC7}_is1) (Version: 15.0.4 - Ashampoo GmbH & Co. KG) ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.030 - ASUSTek Computer Inc.) Avira (HKLM-x32\...\{79C4A62C-8CC2-44AC-91FE-1299A215B4B7}) (Version: 1.2.98.29730 - Avira Operations GmbH & Co. KG) Hidden Avira (HKLM-x32\...\{f5da837f-e932-4f55-995c-7e97c5cbebdd}) (Version: 1.2.98.29730 - Avira Operations GmbH & Co. KG) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.32.12 - Avira Operations GmbH & Co. KG) Avira Firewall Manager (HKLM-x32\...\{06C2608C-CD4C-44A8-84E6-9A12D818E15C}) (Version: 1.0.3.292 - ) AVS Audio Converter 8.3.2 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 8.3.2.575 - Online Media Technologies Ltd.) AVS Audio Editor 8.3.2 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 8.3.2.515 - Online Media Technologies Ltd.) AVS Disc Creator 5.2.8 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 5.2.8.542 - Online Media Technologies Ltd.) AVS Document Converter 3.1.2 (HKLM-x32\...\AVS Document Converter_is1) (Version: 3.1.2.247 - Online Media Technologies Ltd.) AVS Image Converter 4.1.2 (HKLM-x32\...\AVS Image Converter_is1) (Version: 4.1.2.287 - Online Media Technologies Ltd.) AVS Media Player 4.4.1 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.4.1.119 - Online Media Technologies Ltd.) AVS Photo Editor 2.3.6 (HKLM-x32\...\AVS Photo Editor_is1) (Version: 2.3.6.152 - Online Media Technologies Ltd.) AVS Registry Cleaner 3.0.5 (HKLM-x32\...\AVS Registry Cleaner_is1) (Version: 3.0.5.275 - Online Media Technologies Ltd.) AVS Video Converter 9.5.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.5.1.600 - Online Media Technologies Ltd.) AVS Video Editor 7.5.1 (HKLM-x32\...\AVS Video Editor_is1) (Version: 7.5.1.288 - Online Media Technologies Ltd.) AVS Video ReMaker 5.1.1 (HKLM-x32\...\AVS Video ReMaker_is1) (Version: 5.1.1.187 - Online Media Technologies Ltd.) ButtonBar (HKLM-x32\...\ButtonBar_is1) (Version: - ) calibre (HKLM-x32\...\{85DA0866-A250-4D59-966D-4509B85DCDCF}) (Version: 3.10.0 - Kovid Goyal) Catalyst Control Center Next Localization BR (HKLM\...\{6A69EDE3-D163-A85B-EFF5-B6BFD8EF5939}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{4F486CF2-F8AF-2DD4-BA15-82BD71BC3035}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{08E3C0C2-26E9-9DDF-0FBD-A4A71C970D75}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (HKLM\...\{E8ED0DBD-DAC0-1BC5-87A7-5FC3BEAD33AB}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{2802B62A-05D9-356B-9DB6-AFEE51E9EF5E}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{8E1F1F1A-38D8-DC76-FE6C-B8412AF9396D}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{D3376CD8-E366-C5F5-B9D1-2B8017C4F1C5}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (HKLM\...\{C8013991-2166-AFC4-B75B-7E58FBEF02AF}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (HKLM\...\{3CB92C15-57A0-E469-1CE3-236BB1569F88}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (HKLM\...\{D9E8F7A4-5D65-FA27-F201-F5F0FD82D035}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (HKLM\...\{60821F44-17A1-0286-10E7-3FE3956D3B85}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{04E38C1D-A2B0-1419-8ACC-98B6FEAD2AE3}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{082B8683-4ED5-212D-33E6-7F0993292B6D}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (HKLM\...\{CBE7BA08-EAC5-DE2B-440F-F4D8BEB70AF0}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{0B3B12AC-956C-3D2B-E375-CA8A210A8B3C}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{7443BBA4-32DB-B648-5092-0C52676507CD}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{D519CA66-2A8D-EA88-7904-0ADF96FC975B}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (HKLM\...\{591B77CA-0AE6-A405-5A73-D5600D45F9E8}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (HKLM\...\{FB81D531-71CC-69A0-F776-95C2498492F0}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (HKLM\...\{31BA3CC8-6A73-126C-B424-16A56B64C75F}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{203DA8C6-D37D-632D-6606-187E3BEAB254}) (Version: 2017.0905.1156.19665 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform) COMPUTER BILD Spionage-Stopper 2017 für Windows 10 (HKLM-x32\...\{F9565211-5480-408D-BC7C-1FE7B8366ACE}_is1) (Version: 2.0.0.1 - pXc-coding.com) Công cụ Soát lỗi Microsoft Office 2016 - Tiếng Việt (HKLM\...\{90160000-001F-042A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden DiscAuthor (HKLM-x32\...\{D6CC65B0-B06E-41D5-83FA-25C29D73A2FF}) (Version: 9.3.00 - Sony Corporation) Hidden Document Capture Pro (HKLM-x32\...\{B4A3C072-87AF-4937-880D-3D7997111C0D}) (Version: 1.01.0000 - Seiko Epson Corporation) DVDFab 9.3.1.8 (19/10/2016) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.) Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Epson Benutzerhandbuch EPSON Perfection V370 Photo (HKLM-x32\...\EPSON Perfection V370 Photo Useg) (Version: - ) Epson Event Manager (HKLM-x32\...\{148C8BF9-E1B4-445D-AC67-2CABAE63949A}) (Version: 3.01.0009 - Seiko Epson Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Ferramentas de Verificação do Microsoft Office 2016 - Português (HKLM\...\{90160000-001F-0816-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden GoToMeeting 8.15.0.7759 (HKU\S-1-5-21-713140132-2893023704-1334801391-1001\...\GoToMeeting) (Version: 8.15.0.7759 - LogMeIn, Inc.) Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: - HDS) Heartwild Solitaire (HKLM-x32\...\Heartwild Solitaire) (Version: - ) Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden I-Microsoft Office Proofing Tools 2016 - IsiZulu (HKLM\...\{90160000-001F-0435-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (HKLM\...\{90160000-001F-0491-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Instrumente de verificare Microsoft Office 2016 - Română (HKLM\...\{90160000-001F-0418-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation) Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden iSkysoft Helper Compact 2.5.2 (HKLM-x32\...\{9BF12010-8799-41A5-A671-E9CFDE9E79F3}_is1) (Version: 2.5.2 - iSkysoft) jv16 PowerTools X (HKLM-x32\...\jv16 PowerTools X) (Version: - Macecraft Software) Kaspersky Anti-Ransomware Tool for Business (HKLM-x32\...\{0F30C04E-E20E-4A5D-95AE-BF041D6CF673}) (Version: 1.1.31.0 - Kaspersky Lab) Hidden Kaspersky Anti-Ransomware Tool for Business (HKU\S-1-5-21-713140132-2893023704-1334801391-1001\...\{0F30C04E-E20E-4A5D-95AE-BF041D6CF673}) (Version: 1.1.31.0 - Kaspersky Lab) KB4023057 (HKLM\...\{F2D7A08E-6B70-4336-AC4F-C7F765068281}) (Version: 1.0.1.0 - Microsoft Corporation) Korrekturredskaber til Microsoft Office 2016 - Dansk (HKLM\...\{90160000-001F-0406-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (HKLM\...\{90160000-001F-0414-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (HKLM\...\{90160000-001F-0814-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Linguatec Voice Reader Studio (HKLM-x32\...\{0C7B9FAF-9C93-4E3A-9EC5-DE553B5771F0}) (Version: 1.00.0000 - Linguatec GmbH) Hidden Linguatec Voice Reader Studio (HKLM-x32\...\{D961CF08-AB06-4AC5-BCBA-76D12C4DB5EC}) (Version: 1.00.0000 - Linguatec GmbH) MAXA Cookie Manager Pro 5.3 (HKLM-x32\...\MAXA Cookie Manager_is1) (Version: - MAXA) MergeModule_x64 (HKLM\...\{12DCC5A7-0100-4433-B4FF-217A3C5DC83B}) (Version: 9.3.00 - Sony Corporation) Hidden MergeModule_x86 (HKLM-x32\...\{DD7721BB-CF1C-4DC9-AD87-8D5FB75413B7}) (Version: 9.3.00 - Sony Corporation) Hidden Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-713140132-2893023704-1334801391-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation) Microsoft Speech SDK 5.1 (HKLM-x32\...\{A403D88E-ED7D-48E3-91FD-B8C8A720EDA1}) (Version: 5.1.4324.0 - Microsoft) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation) Mini-Rechner (HKLM-x32\...\{FA29C162-B3D7-11D7-B36D-FBC5BE6F3621}) (Version: 1.0.4.0 - Jürgen A. Neuber (JAN) Results & Software) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.1 - Mozilla) Mozilla Thunderbird 52.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 52.4.0 (x86 de)) (Version: 52.4.0 - Mozilla) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM\...\{90160000-001F-0415-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden NewBlue Titler Pro for Windows (HKLM-x32\...\NewBlue Titler Pro for Windows) (Version: 1.5 - NewBlue) NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue) NewBlue Video Essentials VI for Windows (HKLM-x32\...\NewBlue Video Essentials VI for Windows) (Version: 3.0 - NewBlue) NewBlue Video Essentials VII for Windows (HKLM-x32\...\NewBlue Video Essentials VII for Windows) (Version: 3.0 - NewBlue) Orodja za preverjanje za Microsoft Office 2016 – angleščina (HKLM\...\{90160000-001F-0424-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Outils de vérification linguistique 2016 de Microsoft Office*- Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Paragon Festplatten Manager™ 15 Professional (HKLM\...\{1E104AF0-EA49-11DE-AC07-005056C00008}) (Version: 90.00.0003 - Paragon Software) phase6_19 (HKLM-x32\...\{65D70656-D248-4C83-B594-E3029C43B37A}) (Version: 1.90.0000 - phase6) PlayMemories Home (HKLM-x32\...\{4F95DC94-A29D-41F6-AF34-15AA0D666186}) (Version: 5.4.02.06120 - Sony Corporation) PMB_ModeEditor (HKLM-x32\...\{E95982CA-945F-41F2-B156-A603897AB242}) (Version: 10.3.00 - Sony Corporation) Hidden PMB_ServiceUploader (HKLM-x32\...\{2CA3C685-339C-4C61-B12C-FAD81A872651}) (Version: 10.4.02 - Sony Corporation) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 6.3 - Power Software Ltd) proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH) protector (HKLM-x32\...\ctprotector) (Version: 1.0 - c't-Redaktion) RealSpeak Solo fur Deutsch - Steffi (HKLM-x32\...\{BFBB91DB-9F0F-4A9C-9669-A97DA3512CF2}) (Version: 4.00.0000 - ScanSoft) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7940 - Realtek Semiconductor Corp.) Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Revo Uninstaller Pro 3.2.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.0 - VS Revo Group, Ltd.) RoboForm 7-9-14-6 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-14-6 - Siber Systems) Rosetta Stone Ltd Services (HKLM-x32\...\{7BB2EF8A-5376-4BAE-96D0-38BE49501F40}) (Version: 3.2.17 - Rosetta Stone Ltd.) Rosetta Stone TOTALe (HKLM-x32\...\{4010ADCB-1347-D570-FCF1-3002CABEBD2F}) (Version: 4.1.15.1 - Rosetta Stone, Ltd) Hidden Rosetta Stone TOTALe (HKLM-x32\...\{8A1FEA5E-8DB8-AD80-5C14-AEF33D16EF5A}) (Version: 4.1.1 - Rosetta Stone, Ltd) Hidden Rosetta Stone TOTALe (HKLM-x32\...\com.rosettastone.rosettastonetotale) (Version: 4.1.15.1 - Rosetta Stone, Ltd) Sandboxie 5.20 (64-bit) (HKLM\...\Sandboxie) (Version: 5.20 - Sandboxie Holdings, LLC) Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.) Streaming Audio Recorder V4.0.9 (HKLM-x32\...\{B6D9D06B-4B4D-4B41-B963-C056B627F704}_is1) (Version: 4.0.9 - APOWERSOFT LIMITED) Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM\...\{90160000-001F-0410-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group) Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden TakeOwnershipEx (HKLM-x32\...\TakeOwnershipEx) (Version: 1.2.0.1 - hxxp://winaero.com) TomTom HOME (HKLM-x32\...\{0E778C56-3A87-497E-BEF0-EF0D3EE4871C}) (Version: 2.10.2 - Ihr Firmenname) TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.) Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH) TreeSize Free V4.0.3 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.0.3 - JAM Software) TVgenial 4.10 (HKLM-x32\...\TVgenial) (Version: - ) Uirlisí Profála Microsoft Office 2016 - Gaeilge (HKLM\...\{90160000-001F-083C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Update for Skype for Business 2016 (KB3127980) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{63487652-EA1D-4817-B4EB-B3D29A441B8F}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3127980) 64-Bit Edition (HKLM\...\{90160000-012B-0407-1000-0000000FF1CE}_Office16.PROPLUS_{63487652-EA1D-4817-B4EB-B3D29A441B8F}) (Version: - Microsoft) UpdateAssistant (HKLM-x32\...\{B302EECB-0DA5-46E6-8A58-127440F22CF1}) (Version: 1.7.0.0 - Microsoft Corporation) Hidden Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (HKLM\...\{90160000-001F-041C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden VirusTotal Uploader 2.0 (HKLM-x32\...\VirusTotalUploader2.0) (Version: - ) VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) VorleserXL (HKLM-x32\...\Vorleser XL_is1) (Version: Aktuelle Version - IN MEDIAKG TI) VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.28 - VSO Software) Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0) (Version: 1.0.54.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0-3) (Version: 1.0.54.0 - LunarG, Inc.) WavePad Audio-Editor (HKLM-x32\...\WavePad) (Version: 7.10 - NCH Software) Windows 10-Update-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation) Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com) WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) Wondershare Video Converter Ultimate(Build 8.7.2.1) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.7.2.1 - Wondershare Software) XnView 2.40 (HKLM-x32\...\XnView_is1) (Version: 2.40 - Gougelet Pierre-e) Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2016 - Ελληνικά (HKLM\...\{90160000-001F-0408-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Засоби перевірки правопису Microsoft Office 2016 – українська (HKLM\...\{90160000-001F-0422-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Средства проверки правописания Microsoft Office 2016 — русский (HKLM\...\{90160000-001F-0419-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden כלי ההגהה של Microsoft Office 2016 - עברית (HKLM\...\{90160000-001F-040D-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden ابزارهای تصحیح Microsoft Office 2016 - فارسی (HKLM\...\{90160000-001F-0429-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-713140132-2893023704-1334801391-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\mir\AppData\Local\GoToMeeting\7468\G2MOutlookAddin64.dll (LogMeIn, Inc.) CustomCLSID: HKU\S-1-5-21-713140132-2893023704-1334801391-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-03-02] () ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-03-02] () ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-03-02] () ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-03-02] () ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] () ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] () ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.) ContextMenuHandlers1-x32: [IXnView] -> {A5D35F9F-6A11-4EAA-B70B-7BB6FE32663A} => C:\Program Files (x86)\XnView\ShellEx\XnViewShellExt.dll [2015-02-19] () ContextMenuHandlers1-x32: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2015-06-08] (Power Software Ltd) ContextMenuHandlers1-x32: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-10-12] (Avira Operations GmbH & Co. KG) ContextMenuHandlers1-x32: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2015-04-06] (Online Media Technologies Ltd.) ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-04] (Alexander Roshal) ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-04] (Alexander Roshal) ContextMenuHandlers1-x32-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\WINDOWS\SysWOW64\WSCM64.dll [2015-02-27] () ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2015-06-08] (Power Software Ltd) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-05] (Advanced Micro Devices, Inc.) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-06-10] () ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.) ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2015-06-08] (Power Software Ltd) ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group) ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-10-12] (Avira Operations GmbH & Co. KG) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-04] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-04] (Alexander Roshal) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {05AAA646-A386-4597-925D-9AF8F8EA0798} - System32\Tasks\G2MUpdateTask-S-1-5-21-713140132-2893023704-1334801391-1001 => C:\Users\mir\AppData\Local\GoToMeeting\7759\g2mupdate.exe [2017-10-13] (LogMeIn, Inc.) Task: {0A06A8BB-7A30-43BC-A4B3-635C51CA13C5} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-16] (Adobe Systems Incorporated) Task: {17F86165-429C-4134-B9DD-C63482557F96} - System32\Tasks\G2MUploadTask-S-1-5-21-713140132-2893023704-1334801391-1001 => C:\Users\mir\AppData\Local\GoToMeeting\7759\g2mupload.exe [2017-10-13] (LogMeIn, Inc.) Task: {2686FFA4-B6C9-4539-94D7-86CDEE8FEB24} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {39982A4E-9D7C-471C-BAC6-FEA62D59E800} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_170_pepper.exe [2017-10-16] (Adobe Systems Incorporated) Task: {3AECF6CF-F172-4B0D-975B-71DA805C77F7} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] () Task: {408D4E9E-6E27-4DEB-BE22-2D660532879D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd) Task: {424C142B-F612-49E6-AE4A-936CA1673F65} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-28] (Google Inc.) Task: {56DC8857-5903-4519-9343-A7C017CCD216} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2017-10-12] (Avira Operations GmbH & Co. KG) Task: {712BDC01-8ABC-46A5-B0B4-918B93E78916} - \AutoPico Daily Restart -> Keine Datei <==== ACHTUNG Task: {7B03EDA2-8CA3-4BD4-B08F-7657CE6AAB9C} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe Task: {867D532F-422C-43AB-BE99-02D611CBAF18} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-28] (Google Inc.) Task: {86CD8590-1017-4622-959C-7794BBB1CAD2} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_mir => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [2016-01-31] (H.D.S. Hungary) Task: {AC1CC9F7-D182-4169-98E0-E75816C0F805} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2017-07-03] (Siber Systems) Task: {B29FC466-EE4A-43C8-91A6-04680F9488DD} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation) Task: {B8B9D9C3-59C9-424D-8E47-FB854292AE94} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-S58JN56-mir => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {C2B640C6-997D-4C36-824E-20A39489F5FB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {D1663556-CC41-408F-A834-5F9ADC6D74CF} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-09-05] (Advanced Micro Devices, Inc.) Task: {D85B5237-9E06-4CDA-BEF8-FA553DE05017} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated) Task: {E6950833-3BB5-4DFD-9AF3-C297B2F42796} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {EEE0941D-D27F-4092-B85C-46CF57AB856E} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMOMIMNJPMGMJMHMJMCNMJNJPMOJCNLMGMOJMMCNOJJJOMOJCNNJMJGMMJLMJJLMMMMMIMMMNMJNJICMIMCNGMCNOMLMFMOMOMCNLMOMMMCNOMKMPMJMMMFMJMCNMMCNGMJMPMPMCNNMJNPICMLMFMEKMICNJJCKFMPMJNHICMEKMICNJJCKJNBJCMCJGJNIJNKJCMJNNICMJNDJCMLJKJJNMJCMPMFMOM (Der Dateneintrag hat 39 mehr Zeichen). (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-713140132-2893023704-1334801391-1001.job => C:\Users\mir\AppData\Local\GoToMeeting\7759\g2mupdate.exe Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-713140132-2893023704-1334801391-1001.job => C:\Users\mir\AppData\Local\GoToMeeting\7759\g2mupload.exe ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\mir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Solitaire.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=lkbhppfbabandkdmgjmifahoabeodiep ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2017-06-22 13:49 - 2017-06-22 13:49 - 001278720 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe 2017-07-13 20:50 - 2017-07-13 20:50 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-07-13 20:50 - 2017-07-13 20:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2017-08-01 10:50 - 2017-08-01 10:50 - 006086232 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe 2017-03-07 11:57 - 2017-03-07 11:57 - 007014728 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe 2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2017-03-02 11:46 - 2017-03-02 11:46 - 005823600 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll 2016-06-10 01:41 - 2016-06-10 01:41 - 000491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2017-03-18 22:59 - 2017-03-20 06:43 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2016-09-13 02:01 - 2016-09-13 02:01 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2016-09-13 02:01 - 2016-09-13 02:01 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2016-09-13 02:01 - 2016-09-13 02:01 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll 2016-09-13 02:01 - 2016-09-13 02:01 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2016-09-13 02:01 - 2016-09-13 02:01 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll 2017-06-22 13:37 - 2017-06-22 13:37 - 000588360 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe 2016-01-06 18:41 - 2016-05-24 17:44 - 000020288 _____ () C:\Program Files\CCleaner\branding.dll 2017-09-14 08:48 - 2017-09-14 08:48 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.26.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll 2017-09-25 06:12 - 2017-09-25 06:12 - 010634752 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll 2017-09-25 06:12 - 2017-09-25 06:12 - 002640896 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.26.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll 2017-09-27 14:19 - 2017-09-21 09:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll 2017-09-27 14:19 - 2017-09-21 09:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll 2016-09-14 20:25 - 2016-09-14 20:25 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2016-08-29 23:57 - 2016-08-29 23:57 - 000444336 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll 2016-08-29 21:16 - 2016-08-29 21:16 - 000115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\expat.dll 2016-08-29 21:16 - 2016-08-29 21:16 - 000685488 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sqlite3.dll 2002-04-09 17:39 - 2002-04-09 17:39 - 000003584 _____ () C:\Program Files (x86)\BBar\BBar.dll 2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) HKLM\...\.scr: => <==== ACHTUNG HKLM\...\scrfile\shell\open\command: "" "%1" <==== ACHTUNG ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2017-10-04 15:44 - 2017-10-04 15:44 - 000001648 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 g.live.com#MCM 74.86.5.247 apowersoft.com 127.0.0.1 74.86.5.247 127.0.0.1 74.86.5.247 127.0.0.1 apowersoft.com 127.0.0.1 www.apowersoft.com 127.0.0.1 support.apowersoft.com 127.0.0.1 activate.adobe.com 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 cap.cyberlink.com 127.0.0.1 casalemedia.com#MCM 127.0.0.1 u3s.mathtag.com#MCM 127.0.0.1 mathtag.com#MCM 127.0.0.1 pixel.rubiconproject.com#MCM 127.0.0.1 mookie1.com#MCM 127.0.0.1 abmr.net#MCM 127.0.0.1 turn.com#MCM 127.0.0.1 sonypmoglobal.d1.sc.omtrdc.net#MCM 127.0.0.1 adform.net#MCM 127.0.0.1 track.adform.net#MCM 127.0.0.1 atdmt.com#MCM 127.0.0.1 ad2.adfarm1.adition.com#MCM 127.0.0.1 rlcdn.com#MCM 127.0.0.1 d.adroll.com#MCM 127.0.0.1 openx.net#MCM ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-713140132-2893023704-1334801391-1001\Control Panel\Desktop\\Wallpaper -> C:\Z_Bildschirme1600x1050\Insel Fraser.JPG DNS Servers: 10.0.0.138 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == HKLM\...\StartupApproved\StartupFolder: => "p6_19_erinnerung.lnk" HKLM\...\StartupApproved\Run32: => "Acronis Scheduler2 Service" HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor" HKU\S-1-5-21-713140132-2893023704-1334801391-1001\...\StartupApproved\Run: => "EBookToMP3" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [{AF31D91C-4534-435F-ABC9-63CB697299A5}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{1A056825-B338-4692-9895-C1C415C1D13E}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{15E42923-3C76-4C4F-B13F-513CC4A892B7}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{45EE07E2-3C40-4897-9204-6EF123F7D72B}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{A5541985-DEED-4C55-9972-BF96D3AEB2A3}] => (Block) %ProgramFiles% (x86)\Ashampoo\Ashampoo Burning Studio Business\updateMediator.exe FirewallRules: [{4BAA439F-B96D-42DE-933C-128D570DA54A}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe FirewallRules: [{0A49F793-FC66-4EDC-910F-4254929954E3}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe FirewallRules: [{8EC0B48A-D0E0-4CBF-8C71-60670F7381ED}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll FirewallRules: [{8905CF4D-22E4-4BB4-BEC8-FD1B6D92EA1C}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll FirewallRules: [{1D3E60DC-9D0C-4646-AA7D-F1EF16428162}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC 2017\Photoshop.exe FirewallRules: [{FD9768F0-FC4F-4BF4-BF5E-1A0ED95FDD72}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe FirewallRules: [{EE8F691D-973C-428B-B69A-A8236AE0D854}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe FirewallRules: [{A7FEC914-15CB-40A9-B4CE-696765EF9040}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe FirewallRules: [{126603EC-D5C5-4842-87DF-0A63FD1A4F64}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe FirewallRules: [{FEAD3E4A-F273-4DF2-B913-C6AC36F0B1C7}] => (Block) %ProgramFiles% (x86)\Rosetta Stone\Rosetta Stone TOTALe\Rosetta Stone TOTALe.exe FirewallRules: [{E94DEF6A-832F-42D8-BA25-3F759011AC8C}] => (Block) %ProgramFiles% (x86)\Rosetta Stone\Rosetta Stone TOTALe\RosettaStoneTOTALe.exe FirewallRules: [{F28A0FAC-6554-4E39-9B8C-4000552AF602}] => (Block) %ProgramFiles% (x86)\Wondershare\Video Converter Ultimate\VideoConverterUltimate.exe FirewallRules: [{01D963DD-3464-4DB7-B62D-733B6A5DBF2D}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{67F7EDAB-42A3-4A40-9BD2-EB0279FA1426}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe FirewallRules: [{869355B7-51B7-4E13-9E15-7442797A4CE0}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe FirewallRules: [{C4E7BE1A-5795-49EE-9424-92E973507921}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe FirewallRules: [{250F401D-EBEC-40EF-B8C4-8AC3E28B83EC}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe FirewallRules: [{4E68E311-82A3-4BC2-82F3-B5DEC62CB9D9}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe FirewallRules: [{5C9A6F00-547A-42B3-8FD1-F5729D34C24F}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe FirewallRules: [{13F2D678-FF2B-46E1-9083-902ED9D4EBF7}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe FirewallRules: [{D2228253-75E7-4CEB-B62A-E07C3B77307A}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe FirewallRules: [{E561369B-00D4-49E5-AB51-D2CF361E6002}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe FirewallRules: [{55926A2F-7BAD-4720-B604-C13FCF4E1B41}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe FirewallRules: [{8E6AC9B1-0D23-4595-94B9-C77255D27587}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{8F70641B-B6AF-4DA2-8DE0-0A24E1FCB63A}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{90B1109E-176E-4791-8001-684BF4AA50EA}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{2B18C54B-FCB2-42EC-9032-995C8297E7AB}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{B0B1E5A6-8033-4D03-9926-14B30B03478E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [{7A1DF8A2-9736-4137-BF55-46585DB071FE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wiederherstellungspunkte ========================= 25-10-2017 10:00:21 Geplanter Prüfpunkt 25-10-2017 12:07:52 Revo Uninstaller Pro's restore point - Mozilla Firefox 56.0.1 (x86 de) ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Block device mounter Description: Block device mounter Class Guid: {54f3637b-4777-4f96-970c-6bfa5477b542} Manufacturer: Paragon Software Group Service: WUDFRd Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19) Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options: On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (10/25/2017 01:15:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: RoboTaskBarIcon-x64.exe, Version: 7.9.14.6, Zeitstempel: 0x558417d7 Name des fehlerhaften Moduls: RoboForm-x64.DLL, Version: 7.9.14.6, Zeitstempel: 0x558417cd Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000001755d03 ID des fehlerhaften Prozesses: 0x32b8 Startzeit der fehlerhaften Anwendung: 0x01d34d8292936356 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon-x64.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.DLL Berichtskennung: aff52d9a-b4ec-4cf7-b24b-1a907aed876f Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (10/25/2017 01:15:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: RoboTaskBarIcon-x64.exe, Version: 7.9.14.6, Zeitstempel: 0x558417d7 Name des fehlerhaften Moduls: RoboForm-x64.DLL, Version: 7.9.14.6, Zeitstempel: 0x558417cd Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000001755d03 ID des fehlerhaften Prozesses: 0x2dc8 Startzeit der fehlerhaften Anwendung: 0x01d34d82900d23bb Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon-x64.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.DLL Berichtskennung: defe8f0b-7b62-412a-bc56-365761786a8e Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (10/25/2017 12:31:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: RoboTaskBarIcon-x64.exe, Version: 7.9.14.6, Zeitstempel: 0x558417d7 Name des fehlerhaften Moduls: RoboForm-x64.DLL, Version: 7.9.14.6, Zeitstempel: 0x558417cd Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000001755d03 ID des fehlerhaften Prozesses: 0x336c Startzeit der fehlerhaften Anwendung: 0x01d34d7c749a4d02 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon-x64.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.DLL Berichtskennung: 900cf303-8dcd-4cf5-8d22-e897d178372b Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (10/25/2017 12:31:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: RoboTaskBarIcon-x64.exe, Version: 7.9.14.6, Zeitstempel: 0x558417d7 Name des fehlerhaften Moduls: RoboForm-x64.DLL, Version: 7.9.14.6, Zeitstempel: 0x558417cd Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000001755d03 ID des fehlerhaften Prozesses: 0x2e78 Startzeit der fehlerhaften Anwendung: 0x01d34d7c6855ec41 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon-x64.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.DLL Berichtskennung: e75a1ac4-b4fd-4b86-a7a8-a83a2904627b Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (10/25/2017 12:30:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: DllHost.exe, Version: 10.0.15063.0, Zeitstempel: 0xb54cdbe6 Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.608, Zeitstempel: 0x802f667e Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002be72 ID des fehlerhaften Prozesses: 0x20b8 Startzeit der fehlerhaften Anwendung: 0x01d34d7c07ed6072 Pfad der fehlerhaften Anwendung: C:\WINDOWS\SysWOW64\DllHost.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll Berichtskennung: 38b061d6-c2e5-401f-8226-1f350f25ec4e Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (10/25/2017 12:27:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: DllHost.exe, Version: 10.0.15063.0, Zeitstempel: 0xb54cdbe6 Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.15063.608, Zeitstempel: 0x802f667e Ausnahmecode: 0xc0000005 Fehleroffset: 0x0002be72 ID des fehlerhaften Prozesses: 0x914 Startzeit der fehlerhaften Anwendung: 0x01d34d7b8e249eb7 Pfad der fehlerhaften Anwendung: C:\WINDOWS\SysWOW64\DllHost.exe Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll Berichtskennung: c01a533a-4274-4b01-bc71-9fb573812372 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (10/25/2017 12:21:33 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode. Error: (10/25/2017 12:21:33 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode. Error: (10/25/2017 12:07:51 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess. Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {011280b1-217c-4c88-926e-1b79a7f28a47} Error: (10/25/2017 11:58:41 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest. Systemfehler: ============= Error: (10/25/2017 11:52:56 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Acronis Managed Machine Service Mini" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (10/25/2017 11:06:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Wondershare Application Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (10/25/2017 11:06:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet: Die Anforderung wird nicht unterstützt. Error: (10/25/2017 10:35:28 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-S58JN56) Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (10/25/2017 10:35:28 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-S58JN56) Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (10/25/2017 10:35:28 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-S58JN56) Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (10/25/2017 10:35:28 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-S58JN56) Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (10/25/2017 10:35:28 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-S58JN56) Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (10/25/2017 10:35:28 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-S58JN56) Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. Error: (10/25/2017 10:35:28 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-S58JN56) Description: Der Server "{1EF75F33-893B-4E8F-9655-C3D602BA4897}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. CodeIntegrity: =================================== Date: 2017-10-25 11:29:10.498 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-10-25 11:28:22.412 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-10-24 23:30:42.741 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-10-24 23:30:21.786 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-10-24 23:30:15.483 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-10-24 16:08:08.268 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-10-24 16:07:51.214 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-10-24 16:07:45.327 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements. Date: 2017-09-19 21:54:40.213 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-09-19 21:54:40.212 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Pentium(R) CPU G4560 @ 3.50GHz Prozentuale Nutzung des RAM: 40% Installierter physikalischer RAM: 8130.67 MB Verfügbarer physikalischer RAM: 4843.64 MB Summe virtueller Speicher: 9410.67 MB Verfügbarer virtueller Speicher: 5417.78 MB ==================== Laufwerke ================================ Drive c: (WINDOWS10) (Fixed) (Total:446.68 GB) (Free:266.69 GB) NTFS Drive d: (2.Platte_2.System) (Fixed) (Total:495.83 GB) (Free:383.4 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive e: (Volume) (Fixed) (Total:1367.19 GB) (Free:1088.77 GB) NTFS Drive j: (8GB_2) (Removable) (Total:7.53 GB) (Free:0.37 GB) NTFS Drive k: (Speicher 1) (Fixed) (Total:373.77 GB) (Free:249.21 GB) NTFS Drive l: (Speicher 2) (Fixed) (Total:300 GB) (Free:252.6 GB) NTFS Drive m: (Speicher 3) (Fixed) (Total:723.49 GB) (Free:275.6 GB) NTFS Drive z: (BACKUP_3TB) (Fixed) (Total:2794.49 GB) (Free:1278.27 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 447.1 GB) (Disk ID: 53DB2C43) Partition 1: (Not Active) - (Size=446.7 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=457 MB) - (Type=27) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 1DAA132B) Partition 1: (Active) - (Size=495.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=1367.2 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1397.3 GB) (Disk ID: FB491121) Partition 1: (Active) - (Size=373.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=1023.5 GB) - (Type=05) Attempted reading MBR returned 0 bytes. Could not read MBR for disk 7. ======================================================== Disk: 8 (Size: 7.5 GB) (Disk ID: 04DD5721) Partition 1: (Active) - (Size=7.5 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ Es tut mir leid, wenn ich etwas falsch gemacht habe und ich leide auch dementsprechend unter der Peinlichkeit, aber ich habe in meinem Editor kein Zeichen # gefunden. Ich hoffe das ist verzeihlich. |
25.10.2017, 15:52 | #7 |
/// Winkelfunktion /// TB-Süch-Tiger™ | PC verhält sich seltsam, trotz negativen VirenscanCode:
ATTFilter 127.0.0.1 activate.adobe.com 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com Lesestoff: Illegale Software: Cracks, Keygens und Co Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________ Logfiles bitte immer in CODE-Tags posten |
25.10.2017, 16:40 | #8 |
| PC verhält sich seltsam, trotz negativen Virenscan Tut mir leid. Mir ist schon klar wie das drauf gekommen sein muss. Ich seh mir das besser an. Aber danke jedenfalls. |
25.10.2017, 20:47 | #9 |
/// Winkelfunktion /// TB-Süch-Tiger™ | PC verhält sich seltsam, trotz negativen Virenscan Was gibt es da sich anzusehen, hau den Dreck weg!
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu PC verhält sich seltsam, trotz negativen Virenscan |
aufrufe, aufrufen, dankbar, hoffe, links, negative, nicht, nicht mehr, nicht mehr öffnen, nichts, plötzlich, scan, seite, seiten, seltsam, tagen, trotz, verhält, virenscan, weiterer, öffnen |